LAZYSODIUM-JAVA: CRYPTOGRAPHY MADE EASY IN JAVA

Whenever I used to hear about cryptography, I used to feel that something is really difficult to implement. I would need to learn a lot of things to work on it. But, when I came across lazysodium-java library, I found it easy to implement it in java.

What is lazysodium-java?

Lazysodium-java is library that is built on the top of libsodium cryptography library, which is considered as one of the fastest cryptography implementation, which is written in C language.

There are other wrapper libraries like libsodium-jni(for android), libsodium-jna and java bindings available using which we can encrypt/decrypt data using libsodium.

But I found lazysodium-java easier to use.

How to use lazysodium-java?

I have used this lazysodium-java library in my maven project. So, I added it as a maven dependency as below:

<dependencies>
  <dependency>
    <groupId>com.goterl.lazycode</groupId>
    <artifactId>lazysodium-java</artifactId>
    <version>4.0.0</version>
  </dependency>
  <dependency>
    <groupId>net.java.dev.jna</groupId>
    <artifactId>jna</artifactId>
    <version>5.5.0</version>
  </dependency>
</dependencies>

<repositories>
  <repository>
    <id>spring-milestones</id>
    <name>Spring Milestones</name>
    <url>https://repo.spring.io/libs-milestone</url>
  </repository>
</repositories>

Other ways to use this library can be found here.

To use this library, you should have JDK version 8 or higher

To Initialize libsodium in the java program.

// Let's initialise LazySodium
LazySodiumJava lazySodium = new LazySodiumJava(new SodiumJava());

Lazysodium supports all the encryption provided by libsodium. Below are the few encryption techniques supported by libsodium:

Elliptic-curve cryptography (ECC).
Curve25519, Diffie–Hellman key-exchange function.
Salsa20 and ChaCha20 stream ciphers.
Poly1305, message-authentication code.
Ed25519, public-key signature system.
Argon2 and Scrypt, password hashing.
AES-GCM, authenticated encryption algorithm, based on the advanced encryption standard (AES).

In this blog, we will see how can implement, ChaCha20 with poly1305 MAC.

Before implementing this encryption technique, I had following. questions in my mind.

How does ChaCha20Poly1305 works?

ChaCha20 encryption uses the key and nonce to encrypt the plaintext into a ciphertext of equal length. Poly1305 generates a MAC (Message Authentication Code) and appending it to the ciphertext. In the end, the length of the ciphertext and plaintext is different.

What is the nonce?

A nonce, in the broad sense, is just “a number used only once”. The only thing generally demanded of a nonce is that it should never be used twice (within the relevant scope, such as encryption with a particular key).

Can I reuse the same nonce for the different keys?
No, the nonce and key must be unique for each encryption, otherwise, the data will compromise!

So, here we will need three things for encryption using lazysodim

Generate key
Generate nonce required for encryption
Method to encrypt/decrypt message/data

which can be found from the following code snippet:

public class Main {
 
    private static byte[] hexToBytes(String s) {
        int len = s.length();
        byte[] data = new byte[len / 2];
 
        for (int i = 0; i < len; i += 2) {
            data[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4) + Character.digit(s.charAt(i + 1), 16));
        }
 
        return data;
    }
 
    public static void main(String args[]) throws SodiumException {
        LazySodiumJava lazySodium = new LazySodiumJava(new SodiumJava());
 
        String PASSWORD = "test123";
 
        // Generate nonce
        byte[] byteNonce = lazySodium.nonce(AEAD.CHACHA20POLY1305_NPUBBYTES);
        String nonce = lazySodium.toHexStr(byteNonce);
 
        // Generate Private key
        Key key = lazySodium.keygen(AEAD.Method.CHACHA20_POLY1305);
        String privateKey = key.getAsHexString();
        System.out.println("Private Key..............   " + privateKey);
 
        // Encrypt Data
        String encryptedPassword = lazySodium.encrypt(
                PASSWORD,
                null,
                hexToBytes(nonce),
                Key.fromHexString(privateKey),
                AEAD.Method.CHACHA20_POLY1305);
        System.out.println("Encrypted Data...........   " + encryptedPassword);
 
        // Decrypt Data
        String decryptedPassword = lazySodium.decrypt(
                encryptedPassword,
                null,
                hexToBytes(nonce),
                Key.fromHexString(privateKey),
                AEAD.Method.CHACHA20_POLY1305
        );
        System.out.println("Decrypted Data...........   " + decryptedPassword);
    }
 
}

Similarly, you can find different examples to implement different encryption implementation techniques here.

Summary:

You can observe the examples to understand how to implement different algorithms. All you have to do is to change the algorithm name, while calling encryption/decryption method.

Hope you find this article useful. Happy coding!!