Tuesday, June 17, 2014

Why Use Java Cryptography Extension (JCE) Unlimited Strength ?

An issue with Selecting the Encryption key size in java is that JDK has a key size specified in the Shipped out version. On doing a 256-bit AES encryption with the default JDK,will  throw an InvalidKeyException, Exception with message "Illegal key size or default parameters". This is because of an arbitrary restriction imposed by JDK with default settings.

The Cipher size by default is 128 bit and this is because of the restrictions imposed by some countries on the key size.

How to make it 256 ?.. 

and in order to make it to a 256 bit requires a JCE - Java Cryptography Extension Unlimited Strength 

Downloadable from this link

http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html

This will enable to have a 256 bit key encryption possible.  The Deployment instructions are defined in the bundle.After unzipping, copy paste the jars to Lib/Secuirty folder under JRE. if referring to a JDK, JRE will be within the JDK installation path.

Know Client Default length

int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES");

This line will give default length.

Reference

http://www.javamex.com/tutorials/cryptography/unrestricted_policy_files.shtml

http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html



No comments:

Post a Comment