Explaining Keystores | Part 2 - JCEKS

JCEKS (Java Cryptography Extension KeyStore) is an alternative to the JKS Keystore. When strong cryptography was introduced into Java, the legacy JKS keystore with its "SHA-1 and XOR" encryption method was replaced by JCEKS, which uses Triple-DES (3DES) encryption to protect serialized keys when they are written to disk. There is a lot of JCEKS still around. So how exactly does the encryption work? References: Weaknesses in the Java JCEKS Keystore - https://cryptosense.com/blog/weakness... Why you shouldn't use Triple DES - https://cryptosense.com/blog/the-end-... and    • Is Triple DES Broken? How the NSA inadvert...  \ Dark secrets of the Java Keystore - https://cryptosense.com/blog/mighty-a... Part 1 - Java JKS Keystore    • Explaining Keystores | Part 1 - JKS   Part 3 - PKCS#12    • Explaining Keystores | Part 3 - PKCS#12   Part 4 - Bouncy Castle BKS    • Explaining Keystores | Part 4 - Bouncy Cas...   Part 5 - Bouncy Castle UBER    • Explaining Keystores | Part 5 - Bouncy Cas...   Part 6 - Bouncy Castle FIPS Keystore (BCFKS)    • Explaining Keystores | Part 6 - Bouncy Cas...   ///// Find out more about Cryptosense: https://cryptosense.com/ Follow us on Twitter:   / cryptosense   ///// Cryptosense CEO Dr. Graham Steel was formerly an academic researcher before founding Cryptosense in 2013. His cryptography expertise is the basis for the company's 'Analyzer' technology which allows customers to protect themselves against losing sensitive data.