public key and private key mechanism belong to the category of asymmetric encryption, asymmetric is relative to symmetric encryption, symmetric encryption is used to encrypt and decrypt the key is the same, and asymmetric encryption is used to encrypt and decrypt the key is not the same, a public, called the public key; a secret, called the private key, the public key and the private key must appear in pairs, Only the paired public and private keys can be used for encryption and decryption. The public key is issued through a non-secure channel, the private key is retained by the issuer, and the public key encrypts the data, which can only be decrypted with its paired private key, whereas the private key encrypts the data and can only be decrypted with the public key.
Symmetric encryption occurs after the effective promotion of the security of the data, but because the encryption and decryption with the same key, so in addition to the communication between the two parties need to contract encryption algorithm, the data sender also need to send the key to the receiver, which for key management brings great inconvenience, in order to compensate for this weakness, asymmetric encryption algorithm is shipped. For asymmetric encryption, the public key itself is public, we all know, so there is no public key management problem, only need to secure the private key to save, which has brought great convenience for secure communication.
The asymmetric encryption algorithm and the object encryption algorithm, the key management no longer exists, in the security has the insurmountable height, but its encryption/decryption efficiency is much lower than the symmetric encryption, therefore the non-object encryption algorithm often applies in some security to the Shenzhen city quite high domain, such as the electronic commerce platform, the Bank gateway, the payment system and so on. For the inefficient problem of asymmetric encryption algorithm, in many cases, symmetric encryption algorithm and asymmetric encryption algorithm are combined, using symmetric encryption algorithm for data encryption/decryption, using public key and private key for object encryption algorithm key plus/solution honey. The high efficiency of symmetric encryption algorithm and the key management of non-object encryption algorithm are used to improve the security of the whole encryption system. And in the design of the algorithm, the non-object encryption algorithm treats the encrypted data length also has the extremely strict request. For example, the RSA algorithm requires that the data to be encrypted must not exceed 53 bytes. Based on the above reasons, asymmetric encryption algorithm is mainly used for exchanging symmetric encryption algorithm and secret key, not data exchange.
Here is an example of using public and private keys in Java:
Package Com.xtayfjpk.security;import Java.io.fileinputstream;import Java.io.fileoutputstream;import Java.io.objectinputstream;import Java.io.objectoutputstream;import Java.security.key;import Java.security.KeyPair ; Import Java.security.keypairgenerator;import Java.security.privatekey;import Java.security.publickey;import Javax.crypto.cipher;import Org.junit.test;public class Keypairtest {private static final String Algogrithm = "RSA"; private static final String Public_key_path = "Public.key";p rivate static final String private_key_path = "Private.key"; @T estpublic void Testgenerate () throws Exception {//keypairgenerator engine class is used to generate a key pair, the JDK (7) supports the algorithm by default, Diffiehellman, DSA, RSA, Eckeypairgenerator generator = keypairgenerator.getinstance (algogrithm);//Generate key pair KeyPair KeyPair = Generator.generatekeypair ();//Get public key PublicKey PublicKey = Keypair.getpublic ();//Get private key Privatekey Privatekey = Keypair.getprivate ();//writes the public key and private key to the file for later use Writekey (Public_key_path, PublicKey); Writekey (Private_key_path, Privatekey );} @TestpublIC void Testencryptanddecrypt () throws Exception {Cipher Cipher = cipher.getinstance (algogrithm);//Read private key, encrypt Privatekey Privatekey = (Privatekey) ReadKey (Private_key_path); Cipher.init (Cipher.encrypt_mode, Privatekey);//Encrypt string Sendinfo = "my plaintext"; byte[] results = cipher.dofinal (Sendinfo.getbytes ());//Read public key, decrypt publickey PublicKey = (publickey) ReadKey (Public_key_path); Cipher.init (Cipher.decrypt_mode, PublicKey);//decryption byte[] deciphered = cipher.dofinal ( results);//Get clear text string recvinfo = new string (deciphered); System.out.println (recvinfo);} public void Writekey (String path, key key) throws Exception {FileOutputStream fos = new FileOutputStream (path); OBJECTOUTPU TStream Oos = new ObjectOutputStream (FOS); Oos.writeobject (key); Oos.close ();} Public Key ReadKey (String path) throws Exception {FileInputStream fis = new FileInputStream (path); ObjectInputStream bis = New ObjectInputStream (FIS); Object object = Bis.readobject (); Bis.close (); return (Key) Object;}}
In the above example, saving the public key and private key is done directly through the object serialization mechanism, as with the secret key, you can also get the encoded binary data (key.getencoded ()) saved, see: Java Security secret key.
Java security public and private keys