BT

New Early adopter or innovator? InfoQ has been working on some new features for you. Learn more

Android 4.4 KitKat and the Secret Key Factory

| by Jonathan Allen on Dec 24, 2013. Estimated reading time: less than one minute |

With the introduction of Android 4.4, developers are being asked to change the way symmetric keys are generated from passphrases via the SecretKeyFactory. This change affects programs that use the PBKDF2WithHmacSHA1 key generation algorithm if their users are allowed to use Unicode passphrases.

Previously the PBKDF2WithHmacSHA1 algorithm only looked at the lower eight bits of each character in the passphrase. This is in conflict with the September 2000 recommendation by RSA Laboratories known as PKCS #5: Password-Based Cryptography Specification Version 2.0.

Since this is a breaking change, developers can maintain backwards compatibility by using the old algorithm. This legacy version has been renamed PBKDF2WithHmacSHA1And8bit and can be accessed using this sample code from the Android Developers Blog.

SecretKeyFactory factory;
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.KITKAT) {
// Use compatibility key factory -- only uses lower 8-bits of passphrase chars
factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1And8bit");
} else {
// Traditional key factory. Will use lower 8-bits of passphrase chars on
// older Android versions (API level 18 and lower) and all available bits
// on KitKat and newer (API level 19 and higher).
factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
}

Rate this Article

Adoption Stage
Style

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Discuss

Login to InfoQ to interact with what matters most to you.


Recover your password...

Follow

Follow your favorite topics and editors

Quick overview of most important highlights in the industry and on the site.

Like

More signal, less noise

Build your own feed by choosing topics you want to read about and editors you want to hear from.

Notifications

Stay up-to-date

Set up your notifications and dont miss out on content that matters to you

BT