Encryption and Decryption using AES algorithm in java

In Today’s Internet Era it is highly recommended to keep your data utmost secure from threa12ts and attacks. Attacks are highly costly, whether the attack comes from inside or out. As computer (and especially Internet) technologies evolve, security attacks are becoming more sophisticated and frequent. We have to stay updated with the latest techniques and tools for our Application safety and security, and for this the solid foundation in various technologies such as data encryption, authentication, and authorization is a necessity.

In our web application many things need to get secured , take for an example in  online banking and shopping, recorded data is stored in many places, including bank accounts, store accounts, and medical accounts. User Password, telephone no, credit card no’s, bank account no, etc. are vulnerable to attacks, so these data needs to be highly secured.

So, in this article I will explain you how to secure your data by encrypting and decrypting of data using AES algorithm in java:

Now for encrypting the data, we must use a secret key, which will only be provided to the sender and the receiver using which they can encrypt and decrypt the data. In our example we use an algorithm called AES 128 and the bytes of the word “ThisIsASecretKey” as the secret key. AES algorithm can use a key of 128 bits (16 bytes * 8); so we have selected that key.

Before moving to the example let me make you familiar with some basic terms:

1)      Key Generator class: This provides the methods for cryptographic operations. KeyGenerator objects are reusable, i.e., after a key has been generated, the same KeyGenerator object can be re-used to generate further keys. This class is imported as javax.crypto.KeyGenerator.

2)      generateKey (): This is a static method of the Key Generator class, which is used to generate a secret key using a key for an AES algorithm.

3)      Cipher class: This class provides the cryptographic cipher for encryption and decryption of data. This class forms the base for the Java Cryptographic Extension (JCE) framework. This class is imported as javax.crypto.Cipher.

To create a cipher object, the application calls the Cipher’s getInstancemethod, and passes the name of the requested transformation to it.

A transformation is a string that describes the operation to be performed on the given input, to produce some output. A transformation always includes the name of a cryptographic algorithm (e.g., AES), and may be followed by a feedback mode and padding scheme.

A transformation is of the form:

  • algorithm/mode/padding” or
  • algorithm

For example the correct transformation could be:

 Cipher cipher = Cipher.getInstance("AES/OFB32/PKCS5Padding");

As we are clear with the main concepts, let’s look at the example:

The AES algorithm:

package com.demo.crypto;

import java.security.*;

import java.security.spec.InvalidKeySpecException;

import javax.crypto.Cipher;

import javax.crypto.spec.SecretKeySpec;

import sun.misc.*;

public class Cryptoalgo {

private static final String ALGORITHM = "AES";

private static final byte[] keyValue =

new byte[] { 'T', 'h', 'i', 's', 'I', 's', 'A', 'S', 'e', 'c', 'r', 'e', 't', 'K', 'e', 'y' };

public static String encrypt(String valueToEnc) throws Exception


Key key = generateKey();

//Get the instance for AES algorithm

Cipher c = Cipher.getInstance(ALGORITHM);

c.init(Cipher.ENCRYPT_MODE, key);

byte[] encValue = c.doFinal(valueToEnc.getBytes());

String encryptedValue = new BASE64Encoder().encode(encValue);

return encryptedValue;


public static String decrypt(String encryptedValue) throws Exception


Key key = generateKey();

//Get the instance for AES algorithm

Cipher c = Cipher.getInstance(ALGORITHM);

c.init(Cipher.DECRYPT_MODE, key);

byte[] decordedValue = new BASE64Decoder().decodeBuffer(encryptedValue);

byte[] decValue = c.doFinal(decordedValue);

String decryptedValue = new String(decValue);

return decryptedValue;


private static Key generateKey() throws Exception


Key key = new SecretKeySpec(keyValue, ALGORITHM);

//Below Shown is the code for key generation for DES algorithm

// SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM);

// key = keyFactory.generateSecret(new DESKeySpec(keyValue));

return key;



Below shows the code to utilize the above AES algorithm:

package org.demo.crypto;

public class TestExample {

public static void main(String[] args) throws Exception {

String password = "secretpassword";

String passwordEnc = Cryptoalgo.encrypt(password);

String passwordDec = Cryptoalgo.decrypt(passwordEnc);

System.out.println("Plain Text : " + password);

System.out.println("Encrypted Password : " + passwordEnc);

System.out.println("Decrypted Password: " + passwordDec);



On running the above program you will have the output as:

Plain Text: secretpassword

Encrypted Password: U2FsdGVkX18gnSxz3QREK1HIwIphACMt5JBeQhSwf3w=

Decrypted Password: secretpassword

Hope you have a secure stuff in your application on web🙂

Speak Your Mind

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: