The short answer to your question is: SHA-1 is as secure as you can get. MD5 would be fine too, even MD4; but it could make some investors nervous. For public relations, it is best to use a “better” hash function, e.g. SHA-256, even if you truncate its output to 160 or 128 bits (to … Read more
Rijndael/AES is a block cypher. It encrypts data in 128 bit (16 character) blocks. Cryptographic padding is used to make sure that the last block of the message is always the correct size. Your decryption method is expecting whatever its default padding is, and is not finding it. As @NetSquirrel says, you need to explicitly … Read more
Prefix or suffix is irrelevant, it’s only about adding some entropy and length to the password. You should consider those three things: The salt has to be different for every password you store. (This is quite a common misunderstanding.) Use a cryptographically secure random number generator. Choose a long enough salt. Think about the birthday … Read more
xor is a dangerous default function to use when hashing. It is better than and and or, but that doesn’t say much. xor is symmetric, so the order of the elements is lost. So “bad” will hash combine the same as “dab”. xor maps pairwise identical values to zero, and you should avoid mapping “common” … Read more
Most basic and general explanation: cryptography is all about number theory, and all integer numbers (except 0 and 1) are made up of primes, so you deal with primes a lot in number theory. More specifically, some important cryptographic algorithms such as RSA critically depend on the fact that prime factorization of large numbers takes … Read more
The standard Oracle JDK 7 implementation uses what’s called a Linear Congruential Generator to produce random values in java.util.Random. Taken from java.util.Random source code (JDK 7u2), from a comment on the method protected int next(int bits), which is the one that generates the random values: This is a linear congruential pseudorandom number generator, as defined … Read more
A public salt will not make dictionary attacks harder when cracking a single password. As you’ve pointed out, the attacker has access to both the hashed password and the salt, so when running the dictionary attack, she can simply use the known salt when attempting to crack the password. A public salt does two things: … Read more
Before you do anything further, seek to understand the difference between encryption and authentication, and why you probably want authenticated encryption rather than just encryption. To implement authenticated encryption, you want to Encrypt then MAC. The order of encryption and authentication is very important! One of the existing answers to this question made this mistake; … Read more
Important: Unless you have a very particular use-case, do not encrypt passwords, use a password hashing algorithm instead. When someone says they encrypt their passwords in a server-side application, they’re either uninformed or they’re describing a dangerous system design. Safely storing passwords is a totally separate problem from encryption. Be informed. Design safe systems. Portable … Read more
SHA-256 isn’t an “encoding” – it’s a one-way hash. You’d basically convert the string into bytes (e.g. using text.getBytes(StandardCharsets.UTF_8)) and then hash the bytes. Note that the result of the hash would also be arbitrary binary data, and if you want to represent that in a string, you should use base64 or hex… don’t try … Read more