generating AES 128 bit key frm password

Thread view:

Rajesh - 08 Nov 2006 05:32 GMT

Hello All,
I want to create 128 bits AES key from (user's password + unique salt
to that user) , key will be used to encrypt his private key in my
database. plz suggest ways for it using JDK 1.5 and SUN JCE provider
only.

My sol'n. is:

step 1> seed SHA1PRNG with (user's password + unique salt to that user)

step 2> initialize keyGenerator with this PRNG
step 3> just call 'GenerateKey()' method once. to get 'same' key all
the time.

I think, there must be smoother way than this.
I tried 'SecretKeyFactory' with PBEKeySpec, but it doesn't generate
"AES" keys

Your suggestions are most welcome. :-)

Reply to this Message

Mike Amling - 10 Nov 2006 03:27 GMT

Majestic wrote:

> Hello All,
> I want to create 128 bits AES key from (user's password + unique salt
[quoted text clipped - 11 lines]
>
> I think, there must be smoother way than this.

You can use the first 128 bits of the SHA-1 hash of the password-salt
concatenation.

--Mike Amling

Reply to this Message

Rajesh - 10 Nov 2006 05:30 GMT

> Majestic wrote:
> > Hello All,
[quoted text clipped - 17 lines]
>
> --Mike Amling

then, how to generate 'SecretKey' frm those raw key bytes,
SecretKeyFactory doesn't help.
plz give code snippets :-)

thnx in advance.

Reply to this Message

Mike Amling - 12 Nov 2006 17:53 GMT

>> Majestic wrote:
>>> I think, there must be smoother way than this.
[quoted text clipped - 7 lines]
> SecretKeyFactory doesn't help.
> plz give code snippets :-)

Sorry, I've never used anything in javax.crypto or the JCE.

Anyone?

--Mike Amling

Reply to this Message

generating AES 128 bit key frm password

Free Magazines