160829. Java plus decryption and digital signature

**

Java Plus decryption

**

Implementation approach: JDK implementation, CC,BC

The JDK provides the underlying implementation of the comparison base; CC provides some simplified operations; BC provides supplemental

First, BASE64 encryption

Very simple, encrypted decryption is a function.

The code is as follows:

Second, the message digest algorithm encryption ———— is mainly used to verify the data integrity.

MD (Message digest):

SHA (Secure Hash)

The JDK implementation is the same as Md.

The BC implementation is as follows: (Digest Class)

The CC implementation is the simplest (a digestutils static method):

MAC (Message authentication code)--hash function algorithm with key

The features of MD and SHA are compatible, but the key is added.

Main JDK and bouncy castle implementations.

JDK implementation: Gets or defines the key (byte[] array), the Mac class is instantiated, initialized, executed.

BC implementation: HMAC class instantiation, initialization, execution.

Third, symmetric plus decryption

Symmetric encryption refers to encrypting and decrypting cryptographic algorithms that use the same key. The implementation of several common symmetric cryptographic algorithms for DES, 3-heavy DES, AES, and PBE in Java is presented here.

DES, 3DES, AES (key), PBE (Password and salt)

Des:

JDK implementation: Generates and transforms the instantiation of the Key;cipher Class (getinstance), initialization (init selection mode and key), Execution (dofinal) plus decryption.

Recommended BC Implementation method: Security.addprovider (New Bouncycastleprovider ());

Then the rest of the code will be basically the same as the JDK implementation code.

3DES, the basic implementation of the same AES, so do not introduce ...

PBE (password-based encryption)

Features: Pass Salt + password

Implementation: Initialize salt; generate password; cipher class plus decrypt.

Four, asymmetric plus decryption

Asymmetric encryption algorithm is a secret method based on secret key, which needs public key and private key, which is widely used in file encryption, especially in net-silver. This paper mainly introduces the implementation process of asymmetric encryption algorithm, the application of several common asymmetric encryption algorithms such as DH, RSA and ElGamal in Java.

Concept: Public key, private key;

DH (Key exchange algorithm):

Code implementation Some trouble

--Initialize Sender key

-keypairgenerator: Can produce KeyPair

-keypair: Common key carrier, called key pair, is divided into public key publickey and private key Privatekey.

-publickey

--Initialize the receiver key

-keyfactory: Key factory, generate key, restore key by specification of some key

-x509encodedkeyspec: Key encoding according to ASN.1

-dhpublickey:

-dhparameterspec: A collection of parameters that follow the DH algorithm

-keypairgenerator:

-privatekey:

--double hair builds a local key based on the published PublicKey

--The built-in local key is consistent

-keyagreement: Used to provide key consistency protocol

-secretkey: Secret key, symmetric

-keyfactory-x509encodedkeyspec-publickey

--Encrypt, decrypt (with local key)

-cipher: A class that provides password functionality for encryption and decryption

Explain:

First, the sender generates a key pair and exposes the public key, and the receiver generates a key pair based on the public key, and then exposes its own public key.

The sender then generates its own local key based on the receiver's public key (the local key is typically a symmetric key), and the receiver generates its own local key based on the sender's public key. In fact, the local key generated by both parties is the same.

Finally, both parties can use the local key for encryption and decryption.

RSA (factor decomposition based): Code implementation is simple

Initializes the key (containing the public key, key).

You can use public key encryption, private key decryption, or private key encryption, public key decryption

Use procedure: Each side grasps the public key and the private key one, then can encrypt and transmits the data.

Eigamal (based on discrete factor)

The JDK is not implemented and can only be implemented using BC.

First, Security.addprovider (New Bouncycastleprovider ());

The implementation is similar to RSA afterwards.

Five Java Implementation Digital Signature

Digital signatures are used to authenticate digital information, public and private keys, private keys to data signatures, and public keys for validation.

The process is: first initialize a key pair, on the basis of the key pair to sign and verify.

1, RSA: Can be added to decrypt, can also be digitally signed.

Initialize key pair: Keypairgenerator, KeyPair, Rsapublic, psaprivate;

Execute signature; Signature class

Verify signature; Signature Class

2. DSA (digital Signature algorithm)

Initializes the key pair, the public key, and the private key;

Execute signature, sign with private key;

Verify signature, authenticate with public key;

3, ECDSA

The Microsoft serial number is the signature used by the ECDSA algorithm. Fast speed, high strength, short signature.

Initializes the key pair;

Execute signature;

Verifying signatures

160829. Java plus decryption and digital signature