Wrox Programmer Forums
|
BOOK: Beginning Cryptography with Java
This is the forum to discuss the Wrox book Beginning Cryptography with Java by David Hook; ISBN: 9780764596339
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: Beginning Cryptography with Java section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old April 28th, 2008, 07:21 AM
Authorized User
 
Join Date: Apr 2008
Posts: 10
Thanks: 0
Thanked 0 Times in 0 Posts
Default Wrapping RSA Keys

Hi,

I've been reading this book, which I found very useful and detailed, and on page 102 , on the topic of Wrapping RSA Keys, it is said that we do not need a specific wrapping mechanism for RSA key wrapping, since "Unlike the situation with symmetric keys where getEncoded() method returns just bytes making up the key,in the case of an assymetric key, there is quite a lot of structural information in the encoding of the key in addition to the key material. .... If you attempt to use unwrap() on assymetric key with the wrong secret key, it will fail badly..."

Now I've got some questions regarding this , would be glad if anyone could help

1) Despite what is said I tried to modify the example to make use of AESWrap, changing the line
  Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding", "BC");
  to
  Cipher cipher = Cipher.getInstance("AESWrap", "BC");

 but it gives error saying "wrap data must be a multiple of 8 bytes"

  So in the book it is said " we do not need to use a specific wrapping mechanism " , but it seems we even can not (and must not?), or is there any way to specify padding for AESWrap ? since it seems to be padding issue

2) in chapter 2 , when doing symmetric key wrapping, we initialize the cipher as
  Cipher cipher = Cipher.getInstance("AESWrap", "BC");
  and then call wrap(), after that (for demonstration purpose, as is mentioned in one of the threads on this forum) we decrypt the wrapped key using AES/ECB/NoPadding with cipher set to decrypt mode, by calling doFinal() and passing the result to SecretKeySpec.

  In chapter 4, on the other hand, we use wrap() method, even if we initialized the cipher to "AES/ECB/PCKS7Padding" with the cipher mode set to WRAP.

  So my question is : could we use unwrap() method back in chapter 2 also with cipher initialized to "AES/ECB/NoPadding" with cipher mode set to UNWRAP ?

3) my last question is regarding the quote given in the beginning of the message, that does not seem too clear. Is the wrapping mechanism mandatory (or suggested) in case of symmetric key just because the key is raw bytes, and if that's the case what advantage does the structural information in the encoding of the asymmetric key brings, so that we do not need the special wrapping mechanism there ?

And what exactly "fail badly" supposed to mean here ? if we use wrong key to unwrap symmetric key will it not "fail badly" too ?

Sincerely
Ray

 
Old April 28th, 2008, 07:39 AM
dgh dgh is offline
Wrox Author
 
Join Date: Aug 2005
Posts: 206
Thanks: 0
Thanked 20 Times in 20 Posts
Default

The AESWrap algorithm is specifically designed for AES keys and is documented in RFC 3394. ECB mode AES is quite different, as page 52 mentions, the purpose built key wrapping algorithm includes an integrity check, and yes, if you use a purpose built wrapping mechanism it will fail badly if the key used to unwrap is wrong - the reason for this is the integrity check. The use of ECB mode is simply to demonstrate the underlying process used to wrap and unwrap a key by turning it back into a key spec.

In the case of an asymmetric key the key data is presented as an ASN.1 encoded blob, consequently almost any attempt to decrypt it using the wrong symmetric key will result in a badly encoded blob which will fail to turn back into the original key.

Regards,

David

 
Old April 28th, 2008, 08:37 AM
Authorized User
 
Join Date: Apr 2008
Posts: 10
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thanks for prompt response,

AESWRap is to wrap AES keys only ?

So I understand that we can not wrap DES key for example using AESWrap, but AES only (different key sizes are possible I presume).

But does AESWrap implies that the key the cipher should use for wrapping should also be AES key ?

in short, on page 52, both the wrapping and to-be-wrapped keys are AES keys (though different sizes), does it have to be this way as a rule ?

Thanks

Sincerely
Ray

P.S : tiny typo mistake in chapter 3 Utils class code : method createKeyForAES(int bitLength, SecureRandom random) uses constant value of 256 instead of parameter passed (bitLength) for key generation.

 
Old April 28th, 2008, 04:29 PM
dgh dgh is offline
Wrox Author
 
Join Date: Aug 2005
Posts: 206
Thanks: 0
Thanked 20 Times in 20 Posts
Default

AES Wrap can be used to wrap keys of 128, 192, and 256 bits. You'll find the full details in RFC 3394.

http://www.ietf.org/rfc/rfc3394.txt

Thanks for pointing out the typo.

Regards,

David






Similar Threads
Thread Thread Starter Forum Replies Last Post
Problem With RSA Interface Floetic Java GUI 1 March 25th, 2008 06:14 AM
How to generate public and private keys using RSA mannuvashishta VS.NET 2002/2003 0 March 17th, 2007 10:52 AM
RSA Decryption - Chapter 4 amalvido BOOK: Beginning Cryptography with Java 2 January 22nd, 2007 08:59 PM
When to define primary keys and foregin keys? method SQL Server 2000 1 August 26th, 2005 09:14 AM
RSA ajm235 C++ Programming 1 August 19th, 2004 01:41 PM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.