encrypt password

Is it possibe to encrypt a password before sending it to a mysql database. If so how would u do so?  Would it be possible to use assembler or what would work with jsp?
Cheers, Raftor
RaftorAsked:
Who is Participating?
 
TimYatesCommented:
I would use SSL

http://java.sun.com/webservices/docs/1.0/tutorial/doc/WebAppSecurity6.html

Then the browser will encrypt anything sent to the server, and the server will encrypt responses...

If you are just looking to encrypt the password in the database, then MD5 is what you want:

http://javaalmanac.com/egs/java.security/Digest.html
0
 
nishit4allConnect With a Mentor Commented:
hi there,
you can follow different encryption tech. like this one. Get the password's individual character's ascii value, also generate a random number. Now use any mathematical operator like multiplication or addition and apply between every ascii value and random number. Store it into database in encrypted format.
Perform reverse of this when checking password.

if you want to do this using javascript, later u can copy it to your java code try this :

<!-- TWO STEPS TO INSTALL ASCII ENCRYPTION:

  1.  Copy the coding into the HEAD of your HTML document
  2.  Add the last code into the BODY of your HTML document  -->

<!-- STEP ONE: Paste this code into the HEAD of your HTML document  -->

<HEAD>

<SCRIPT LANGUAGE="JavaScript">

<!-- Begin
function Encrypt(theText) {
output = new String;
Temp = new Array();
Temp2 = new Array();
TextSize = theText.length;
for (i = 0; i < TextSize; i++) {
rnd = Math.round(Math.random() * 122) + 68;
Temp[i] = theText.charCodeAt(i) + rnd;
Temp2[i] = rnd;
}
for (i = 0; i < TextSize; i++) {
output += String.fromCharCode(Temp[i], Temp2[i]);
}
return output;
}
function unEncrypt(theText) {
output = new String;
Temp = new Array();
Temp2 = new Array();
TextSize = theText.length;
for (i = 0; i < TextSize; i++) {
Temp[i] = theText.charCodeAt(i);
Temp2[i] = theText.charCodeAt(i + 1);
}
for (i = 0; i < TextSize; i = i+2) {
output += String.fromCharCode(Temp[i] - Temp2[i]);
}
return output;
}
//  End -->
</script>
</HEAD>

<!-- STEP TWO: Copy this code into the BODY of your HTML document  -->

<BODY>

<center>
<form name=encform onsubmit="return false;">
<textarea name=box1 rows=5 cols=50>The quick brown fox jumps over the lazy dog</textarea>
<p>
<input type=button value="Encrypt Box1 to Box2" onClick="this.form.box2.value=Encrypt(this.form.box1.value);">
<p>
<textarea name=box2 rows=5 cols=50></textarea>
<p>
<input type=button value="Decrypt Box2 to Box3" onClick="this.form.box3.value=unEncrypt(this.form.box2.value);">
<p>
<textarea name=box3 rows=5 cols=50></textarea>
</form>
</center>

<p><center>
0
Cloud Class® Course: CompTIA Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

 
RaftorAuthor Commented:
Thats very good ill try that and come back to you with any questions later.
0
 
RaftorAuthor Commented:
That site looks Objects very good but i can get a java file with the example that uses the class to compile. i am importing the
javax.crypto classes but what am i leaving out?
0
 
RaftorAuthor Commented:
Its says to generate a temporary key.  How do i do this?
0
 
objectsCommented:
what errors are you getting?
0
 
RaftorAuthor Commented:

C:\Project>javac EncDec.java
EncDec.java:15: cannot resolve symbol
symbol  : class DesEncrypter
location: class Project.EncDec
                DesEncrypter encrypter = new DesEncrypter(key);
                ^
EncDec.java:15: cannot resolve symbol
symbol  : class DesEncrypter
location: class Project.EncDec
                DesEncrypter encrypter = new DesEncrypter(key);
                                                            ^
These are the errors but the other file DesEncrypter compiles fine!
0
 
RaftorAuthor Commented:
import javax.crypto.*;

public class EncDec{
      public static void main (String[] args)      {
            try{
              SecretKey key = KeyGenerator.getInstance("DES").generateKey();
              DesEncrypter encrypter = new DesEncrypter(key);
              String encrypted = encrypter.encrypt("Don't tell anybody!");
              String decrypted = encrypter.decrypt(encrypted);
          } catch (Exception e) {        }
    }
}
this is EncDec.java
0
 
objectsCommented:
Add the DesEncrypter class to your Project package.
0
 
RaftorAuthor Commented:
Damn that still didnt work. This is the exact code i am using. Any more suggestions?

////////////////////////////////////EncDec.java/////////////////////////
package Project;
import javax.crypto.*;

public class EncDec{
      public static void main (String args[])      {
            try      {
              SecretKey key = KeyGenerator.getInstance("DES").generateKey();
              // Create encrypter/decrypter class
              DesEncrypter encrypter = new DesEncrypter(key);

              // Encrypt
              String encrypted = encrypter.encrypt("Don't tell anybody!");

              // Decrypt
              String decrypted = encrypter.decrypt(encrypted);
          } catch (Exception e) {        }
    }
}

////////////////////////////////////////////DesEncrypter.java/////////////////////
package Project;
import javax.crypto.*;

public class DesEncrypter {
        Cipher ecipher;
        Cipher dcipher;
   
        DesEncrypter(SecretKey key) {
            try {
                ecipher = Cipher.getInstance("DES");
                dcipher = Cipher.getInstance("DES");
                ecipher.init(Cipher.ENCRYPT_MODE, key);
                dcipher.init(Cipher.DECRYPT_MODE, key);
   
            } catch (javax.crypto.NoSuchPaddingException e) {
            } catch (java.security.NoSuchAlgorithmException e) {
            } catch (java.security.InvalidKeyException e) {
            }
        }
   
        public String encrypt(String str) {
            try {
                // Encode the string into bytes using utf-8
                byte[] utf8 = str.getBytes("UTF8");
   
                // Encrypt
                byte[] enc = ecipher.doFinal(utf8);
   
                // Encode bytes to base64 to get a string
                return new sun.misc.BASE64Encoder().encode(enc);
            } catch (javax.crypto.BadPaddingException e) {
            } catch (IllegalBlockSizeException e) {
            } catch (java.io.IOException e) {
            }
            return null;
        }
   
        public String decrypt(String str) {
            try {
                // Decode base64 to get bytes
                byte[] dec = new sun.misc.BASE64Decoder().decodeBuffer(str);
   
                // Decrypt
                byte[] utf8 = dcipher.doFinal(dec);
   
                // Decode using utf-8
                return new String(utf8, "UTF8");
            } catch (javax.crypto.BadPaddingException e) {
            } catch (IllegalBlockSizeException e) {
            } catch (java.io.IOException e) {
            }
            return null;
        }
    }
0
 
objectsCommented:
are both java files in same directory (Project)
what errors now?
0
 
RaftorAuthor Commented:
Ya they are in the same directory and im still getting the same errors,

C:\Project>javac EncDec.java
EncDec.java:15: cannot resolve symbol
symbol  : class DesEncrypter
location: class Project.EncDec
                DesEncrypter encrypter = new DesEncrypter(key);
                ^
EncDec.java:15: cannot resolve symbol
symbol  : class DesEncrypter
location: class Project.EncDec
                DesEncrypter encrypter = new DesEncrypter(key);
                                                              ^
0
 
objectsCommented:
is the parent directory of Project in your classpath?
0
 
RaftorAuthor Commented:
Uhh ohhh
0
 
RaftorAuthor Commented:
Thats it alright, sometimes when i spend too long looking at a problem i cant see the wood from the trees.
Thanks Experts!!
Raftor.
0
 
objectsCommented:
0
 
TimYatesCommented:
Just to ask why you are using DES?  That would mean that passwords can be decrypted, which isn't usually what you want...

That's why I suggested MD5

*shrug*

Oh well :)

Glad you got it sorted :)
0
 
TimYatesCommented:
Also,  nishit4all's Assisted answer would mean the encryption method is in the HTML source for the page!!?!  And it is not a recognised secure method of encryption...
0
 
nishit4allCommented:
glad u got the sol'n Raftor,
    would like to tell TimYates, that javascript code can be converted to java code and then can be implemented. But still it wouln't have been that secured, well that was just a small encryption tech in which cracking password wont be that easy.
thanks,
nishit
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.