Absrtact: This paper describes how to implement idea symmetric encryption algorithm in the Java environment. Because of the popularization of e-commerce and e-government, security encryption technology is widely used in it, and the requirement of security encryption technology is very high. There are many advantages to implementing idea encryption in the Java environment because Java is an object-oriented programming language and is heavily applied to the development of the Internet due to its platform-independent performance.
Keywords: idea (internation Data encryption algorithm) JCA JCE key Independence reliability
With the rapid development of the Internet, the tide of E-commerce is unstoppable, daily work and data transmission are on the Internet for transmission, greatly improve efficiency, reduce costs and create good benefits. However, because the Internet network protocol itself has important security issues (the IP packet itself does not inherit any security features, it is easy to forge the IP packet address, modify its contents, replay the previous package, and intercept and view the contents of the package while in transit). The security of e-commerce is becoming more and more prominent because of the great security risk of the information transmission on the Internet. Encryption is the most important security technology in E-commerce, the choice of encryption method directly affects the degree of information security in e-commerce activities, in E-commerce system, the main security problems can be solved by encryption. The confidentiality of data can be realized through different encryption algorithms for data encryption.
For our country, although can introduce a lot of foreign equipment, but encryption equipment can not rely on the introduction, because it involves network security, State confidential information security, so must develop their own. At present, there are many encryption algorithms, of which des (Data encryption Standard) is the most widely used in the most extensive packet symmetric encryption algorithm, des with 56-bit honey key to encrypt 64-bit plaintext, output 64-bit ciphertext, des 56-bit key total 256 possible keys, But in the history of the use of exhaustive attacks to break the Des Key, the 1998 Electronic Frontier Foundation (EFF) with 250,000 dollars of dedicated computers, using 56 hours to crack des keys, 1999, EFF 22 hours to complete the crack work, the DES algorithm was severely hit, Makes its security a serious threat. Because the Java language security and network processing ability is strong, this paper mainly introduces the use idea (internation data encryption algorithm) encryption algorithm in the Java environment to achieve data security transmission.
First, idea data encryption algorithm
The idea data encryption algorithm was proposed by Chinese scholars to study Dr. Ka and the famous cipher expert, James L. Massey, in 1990. Its plaintext and ciphertext are 64 bits, but the key is 128 bits long. Idea is implemented as a grouping cipher for iterations, using 128-bit keys and 8 loops. This provides more security than DES, but when choosing a key for idea, you should exclude those keys that are called weak keys. DES has only four weak keys and 12 secondary weak keys, whereas idea has a considerable number of weak keys, with 2 of the 51-time side. However, if the total number of keys is very large and reaches 2 of the 128-time side, there is still 2 of the 77-time key to choose from. Idea is considered to be extremely safe. With a 128-bit key, the number of tests required in brute force attacks increases significantly compared to DES, and even allows weak key testing. Moreover, it itself shows that it is particularly resistant to the professional form of an analytical attack.
Java Password system and Java password extension
Java is an object-oriented programming language developed by Sun, and is heavily applied to the development of the Internet because of its platform-independent nature. The Java Cryptographic System (JCA) and Java Password Extensions (JCE) are designed to provide Java with an implementation-independent cryptographic function API. They all use the factory method to create routines for the class, the actual cryptographic function is then delegated to the underlying engine specified by the provider, which provides a service provider interface for the class to encrypt/decrypt the data in Java and is implemented using its built-in JCE (Java encryption extension). Java Development Toolset 1.1 a new flexible application programming interface based on the supplier is introduced to implement the encryption function including digital signature and information digest. The Java cryptography Architecture supports vendor interoperability while supporting hardware and software implementations. The design of Java cryptography structure follows two principles: (1) The independence and reliability of the algorithm. (2) The independence and interaction of realization. The independence of the algorithm is obtained by defining the password service class. Users only need to understand the concept of cryptographic algorithms, not to care about how to implement these concepts. The independence and interaction of implementations are implemented through a cryptographic service provider. A password service provider is one or more packages that implement one or more password services. Software developers, according to a certain interface, after the implementation of various algorithms, packaged into a provider, users can install different providers. Install and configure the provider, you can place the zip and jar files containing the provider under Classpath, and then edit the Java security properties file to set the definition of a provider. Java Runtime Environment Sun version, provide a default provider Sun.
III. implementation in Java environment
1. Implementation of encryption process
void idea_enc( int data11[], /*待加密的64位数据首地址*/ int key1[]){
int i ;
int tmp,x;
int zz[]=new int[6];
for ( i = 0 ; i < 48 ; i += 6) { /*进行8轮循环*/
for(int j=0,box=i;j<6;j++,box++){
zz[j]=key1[box];
}
x = handle_data(data11,zz);
tmp = data11[1]; /*交换中间两个*/
data11[1] = data11[2];
data11[2] = tmp;
}
tmp = data11[1]; /*最后一轮不交换*/
data11[1] = data11[2];
data11[2] = tmp;
data11[0] = MUL(data11[0],key1[48]);
data11[1] =(char)((data11[1] + key1[49])%0x10000);
data11[2] =(char)((data11[2] + key1[50])%0x10000);
data11[3] = MUL(data11[3],key1[51]);
}
2. The implementation of the decryption process
void key_decryExp(int outkey[])/*解密密钥的变逆处理*/
{ int tmpkey[] = new int[52] ;
int i;
for ( i = 0 ; i < 52 ; i++) {
tmpkey[i] = outkey[ wz_spkey[i] ] ;/*换位*/
}
for ( i = 0 ; i < 52 ; i++) {
outkey[i] = tmpkey[i];
}
for ( i = 0 ; i < 18 ; i++) {
outkey[wz_spaddrever[i]] = (char)(65536-outkey[wz_spaddrever[i]]) ;/*替换成加法逆*/
}
for ( i = 0 ; i < 18 ; i++){
outkey[wz_spmulrevr[i]] =(char)(mulInv(outkey[wz_spmulrevr[i]] ));/*替换成乘法逆*/
}
}
Iv. Summary
In practical applications, we can use the Java Development Kit (JDK) built in the support of socket communication, through the JCE Java stream and linked list, encryption based on socket network traffic. We know that encryption/decryption is a common method of data integrity The Java language is widely used on the internet because of its platform independence. Using Java to implement idea based data encryption transmission can be implemented on different platforms and has the advantages of simplicity and security.