"Android Tools" how to ensure that Android and Server des encryption consistent

Reprint Please specify Source: http://blog.csdn.net/zhaokaiqiang1992

When our applications involve more sensitive data, we typically encrypt the data in a simple and straightforward sense. In the data interaction with the server, in addition to the ability to use post requests to enhance the security of the data. We are able to use common cryptographic algorithms. Encrypt the data.

Today the main introduction is DES encryption algorithm.

First of all. Des belongs to a symmetric cryptographic algorithm called symmetry. This means that both encryption and decryption use the same key, so when we actually apply it, it means that the server and the client encrypt and decrypt. Use a key that is the same. Besides. There are asymmetric encryption algorithms, the public key private key mechanism, such a way can be used for authentication, this later to elaborate.

des is all called data Encryptionstandard, or data encryption standards, is a block algorithm that uses key encryption. The DES algorithm has three entry parameters : Key, Data, Mode. The key is 7 bytes Total 56 bits, is the DES algorithm working key ; Data is 8 bytes, 64 bits, which is to be encrypted or decrypted; mode is the way des works, there are two kinds: encryption or decryption.

Here is the code implementation of DES Encryption in Java or Android

Package Com.qust.rollcallstudent.utils;import Java.security.invalidalgorithmparameterexception;import Java.security.key;import Java.security.spec.algorithmparameterspec;import Java.util.locale;import Javax.crypto.cipher;import Javax.crypto.secretkeyfactory;import Javax.crypto.spec.deskeyspec;import javax.crypto.spec.ivparameterspec;/** * * @ClassName: Com.qust.rollcallstudent.utils.DESUtil * @Description: Des Cryptographic Decryption Toolkit * @author Zhaokaiqiang * @date 2014-11-13 PM 8:40:56 * */public class Desutil {public static final String ALGOR Ithm_des = "Des/cbc/pkcs5padding";/** * DES algorithm, encryption * * @param data * To encrypt String * @param key * Encrypt private key, length cannot be A byte array that is less than 8 bits * @return encrypted.  Generally combined with BASE64 encoding using * @throws invalidalgorithmparameterexception * @throws Exception */public static string encode (string key, String data) {if (data = null) return null;try {deskeyspec DKs = new Deskeyspec (Key.getbytes ()); Secretkeyfactory keyfactory = secretkeyfactory.getinstance ("DES");//The length of key cannot be less than 8 bytes key Secretkey = KeyfActory.generatesecret (DKS); Cipher Cipher = cipher.getinstance (algorithm_des); Ivparameterspec IV = new Ivparameterspec ("12345678". GetBytes ()); Algorithmparameterspec Paramspec = Iv;cipher.init (Cipher.encrypt_mode, Secretkey, Paramspec); byte[] bytes = Cipher.dofinal (Data.getbytes ()); return byte2string (bytes);} catch (Exception e) {e.printstacktrace (); return data;}} /** * des algorithm, Decrypt * * @param data * To decrypt the string * @param key * Decrypts the private key, the length cannot be less than 8 bits * @return decrypted byte array * @throws Exception * Exception */public static string decode (string key, string data) {if (data = = NULL) return Null;try {Deske Yspec DKs = new Deskeyspec (Key.getbytes ()); Secretkeyfactory keyfactory = secretkeyfactory.getinstance ("DES");//The length of the key cannot be less than 8 bytes key Secretkey = Keyfactory.generatesecret (DKS); Cipher Cipher = cipher.getinstance (algorithm_des); Ivparameterspec IV = new Ivparameterspec ("12345678". GetBytes ()); Algorithmparameterspec Paramspec = Iv;cipher.init (Cipher.decrypt_mode, Secretkey, Paramspec); return newString (Cipher.dofinal (Byte2hex (Data.getbytes ())));} catch (Exception e) {e.printstacktrace (); return data;}} /** * Two-line spin string * * @param b * @return */private static string byte2string (byte[] b) {StringBuilder hs = new StringBuilder ( ); String stmp;for (int n = 0; b! = null && n < b.length; n++) {stmp = Integer.tohexstring (B[n] & 0XFF); if (St Mp.length () = = 1) hs.append (' 0 '); hs.append (STMP);} Return hs.tostring (). toUpperCase (Locale.china);} /** * Binary converted to 16 binary * * @param b * @return */private static byte[] Byte2hex (byte[] b) {if ((b.length% 2)! = 0) throw new Ill Egalargumentexception (); byte[] B2 = new Byte[b.length/2];for (int n = 0; n < b.length; n + = 2) {String item = new STR ING (b, n, 2); B2[N/2] = (byte) integer.parseint (item, 16);} return B2;}}

If you just want to use it, you can do it without looking down. Here are some details about the DES algorithm.

in the above encryption and decryption method inside. When we get the cipher instance. A string "des/cbc/pkcs5padding" was passed in. What do these three parameters mean?

As a matter of fact. The three parameters corresponding to the "algorithm /mode/Fill ", that is, we want to use DES algorithm encryption, using the CBC mode. The filling method adopts pkcs5padding.

In addition to CBC mode, there is the ECB mode, which refers to different encryption methods.

So what's the difference between CBC mode and ECB mode?

The ECB model refers to the electronic password model, which is one of the oldest and simplest patterns. Divide the encrypted data into groups, each with the same size as the encryption key, and then each group is encrypted with the same key, such as the DES algorithm, assuming that the last packet length is not 64 bits or 64 bits.

The characteristics of such a pattern are:

1. Each key, clear text, ciphertext length must be 64 bits;

2. Data block repeated sorting does not need to detect;

3. The same plaintext block ( using the same key) produces the same cipher block. Easy suffers a dictionary attack;

4. An error will only have an effect on a ciphertext block;

The CBC mode refers to the cryptographic block chain pattern, which differs from the ECB mode by adding an initial vector. The following code is to get an initial vector.

Ivparameterspec IV = new ivparameterspec ("12345678". GetBytes ());

The characteristics of such a pattern are:

1. Ciphertext length of 64 bits (8 bytes) per encryption ;

2. The CBC mode always produces the same ciphertext when the same key and initial vector are used in the same plaintext ;

3. Ciphertext block to rely on the results of the operation, so , cipher block can not be arranged again ;

4. The ability to use different initialization vectors to avoid the same ciphertext generated by the same plaintext, to some extent against dictionary attacks ;

5. After an error occurs, the current and future ciphertext will be affected;

    

Pkcs5padding is a method of data completion that is used when the number of data bits is insufficient, and can also be called data filling.

Pkcs5padding, in detail, "filled numbers represent the total number of bytes filled."

For example, a difference of two bytes, is the ##### #22, the difference is 5 bytes is # # #55555. This allows you to know the number and number of fills based on the last one.

After introducing these details of DES, we will be able to know. On different platforms, it is only possible to ensure that these several parameters are consistent. will be able to achieve the consistency of encryption and decryption.

1. Encryption and decryption keys are consistent

2. When using CBC mode, ensure that the initial vectors are consistent

3. Use the same fill mode

"Android Tools" how to ensure that Android and Server des encryption consistent