Tagged Questions

0
votes
0answers
66 views

Secure storgage of API key + secret, salted AES in Java

This class is responsible for storing an API Key and Secret pair. The secret is encrypted with AES in CFB mode, using a key derived from a passphrase, a random salt and a number of rounds of SHA1. A ...
1
vote
0answers
124 views

AES-128 encryption class

This is the first time I've written a class in Java to do encryption using AES. Since security is involved I would love it if someone could take a look at it and let me know if anything is wrong with ...
0
votes
0answers
76 views

Storing secure passwords in Java: PBKDF2 example

I found this code example online. Is it a correct/secure implementation? import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import ...
1
vote
1answer
90 views

What can I improve in this Java based crypto code?

I use some basic cryptography in a project of mine. Because I want my application to run cross-platform and because it seems pretty sophisticated I decided to go with the Java Cryptography ...
4
votes
1answer
8k views

Secure AES encryption and decryption in Android

Is this implementation of AES for Android safe? Is it 128 bit encryption? How can I strengthen this implementation? Please help me, all suggestions are welcome :) import ...
2
votes
3answers
352 views

What is the security issue in this code?

I was asked how this code has a security risk. Does anyone have any ideas what it is? I am new on the security topic and don't know what to look for. String DBdriver = "com.ora.jdbc.Driver"; String ...
1
vote
0answers
145 views

Do these properties hold?

I wrote Javadoc for a class that needs to preserve the properties below. Does the source code preserve these properties? Are there other important properties that I am missing? Rules of Thumb ...
3
votes
1answer
356 views

Cryptographic key exchange

I initially posted this on StackOverflow, and was redirected here. I have been playing around with Bouncy Castle (Java) for the last few days, and I've reached the point where I believe I can securely ...