There are a couple of commonly quoted solutions to this problem. Unfortunately neither of these are entirely satisfactory: Install the unlimited strength policy files. While this is probably the right solution for your development workstation, it quickly becomes a major hassle (if not a roadblock) to have non-technical users install the files on every computer. … Read more
Share the password (a char[]) and salt (a byte[]—8 bytes selected by a SecureRandom makes a good salt—which doesn’t need to be kept secret) with the recipient out-of-band. Then to derive a good key from this information: /* Derive the key, given password and salt. */ SecretKeyFactory factory = SecretKeyFactory.getInstance(“PBKDF2WithHmacSHA256”); KeySpec spec = new PBEKeySpec(password, … Read more
Please consider long and hard if you can’t get around implementing your own cryptography The ugly truth of the matter is that if you are asking this question you will probably not be able to design and implement a secure system. Let me illustrate my point: Imagine you are building a web application and you … Read more