AES encryption/decryption between C# (encryption) and Java (decryption)?

In C# you are using a DeriveBytes function to get your key from the password, while in Java you are using the password directly as key.

In C# you are using a DeriveBytes function to get your key from the password, while in Java you are using the password directly as key. This way you obviously have a different key on both sides. Don't do this, use the same key derivation function on both sides.

You're doing it wrong". If you need to send a passphrase through (if e.g. The java system needs to pass on the passphrase to yet another party), simply use SSL between your C# app and the Java app, and forget about adding additional encryption. Most people will end up with one or more implementation errors that will leave the system vulnerable.

If the Java side only needs to verify that the C# client is authorized to access it, there's most likely a better way than sending cleartext passphrases around - depending on what you need to authorize against. This is also an area where you should strive for using tried-and-tested code, as it's frustratingly easy to mess up even if you've got a decent understanding of crypto fundamentals. Getting the AES communication between Java and C# working (i.e.

, answering your question as-is) is an interesting enough task (that I'll let others handle :)), but if you want security then please use another method.

Generally speaking, passwords are hashed rather than encrypted (for eg, using one of the SHA-2 algorithms, such as SHA-256), so if I'm understanding your requirement correctly then I would have to dissent with your technical approach in this case. I concur with another user who suggested utilizing a known method of secure exchange (such as SSL/TLS) for the secure communication between endpoints.

Yes I guess my use of the term encryption might not be technically correct, but I guess everyone got the gist of what I'm trying to do here. – user1022149 Nov 2 at 18:26.

I'm trying to avoid using SSL as I don't what to have to go in that direction for one method call only. In any case I found this site and the code works beautifully. I'm able to encrypt/hash the user's password on the C# side, and have the Java side convert it back.

zenu.wordpress.com/2011/09/21/aes-128bit... There is also this other site that also has an example that works great... blogs.msdn.com/b/dotnetinterop/archive/2....

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.

Related Questions