Java Encryption Series (i) Encryption basics

Source: Internet
Author: User

Common terms for passwords


plaintext : information to encrypt

ciphertext : plaintext after being encrypted


Encryption : The process of converting plaintext into ciphertext

encryption Algorithm : conversion algorithm of plaintext to ciphertext

Encryption keys : Keys for cryptographic operations using cryptographic algorithms


decryption : The process of converting ciphertext to plaintext

decryption Algorithm : An algorithm for converting ciphertext to plaintext

decryption key: The key used to decrypt the operation by decrypting the algorithm


cryptanalysis : The interception of ciphertext attempts to infer the original plaintext or key process by analyzing the captured cipher text

Active attack : The attacker illegally invades the password system, using forgery, modification, deletion and other means to inject false messages to the system to deceive (the ciphertext has destructive effect)

Passive attacks : interception of ciphertext and analysis and attack on a security system (no destructive effect on ciphertext)

cipher System : consists of five parts, plaintext space, ciphertext space, key space, encryption algorithm and decryption algorithm.


Password Protocol : Also known as security protocol, refers to a cryptographic communication protocol based on the exchange of information, in order to provide a secure service in the network environment

Password system : Refers to the system used for encryption and decryption


kerckhoffs principle : The security of data is based on secret key rather than algorithm secrecy. That is, the security of the system depends on the key, the key is confidential, the algorithm is exposed . This is the basic principle of modern cryptography design.


Classification of passwords


by password system


symmetric encryption (single-key password, private key password) refers to the same encryption key as the decryption key

Asymmetric Encryption (dual-key password, public key password ) means that the encryption key is different from the decryption key, the key is divided into the public key, the private key


By clear Text Processing method


block password : refers to the encryption of the clear text into fixed-length groups, with the same secret key and algorithm for each block encryption, output is a fixed length of ciphertext. More for network encryption

Stream Password : Also called serial password. Encrypt one or one byte of plaintext at a time


hash function : is not used to complete the data encryption and decryption, is used to verify the integrity of the data.

Features: Unlimited length, hash value easy to calculate, hash operation process irreversible

Correlation algorithm: Message digest algorithm MD5, sha--Secure Hash algorithm, mac--message authentication code algorithm


Digital Signature : primarily for processing of messages stored as a digital form


OSI Security system OSI (open System Interconnection) Open communication System network communication

7. Application Layer

6. Presentation Layer

5. Session Layer

4. Transport Layer

3. Network layer

2. Data Link Layer

1. Physical Layer


Security mechanisms

Encryption mechanism

Digital signature mechanism

Access control mechanism

Data integrity mechanisms

Authentication mechanism

Business flow fill mechanism

Routing control mechanism

Justice mechanism


Security services

Certification (identification)

Access Control Services

Data Privacy Services

Data integrity Services

Denial-of-service


TCP/IP Security system

7. Application Layer

4. Application Layer 6. Presentation Layer Application layer security

5. Session Layer

3. Transport Layer 4. Transport Layer Transport Layer Security

2. Network layer 3. Network layer security

1. Network interface layer 2. Data Link layer network interface layer Security

1. Physical Layer


Security Services Security Mechanisms

Authentication (identification service) authentication mechanism

Digital signature mechanism

Access Control Service access control mechanism

Routing control mechanism

Encryption mechanism of data privacy service

Business flow fill mechanism

Data integrity Service data integrity mechanism

Denial-of- service justice mechanism


Java Security Components

The JCA (Java Cryptography Architecture ) Java Cryptographic Architecture provides a basic cryptographic framework, such as Message digest, digital signature

The JCE (Java Cryptography Extension ) Java encryption extension package is extended on a jca basis, such as DES, AES, and RSA algorithms via JCE

JSSE (Java Secure Socket Extension) Java Secure Sockets extension Package provides SSL-based encryption, primarily for network transport

JAAS (Java Authentication and authentication service)Java Authentication and security services based on the Java platform, such as permissions




Java Encryption Series (i) Encryption basics

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.