Supported Cryptographic Algorithms
The following table lists the cryptographic algorithms supported by the CADP for Java Provider. Not all algorithms are supported by all client software.
Algorithm | Supported Operations | Description | Function |
---|---|---|---|
AES | — Encrypt — Decrypt | symmetric key block cipher | Highly secure algorithm; recommended for most environments. |
DES | — Encrypt — Decrypt | symmetric key block cipher | Known to be an insecure algorithm; not recommended for any environment. |
DESede | — Encrypt — Decrypt | symmetric key block cipher | Not as secure as AES; can be used in many environments. |
FPE | — Encrypt — Decrypt | symmetric key block cipher | Used to encrypt data keeping the formatting preserved. |
ARIA | — Encrypt — Decrypt | symmetric key block cipher | Not as secure as AES; can be used in many environments. |
HMAC | — MAC — MAC Verify | keyed hash function | Used to protect integrity and authenticity. Strength is determined by key size. |
RC4 | — Encrypt — Decrypt | symmetric key stream cipher | Extremely slow compared to block ciphers. |
RSA | — Encrypt — Decrypt — Sign — Sign Verify — Wrap | asymmetric key algorithm | Used to encrypt data and create digital signatures; not the recommended encryption algorithm. |
EC | — Encrypt — Decrypt — Sign — Sign Verify — Wrap | asymmetric key algorithm | Used to encrypt data and create digital signatures. |
SEED | — Encrypt — Decrypt | symmetric key block cipher | National standard encryption algorithm in the Republic of Korea. |
GCM | — Encrypt — Decrypt | symmetric key block cipher | Used to achieve encryption and data integrity. |
Date2 | — Tokenize — Detokenize | - | Used to tokenize and detokenize date while preserving the format. |
AES
Block Size | 16 bytes |
Supported Modes | — ECB (default) — CBC — CTR |
Padding Schemes | — PKCS5Padding — NoPadding – When using AES with NoPadding in CBC or ECB mode, then you must supply the cipher text in multiples of 16 bytes. |
IV | CBC or CTR mode requires a 16 byte IV. IV is not allowed in ECB mode. |
Key Size (in bits) | — 128 (default) — 192 — 256 |
Identifier Strings | — AES/CBC/NoPadding — AES/CBC/PKCS5Padding — AES/ECB/NoPadding — AES/ECB/PKCS5Padding — AES: This is equivalent to AES/ECB/PKCS5Padding — AES/CTR/NoPadding |
AES/GCM
Supported Mode | GCM |
Padding Schemes | NoPadding |
IV | 1 to 16 byte IV For AES-GCM algorithm, same combination of nonce (IV) and key must not be reused during encryption/decryption operations. |
Key Size (in bits) | — 128 (default) — 192 — 256 |
Identifier Strings | AES/GCM/NoPadding |
AAD | This is the data that will be passed to the recipient in plain text, but need to be 'authenticated' to avoid being tampered (optional). |
TagLen | Ensures the data is not accidentally altered or maliciously tampered during transmission or storage. The TagLen is 32 to 128 bits in multiple of 8. |
DES
Block Size | 8 bytes |
Supported Modes | — ECB (default) — CBC |
Padding Schemes | — PKCS5Padding — NoPadding Note: When using DES with NoPadding, the data for encryption must be in multiples of 8 bytes. |
IV | CBC mode requires an 8 byte IV. IV is not allowed in ECB mode. |
Key Size (in bits) | 56 bits. The key contains an extra 8 bits of parity, for a total key to 64 bits. |
Identifier Strings | — DES/CBC/NoPadding: uses outer CBC mode — DES/CBC/PKCS5Padding: uses outer CBC mode — DES/ECB/NoPadding — DES/ECB/PKCS5Padding — DES: This is equivalent to DES/ECB/PKCS5Padding |
DESede
Block Size | 8 bytes |
Supported Modes | — ECB (default) — CBC |
Padding Schemes | — PKCS5Padding (dafault) — NoPadding When using DESede with NoPadding, then data for encryption must be in multiples of 8 bytes. |
IV | CBC mode requires an 8 byte IV. IV is not allowed in ECB mode. |
Key Size (in bits) | Supported key sizes are 168 (default) and 112 bits. Each key contains an extra 8 bits of parity. Thus, when you create a key of 112 bits, the actual key size is 128 bits; when you create a key of 168 bits, the actual key size is 192 bits. A key size of 112 bits refers to two-key triple DES. The sequence of operations in two-key triple DES is: — Encrypt with Key1 — Decrypt with Key2 — Encrypt with Key1 A key size of 168 bits refers to three-key triple DES. The sequence of operations in three-key triple DES is: — Encrypt with Key1 — Decrypt with Key2 — Encrypt with Key3 |
Identifier Strings | — DESede/CBC/NoPadding: uses outer CBC mode — DESede/CBC/PKCS5Padding: uses outer CBC mode — DESede/ECB/NoPadding — DESede/ECB/PKCS5Padding — DESede: This is equivalent to DESede/ECB/PKCS5Padding |
HMAC
Supported Hash Function | — SHA1 — SHA256 — SHA384 — SHA512 |
IV | No IV is required. |
Key Size | Keys can be between 128 and 512 bits. The HMAC keys you generate should be a multiple of 8 bytes. On some platforms, HMAC keys that are not a multiple of 8 bytes might yield incorrect results when generating MACs. |
Identifier Strings | — HmacSHA1 — HmacSHA256 — HmacSHA384 — HmacSHA512 |
Additional Notes | HMAC is a stream cipher. HMAC keys are bitstreams of multiples of 8 bits. |
RC4
IV | No IV is required. |
Key Size | Supported key sizes are 40 and 128 bits. |
Identifier Strings | RC4 |
Additional Notes | RC4 is a stream cipher with byte-oriented operations, which means that RC4 keys are bitstreams of multiples of 8 bits. |
RSA
Padding Scheme | — PKCS1Padding — PKCS1OAEPPadding — PKCS1OAEPPaddingSHA384 — PKCS1OAEPPaddingSHA512 — PKCS1OAEPPaddingSHA256 Note: — PKCS1OAEPPaddingSHA256/384 are not supported with keysize 512 — PKCS1OAEPPaddingSHA512 is not supported with keysize 512 and 1024. — Cipher initialization supports OAEPParameterSpec, which can be used to provide user specified salt in local mode. |
IV | No IV is required. |
Key Size | — 512 — 1024 (default) — 2048 — 3072 — 4096 Note: — RSA-3072 and RSA-4096 are not supported for cryptographic operations on i300 series Key Manager appliances. — Keys using these algorithms can still be created, imported, and exported on those devices. |
Identifier Strings | — SHA1withRSA: for signatures — RSA: for encryption |
Additional Notes | The ciphertext is always the size of the RSA key; if your RSA key is 2048 bits (256 bytes), then the ciphertext is 256 bytes. Because they use PKCS#1 padding, RSA keys can encrypt data up to 11 bytes smaller than the key size. If you use a 2048-bit RSA key, then the maximum data size that you can encrypt with that key is 245 bytes. RSA keys cannot be used to perform data migration operations. |
The following table provides the SunJCE transformation names corresponding to CADP for Java transformations:
CADP for JAVA Transformations | SunJCE Transformations | OAEP Parameters to be used with SunJCE |
---|---|---|
RSA/None/ PKCS1OAEPPadding | RSA/ECB/OAEPwithSHA-1andMGF1Padding | new OAEPParameterSpec ("SHA-1", "MGF1", MGF1ParameterSpec.SHA1, PSource PSpecified.DEFAULT) |
RSA/None/ PKCS1OAEPPaddingSHA256 | RSA/ECB/OAEPwithSHA-256andMGF1Padding | new OAEPParameterSpec ("SHA-256","MGF1", MGF1ParameterSpec.SHA256, PSource.PSpecified.DEFAULT) |
RSA/None/ PKCS1OAEPPaddingSHA384 | RSA/ECB/OAEPwithSHA-384andMGF1Padding | new OAEPParameterSpec ("SHA-384", "MGF1" ,MGF1ParameterSpec.SHA384, PSource.PSpecified.DEFAULT) |
RSA/None/ PKCS1OAEPPaddingSHA512 | RSA/ECB/OAEPwithSHA- 512andMGF1Padding | new OAEPParameterSpec ("SHA-512", "MGF1" ,MGF1ParameterSpec.SHA512, PSource.PSpecified.DEFAULT) |
EC
Padding Scheme | — ECIESwithSHA1AES/CBC/PKCS5Padding — ECIESwithSHA224AES/CBC/PKCS5Padding — ECIESwithSHA256AES/CBC/PKCS5Padding — ECIESwithSHA384AES/CBC/PKCS5Padding — ECIESwithSHA512AES/CBC/PKCS5Padding — ECIESwithSHA1AES/CBC/NoPadding — ECIESwithSHA224AES/CBC/NoPadding — ECIESwithSHA256AES/CBC/NoPadding — ECIESwithSHA384AES/CBC/NoPadding — ECIESwithSHA512AES/CBC/NoPadding — ECIESwithSHA1DESede/CBC/NoPadding — ECIESwithSHA224DESede/CBC/NoPadding — ECIESwithSHA256DESede/CBC/NoPadding — ECIESwithSHA384DESede/CBC/NoPadding — ECIESwithSHA512DESede/CBC/NoPadding — ECIESwithSHA1DESede/CBC/PKCS5Padding — ECIESwithSHA224DESede/CBC/PKCS5Padding — ECIESwithSHA256DESede/CBC/PKCS5Padding — ECIESwithSHA384DESede/CBC/PKCS5Padding — ECIESwithSHA512DESede/CBC/PKCS5Padding |
Internal Symmetric Algorithm | — AES — DESede |
IV | — 16 byte IV is required for AES based algorithms — 8 byte IV is required for DES based algorithms. |
Curve ID | — secp224k1 — secp224r1 — secp256k1 — secp384r1 — secp521r1 — prime256v1 — brainpoolP224r1 — brainpoolP224t1 — brainpoolP256r1 — brainpoolP256t1 — brainpoolP384r1 — brainpoolP384t1 — brainpoolP512r1 — brainpoolP512t1 |
Mode | CBC |
Additional Notes | — Only doFinal call is supported for data length of less than 3,000 bytes (data length depends on the Curve ID used.) — Multipart Update is not supported. |
SEED
Block Size | 16 bytes |
Supported Modes | — ECB — CBC |
Padding Schemes | — PKCS5Padding — NoPadding |
IV | — CBC mode requires a 16 byte IV. — IV is not allowed in ECB mode. |
Key Size in bits | 128 |
Additional Notes | When using SEED with NoPadding, then data for encryption must be in multiples of 16 bytes. |
ARIA
Block Size | 16 bytes |
Supported Modes | — ECB (default) — CBC |
Padding Schemes | — PKCS5Padding — NoPadding When using ARIA in NoPadding mode, you must supply ciphertext in multiples of 16 bytes. |
IV | — CBC mode requires a 16 byte IV. — IV is not allowed in ECB mode. |
Key Size | —128 bits — 192 — 256 |
Identifier Strings | — ARIA/CBC/NoPadding — ARIA/CBC/PKCS5Padding — ARIA/ECB/NoPadding — ARIA/ECB/PKCS5Padding — ARIA (equivalent to ARIA/ECB/PKCS5Padding) |
Additional Notes | When using ARIA with NoPadding, then data for encryption must be in multiples of 16 bytes. |
FPE/AES
Cardinalities | — CARD10 — CARD26 — CARD62 —UNICODE |
IV | — FPE/AES/CARD10: a 56 bytes IV when data size is >56 bytes — FPE/AES/CARD26: a 40 bytes IV when data size is >40 bytes — FPE/AES/CARD62:a 32 bytes IV when data size is >32 bytes — For FPE/AES/UNICODE: When cardinality is y, a x characters IV is used when data size is >x characters. Here, y is the number of characters in the unicode character set file, and corresponding value of x is derived using the following formula: double lg = Math.log10(Math.pow((double)2,(double)96))/Math.log10((double)CharacterSet_size); double block_len = 2 * Math.floor(lg); The table with cardinality and corresponding IV value based on the above formula is provided in here. Note: If data size is less than lg and you want to skip IV, set setIgnoreIv to true. The following code snippet shows how to pass setIgnoreIv . new FPEParameterAndFormatBuilder().set_tweakData(tweakData) .set_tweakAlgorithm(tweakAlgo).set_spec(spec).setFpeFormat(fpeFormat). setIsExternalVersion(true).setKeyVersion(versionHeader).setIgnoreIv(true).build() The value of each hex encoded byte in the IV value will be in the range 00 to (cardinality-1). For example, when CARD62 is used, the maximum value will be 3D (hex encode of 62-1=61). In the following IV for CARD62 0102030405060708090A0B0C0D0E0F1000303132333435363738393A3B3C3D3D ,the hex 0A lies in the range 00 to cardinality-1 that is, 00 to 3D. |
Key Size in bits | —128 (default) — 192 — 256 |
Identifier Strings | — FPE/AES/CARD10 — FPE/AES/CARD26 — FPE/AES/CARD62 — FPE/AES/UNICODE |
Tweak Algorithm | Hashing algorithm to be applied to specified tweak data beforehand. Valid values: — None — SHA1 — SHA256 |
Tweak Data | Tweak data is optional but highly recommended. It uses the tweakable cipher concept to protect against statistical attacks due to potentially small input/output space. If, tweak data algorithm is "None" or absent, the value must be HEX encoded string representing 64 bit long (hence, HEX encoding will consume 16 characters). |
Additional Notes | It supports only non-versioned AES Keys and works on both local and remote mode. Default Tweak Algorithm will be None if invalid or Null value is provided. Cardinality CARD26, CARD62 and UNICODE are supported only in local mode. CARD 10 is supported in local and remote mode. It supports the following formats with CARD10: — LAST_FOUR —FIRST_SIX_LAST_FOUR — FIRST_SIX — FIRST_TWO_LAST_FOUR — NONE — CUSTOM |
FPE/FF1
Cardinalities | — CARD10 — CARD26 — CARD62 —UNICODE |
Key Size in bits | —128 (default) — 192 — 256 |
Identifier Strings | — FPE/FF1/CARD10 — FPE/FF1/CARD26 — FPE/FF1/CARD62 — FPE/FF1/UNICODE |
Tweak Algorithm | Hashing algorithm to be applied to specified tweak data beforehand. Valid values: — None — SHA1 — SHA256 |
Tweak Data | Tweak data is optional but highly recommended. It uses the tweakable cipher concept to protect against statistical attacks due to potentially small input/output space. If tweak algorithm is None, the tweak data is optional. If tweak data is provided, the value must be HEX encoded string. |
Additional Notes | It supports only non-versioned AES Keys. Default Tweak Algorithm will be None if invalid or Null value is provided.Cardinality CARD10, CARD26, CARD62, and UNICODE are supported only in local mode. It supports the following formats: — LAST_FOUR —FIRST_SIX_LAST_FOUR — FIRST_SIX — FIRST_TWO_LAST_FOUR — NONE — CUSTOM |
FPE/FF1v2
Cardinalities | — CARD10 — CARD26 — CARD62 —UNICODE |
Key Size in bits | —128 (default) — 192 — 256 |
Identifier Strings | — FPE/FF1v2/CARD10 — FPE/FF1v2/CARD26 — FPE/FF1v2/CARD62 — FPE/FF1v2/UNICODE — FPE/FF1v2/ASCII |
Tweak Algorithm | Hashing algorithm to be applied to specified tweak data beforehand. Valid values: — None — SHA1 — SHA256 |
Tweak Data | Tweak data is optional but highly recommended. It uses the tweakable cipher concept to protect against statistical attacks due to potentially small input/output space. If tweak algorithm is None, the tweak data is optional. If tweak data is provided, the value must be HEX encoded string. |
Additional Notes | Default Tweak Algorithm will be None if invalid or Null value is provided.CARD10, CARD26, CARD62, and UNICODE are supported only in local mode. It supports the following formats: — LAST_FOUR —FIRST_SIX_LAST_FOUR — FIRST_SIX — FIRST_TWO_LAST_FOUR — NONE — CUSTOM |
FPE/FF3
Cardinalities | — CARD10 — CARD26 — CARD62 —UNICODE |
Key Size in bits | —128 (default) — 192 — 256 |
Identifier Strings | — FPE/FF3/CARD10 — FPE/FF3/CARD26 — FPE/FF3/CARD62 — FPE/FF3/UNICODE — FPE/FF3/ASCII |
Tweak Algorithm | Hashing algorithm to be applied to specified tweak data beforehand. Valid values: — None — SHA1 — SHA256 |
Tweak Data | If tweak algorithm is None, the value must be 16 characters HEX encoded string. For tweak algorithm SHA1 and SHA256, the tweak data length should be ≤ 256 characters. |
Additional Notes | Default Tweak Algorithm will be None if Null value is provided. CARD10, CARD26, CARD62, and UNICODE are supported only in local mode. It supports the following formats: — LAST_FOUR —FIRST_SIX_LAST_FOUR — FIRST_SIX — FIRST_TWO_LAST_FOUR — NONE — CUSTOM |
FPE/FF3-1
Cardinalities | — CARD10 — CARD26 — CARD62 —UNICODE |
Key Size in bits | —128 (default) — 192 — 256 |
Identifier Strings | — FPE/FF3-1/CARD10 — FPE/FF3-1/CARD26 — FPE/FF3-1/CARD62 — FPE/FF3-1/UNICODE — FPE/FF3-1/ASCII |
Tweak Algorithm | Hashing algorithm to be applied to specified tweak data beforehand. Valid values: — SHA1 — SHA256 — None In remote mode, only None is supported. |
Tweak Data | If tweak algorithm is None, the value must be 14 characters HEX encoded string. For tweak algorithm SHA1 and SHA256, the tweak data length should be ≤ 256 characters. |
Additional Notes | Default Tweak Algorithm will be None if Null value is provided. CARD26, CARD62, and UNICODE are supported only in local mode. It supports the following formats: — LAST_FOUR —FIRST_SIX_LAST_FOUR — FIRST_SIX — FIRST_TWO_LAST_FOUR — NONE — CUSTOM |
Date2
Key Type and size | Date2 algorithm works with 256-bit non-versioned AES key. |
Date Format Scheme | Represents a possible set of date formats. The supported date format schemes are:
|
Date Format | The arrangements of date, month, and year are in a java format that aligns with the date format scheme. For example, the dateFormat of dd-MM-yyyy hh:mm:ss (03-06-2024 21:00:30) after tokenization has no impact on the time and the time remains unaltered, that is, 21:00:30 .• The dateformat must align with the dateFormatScheme to avoid any errors during tokenization or detokenization. The week year format YYYY and YY are not supported. It may lead to incorrect tokenization or detokenization. |
Start Year | The value of start year must be greater than 999 for yyyy Date Format. The value of start year lies in the range from 00-100 for yy Date Format. |
End Year | Maximum value of end year is 9999 in yyyy Date Format. Maximum value of end year is 100 in yy Date Format. |
Preserve | Retains the specific part of data that remains unaltered after tokenization. The valid values are: — NONE (Default) — MONTH — YEAR — YEAR_MONTH For example, if the date to tokenize is 15-05-2024 and you want to preserve YEAR , then output can be 27-10-2024 , where the year (2024) remains unaltered. |
Tweak Data | Optional, if provided, the length of tweak data should be ≤ 256 characters. The default value is empty string. |
Additional Notes | — Date2 algorithm is not supported in remote mode. — The maximum permissible date range (start year-end year) is 200 years. — The minimum permissible date range (start year-end year) is 1 year. — If the start year and end year range is given, the date range that can be tokenized will be: (start year-01-01) to((end year-1)-12-31) .For example, if the start year is 1900 and end year is 1901 , the user can tokenize/detokenize date range between 1900-01-01 to 1900-12-31 .— For the supported date formats DDMMYY and MMYY, the date after tokenization will be of the current century. The default century is the current century which is 2000. — The sample for Date2 algorithm is available on Github. |