As you can see from the other answers, having a unique IV per encrypted file is crucial, but why is that? First – let’s review why a unique IV per encrypted file is important. (Wikipedia on IV). The IV adds randomness to your start of your encryption process. When using a chained block encryption mode … Read more
Edit: As written in the comments the old code is not “best practice”. You should use a keygeneration algorithm like PBKDF2 with a high iteration count. You also should use at least partly a non static (meaning for each “identity” exclusive) salt. If possible randomly generated and stored together with the ciphertext. SecureRandom sr = … Read more
Warning: This answer contains code you should not use as it is insecure (using SHA1PRNG for key derivation and using AES in ECB mode) Instead (as of 2016), use PBKDF2WithHmacSHA1 for key derivation and AES in CBC or GCM mode (GCM provides both privacy and integrity) You could use functions like these: private static byte[] … Read more
SHA isn’t encryption, it’s a one-way hash function. AES (Advanced_Encryption_Standard) is a symmetric encryption standard. AES Reference
Probably AES. Blowfish was the direct predecessor to Twofish. Twofish was Bruce Schneier’s entry into the competition that produced AES. It was judged as inferior to an entry named Rijndael, which was what became AES. Interesting aside: at one point in the competition, all the entrants were asked to give their opinion of how the … Read more
If you just want to use the built-in crypto provider RijndaelManaged, check out the following help article (it also has a simple code sample): http://msdn.microsoft.com/en-us/library/system.security.cryptography.rijndaelmanaged.aspx And just in case you need the sample in a hurry, here it is in all its plagiarized glory: using System; using System.IO; using System.Security.Cryptography; namespace RijndaelManaged_Example { class RijndaelExample … Read more
Lot of people including myself face lot of issues in making this work due to missing some information like, forgetting to convert to Base64, initialization vectors, character set, etc. So I thought of making a fully functional code. Hope this will be useful to you all: To compile you need additional Apache Commons Codec jar, … Read more
JSAES is a powerful implementation of AES in JavaScript. http://point-at-infinity.org/jsaes/
Since you haven’t posted any code, it’s difficult to know exactly which problems you’re encountering. However, the blog post you link to does seem to work pretty decently… aside from the extra comma in each call to CCCrypt() which caused compile errors. A later comment on that post includes this adapted code, which works for … Read more
Use AES. In more details: DES is the old “data encryption standard” from the seventies. Its key size is too short for proper security (56 effective bits; this can be brute-forced, as has been demonstrated more than ten years ago). Also, DES uses 64-bit blocks, which raises some potential issues when encrypting several gigabytes of … Read more