Search code examples
javaencryption

Manual Encryption


I want to send secure data(strings) from a client to a server. This is what i think i want to do:

  • Turn the string into a byte array
  • "scramble" the bytes by putting them out of order in a specific way
  • Serialize array of bytes inside of a class
  • send the Encrypted and Serialized class to the server

then the server would:

  • Deserialize the class
  • get the bytes for the string
  • put the bytes in the right order
  • make a string out of the bytes

would this be a good way to Manually Encrypt data? Is this secure? Is it even worth the time trying to make a manual encrypter?


Solution

  • It sounds like you're trying to roll your own symmetric encryption scheme, using a fixed key (the "specific way" you're scrambling the bytes) known to both sides. There's no advantage to doing this over simply using a build-in encryption scheme with a known key, and substantial potential disadvantages. It takes just a small implementation mistake to create an opening that malign users can exploit.

    Unless you do encryption for a living, you can't do better than what's out there, known, and proven in the field (AES is a good start). If security is important to you, don't try. If you want to experiment as a hobby, though, have fun.