Standard Practice For Protecting Sensitive Data in Java Application
We can use encryption techniques to save our data. Encryption is the method by which information is converted into secret code that hides the information’s true meaning. The science of encrypting and decrypting information is called cryptography. In computing, unencrypted data is also known as plaintext, and encrypted data is called ciphertext. The formulas used to encode and decode messages are called encryption algorithms, or ciphers.
Let us do go through essentials, in brief, to get a better understanding of the standard practices for protecting sensitive data in Java applications.
- Encryption is a way of scrambling data so that only authorized parties can understand the information. In technical terms, It is the process of converting the human-readable plaintext to the incomprehensible text known as ciphertext.
- Decryption is taking encoded or encrypted text or other data and converting it back into the text so that you and the computer can understand.
- Cipher, any method of transforming a message to conceal its meaning. The term is also used synonymously with ciphertext or cryptogram in reference to the encrypted form of message.
- Secured Random class provides a cryptographically strong random number generator. A cryptographically strong random number minimally complies with statistical random number generator tests specified in FIPS 140-2, Security Requirements for cryptographic modules.
Example: SecureRandom class is used to generate a cryptographically strong pseudo-random number by using a PRNG Algorithm. The following are the advantages of using SecureRandom over Random. 1. SecureRandom produces a cryptographically strong pseudo-random number generator. 2. SecureRandom produces cryptographically strong sequences as described in RFC 1750: Randomness Recommendations for Security
Now let us come onto important methods of SecureRandom class
1. generateSeed() method returns the given number of seeds, computed using the seed generation.
Return type: Byte array (returns the given number of seeds, computed using the seed generation).
2. setSeed() method reseeds the random object
Return type: Void
Secure Random # generated by calling nextBytes() is 0.8849167225465367 Secure Random # generated using setSeed(byte) is 0.7542495384908446
AES-128 uses a 128-bit key length to encrypt and decrypt a block of messages, while AES -192 uses a 192-bit key length and AES-256 a 256-bit key length to encrypt and decrypt messages. Each cipher encrypts and decrypts data in blocks of 128 bits using cryptographic keys of 128,192 and 256 bits, respectively. Symmetric, also known as a secret key, ciphers use the same key for encrypting and decrypting, so the sender and the receiver must both know and use the same secret key.
/****AES Encryption*******/ file of encryption: MAD FINAL.pdf created encrypted file : MAD FINAL.enc created decrypted file : MAD FINAL.pdf