Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Java Cryptography
Matt Secoske
http://blog.secosoft.net
http://objectpartners.com
> 500 BCE
tian
Hi
erog
Su ly p
b
300 BCE
s hs
Cip titu
her tion
s (
Pa
per
ba
s ed
)
Classic Cryptography
1920s
Th
e
En
DE igma
S (e
lec
1976
tro
Pri m
History of Cryptography
v ech
Di ate
ffie Ke )
1984
He y
Qu llm
ant an
um / R
SA
2001
Cr
AE yp
tog
S
Modern Cryptography
rap
hy
Intro to Java Cryptograph
Matt Secoske NFJS 2007
Ciphers
Alphabet: ABCDEFGHIJKLMNOPQRSTUVWXYZ
Key: PQOYWVNBGULSZCKXDFEMIJRHTA
Cipher cipher =
Cipher.getInstance("DES/ECB/PKCS5Padding","SunJCE");
Algorithm/Mode/Pad Provider (opt)
Security.addProvider(new BouncyCastleProvider());
Cipher cipher =
Cipher.getInstance("DES/ECB/PKCS5Padding", "BC");
System.out.println(”=====================
===");
System.out.println("Provider: "+ p.getName());
for(Service s : p.getServices()) {
System.out.println(s.getAlgorithm());
}
}
Intro to Java Cryptograph
Matt Secoske NFJS 2007
Random Numbers
• Aid in generating timestamps, salts, keys, etc
import java.security.SecureRandom;
* For a given value, the only truly unique value is the value itself
** MD5 is no longer considered secure. See http://www.cits.rub.de/MD5Collisions/
MessageDigest md = MessageDigest.getInstance("SHA");
byte[] digest = md.digest("Hello World".getBytes());
// digest = 0a4d55a8d778e5022fab701977c5d840bbc486d0
http://en.wikipedia.org/wiki/Block_cipher
// encrypting
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key );
// decrypting
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] plaintext2 = cipher.doFinal(ciphertext);
// plaintext2 = 48656c6c6f2c20576f726c6421
PBEKeySpec keySpec =
new PBEKeySpec(keyMaterial.toCharArray(), salt, iterationCount);
SecretKeyFactory keyFactory =
SecretKeyFactory.getInstance("PBEWithSHAAnd3KeyTripleDES", "BC");
Key key = keyFactory.generateSecret(keySpec);
// encrypting
Cipher cipher = Cipher.getInstance("PBEWithSHAAnd3KeyTripleDES", "BC");
cipher.init(Cipher.ENCRYPT_MODE, key );
http://en.wikipedia.org/wiki/Asymmetric_key_algorithm
Intro to Java Cryptograph
Matt Secoske NFJS 2007
Asymmetric Encryption Illustrated
• Use Public Key to:
– send messages to Private Key holder
– verify digital signature of Private Key
http://en.wikipedia.org/wiki/Asymmetric_key_algorithm
Intro to Java Cryptograph
Matt Secoske NFJS 2007
Public Key Infrastructure (PKI)
(in a very small nutshell)
SSLSocketFactory factory =
(SSLSocketFactory) SSLSocketFactory.getDefault();
Socket s =
factory.createSocket("https://google.com", 443);
session.connect(30000);
Channel channel=session.openChannel("shell");
channel.setInputStream(System.in);
channel.setOutputStream(System.out);
channel.connect();