JAVA - Encrypt a text with windows username in AES 128

147 Views Asked by At

I would like to use Windows username like a key to crypt and decrypt a text.

But when i try, the key is too short : Invalid AES key length: 7 bytes

I must encode the key before use ?

Thanks in advance

1

There are 1 best solutions below

3
On

Technically - the key needs to be 128 bit long (or 192 or 256 bits). The easiest way is using padding (append some constant values to extend to the required length).

This approach is HIGHLY INSECURE, you could consider this approach as encoding, not encryption.

Proper encryption would need

  • having the key secret. Indeed this is very difficult to achieve if the code/configuration resides on the user's workstation, but using the username sounds as a VERY bad idea from the security perspective

  • Salt the key. Create an encryption key from a password using random salt and a hash function (e.g. PBKDF2).