GS: Chapter 5 Asymmetric Encryption in Java - PowerPoint PPT Presentation

1 / 19
About This Presentation
Title:

GS: Chapter 5 Asymmetric Encryption in Java

Description:

The ECB (Electronic Code Book) mode encrypts the plaintext a block at a time. ... For each of the correspondents in the key exchange, doPhase needs to be called. ... – PowerPoint PPT presentation

Number of Views:90
Avg rating:3.0/5.0
Slides: 20
Provided by: tandre
Learn more at: http://sce.uhcl.edu
Category:

less

Transcript and Presenter's Notes

Title: GS: Chapter 5 Asymmetric Encryption in Java


1
GS Chapter 5Asymmetric Encryption in Java
2
Topics
  1. Ciphers, modes and padding
  2. Asymmetric encryption in Java
  3. Session key encryption
  4. File encryption/decryption using RSA
  5. Key agreement

3
Ciphers, Modes and Padding
  • The ECB (Electronic Code Book) mode encrypts the
    plaintext a block at a time.
  • Asymmetric ciphers are almost always used in ECB
    mode.
  • Why?
  • The block size is usually almost equal to the
    size of the key.
  • Example 1024-bit RSA data block of 117 bytes

4
Ciphers, Modes and Padding
  • When the size of the data is less than the size
    of the block, padding is needed.
  • RSA uses two forms of padding
  • PKCS1 the standard form of padding in RSA
    insecure when used for encrypting plaintext with
    obvious patterns in it (like English text)
  • OAEP (Optimal Asymmetric Encryption Padding) an
    improvement on PKCS1.

5
Asymmetric encryption in Java
  • The steps of using asymmetric encryption in Java
    is similar to using symmetric encryption
  • Create a key
  • Create and initialize a cipher using the key
  • Use the cipher to encrypt or decrypt, by
    specifying appropriate mode.
  • The main difference is that an asymmetric cipher
    requires a key pair a public and a private key.

6
Major Java Classes for Key Pairs
  • java.security.KeyPair
  • public final class KeyPair
  • extends Object
  • implements Serializable
  • java.security.PublicKey
  • public interface PublicKey extends Key
  • This interface contains no methods or constants.
    It merely serves to group (and provide type
    safety for) all public key interfaces.
  • Note The specialized public key interfaces
    extend this interface. See, for example, the
    DSAPublicKey interface in java.security.interfaces
    .

7
Major Java Classes for Key Pairs
  • java.security.PrivateKey
  • Similar to the PublicKey interface, except that
    it is for the private key
  • java.security.KeyPairGenerator
  • public abstract class KeyPairGenerator extends
    KeyPairGeneratorSpi
  • The KeyPairGenerator class is used to generate
    pairs of public and private keys.
  • Key pair generators are constructed using the
    getInstance factory methods.

8
Session key encryption
  • Oddly enough, the greatest value in using
    asymmetric encryption is in encrypting symmetric
    keys.
  • Why? (discussed earlier in Chapter 2)
  • Exercise Explain how session key encryption
    works.
  • SimpleRSAExample.java (or find it at
    http//sce.cl.uh.edu/yang/teaching/proJavaSecurity
    Code.html)

9
File encrypt/decrypt using RSA
  • Steps
  • Use an AES session key to encrypt the file.
    (Note Each file is encrypted by a different
    session key.)
  • Use RSA to encrypt the session key.
  • Store the encrypted session key inside the file.
  • Source code FileEncryptorRSA.java

10
File encrypt/decrypt using RSA
  • FileEncryptor is started with one of three
    options
  • -c create key pair and write it to 2 files
  • -e encrypt a file, given as an argument
  • -d decrypt a file, given as an argument

11
File encrypt/decrypt using RSA
  • Format of the encrypted file

12
File encrypt/decrypt using RSA
  • The decryption steps

13
Key agreement
  • javax.crypto Class KeyAgreement
  • This class provides the functionality of a key
    agreement (or key exchange) protocol.
  • For each of the correspondents in the key
    exchange, doPhase needs to be called. For
    example, if this key exchange is with one other
    party, doPhase needs to be called once, with the
    lastPhase flag set to true.

14
Key agreement
  • Key doPhase (Key key, boolean lastPhase)
    Executes the next phase of this key agreement
    with the given key that was received from one of
    the other parties involved in this key agreement.

15
Key agreement
  • If this key exchange is with two other parties,
    doPhase needs to be called twice, the first time
    setting the lastPhase flag to false, and the
    second time setting it to true. There may be any
    number of parties involved in a key exchange.
  • With the doPhase method, Diffie-Hellman allows
    any number of public keys to be added to perform
    a key agreement.

16
Key agreement
  • Once all the keys have been passed in with
    doPhase( ), a call to generateSecret( ) will
    perform the actual key agreement and return a
    byte array that is the shared secret.
  •  byte generateSecret() Generates the shared
    secret and returns it in a new buffer.
  •  int generateSecret (byte sharedSecret,
    int offset) Generates the shared secret, and
    places it into the buffer sharedSecret, beginning
    at offset inclusive.
  •  SecretKey generateSecret (String algorithm)
    Creates the shared secret and returns it as a
    SecretKey object of the specified algorithm.

17
(No Transcript)
18
Key agreement for a Chat Application
  • The sample application
  • KeyAgreementClient.java
  • KeyAgreementServer.java

19
Next
  • Message digest, Digital signatures Certificates
    (GS 6)
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "GS: Chapter 5 Asymmetric Encryption in Java" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!