Android 4.2 broke my encrypt/decrypt code and the provided solutions don’t work

by

First a disclaimer:

DO NOT ever use SecureRandom to derive a key! This is broken and doesn’t make sense!

The following block of code from the question tries to deterministically derive a key from a password, called the “seed” as the password is used to “seed” the random number generator.

KeyGenerator keygen = KeyGenerator.getInstance("AES");
SecureRandom secrand = SecureRandom.getInstance("SHA1PRNG");
secrand.setSeed(seed.getBytes());
keygen.init(128, secrand);
SecretKey seckey = keygen.generateKey();

However, the "SHA1PRNG" algorithm is not well defined and implementations of "SHA1PRNG" may return different or even fully random keys as a result.

If you’re reading an AES key from disk, just store the actual key and don’t go through this weird dance. You can get a SecretKey for AES usage from the bytes by doing:

    SecretKey key = new SecretKeySpec(keyBytes, "AES");

If you’re using a password to derive a key, follow Nelenkov’s excellent tutorial with the caveat that a good rule of thumb is the salt size should be the same size as the key output.

The iterationCount (work factor) is of course subject to change and should be changed as CPU power progresses – generally it is recommended not to go lower than 40 to 100K as of 2018. Beware that PBKDF2 only adds a constant time delay to guessing passwords; it is not a replacement for really weak passwords.

It looks like this:

    /* User types in their password: */
    String password = "password";

    /* Store these things on disk used to derive key later: */
    int iterationCount = 1000;
    int saltLength = 32; // bytes; should be the same size as the output (256 / 8 = 32)
    int keyLength = 256; // 256-bits for AES-256, 128-bits for AES-128, etc
    byte[] salt; // Should be of saltLength

    /* When first creating the key, obtain a salt with this: */
    SecureRandom random = new SecureRandom();
    byte[] salt = new byte[saltLength];
    random.nextBytes(salt);

    /* Use this to derive the key from the password: */
    KeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt,
                iterationCount, keyLength);
    SecretKeyFactory keyFactory = SecretKeyFactory
                .getInstance("PBKDF2WithHmacSHA1");
    byte[] keyBytes = keyFactory.generateSecret(keySpec).getEncoded();
    SecretKey key = new SecretKeySpec(keyBytes, "AES");

That’s it. Anything else you should not use.

More Related Contents:

  1. MD5 hashing in Android
  2. How to add Bouncy Castle algorithm to Android?
  3. OutOfMemoryException when using large images
  4. Best practice for instantiating a new Android Fragment
  5. Can the Android layout folder contain subfolders?
  6. Playing an arbitrary tone with Android
  7. How to use ScrollView in Android?
  8. Emulator: ERROR: x86 emulation currently requires hardware acceleration
  9. Android: out of memory exception in Gallery
  10. How to avoid soft keyboard pushing up my layout? [duplicate]
  11. Implement page curl on android?
  12. How to set dialog to show in full screen? [closed]
  13. What is the class R in Android?
  14. How to force an entire layout View refresh?
  15. MenuItemCompat.getActionView always returns null
  16. How to enable USB debugging in Android?
  17. Can I make a phone call from HTML on Android?
  18. Disable scrolling in all mobile devices
  19. Get date from datepicker using dialogfragment
  20. How do I play an mp3 in the res/raw folder of my android app?
  21. Programmatically collapse a group in ExpandableListView
  22. Enabling general JavaScript in WebViewClient
  23. Get listview item position on button click
  24. Run code when Android app is closed/sent to background
  25. Android: application-wide font-size preference
  26. Handle a view visibility change without overriding the view
  27. Android webview cannot render youtube video embedded via iframe
  28. how to detect Android ListView Scrolling stopped?
  29. Android HTTP Get
  30. Bitmapfactory example

Leave a Comment