I am trying to encrypt some data with AES in java.
Till now I have successfully encrypted the data with a 128 bit key.
For 256 bit encryption I need to change my policy files which is not an option for me.
I referred this SO Q/A too.
Tried BouncyCastle but it seems they don't have any provision for 256 bit keys(
1st question
here
).
Had a look at JNCryptor. But don't know if its a good source or not.(BouncyCastle is approved by FIPS)
Also Reflection is not an option since it violates JAVA licence agreement.
So if someone could guide me to the relevant question or share a possible solution I'll be glad.
AES-256 encryption in Java without changing policy files
1k views Asked by YetAnotherBot At
1
There are 1 answers
Related Questions in JAVA
- I need the BIRT.war that is compatible with Java 17 and Tomcat 10
- Creating global Class holder
- No method found for class java.lang.String in Kafka
- Issue edit a jtable with a pictures
- getting error when trying to launch kotlin jar file that use supabase "java.lang.NoClassDefFoundError"
- Does the && (logical AND) operator have a higher precedence than || (logical OR) operator in Java?
- Mixed color rendering in a JTable
- HTTPS configuration in Spring Boot, server returning timeout
- How to use Layout to create textfields which dont increase in size?
- Function for making the code wait in javafx
- How to create beans of the same class for multiple template parameters in Spring
- How could you print a specific String from an array with the values of an array from a double array on the same line, using iteration to print all?
- org.telegram.telegrambots.meta.exceptions.TelegramApiException: Bot token and username can't be empty
- Accessing Secret Variables in Classic Pipelines through Java app in Azure DevOps
- Postgres && statement Error in Mybatis Mapper?
Related Questions in ENCRYPTION
- Is TLS enough for client server encryption or if dealing with sensitive data, its better to add ur own encryption also. for example leverage AWS SSM?
- Secure Messaging Implementation in C#
- File splitting and encryption
- Large file processing in the web browser
- Java code of AES/GCM/NoPadding encryption algorithm with authentication tag
- AES-256-CBC encryption returning different result in Python and PHP , HELPPP
- Why are encrypted stored procedures taking a long time to execute in SQL Server 2022?
- Why/How does Apache auto-include "DHE" TLS1.2 ciphers while nginx needs "dhparams" file?
- Encrypt in Single Store and Decrypt in SQL Server
- Is it possible to develop a Transparent Data Encryption(TDE) system on macOS now?
- How can I ensure incremental changes in deciphered messages in Python substitution cipher decoding?
- Getting Error Message as "the input string is not a complete block" while Decryting using AES
- Laravel: How to fix "the MAC is invalid" on local environment
- How to encrypt a string and decrypt it using a password
- Willena's sqlite-jdbc-crypt driver for sqlite3 database encryption
Related Questions in AES
- Java code of AES/GCM/NoPadding encryption algorithm with authentication tag
- AES-256-CBC encryption returning different result in Python and PHP , HELPPP
- zip4j - An error occurred while extracting files - Java
- Encrypt in Single Store and Decrypt in SQL Server
- Error "java.security.spec.InvalidKeySpecException: Error parsing public key" with Java
- Getting Error Message as "the input string is not a complete block" while Decryting using AES
- CMac calculation in C# using BouncyCastle
- Node.js AES decryption code converted to Golang throws key size error
- AES-CTR PRNG Implementation in OpenSSL with Consistent Output and Memory Leak Issues
- Encrypted data fails at decryption after restarting the micro-service
- Encryption in javascript frontend (browser env)
- mbedtls AES 128 ECB mode encryption give wrong results
- AES Decryption: if the decrypted file has a typo the Application crashes
- OpenSSL: how to encrypt new message with same key without EVP_EncryptInit_ex() again?
- How fix error: Specified key is not a valid size for this algorithm?
Related Questions in JCE
- Passing from JCE to Bouncy Castle (Blowfish)
- Export PKCS#8 from an EC PrivateKey
- JCE: Store a private-key only without cert-chain
- How to check if generated keypair matches?
- How to change jasypt algorithm in spring-boot application? why doesn't it work with default values?
- Failed to create RSA keyPair in AWS CloudHSM
- Why does my encryption returns weird string of symbols as the encrypted text?
- has anyone undergone certification of PCI-DSS using general purpose HSM (and not payshield)?
- CKR_KEY_TYPE_INCONSISTENT: when deriving signing key in FIPS mode using SunPKCS11 with NSS
- AWS KMS Support for PGP encryption
- Signing using PKCS#11 tokens
- How to use cloudhsm java library
- Problem in hiding exact size of cipherText inside image, later extract it and then decrypt it
- What is conscrypt ? Can you explain its usage with some examples?
- JCE pro adding space between < & ! while commenting code in <Style> tag in editor
Related Questions in POLICYFILES
- Is it possible to use both Berksfile and Policyfile at the same time in a chef cookbook?
- Testing resource cookbook with Policyfiles & ChefSpec
- Do Java security policy files support comments?
- chef client using policyfile : could not find recipe default for cookbook
- RMI server java.security.AccessControlException: access denied
- Chef create policygroup
- How do I get around "Filename too long" error when running `chef install` on Windows 10?
- AES-256 encryption in Java without changing policy files
- Java RMI 'java.rmi.ConnectException: Connection refused to host: 127.0.1.1;'
- Chef test kitchen and policyfiles
- Java Policy file as an argument to Process Builder
- java.io.FilePermission read access denied when launching applet with java 8
- java.util.PropertyPermission when a applet error occurs
- Allow Java applet to file system access and recording without modifying java policy file?
- unable to fetch process time using sigar
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Popular Tags
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
There is nothing wrong or insecure about a 128-bit AES key, it is not brute forcible. A 256-bit is not going to provide anymore security, a successful attack will be in another area.
The thing to make sure of is the quality of the key, use a cryptographically secure random number generator (CSPRNG) or derive the key from a really good password with PBKDF2.
Properly authenticate the encryption: encrypt and then MAC.
Use a random IV in CBC mode and do not report padding errors.