Java Symmetric

csci5931 Web Security 1

GS Chapter 4

Symmetric Encryption in Java

Topics

A Blowfish

B Password-based encryption (PBE)

C Key storage

D Modes

E Cipher streams and IV (initialization vector)

F Sealed objects

Applications of symmetric encryptions

File encryption

Network encryption

Database encryption

Applications that require encryption of large

amount of data

JavaxcryptoKeyGenerator httpjavasuncomj2se141docsapijavaxcryptoKeyGeneratorhtml

Provides the functionality of a (symmetric) key generator

Key generators are constructed using one of the getInstance class

methods

KeyGenerator objects are reusable ie after a key has been generated

the same KeyGenerator object can be re-used to generate further keys

There are two ways to generate a key in an algorithm-independent

manner and in an algorithm-specific manner The only difference

between the two is the initialization of the object

JavaxcryptoKeyGenerator Using KeyGeneratorA Create a new key generator

KeyGenerator keyGenerator = KeyGeneratorgetInstance (ldquoDESederdquo)

Note DESede is a triple DES variant with three DES keys k1 k2 k3 The message is encrypted with k1 first then decrypted with k2 and finally encrypted again with k3 This increases the key space and prevents brute force attacks

B Initialize the key generator with the size of the key

keyGeneratorinit (168) initialized to 168 bits

C Generate the key object

Key myKey = keyGeneratorgenerateKey ( )

JavasecurityKey httpjavasuncomj2se141docsapijavasecurityKeyhtml javasecurity

Interface Key

All Superinterfaces Serializable

All Known Subinterfaces DHPrivateKey DHPublicKey DSAPrivateKey DSAPublicKey

PBEKey PrivateKey PublicKey RSAMultiPrimePrivateCrtKey RSAPrivateCrtKey RSAPrivateKey RSAPublicKey SecretKey

All Known Implementing Classes KerberosKey SecretKeySpec

JavasecurityKey The Key interface is the top-level interface for all keys It

defines the functionality shared by all key objects

All keys have three characteristics 1 The key algorithm for that key2 An external encoded form for the key used when a standard

representation of the key is needed outside the Java Virtual Machine as when transmitting the key to some other party

3 The name of the format of the encoded key

Keys are generally obtained through key generators key factory certificates or various Identity classes used to manage keys

Examples javaxcryptoKeyGenerator( ) javasecurityKeyFactory( )

JavaxcryptoCipher

httpjavasuncomj2se141docsapi

public class Cipher

extends Object

This class provides the functionality of a cryptographic cipher for

encryption and decryption It forms the core of the Java

Cryptographic Extension (JCE) framework

To use a Cipher getInstance( ) init( ) update( ) doFinal( )

JavaxcryptoCiphergetInstance( )A In order to create a Cipher object the application calls the Ciphers

getInstance method and passes the name of the requested

transformation to it

static Cipher getInstance(String transformation)

Generates a Cipher object that implements the specified transformation

static Cipher getInstance(String transformation Provider

provider)

Creates a Cipher object that implements the specified transformation as

supplied by the specified provider

static Cipher getInstance(String transformation String provider)

JavaxcryptoCiphergetInstance( ) Examples

Cipher cipher = CiphergetInstance(DESCBCPKCS5Padding)

Cipher cipher = CiphergetInstance(ldquoDESedeECBPKCS5Paddingrdquo)

JavaxcryptoCipherinit( )B Initialize an instance of Cipher

1 Declares the operating mode (ENCRYPT_MODE

DECRYPT_MODE WRAP_MODE UNWRAP_MODE)

2 Pass a key (javasecurityKey) to the cipher

Example

Cipherinit (CipherENCRYPT_MODE myKey)

Note When a Cipher object is initialized it loses all

previously-acquired state In other words initializing a

Cipher is equivalent to creating a new instance of that

Cipher and initializing it

JavaxcryptoCipherupdate( )C Pass the information to be encrypteddecrypted to the cipher

1 The information must be in the form of a byte array

2 Note Ciphers typically buffer their output If the buffer has not been filled

null will be returned

Alternative update( ) methods

byte[ ] update (byte[] input)byte[ ] plaintext = myStringgetBytes (ldquoUTF8rdquo)byte[ ] ciphertext = cipherupdate (plaintext)

int update (byte[ ] input int inputOffset int inputLen byte[ ] output int outputOffset)

Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized) processing another data part

JavaxcryptoCipherdoFinal( )D Finish the operation

byte[ ] doFinal( ) Finishes a multiple-part encryption or decryption operation depending on

how this cipher was initialized

byte[ ] doFinal(byte[] input)

Encrypts or decrypts data in a single-part operation or finishes a multiple-

part operation

Example

Byte[ ] ciphertext = cipherdoFinal ( )

SimpleExamplejava P69 SimpleExamplejava (see httpscecluheduyangteaching

proJavaSecurityCodehtml) Sample outputgtjava SimpleExample How are you doing

Plain Message=How are you doing

Generating a TripleDES keyDone generating the key

Now encrypting the messageMessage Encrypted

Ciphertext=-74-45759-44-115-19-8-56-99-47794393-45-107-41-125-127-233271855

Now decrypting the messageMessage decrypted

Decrypted text How are you doing

BlowfishExamplejava Blowfish keys can be any bit size from 8 to 448 as long as the

number if divisible by 8 p69 BlowfishExamplejava (see

httpscecluheduyangteachingproJavaSecurityCodehtml) Sample output

gtjava BlowfishExample Its a wonderful dayGenerating a Blowfish keyDone generating the key

Plaintext73 116 39 115 32 97 32 119 111 110 100 101 114 102 117 108 32 100 97 121 33

Ciphertext-77 56 -88 61 -52 -12 -57 43 -10 66 -54 -98 -86 56 -86 51 -127 -125 30 48 -64 112 -37 -125

Decrypted text Its a wonderful day

Password-based encryption (PBE) hashing + symmetric encryption

The user-provided password is hashed by a message digest algorithm such as SHA

The hash value is then used to construct a key for a symmetric encryption algorithm such as Blowfish

The plaintext is then encrypted by the symmetric encryption algorithm

Problems1 PBE is usually less secure due to its smaller key space2 Passwords may suffer lsquodictionary attackrsquo3 Two people might choose the same password which

would create two identical entries in the password file

Password-based encryption (PBE)

PBE + salt + iteration count A salt is a randomly generated piece of data say 64

bits that is added to each password The combined salt+password is used to generate the

key The key is then used to generate a symmetric cipher For the purpose of decryption the salt must be stored as

part of the ciphertext See figures on page 74

Base64 Encoding Effective in representing ASCII data as 6-bit characters (save one bit

per character)

Widely used in networking transmissions of data eg in MIME

emails amp other Internet-related applications

Input N bytes

Number of output characters

(N 8 24) 4 if N8 24 is zero

(N 8 24 + 1) 4 otherwise

Example N = 8 bytes

(64 24 + 1) 4 12 characters

See httpnascluheduyangteachingcsci5939DatabaseSecuritybase64ppt RFC2045 and Appendix C

Password-based encryption (PBE) RandomnextBytes (byte[ ] bytes)

Generates random bytes and places them into a user-supplied byte array

public class PBEKeySpecextends Object

implements KeySpec

A user-chosen password that can be used with password-based encryption

(PBE)

The password can be viewed as some kind of raw key material from which

the encryption mechanism that uses it derives a cryptographic key

Password-based encryption (PBE) public class SecretKeyFactory extends Object

This class represents a factory for secret keys

Key factories are used to convert keys (opaque cryptographic keys of type

Key) into key specifications (transparent representations of the

underlying key material) and vice versa Secret key factories operate

only on secret (symmetric) keys

Key factories are bi-directional ie they allow to build an opaque key

object from a given key specification (key material) or to retrieve the

underlying key material of a key object in a suitable format

Application developers should refer to their providers documentation to find

out which key specifications are supported by the generateSecret

and getKeySpec methods

Password-based encryption

Twofish encryption algorithmA symmetric block cipher that accepts keys of any length up to 256

bits

Among the new encryption algorithms being considered by the National

Institute of Science and Technology (NIST) as a replacement for

the DES algorithm

Highly secure and flexible

Works extremely well with large microprocessors 8-bit smart card

microprocessors and dedicated hardware

(Source httpwwwwileycomcdaproduct0047135381700html)

An example program PBEjava (see

httpscecluheduyangteachingproJavaSecurityCodehtml)

Sample PBE encryptiondecryptiongtjava PBE -e sasquatch Hello World

yrVhjq5djco=eSIS1LbeAtu5KIKf5ntNhg==

gtjava PBE -e sasquatch Hello World

lQ1lzMl8ONM=GBJFXSnpbltXowvJTmck1w==

gtjava PBE -d sasquatch lQ1lzMl8ONM=GBJFXSnpbltXowvJTmck1w==

Hello World

Key storage

Storage of keys in a persistent media (file

database) for later retrieval or transportation

Objectives The stored keys must be protected

Problems

- If the key storage is compromised the data protected by

the keys become unprotected

Solutions

Use PBE to encrypt the keys Problems

Key storage Key Wrapping

The wrap( ) method defined in javaxcryptoCipher takes a key as an

argument and returns the encrypted value of the key as a byte array

Example

cipherinit (CipherWRAP_MODE passwordKey paramSpec)

byte[ ] encryptedKeyBytes = cipherwrap (secretKey)

To decrypt the keycipherinit (CipherUNWRAP_MODE passwordKey paramSpec)

Key key = cipherunwrap(encryptedKeyBytes ldquoBlowfishrdquo CipherSECRET_KEY)

Key storage Key Encryption

Use the getEncoded( ) method as defined in javasecurityKey to encrypt the

key

Example

byte[ ] keyBytes = myKeygetEncoded( )

cipherinit (CipherENCRYPT_MODE passwordKey paramSpec)

byte[ ] encryptedKeyBytes = cipherdoFinal (keyBytes)

To decrypt the keycipherinit (CipherDECRYPT_MODE passwordKey paramSpec)

byte[ ] keyBytes = cipherdoFinal (encryptedKeyBytes)

SecretKeySpec myKey = new SecretKeySpec (keyBytes ldquoBlowfishrdquo )

Padding Padding is needed to make the size of the plaintext to be a

multiple of the block size

Most symmetric algorithms use one of two types of padding No padding ndash requires the data end on a block exactly

PKCS5 padding ndash (PKCS = Public Key Cryptography Standard)

Suppose there are N bytes in a block that need to be padded

Fill each of the N bytes with the value N

If the data end on a multiple of the block size add an entire block of

padding

(See the illustration on p81)

Modes of DES

ECB CBC

CFB (Cipher FeedBack) Similar to CBC but may work on smaller chunks of data (8 bits for

example)

OFB (Output FeedBack) Similar to CFB but provides better protection against data loss

during transmission

That is a single-bit error will not cause the whole block to be lost

as in the cases of ECB CBC and CFB

Cipher streams and IV JavaxcryptoCipherInputStream javaxcryptoCipherOutputStream

They provide convenient wrappers around standard input and

output streams for them to be automatically encrypted or

decrypted

Initialization Vector (IV) A sequence of random bytes appended to the front of the plaintext

before encryption by a block cipher Adding the initialization vector to the beginning of the plaintext

eliminates the possibility of having the initial ciphertext block the

same for any two messages How to determine the size of a IV given a cipher Example A

256-bit Rijndael cipher needs a 16-byte IV

IV in Java public class IvParameterSpec

extends Object

implements AlgorithmParameterSpec

This class specifies an initialization vector (IV) Examples

which use IVs are ciphers in feedback mode eg DES

in CBC mode and RSA ciphers with OAEP encoding

operation

(NOTE See page 434 for RSA-OAEP padding)

Rijndael

What is Rijndael (Dutch pronounced as lsquoRain Dollrsquo)

ldquoRijndael is a block cipher designed by Joan Daemen and Vincent

Rijmen as a candidate algorithm for the AES

The cipher has a variable block length and key length We currently

specified how to use keys with a length of 128 192 or 256 bits to

encrypt blocks with al length of 128 192 or 256 bitsrdquo

(Source httpwwwesatkuleuvenacbe~rijmenrijndael)

After nearly four years of evaluation in October 2000 Rijndael was

selected by the NIST as the `AES (Advanced Encryption Standard)

See the press release

FileEncryptorjava

FileEncryptorjava (see httpscecluheduyangteaching

proJavaSecurityCodehtml)

Four functions

createKey( password )

loadKey ( password )

encrypt ( password inputFile outputEncryptedFile )

decrypt ( password inputEncryptedFile outputfile)

Sealed objects Sealed object An object that is encrypted

The object must be serializable

Sealed objects can be useful for storing or transferring an

encrypted version of an object

The default JDK 12 prevents extensions from using the class

loader to create classes that are neither standard objects nor

extensions That is a custom object such as a CreditCard

object wonrsquot be able to be decrypted

See Appendix D ldquothe EncryptedObject classrdquo for a better sealed

object implementation

Sealed objects

SealedObjectExamplejava (see

Sample output

gtjava SealedObjectExample

Creating a key

Encrypting the object

Unencrypting the object

Credit card number 1234567890

Relevant links RFC 1829 - The ESP DES-CBC Transform - This document

describes the DES-CBC security transform for the IP Encapsulating Security Payload (ESP)

The GNU Crypto project ndash This project aims at providing free versatile high-quality and provably correct implementations of cryptographic primitives and tools in the Java programming language for use by programmers and end-users Itrsquos also got a comprehensive listing of crypto-related algorithms

GS Chapter 4 Symmetric Encryption in Java
Topics
JavaxcryptoKeyGenerator
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
JavaxcryptoCiphergetInstance( )
Slide 10
JavaxcryptoCipherinit( )
JavaxcryptoCipherupdate( )
JavaxcryptoCipherdoFinal( )
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
Cipher streams and IV
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

Topics

A Blowfish

B Password-based encryption (PBE)

C Key storage

D Modes

E Cipher streams and IV (initialization vector)

F Sealed objects

File encryption

Network encryption

Database encryption

amount of data

methods

Interface Key

JavaxcryptoCipher

public class Cipher

extends Object

provider)

Example

part operation

Example

Ciphertext=-74-45759-44-115-19-8-56-99-47794393-45-107-41-125-127-233271855

Plaintext73 116 39 115 32 97 32 119 111 110 100 101 114 102 117 108 32 100 97 121 33

Ciphertext-77 56 -88 61 -52 -12 -57 43 -10 66 -54 -98 -86 56 -86 51 -127 -125 30 48 -64 112 -37 -125

per character)

Input N bytes

(N 8 24) 4 if N8 24 is zero

Example N = 8 bytes

(64 24 + 1) 4 12 characters

implements KeySpec

(PBE)

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

File encryption

Network encryption

Database encryption

amount of data

methods

Interface Key

JavaxcryptoCipher

public class Cipher

extends Object

provider)

Example

part operation

Example

Ciphertext=-74-45759-44-115-19-8-56-99-47794393-45-107-41-125-127-233271855

Plaintext73 116 39 115 32 97 32 119 111 110 100 101 114 102 117 108 32 100 97 121 33

Ciphertext-77 56 -88 61 -52 -12 -57 43 -10 66 -54 -98 -86 56 -86 51 -127 -125 30 48 -64 112 -37 -125

per character)

Input N bytes

(N 8 24) 4 if N8 24 is zero

Example N = 8 bytes

(64 24 + 1) 4 12 characters

implements KeySpec

(PBE)

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

methods

Interface Key

JavaxcryptoCipher

public class Cipher

extends Object

provider)

Example

part operation

Example

Ciphertext=-74-45759-44-115-19-8-56-99-47794393-45-107-41-125-127-233271855

Plaintext73 116 39 115 32 97 32 119 111 110 100 101 114 102 117 108 32 100 97 121 33

Ciphertext-77 56 -88 61 -52 -12 -57 43 -10 66 -54 -98 -86 56 -86 51 -127 -125 30 48 -64 112 -37 -125

per character)

Input N bytes

(N 8 24) 4 if N8 24 is zero

Example N = 8 bytes

(64 24 + 1) 4 12 characters

implements KeySpec

(PBE)

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

Interface Key

JavaxcryptoCipher

public class Cipher

extends Object

provider)

Example

part operation

Example

Ciphertext=-74-45759-44-115-19-8-56-99-47794393-45-107-41-125-127-233271855

Plaintext73 116 39 115 32 97 32 119 111 110 100 101 114 102 117 108 32 100 97 121 33

Ciphertext-77 56 -88 61 -52 -12 -57 43 -10 66 -54 -98 -86 56 -86 51 -127 -125 30 48 -64 112 -37 -125

per character)

Input N bytes

(N 8 24) 4 if N8 24 is zero

Example N = 8 bytes

(64 24 + 1) 4 12 characters

implements KeySpec

(PBE)

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

Interface Key

JavaxcryptoCipher

public class Cipher

extends Object

provider)

Example

part operation

Example

Ciphertext=-74-45759-44-115-19-8-56-99-47794393-45-107-41-125-127-233271855

Plaintext73 116 39 115 32 97 32 119 111 110 100 101 114 102 117 108 32 100 97 121 33

Ciphertext-77 56 -88 61 -52 -12 -57 43 -10 66 -54 -98 -86 56 -86 51 -127 -125 30 48 -64 112 -37 -125

per character)

Input N bytes

(N 8 24) 4 if N8 24 is zero

Example N = 8 bytes

(64 24 + 1) 4 12 characters

implements KeySpec

(PBE)

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

JavaxcryptoCipher

public class Cipher

extends Object

provider)

Example

part operation

Example

Ciphertext=-74-45759-44-115-19-8-56-99-47794393-45-107-41-125-127-233271855

Plaintext73 116 39 115 32 97 32 119 111 110 100 101 114 102 117 108 32 100 97 121 33

Ciphertext-77 56 -88 61 -52 -12 -57 43 -10 66 -54 -98 -86 56 -86 51 -127 -125 30 48 -64 112 -37 -125

per character)

Input N bytes

(N 8 24) 4 if N8 24 is zero

Example N = 8 bytes

(64 24 + 1) 4 12 characters

implements KeySpec

(PBE)

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

JavaxcryptoCipher

public class Cipher

extends Object

provider)

Example

part operation

Example

Ciphertext=-74-45759-44-115-19-8-56-99-47794393-45-107-41-125-127-233271855

Plaintext73 116 39 115 32 97 32 119 111 110 100 101 114 102 117 108 32 100 97 121 33

Ciphertext-77 56 -88 61 -52 -12 -57 43 -10 66 -54 -98 -86 56 -86 51 -127 -125 30 48 -64 112 -37 -125

per character)

Input N bytes

(N 8 24) 4 if N8 24 is zero

Example N = 8 bytes

(64 24 + 1) 4 12 characters

implements KeySpec

(PBE)

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

provider)

Example

part operation

Example

Ciphertext=-74-45759-44-115-19-8-56-99-47794393-45-107-41-125-127-233271855

Plaintext73 116 39 115 32 97 32 119 111 110 100 101 114 102 117 108 32 100 97 121 33

Ciphertext-77 56 -88 61 -52 -12 -57 43 -10 66 -54 -98 -86 56 -86 51 -127 -125 30 48 -64 112 -37 -125

per character)

Input N bytes

(N 8 24) 4 if N8 24 is zero

Example N = 8 bytes

(64 24 + 1) 4 12 characters

implements KeySpec

(PBE)

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

Example

part operation

Example

Ciphertext=-74-45759-44-115-19-8-56-99-47794393-45-107-41-125-127-233271855

Plaintext73 116 39 115 32 97 32 119 111 110 100 101 114 102 117 108 32 100 97 121 33

Ciphertext-77 56 -88 61 -52 -12 -57 43 -10 66 -54 -98 -86 56 -86 51 -127 -125 30 48 -64 112 -37 -125

per character)

Input N bytes

(N 8 24) 4 if N8 24 is zero

Example N = 8 bytes

(64 24 + 1) 4 12 characters

implements KeySpec

(PBE)

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

Example

part operation

Example

Ciphertext=-74-45759-44-115-19-8-56-99-47794393-45-107-41-125-127-233271855

Plaintext73 116 39 115 32 97 32 119 111 110 100 101 114 102 117 108 32 100 97 121 33

Ciphertext-77 56 -88 61 -52 -12 -57 43 -10 66 -54 -98 -86 56 -86 51 -127 -125 30 48 -64 112 -37 -125

per character)

Input N bytes

(N 8 24) 4 if N8 24 is zero

Example N = 8 bytes

(64 24 + 1) 4 12 characters

implements KeySpec

(PBE)

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

part operation

Example

Ciphertext=-74-45759-44-115-19-8-56-99-47794393-45-107-41-125-127-233271855

Plaintext73 116 39 115 32 97 32 119 111 110 100 101 114 102 117 108 32 100 97 121 33

Ciphertext-77 56 -88 61 -52 -12 -57 43 -10 66 -54 -98 -86 56 -86 51 -127 -125 30 48 -64 112 -37 -125

per character)

Input N bytes

(N 8 24) 4 if N8 24 is zero

Example N = 8 bytes

(64 24 + 1) 4 12 characters

implements KeySpec

(PBE)

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

part operation

Example

Ciphertext=-74-45759-44-115-19-8-56-99-47794393-45-107-41-125-127-233271855

Plaintext73 116 39 115 32 97 32 119 111 110 100 101 114 102 117 108 32 100 97 121 33

Ciphertext-77 56 -88 61 -52 -12 -57 43 -10 66 -54 -98 -86 56 -86 51 -127 -125 30 48 -64 112 -37 -125

per character)

Input N bytes

(N 8 24) 4 if N8 24 is zero

Example N = 8 bytes

(64 24 + 1) 4 12 characters

implements KeySpec

(PBE)

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

Ciphertext=-74-45759-44-115-19-8-56-99-47794393-45-107-41-125-127-233271855

Plaintext73 116 39 115 32 97 32 119 111 110 100 101 114 102 117 108 32 100 97 121 33

Ciphertext-77 56 -88 61 -52 -12 -57 43 -10 66 -54 -98 -86 56 -86 51 -127 -125 30 48 -64 112 -37 -125

per character)

Input N bytes

(N 8 24) 4 if N8 24 is zero

Example N = 8 bytes

(64 24 + 1) 4 12 characters

implements KeySpec

(PBE)

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

Plaintext73 116 39 115 32 97 32 119 111 110 100 101 114 102 117 108 32 100 97 121 33

Ciphertext-77 56 -88 61 -52 -12 -57 43 -10 66 -54 -98 -86 56 -86 51 -127 -125 30 48 -64 112 -37 -125

per character)

Input N bytes

(N 8 24) 4 if N8 24 is zero

Example N = 8 bytes

(64 24 + 1) 4 12 characters

implements KeySpec

(PBE)

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

per character)

Input N bytes

(N 8 24) 4 if N8 24 is zero

Example N = 8 bytes

(64 24 + 1) 4 12 characters

implements KeySpec

(PBE)

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

per character)

Input N bytes

(N 8 24) 4 if N8 24 is zero

Example N = 8 bytes

(64 24 + 1) 4 12 characters

implements KeySpec

(PBE)

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

per character)

Input N bytes

(N 8 24) 4 if N8 24 is zero

Example N = 8 bytes

(64 24 + 1) 4 12 characters

implements KeySpec

(PBE)

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

per character)

Input N bytes

(N 8 24) 4 if N8 24 is zero

Example N = 8 bytes

(64 24 + 1) 4 12 characters

implements KeySpec

(PBE)

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

implements KeySpec

(PBE)

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

implements KeySpec

(PBE)

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

bits

the DES algorithm

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

Hello World

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

Key storage

Problems

Solutions

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

Example

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

key

Example

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

padding

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

Modes of DES

ECB CBC

example)

during transmission

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

decrypted

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

extends Object

operation

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

Rijndael

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

FileEncryptorjava

Four functions

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

Sealed objects

Sample output

Creating a key

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

Topics
Slide 5
JavasecurityKey
Slide 7
JavaxcryptoCipher
Slide 10
SimpleExamplejava
BlowfishExamplejava
Slide 17
Slide 18
Base64 Encoding
Slide 20
Slide 21
Slide 22
Slide 24
Key storage
Slide 26
Slide 27
Padding
Modes of DES
IV in Java
Rijndael
FileEncryptorjava
Sealed objects
Slide 35
Next

Date post:	06-May-2015
Category:	Technology
Upload:	phanleson
View:	3,307 times
Download:	1 times