This post explains the concept of Hashing and how to use the generated hash key to generate a symmetric key which can be used to encrypt and decrypt data.
This kind of security is generally used in banks.
Hashing is a one way process unlike encryption. A encrypted data can be decrypted using the key by which the data was encrypted, but a hashed data can not be converted into its original data using the key or mostly called as salt.
Below class uses MD5 algorithm to generate the hashed key from the string. The hashed key is then use to generate the symmetric key which is then used to encryt and decrypt data. To read more about symmetric key encryption read blog
For a maven project you will need the apache-common-codec jar as a dependency or else just download the jar and paste it in the folder which is in the classpath.
Maven dependency:
The below method is the main method. Add all the further mentioned methods into the same class to make it run
Below method here generates the hashed code from the string. You can use different algorithms here like SHA-1, SHA-256 etc.
Below method here generates a symmetric key using hashcode and then encrypts the data
Below method here first generates the symmetric key using hashcode and then decrypts the encrypted data.
The output of the above main function is given below:
This kind of security is generally used in banks.
Hashing is a one way process unlike encryption. A encrypted data can be decrypted using the key by which the data was encrypted, but a hashed data can not be converted into its original data using the key or mostly called as salt.
Below class uses MD5 algorithm to generate the hashed key from the string. The hashed key is then use to generate the symmetric key which is then used to encryt and decrypt data. To read more about symmetric key encryption read blog
For a maven project you will need the apache-common-codec jar as a dependency or else just download the jar and paste it in the folder which is in the classpath.
Maven dependency:
<dependency> <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> <version>1.8</version> </dependency>
The below method is the main method. Add all the further mentioned methods into the same class to make it run
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
public class MyClass {
public static void main(String[] args) throws Exception {
String password="password1";
String data="ABC";
// Hash User Password using MD5
byte[] hashedUserPassword = createMD5(password);
System.out.println("Hashed Password : "+Base64.encodeBase64String(hashedUserPassword));
//Encrypt Data using symmetric key created from hash of password
String encryptedData=encryptData(data,hashedUserPassword);
System.out.println("Encrypted Data : "+ encryptedData);
//Encrypt Data using symmetric key created from hash of password
String decryptedData=decryptData(encryptedData,hashedUserPassword);
System.out.println("Decrypted Data : "+decryptedData);
}
// Add below mentioned methods here
}
Below method here generates the hashed code from the string. You can use different algorithms here like SHA-1, SHA-256 etc.
private static byte[] createMD5(String key)
throws NoSuchAlgorithmException {
//SHA-256
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(key.getBytes());
byte byteData[] = md.digest();
return byteData;
}
Below method here generates a symmetric key using hashcode and then encrypts the data
private static String encryptData(String data, byte[] hashedUserPassword) throws Exception{
//Generate Key using hash of password
SecretKey secKey = new SecretKeySpec(hashedUserPassword, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, secKey);
byte[] newData = cipher.doFinal(data.getBytes());
String encryptedData = Base64.encodeBase64String(newData);
return encryptedData;
}
Below method here first generates the symmetric key using hashcode and then decrypts the encrypted data.
private static String decryptData(String encryptedData, byte[] hashedUserPassword) throws Exception {
//Generate Key using hash of password
SecretKey secKey = new SecretKeySpec(hashedUserPassword, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, secKey);
byte[] decryptedData=cipher.doFinal(Base64.decodeBase64(encryptedData));
return new String(decryptedData);
}
The output of the above main function is given below:
Hashed Password : fGoYCzaJagqMAnh+6vsOTA== Encrypted Data : WLhjE/wdukam6uquR4RkSQ== Decrypted Data : ABC
