Is it possible to do a simple encryption JavaScript and retrieve the data in java. I am aware of the javascript encryption disadvantages but i have to do the same for as of now . there is no posibiliy of using SSL instead.
5
-
google.com -> "javascript encryption java decryption" or only "javascript encryption" ?Andreas– Andreas2012-06-01 08:49:16 +00:00Commented Jun 1, 2012 at 8:49
-
@Andreas i have done googling before posting and tried out the solutions given in that nothing worked that out for me as such and its not a blind post.neo– neo2012-06-01 08:52:41 +00:00Commented Jun 1, 2012 at 8:52
-
Not sure why i am not getting answers but only downvotes :). Downvotes are welcome if u really feel its a sily question but can i get a bettter answer before thatneo– neo2012-06-01 08:56:24 +00:00Commented Jun 1, 2012 at 8:56
-
Then post what you've done and the code you've tried which isn't working instead of asking us to do your job ;)Andreas– Andreas2012-06-01 08:57:45 +00:00Commented Jun 1, 2012 at 8:57
-
1You're probably getting downvoted because you have not shown what you have tried to solve the problem yourself. On a sidenote, there are only 2 possible answers to your current question: "yes" and "no". Try to rephrase your question in such a way that we can actually guide you in the right direction.Maza89– Maza892012-06-01 09:00:56 +00:00Commented Jun 1, 2012 at 9:00
Add a comment
|
3 Answers
Found this library on web and apparently it is what you are seeking of.
You can find about Java decryption here.
answered Jun 1, 2012 at 8:55
Chathuranga Chandrasekara
21.1k31 gold badges101 silver badges138 bronze badges
1 Comment
neo
Thank you for quick reply . let me try this out and will let u know how it went :)
There are javascript implementations of RSA, Blowfish, DSA, TEA and others (try google for code). You'll have to do some testing to find out what implementations create the same representation of the encrypted content.
There's not really a huge benefit in using a very sophisticated algorithm / large key size since there are vulnerabilities in the transfer of the javascript (and any keys) over a non-secured connection (even if you imlpement an asymmetric cypher and only send the public key, a MITM can modify the javascript to send an unencrypted version). If it were me, I' proably go with TEA (a quick google turned up lots of implementations, including a java one here).
Comments
If it really, really has to be JS cryptography, the Stanford Javascript Crypto Library is worth a look. It has been designed to follow modern requirements as much as possible, as described in the paper about it. Of course it will suffer from the general shortcomings of browser-based Javascript cryptography as well, but unfortunately there seem to be more shaky parts in the sources, as owlstead mentions in the comments. It is still under development and these parts will hopefully be improved. But given that there is no equivalent to something like OpenSSL in Javascript, it might be worth a try.
4 Comments
Maarten Bodewes
I've created a Java equivalent of the SJCL, it's also in the github thingy. It's not finished though. One thing: SJCL is not bad, but the convenience libs have more than one bug in them (one I helped to find was that the authenticated data was not verified!). In the end it is studentware.
emboss
@owlstead OK, interesting. I read their paper and it sounded pretty good, but I guess it still has "normal" engineering bugs then...
Maarten Bodewes
Well, yes, it's interesting software, but in the end it's not an overly tested crypto library with large user base. Main function seemed to be to be an implementation so see how well the JavaScript can perform crypto (to create a paper, the principal non-human output of universities). That's all ok, but users should (have been) warned about the status of the project. E.g. their base 64 implementation is a bit shaky as well.
emboss
@owlstead That's bad, so it's again a nice idea but lacks attention to detail... I'll revise my answer to reflect your findings.
