0

So my problem is the following : I'm trying to implement in Java a way to encrypt a message M (like from 1 character to let's say 1000) with a password P, chosen by the user (let's say "4z327yU10p"). I then want to hide the message in an image using a Pseudo Random Number Generator (PRNG) to choose the pixels. My seed is the password.

Here's my approach :

  1. sha3 on the password to get a 256b output to use as key
  2. use AES with the previously generated key to get an encrypted message
  3. use the output as a seed for my PRNG

For (1): is this possible for a short password?

For (2): can AES be used for small messages?

For (3): how can I have random number in the interval of my image ? (0,...,480000) because my algorithm gives me an int?

here's the code :

public void initSeed(String password){ //pour initier la seed avec le password
    Message message = new Message();
    message.initMessageASCII(password);
    List <Integer> temp = message.getMsg();
    byte[] vect = new byte[temp.size()];
    for (int i=0; i< temp.size(); i++){
        vect[i] = temp.get(i).byteValue();
    }
    this.seed = vect;
}

public void init() { //pour initier le remplissage du vecteur randList
    SecureRandom random;
    try {
        random = SecureRandom.getInstance("SHA1PRNG"); //SHA1PRNG est un algorithme très efficace
        random.setSeed(seed);
        random.nextBytes(randList); //fonction pour créer les bytes aléatoires et les écrire dans "bytes"
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    }
}
Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
lrosique
  • 113
  • 1
  • 9
  • So, what is your particular question? – Maarten Bodewes Jun 28 '14 at 20:55
  • Thank you for editing and correcting my mistakes, but you deleted my questions. 1) is sha3 working and efficient with small key ? 2) is AES working on small messages ? 3) Do you know a Pseudo Random Number Generator that takes a seed and gives me random numbers in a predetermined interval ? – lrosique Jun 28 '14 at 23:17
  • I guess you are using the wrong cryptographic algorithms for the wrong reasons. But hey, OK, I'll roll them back and give you *direct* answers. – Maarten Bodewes Jun 28 '14 at 23:40

1 Answers1

0

I'll answer the separate questions (ask separate questions):

  1. Yes, SHA-3 can be used for arbitrarily sized messages.
  2. Yes, AES can be used for arbitrarily sized messages.
  3. Random.nextInt(int).

You can see this as a consultants curse though, I gave you what you asked for instead of what you need. For instance, you don't need the (not yet standardized) SHA-3 but you should use a PBKDF instead.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
  • ok thank you very much, I think I understand. Actually, I don't need to particularly use SHA3 or AES, it was for me to know. I just looked for PBKDF and it seems to be exactly what I need, except for the Salt : is it totally random ? Because I need to decypher my message with the same password, so I have to find the Salt again elsewhere. – lrosique Jun 29 '14 at 08:13
  • It's random, but it can be stored with the ciphertext. The ciphertext should look random as well. – Maarten Bodewes Jun 29 '14 at 11:18