Confused about how Android Encryption works

Okay, I am working on an application and I want to store a file on the user's SD Card, but I want the file encrypted. I've researched several sites that use the DES encryption to encrypt files and data, but I am confused about something. All the examples I'm seen use a line like this:

SecretKey key = KeyGenerator.getInstance("DES").generateKey();

The problem I 开发者_StackOverflow社区am having is that I get my key to encrypt and obviously I need the same key to decrypt. But its seems like a paradox because if I store my key in a file or in a database, can't someone get the key and decrypt my file? Maybe I am missing something, but is there a way to generate a key using a supplied pass phrase? And why would someone not want to use a passkey if they must store the generated key somewhere else?

---

I think there are two cases:

1. You trust the user - let the key be dependent on some input (password / passphrase). and encrypt / decrypt the data with it.

2. You don't trust the user - then you're in trouble, you might obfuscate the encryption / decryption algorithm, but as long as the mechanism + key is stored on the device, you will have this problem.

This applies to both symmetric and asymmetric encryption.

---

First of all, please don't use DES. It has been broken from many years. Use AES instead.

The problem I am having is that I get my key to encrypt and obviously I need the same key to decrypt.

If you use symmetric cryptography techniques this is it. Otherwise have a look to asimmetric encryption.

But its seems like a paradox because if I store my key in a file or in a database, can't someone get the key and decrypt my file?

Yes, someone could do it.

Maybe I am missing something, but is there a way to generate a key using a supplied pass phrase?

You don't use a the key using a passphrase. Usually you do the following things:

1. key generation
2. encrypt the key generated with a symmetric key derived from a passphrase

And why would someone not want to use a passkey if they must store the generated key somewhere else?

There could be several reasons. For example you can store the key in a removable device, and you want simply connect it to your computer for retrieving the key, without entering the passphrase. Having a passphrase has its disadvantage too: passphrase must be remembered, can be guessed, if it's too long probably you'll write it down (and that's pretty the same thing then storing it in a file )

EDIT:

to generate a key from a password have a look at PBKDF2 (related post).

---

Yeah, it is possible to use a pass-phrase to encrypt.

But first, dump DES. Use AES-128.

Accept the pass-phrase from the user and and generate the hash using SHA-256 or SHA-512. Trim the hash to 128 bits for AES-128. Refer this post.

Java AES and using my own Key

Use a salt when you can.

Regarding the storage of password part. Store the hash and not the password. This way you can prevent the attacker from generating the key. Ask the user to enter strong password. And don't forget that your salt must be very strong too.

So, in the end, you store only the hash of the password. The password is not stored and the key to decrypt will not be stored(It will be generated at run-time)

Hope it helps.