Java encryption issues

Java encryption issues … here is a solution to the problem.

Java encryption issues

I’m using PBE encryption to encrypt and decrypt some text on an Android app, but when I decrypt the text with the wrong private key, I get the BadPaddingException: with the “pad block corrupted” message.
My question is whether this is normal behavior for the cryptographic API since I’m not proficient in Java encryption, since I need to do some logic in case I enter the wrong key, but I don’t know the private key, and I don’t store it anywhere (only the encrypted and decrypted checksums).

Thank you
Mihai

Solution

Most key mismatches resulting in “bad fill errors” are normal. But it’s not 100% foolproof either. For example, in the case of symmetric encryption using PKCS#5 padding, a very common way to fill data, about 0.4% of incorrect keys do not result in incorrect padding. The decrypted data is still junk, however, by odd chance, the junk ends up with a valid fill. Your application must never indicate whether the decryption failure was due to a bad padding or junk due to an unusually valid padding (whether the information (whether the key was padded as part of 0.4% of the correct key) is a leak that can have serious consequences. There have been some attacks against SSL connections.

Related Problems and Solutions

  1. Call Runtime.gc() in the onLowMemory method
  2. How do I modify the BuildConfig .java in my Android project?
  3. Check if an object is an instance of any of the class lists (Android)
  4. A thread-safe eventual consistency counter
  5. How to export .key and .crt from the keystore
  6. You cannot add data to a HashMap declared in a non-Activity class
  7. Java Syntax Explained – getMenuInflater()
  8. android studio cannot display images in ImageView