What is PBEWithMD5AndDes?
PBEWithMD5AndDES in the Java cryptographic infrastructure is the algorithm described in https://docs.oracle.com/javase/9/docs/specs/security/standard-names.html#cipher-algorithm-names. The algorithm is the one described in PKCS#5 (https://www.rfc-editor.org/rfc/rfc2898#section-6.1.1).
Basically, in the first step, the algorithm turns the password into a key. This is called key derivation, and uses MD5 as a "scrambling" function. The output provides an IV and key suitable for DES in CBC mode, which are used in the second step to encrypt.
The algorithm is not secure any more, mainly because DES uses only 56-bit keys, which is too short against modern attacks (e.g. https://crack.sh/). Even though MD5 is prone to collisions, this might actually not be a problem here (collisions would only give alternative passwords for a given key, but the key is not conveyed).
Extending the previous answer
what exactly does PBEWithMD5AndDes means as an algorithm?
PBE is using an encryption key generated from a password, random salt and number of iterations, see the KeySpec parameters.
KeySpec pbeSpec = new PBEKeySpec(password.toCharArray(), psswdSalt, PBKDF_INTERATIONS, SYMMETRIC_KEY_LENGTH)
The idea is - passwords tend to be short and not random enough, so they are easy to guess. Using number of iterations should make the guessing somewhat harder.
PBEWithMD5AndDes
is using MD5 and DES to generate the key, see the example code. Real life implementation should use much higher number of iterations
How does that differ with just using MD5 or just DES? That's what i would like to know.
In theory - you may use pure MD5 or DES, but today's computer could guess the passwords very fast.
Please note DES and MD5 are obsolete today. MD5 collision can be found under a minute on a commodity hardware and DES is using 64 bit key which is pretty short to be considered secure today.
PBE stands for "Password Based Encryption", a method where the encryption key (which is binary data) is derived from a password (text).