0

I have an application developed on BlackBerry JDE 5.0.0 that encrypts a String using DES algorithm with ECB mode. After the encryption, the result is encoded by base64 encoding. But whenever I compare the result that i get from my encryption method with the result that i get on the online encryptor engine, it always give different result on the several last character. I tried to decrypt the result that i get form my encryption method with the online encriptor engine and it looks like the result is not the valid one. So how can I fix that different result on the several last character?

Here my encryption method code:

public String encryptDESECB(String text) throws MessageTooLongException
{
    byte[] input = text.getBytes();
    byte[] output = new byte[8];
    byte[] uid = null;
    uid = "431654625bd37673e3b00359676154074a04666a".getBytes();
    DESKey key = new DESKey(uid);
    try {
            DESEncryptorEngine engine = new DESEncryptorEngine(key);
            engine.encrypt(input, 0, output, 0);
            String x= BasicAuth.encode(new String(output));
            System.out.println("AFTER ENCODE"+x);
            return new String(x);
    } catch (CryptoTokenException e) {
        return "NULL";
    } catch (CryptoUnsupportedOperationException e) {
        return "NULL";
    }
}

The String that i want to encrypt is "00123456" The Result that i get from my encryption method is:YnF2BWFV/8w= The Result that i get from online encryptor engine (http://www.tools4noobs.com/online_tools/encrypt/) : YnF2BWFV9sw= The Result that i get from android (With the same encryption algorithm & Method) : YnF2BWFV9sw=

Here's the code on Android:

public static String encryptDesECB(String data) {
    try {
        DESKeySpec keySpec = newDESKeySpec("431654625bd37673e3b00359676154074a04666a".getBytes("UTF8"));
        SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
        SecretKey key = keyFactory.generateSecret(keySpec);

        // ENCODE plainTextPassword String
        byte[] cleartext = data.getBytes("UTF8");

        Cipher cipher = Cipher.getInstance("DES/ECB/NoPadding");
        cipher.init(Cipher.ENCRYPT_MODE, key);

        Logger.log(Log.INFO, new String(cipher.doFinal(cleartext)));

        String encrypedPwd = Base64.encodeToString(cipher.doFinal(cleartext), Base64.DEFAULT);

        Logger.log(Log.INFO, encrypedPwd);

        return encrypedPwd;

    } catch (Exception e) {
        Logger.log(e);
        return null;
    }
}

Can anyone help me with this?

Hizkia Setiadi
  • 1
  • 1
  • I'm not so sure. I think the code above didn't use any padding. Actually i tried to add PKCS5FormatterEngine and PKCS7FormatterEngine before but the string result I get (either from the PKCS5 or the PKCS7) is the same as the code above. – Hizkia Setiadi Jul 08 '13 at 07:27
  • that's my point: DES encryption requires padding to a certain multiple (if I recall correctly) – Mitch Wheat Jul 08 '13 at 07:30
  • ECB mode is not secure. Use CBC or CTR mode instead. There is a good illustration (literally) of the fault with ECD on Wikipedia: http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 – rossum Jul 08 '13 at 11:09

2 Answers2

0

This is most likely caused by padding, as DES works with 8 byte blocks.

For more information check out this link:

http://www.tero.co.uk/des/explain.php#Padding

As long as you can properly decrypt the content you'll be fine.

APinto
  • 76
  • 7
  • Thanks for your answer. I've been able to decrypt the content correctly on blackberry JDE 5.0.0 but the problem is I need pass the String that it produce (encoded with base64 encoding first) to the server as a PIN. I think the server couldn't decrypt the encrypted String correctly because it's always refuse the PIN that I give. So I think it might have something to do with those different result that I get from blackberry JDE after comparing it with Android and the online encryptor engine. So, any suggestion for this? – Hizkia Setiadi Jul 09 '13 at 03:11
0

I found my mistake. It turn out my BasicAuth Class isn't the correct one for encoding the encrypted string. Now I'm using the correct one Base64 Class for the encoding, and it turn out fine.

Hizkia Setiadi
  • 1
  • 1