Emulating PBEWithMD5AndDES Encryption under .NET

Announcements

	Try Azure, win a laptop
	Build a VS2010 addin win a Zune
	Monthly Competition

Articles

Platforms, Frameworks & Libraries

Languages

General Programming

Graphics / Design

Development Lifecycle

Services

CodeProject VS2008 Addin

Feature Zones

Product Showcase

WhitePapers / Webcasts

.NET Dev Library

ASP.NET Web Hosting

Advanced Search
Add to IE Search

Discuss

Report

4 votes for this article.

Popularity: 2.04 Rating: 3.38 out of 5

Download source files - 1.22 KB

Introduction

In most ways, .NET's encryption model is pretty good. But when migrating secure applications from Java, the lack of this built in password-based encryption (PBE) is a pain. This article introduces a class that will encrypt data in the same way as Java's PBEWithMD5AndDES algorithm.

The implementation of the algorithm I use is adapted from this article by Michel Gallant.

The Algorithm

As the name suggests, this encryption algorithm uses the DES mechanism with a key generated by MD5 hashing the 'password', combined with a salt string. It allows the input string to be repeatedly MD5-hashed a number of times. The 16-byte MD5 string is then split into two halves, an 8-byte DES key and an 8-byte initial seed for DES.

It obviously makes sense to make use of .NET's DESCryptoServiceProvider to provide the encryption. So this implementation is simply doing the multiple MD5 hash.

The Code

To use this class, simply use:

PKCSKeyProvider kp = new PKCSKeyProvider();
ICryptoTransform crypt = kp.Generate(
      "MyPassword",
      new byte[] { 100, 200, 255, 3},  // salt
      15,             // iterations of MD5 hashing
      1 );  // number of 16-byte segments to create. 
            // 1 to mimic Java behaviour.

Complete class listing:

using System;
using System.IO;
using System.Text;
using System.Security.Cryptography;

namespace RedCorona.Cryptography {
    public class PKCSKeyGenerator {
        byte[] key = new byte[8], iv = new byte[8];
        DESCryptoServiceProvider des = new DESCryptoServiceProvider();
        
        public byte[] Key { get { return key; } }
        public byte[] IV { get { return iv; } }
        public ICryptoTransform Encryptor { get { return des.CreateEncryptor(key, iv); } }
        
        public PKCSKeyGenerator(){}
        public PKCSKeyGenerator(String keystring, byte[] salt, 
		int md5iterations, int segments){
            Generate(keystring, salt, md5iterations, segments);
        }
        
        public ICryptoTransform Generate(String keystring, byte[] salt, 
		int md5iterations, int segments){
            int HASHLENGTH = 16;    //MD5 bytes
            byte[] keymaterial = 
	    new byte[HASHLENGTH*segments] ; //to store concatenated Mi hashed results
            
            // --- get secret password bytes ----
            byte[] psbytes;
            psbytes = Encoding.UTF8.GetBytes(keystring);
            
            // --- concatenate salt and pswd bytes into fixed data array ---
            byte[] data00 = new byte[psbytes.Length + salt.Length] ;
            Array.Copy(psbytes, data00, psbytes.Length);  //copy the pswd bytes
            Array.Copy(salt, 0, data00, 
		psbytes.Length, salt.Length) ;//concatenate the salt bytes
            
            // ---- do multi-hashing and concatenate results  D1, D2 ...  
            // into keymaterial bytes ----
            MD5 md5 = new MD5CryptoServiceProvider();
            byte[] result = null;
            byte[] hashtarget = new byte[HASHLENGTH + 
		data00.Length];   //fixed length initial hashtarget
            
            for(int j=0; j<segments; j++) {
                // ----  Now hash consecutively for md5iterations times ------
                if(j == 0) result = data00;       //initialize
                else {
                    Array.Copy(result, hashtarget, result.Length);
                    Array.Copy(data00, 0, hashtarget, result.Length, data00.Length) ;
                    result = hashtarget;
                }
                
                for(int i=0; i<md5iterations; i++)
                    result = md5.ComputeHash(result);
                
                Array.Copy(result, 0, keymaterial, j*HASHLENGTH, 
			result.Length);  //concatenate to keymaterial
            }
            
            Array.Copy(keymaterial, 0, key, 0, 8);
            Array.Copy(keymaterial, 8, iv, 0, 8);
            
            return Encryptor;
        }
    }
}

History

19^th November, 2006: Initial post

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

About the Author

BobJanova

Member

I'm a recent graduate (MSci) from the University of Cambridge, no longer studying Geology. Programming is a hobby so I get to write all the cool things and not all the boring things Smile

. However I now have a job in which I have to do a bit of work with a computer too.

Location:

United Kingdom

Other popular Algorithms & Recipes articles:

Symbolic Differentiation
This article demonstrates differentiating expressions using a stack and displaying the input expression and its derivative.
Manipulating colors in .NET - Part 1
Understand and use color models in .NET
Neural Networks on C#
The articles describes a C# library for neural network computations, and their application for several problem solving.
Fast Mathematical Expressions Parser
Code for a fast math parser library
State of the Art Expression Evaluation
A tutorial on how to realize an expression evaluator in CSharp with ANTLR

Article Top

You must Sign In to use this message board.

FAQ
Noise Tolerance Layout Per page

Error in IV property

tHermO78

3:43 25 Aug '08

Hi, thanks for your code! I found a small bug in the IV property: public byte[] IV { get { return IV; } } This should be 'return iv;' so the property doesn't try to call it's own Get function.. Best Regards Niko
Sign In·View Thread·PermaLink

Re: Error in IV property

BobJanova

12:57 25 Aug '08

Totally correct, thanks. As you may guess, I have never used that property :P
Sign In·View Thread·PermaLink

License

Justin Porter

10:45 17 Jul '08

Is there any license attached to this code? Can I use this code in a proprietary project? It's exactly what I have been looking for.
Sign In·View Thread·PermaLink

Re: License

BobJanova

12:01 17 Jul '08

I originally released it basically competely free for use. Since CP have started asking us to license our code I am using the CodeProject Open License. I believe that does allow you to use the code as you wish; that's certainly the intention. It would be nice if you linked from your About box or documentation though
Sign In·View Thread·PermaLink

Re: License

Justin Porter

10:12 18 Jul '08

Will do. Thanks for the code.
Sign In·View Thread·PermaLink

Nice!

Titanio

3:32 18 Apr '07

Hi there! This project has been of great help, and I've managed to successfully encript in Java and decript in .NET 1.1. A little suggestion of improvement: to use the class for encripting and decripting, Generate could return void instead of the Encriptor, and request the Encriptor (or Decriptor) according to the operation to be done... keep the good work!
Sign In·View Thread·PermaLink	2.00/5 (1 vote)

Adapting for PBEWithMD5AndTripleDES

kyoseix

9:28 14 Feb '07

Is there a way to adapt this code to work with TripleDES? I know i java there is also a "PBEWithMD5AndTripleDES". What hash algorithm would you use in this case? Also, what would be the number of segments and iterations passed into the Generate method?
Sign In·View Thread·PermaLink	1.00/5 (1 vote)

Re: Adapting for PBEWithMD5AndTripleDES

BobJanova

9:50 14 Feb '07

Sorry, I don't know how that algorithm works. My guess is it does the same thing but generates 3 blocks of 8 bytes as the key. .Net provides a TripleDES encryptor, so you can probably modify the code to use that.
Sign In·View Thread·PermaLink	1.00/5 (1 vote)

Using this in .net

BlahMatt

8:23 7 Feb '07

So I have to ecrypt something using PBEWithMD5AndDES encryption from .net to be decrypted in a java app.

In java, to encrypt it I go:

private byte[] _salt = {
(byte) 0xc7,
(byte) 0x73,
(byte) 0x21,
(byte) 0x8c,
(byte) 0x7e,
(byte) 0xc8,
(byte) 0xee,
(byte) 0x99 };

private int _count = 13;

private PBEParameterSpec _pbeParamSpec = new PBEParameterSpec(_salt, _count);

public static void main(String[] args)
{

Main enc = new Main();
SecretKey key = enc.setKeyString("abcdefghijklm");
byte[] arg;

encryptString("4123321123321")
}

public String encryptString(String num)
{

byte[] eccbytes = encrypt(setKeyString("abcdefghijklm"), num.getBytes());

StringBuffer encrypted_string_sb = new StringBuffer();
for (int i = 0; i < eccbytes.length; i++) {
char c = (char) (eccbytes[i] & 0Xff);
encrypted_string_sb.append(c);
}

return encrypted_string_sb.toString();
}

public byte[] encrypt(SecretKey key, byte[] clearText)
{
byte[] encryptedText = null;

try
{
// Create PBE Cipher
Cipher c = Cipher.getInstance("PBEWithMD5AndDES");

// Create PBE parameter set
//PBEParameterSpec pbeParamSpec = new PBEParameterSpec(_salt, _count);

// Initialize PBE Cipher with key and parameters
c.init(Cipher.ENCRYPT_MODE, key, _pbeParamSpec);

//encryptedText = new String(c.doFinal(clearText.getBytes()));
encryptedText = c.doFinal(clearText);

}
catch (Exception e)
{
System.out.print(e.toString());
}

return encryptedText;
}

Now, I can't seem to emulate this in .net. I've implemented the class posted here and used the "TransformFinalBlock" method but I've been unable to get the proper results. Would someone mind posting an example of this being implemented.

Thanks in advance,

Matt

Re: Using this in .net

BobJanova

8:40 7 Feb '07

This is exactly the scenario I wrote the code for, encyrpting data for consumption by Java. Here is an example:

PKCSKeyGenerator crypto = new PKCSKeyGenerator(
			"mysecretkey",
			new byte[]{ 37, 189, 4, 14, 27, 109, 215, 47 }, // salt
			13, 1 );
ICryptoTransform ct = crypto.Encryptor;
String command = "whatever you want to encrypt";
byte[] newbytes = ct.TransformFinalBlock(Encoding.UTF8.GetBytes(command), 0, command.Length);

Re: Using this in .net [modified]

BlahMatt

9:22 7 Feb '07

***EDIT*** Thanks again for your help.

I got it working. It had to do with my buffer between the two apps. Great article.

Thank you for the quick response, I really appreciate it. That's pretty much what I did, but the bytes don't seem to be the same. I actually just noticed that there are no negative bytes in .net. So I may have just been misinterpreting it.

so for

PKCSKeyGenerator crypto = new PKCSKeyGenerator(
"abcdefghijklm",

new byte[] { 37, 189, 4, 14, 27, 109, 215, 47 }, // salt
13, 1);
ICryptoTransform ct = crypto.Encryptor;
String command = "abcdefghijkmnopq";
byte[] newbytes = ct.TransformFinalBlock(Encoding.UTF8.GetBytes(command), 0, command.Length);

In .net my byte array results for :

166
236
55
116
222
233
31
37
31
144
191
38
102
179
29
219
51
69
89
12
54
138
95
150

whereas in Java they are:

-50
-12
-104
-7
-114
74
-67
125
-92
63
17
5
57
-82
-85
-31
80
58
-97
65
31
-29
41
104

-- modified at 16:05 Wednesday 7th February, 2007

Decryption?

Audiedog

10:49 29 Nov '06

In your efforts to migrate from Java to .NET, did you also happen to have to decrypt in .NET something that was encrypted in Java using PBEwithMD5andDES? It seems like you could add the following property to your class and have it work, but I'm not entirely sure:

public ICryptoTransform Decryptor { get { return des.CreateDecryptor(key, iv); } }

The reason I'm not entirely sure is because I don't know Java encryption well, so if there is some reason using a decryptor in your code won't work, could you explain why?

Thank you for the excellent article.

audiedog

Re: Decryption?

BobJanova

14:27 29 Nov '06

No, I didn't have to decrypt anything (my translation project was the part of the application that encrypted the data, the decryption is still done in Java so far). However, the 'PBEwithMD5' part is just generating a DES key, so yes, that should work fine.
Sign In·View Thread·PermaLink

Re: Decryption?

Audiedog

7:06 30 Nov '06

Great. I'm in the process of testing it now, and I'll let you know how it turns out. The other thing I did was remove the constructor that had no parameters so the key and IV had to be generated on instantiation. Thanks again for the article; it helped me a lot. audiedog
Sign In·View Thread·PermaLink

Re: Decryption?

ckl_88

0:32 7 Jan '07

Hi,

did you get this working?

I tried your method of adding the Decryptor line, but my C# code keeps coming back with the error:
Exception occurred= System.Security.Cryptography.CryptographicException: Length of the data to decrypt is invalid.
at System.Security.Cryptography.CryptoAPITransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)
at System.Security.Cryptography.CryptoStream.Read(Byte[] buffer, Int32 offset, Int32 count)
at Test.Decrypt(String obj, String key) in
...
An unhandled exception of type 'System.InvalidOperationException' occurred in system.dll

I get this error when the java webservice returns the encrypted string.

In C#, I was able to encrypt and decrypt strings using the class. I was even successful passing an encrypted string from C# to Java and have it decrypt successfully in the webservice. However, when I encrypt a string in the webservice and pass it back to C#, the error comes up.

Any ideas?

Re: Decryption?

ckl_88

16:02 7 Jan '07

Nevermind, I got it working. The java source I was using was using the sun.misc.Base64 class and I changed it to use base64 class from iharder.net... however, my encrypt function was using the wrong encode method (ie. encodeObject instead of encodeBytes). Thanks for the great resource! I don't know where I'd be without codeproject.
Sign In·View Thread·PermaLink

Re: Decryption?

cordobes

6:27 13 Oct '08

I made this code for decrypting. I hope that helps /Decrypt/ ICryptoTransform de = kp.Decryptor;//Create Decrypter byte[] pnlContent = System.Convert.FromBase64String(str); //Convert to bytes byte[] DataHolderD = de.TransformFinalBlock(pnlContent, 0, pnlContent.Length); //Decrypt to bytes str = Encoding.UTF8.GetString(DataHolderD); //Convert to String
Sign In·View Thread·PermaLink

Re: Decryption?

mascix

23:53 13 Nov '08

I am trying to use your sample code but it didnot help. can you make a simple example which takes string and encrypt it and decrypt it? thanks in advance blog(in turkish)
Sign In·View Thread·PermaLink

MD5 is obsolete

Jan Seda

1:30 20 Nov '06

Hello!

Nice article but only one comment. THis is pretty nice concept but still it's missing good crypto background because of MD5. Then it can be attacked by current type of MD5 attacks. Our cryptoanalysts as Vlastimil Klima presented on Prague's faculty.
More here: http://cryptography.hyperlink.cz/MD5_collisions.html

So this is the issue for this algorith to rely with any crypto operation on MD5.

Regads,

Jan Seda
www.skilldrive.com

Re: MD5 is obsolete

BobJanova

7:06 20 Nov '06

Jan - the point of this article isn't to put this forward as a good encryption algorithm, it's to provide compatibility with data encrypted using this algorithm from Java.

Any run of the algorithm with the same arguments produces the same key and IV, so imho it would make more sense just to store the key and the IV instead of the password and salt. However Java lets you do it this way and it's easier to migrate with this class Smile

.

Naturally, any security method in which the key is stored in the application is somewhat vulnerable!

Re: MD5 is obsolete

Jan Seda

7:16 20 Nov '06

Yes, this is true and I just wanted to point out the MD5 issue Anyway this topic regarding storing key inside of your application is very important a i wrote some thesis about it, there are some mathematical ways how to to do it (like some of them are used in DRM) but this is not a matter of this article As I said, I just wanted to point out that MD5 is dead Regards, Jan Seda www.skilldrive.com
Sign In·View Thread·PermaLink

General News Question Answer Joke Rant Admin

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads.

PermaLink | Privacy | Terms of Use
Last Updated: 19 Nov 2006
Editor: Deeksha Shenoy