2

I have this problem I'm trying to encrypt a string twice using this code :

KeySpec keySpec = new X509EncodedKeySpec(new BigInteger(publicKey, 36).toByteArray());
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
Key decodedPublicKey = keyFactory.generatePublic(keySpec);
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.ENCRYPT_MODE, decodedPublicKey);     
byte a1[] = cipher.doFinal(z.getBytes());

KeySpec keySpec2 = new X509EncodedKeySpec(new BigInteger(publicKey, 36).toByteArray());
KeyFactory keyFactory2 = KeyFactory.getInstance("RSA");
Key decodedPublicKey2 = keyFactory2.generatePublic(keySpec2);
Cipher cipher2 = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher2.init(Cipher.ENCRYPT_MODE, decodedPublicKey2);
byte a2[] = cipher.doFinal(z.getBytes());

Both use the same publicKey, and same input z but each of the two blocks of code creates a different byte array (a1!=a2) I want it to be equal but I have no idea how to do it (tried to look it up but couldn't find an answer yet).

Would really appreciate it if anyone could help me.

Thanks

EDIT :

Well, I didn't use the AES encryption since the data I encrypt is very small (just a password)

I have a client and a server, and when someone connects to theclient, I want to confirm his password (his encrypted password is in a file on the android sdcard) so I want to compare the real password with the password the user has entered in the login page

I don't have the private key on the client so I can't decrypt the encrypted pass which is already on the device, so I tried to compare encrypted password (that I thought would be the same which I now know they ain't)

Maybe you have an idea what I can do? how to compare a password and an encrypted password where I only have the public key

Thanks

Improve this question
2
  • 1
    Why would you want them to be equal? That doesn't sound like a good thing when you're dealing with encryption. Commented Nov 13, 2012 at 22:41
  • 2
    shouldn't your last line of code be using cipher2 instead of cipher? Commented Nov 13, 2012 at 22:52

2 Answers 2

Reset to default
2

PKCS#1 Padding is used to ensure that identical plain texts do not encrypt to the same cipher text. PKCS#1 is a form of optimal asymmetric encryption padding which is described on wikipedia. Having different cipher texts for the same plain text is a good thing.

If you want to ruin a good cipher, you can specify "NoPadding" instead of "PCKS1Padding". The downside of this is that the padding also takes care of specifying the length of the message. With "NoPadding" you will find that when you decrypt your cipher text your message has become prefixed with lots of zero bytes.

I would also comment that this is not how you encrypt a message with RSA. RSA is only good for short pieces of data. A 1024-bit RSA cipher can only encrypt 117 bytes for example. The correct way to encrypt a message with RSA is to generate a one time AES cipher key, encrypt the AES cipher key with RSA, and the message with AES. This allows you to send a message of any length securely.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

You might want to take a look at the top answer for this question. Short version is that every time you encrypt with a Public Key, the resulting encrypted data will be different. If you encrypt with the Private Key, you will get the same result every time.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.