is AES key random?

java aes

11,953

Solution 1

The AES key can be any 128 bits. It should be be practically unguessable, whatever the method of creating it.

For Example:

SecureRandom sr = new SecureRandom()

key = new byte[16];
iv = new byte[16];

sr.nextBytes(key);
sr.nextBytes(iv);

Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(key,"AES"), new IvParameterSpec(IV));

SecretKeySpec, by the way, is just a thin wrapper around a byte[] --- it does not transform the key in any way. No "special algorithm".

Solution 2

To add to the other answers ... I believe that the reason that the basic Random functions aren't secure are two reasons:

Slight statistical biases that are acceptable for non-security related situations, but narrow the distributions unacceptably for security applications.
They are seeded by the system DATETIME. Even knowing WHEN you generated your key - to a poor accuracy of +/- 6 months - would significantly reduce the brute force search space.

Solution 3

You can add a random algorithm using SecureRandom :

    KeyGenerator keyGen = KeyGenerator.getInstance("AES");
    SecureRandom random = new SecureRandom(); // cryptograph. secure random 
    keyGen.init(random); 
    SecretKey secretKey = keyGen.generateKey();

Solution 4

It sounds like you're trying to generate an AES key based on a password.

If this is the case, you can use javax.crypto.SecretKeyFactory's generateSecret method, passing in a javax.crypto.spec.PBEKeySpec as the parameter. The PBEKeySpec allows to to specify the password as an argument to its constructor.

View more solutions

11,953

Author by

terentev

Updated on June 04, 2022

Comments

terentev almost 2 years
AES key may be generate by this code
```
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128); 
```
but

If I have a "very reliable" method of generating random numbers can I use it in such a way
```
SecureRandom rnd = new SecureRandom();
byte[] key = new byte[16];
rnd.nextBytes(key);
```
is key obtained by this method reliable ?

or it ONLY must generated by some SPECIAL algorithm
terentev about 12 years

Yes but i unlike PBEKeySpec :)
terentev about 12 years

i dont know what PBEKeySpec do (in it) ? :)
terentev about 12 years

this is I wanted to hear, I hope this is true :)
maybeWeCouldStealAVan about 12 years

PBEKeySpecis an implementation of PBKDF2, a standard algorithm which uses many rounds of a hash algorithm and a salt to produce a binary key of a given length based on a passphrase. Essentially, it's a specialized secure pseudorandom generator using the passphrase and salt as a seed. If you're generating secure random numbers as your keys, then you don't need it. If you're using a human-memorizable passphrase to generate your key, PBKDF2 is a good choice to protect against dictionary attacks.
Paŭlo Ebermann about 12 years

@user249654 Yes, it is. And don't use plain java.util.Random like in the question, use at least something like SecureRandom to avoid a fast brute-forcing of your key.
maybeWeCouldStealAVan about 12 years

Oops, sloppy editing on my part. SecretKeyFactory can generate a secret key given the pashphrase, salt, number of rounds, and desired key size specified in a PBEKeySpec object. It does so using any of several standard algorithms. One, for example, is "PBKDF2WITHHMACSHA1", a specific form of the PBKDF2 algorithm.
Maarten Bodewes over 10 years

Note that this answer was provided before the question was changed from Random to SecureRandom - which is cheating in my opinion.
Maarten Bodewes over 10 years

@PaŭloEbermann Please also see this excellent question by Thomas. That it is secure does not necessarily mean that it is the best method of generating the secret key.