0

In my application I want to use Private key which will encrypt password once and decrypt as many times the tool will be run.

Application will run like:

  • User will encrypt the password using the tool.
  • Then user will paste that password in properties file.
  • When next time tool will run it will read that password and decrypt it to login.

Here I am facing problem like, when I encrypt the password I am doing it using another tool just for encryption perpose. So when I try to decrypt it the key is different than key generated. How can I share private key between these two tools..

Thanks..

DMS
  • 808
  • 2
  • 20
  • 34
  • Storing passwords in a way such that they could be decrypted is very dangerous. I would try avoiding the need to do so in the first place. By the way, *sharing* something *private* sounds wrong, no matter what that mysterious "something" may be :-) – Sergey Kalinichenko Jul 24 '13 at 11:25
  • @dasblinkenlight Sometimes you need the password to get access to another service... – Uwe Plonus Jul 24 '13 at 11:28
  • http://stackoverflow.com/questions/3188171/java-encryption-alternitive-to-hardcoded-key Please refer the above link – Shuhail Kadavath Jul 24 '13 at 11:28
  • Thanks for your replies.. Actually the tool which we are using do not have much security concenrn as it will be used by admin itself. Just the issue is we do not want to keep password in properties file. SO We are planning to keep it in encrypted format. – DMS Jul 24 '13 at 11:44

4 Answers4

0

I think you are confusing symetric and asymetric encryption. When doing symetric encryption you can use the same key. In asymetric encryption you have two keys. A public key with which you can encrypt your passwords, but you can't decrypt them with this key. This is only possible with the private key. Therefore you don't need to share a key between those tools. Like the name suggests the private key should never leave you system.

ssindelar
  • 2,833
  • 1
  • 17
  • 36
0

You mixed up different things...

When you use a private key to encrypt something you will need the corresponding public key to decrypt.

If you really want to do this then you can put the path to the public key into the properties file also.

What you have described is some symmetric cipher which uses only one key.

Also, as dasblinkenlight noted, make a password decryptable yields some security issues so test if you can design your application different...

Uwe Plonus
  • 9,803
  • 4
  • 41
  • 48
0

Thanks to all of you for your replies,

I am very new in data encryption. Trying it for the first time..

I am working on a tool which is basically run using script. The code will be kept on secured server where very few people have access. Just the concern was the Users do not want to keep password in properties file without encrypting it. So if any one else try to configure properties file they should not be able to figure out the password. As there are there will be three different loging credential will be there for three differnt sources. And respective admins will configure them from the same file.

I found one solution over it.

http://www.code2learn.com/2011/06/encryption-and-decryption-of-data-using.html

Which is best suited solution for my problem...

:)

DMS
  • 808
  • 2
  • 20
  • 34
0

I think your main concern is sharing the key between applications.

In my opinion, the best way to do this would be to use a Public-Private Keypair. You could distribute the public key and keep your private key safe.

If several apps are used to generate passwords, then use the public key to encrypt. If one app generates the password and several apps use it then you could encrypt with private key and all your other apps can use their bundled public key to decrypt the password.

Point is, once you have figured out your keypair distribution, you could you either public or private to encrypt or decrypt depending on how the application is designed.

Please refer Beginning Crypto examples for more details on how to create keypair and encrypt/decrypt data.

user2611667
  • 1
  • 1