Is strong symmetric encryption possible on GAE at all (using Java)? I've searched for hours now...

[Per]

Hi all,

I'm not a crypto-enthusiast, so maybe there is something that I'm missing. But the usual suspects like the Sun JCE unlimited strength policy files don't work for obvious reasons, and Bounce Castle does not either. I got Jasypt to work, using the StrongTextEncryptor, which is a wrapper for PBEWithMD5AndTripleDES, but I read that DES is not considered strong enough anymore, so I was hoping for AES with more than 128 bit (or something else that's considered good enough these days).

I came across dozens of questions about this topic, but no answers unfortunately. Just fluffy assumptions, "go figure it out" suggestions, etc.

So I'm wondering, maybe it's simply not possible? Is it entirely dependent on the JCE unlimited strength files? (please star http://code.google.com/p/googleappengine/issues/detail?id=2889 in that case)  Or is there some other way to get strong symmetric encryption off the ground?

Any help would be greatly appreciated!
Per

[Per]

Oh wait! Maybe SDK 1.7 has the answer! Too late to try it now (2am) but I'll check tomorrow and update this question with my findings! That would be awesome news. Totally missed that announcement detail.

[Per]

Success! SDK 1.7 enables you to register your own JCE provider, so it now works with Bouncy Castle for instance. Just make sure to disable precompilation, since it breaks signed JARs. 

We're now encrypting our main content columns using AES-256, and this (in combination with SSL) makes me very happy!  Also, encryption is surprisingly fast, a lot faster than on my local MBP. There's really no excuse to not encrypt your data anymore.

Thanks for solving the underlying issue, despite there being relatively few votes.

Per