LAB#4 PROGRAMMING USING JAVA CRYPTOGRAPHIC LIBRARIES CPIT 425.

Slides:



Advertisements
Similar presentations
Chapter 3 Public Key Cryptography and Message authentication.
Advertisements

Cryptography & The JCE Presented by Geoff Whittington, Fireball Technology Group.
Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
LAB#2 JAVA SECURITY OVERVIEW Prepared by: I.Raniah Alghamdi.
The Java Crypto API ICW Lecture 3 Tom Chothia. Reminder of Last Time: Your programs defines “Classes”. Each class defines “Objects”. An Object is defined.
August 6, 2003 Security Systems for Distributed Models in Ptolemy II Rakesh Reddy Carnegie Mellon University Motivation.
Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Csci5233 Computer Security1 GS: Chapter 5 Asymmetric Encryption in Java.
1 Homework Study Java Cryptography by Reading the rest of slides and accessing Sun ’ s Java website:
Java supports encryption by a wide variety of packages: The standard java.security package The standard javax.crypto package Packages supplied by third.
Csci5233 Computer Security1 GS: Chapter 6 Using Java Cryptography for Authentication.
1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden
MT311 Java Application Development and Programming Languages Li Tak Sing ( 李德成 )
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
ISEP / Fakulta Elektrotecknika 1 Project Of Telecommunication Subject: Describe following “ MAC - Message Authentication Code " modes: Describe following.
Computer Network Lab. Encryption 컴퓨터 네트워크 실험실 조한진 / 이희규.
Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.
Middleware for Secure Environments Presented by Kemal Altıntaş Hümeyra Topcu-Altıntaş Osman Şen.
A Quick Tour of Cryptographic Primitives Anupam Datta CMU Fall A: Foundations of Security and Privacy.
COMPS311F Java Application Development and Programming Languages Li Tak Sing ( 李德成 )
MT311 Java Application Development and Programming Languages Li Tak Sing ( 李德成 )
1 Session 3 Module 4: Java Security Module 5: Cryptography.
1 Session 4 Module 6: Digital signatures. Digital Signatures / Session4 / 2 of 18 Module 4, 5 - Review (1)  Java 2 security model provides a consistent.
MT311 Java Application Development and Programming Languages Li Tak Sing ( 李德成 )
Java Cryptography Nick Pullman DSU-MSIA Citigroup Information Security
LAB#6 MAC & MASSAGE DIGEST CPIT 425. Message Authentication 2  Message authentication is a mechanism used to verify the integrity of a message.  Message.
Public Key Cryptography. Asymmetric encryption is a form of cryptosystem in which Encryption and decryption are performed using the different keys—one.
Chapter 12 – Hash Algorithms
Web Security CS-431.
RSA Laboratories’ PKCS Series - a Tutorial
Information and Computer Security CPIS 312 Lab 9
Java Assignment Related
Lab#7 Digital signature Cpit 425
CS457 Introduction to Information Security Systems
Symmetric Cryptography
Digital Signatures Assignment
Cryptography Why Cryptography Symmetric Encryption
Cryptographic Hash Function
e-Health Platform End 2 End encryption
Security.
Chapter 8 Network Security.
Encryption
Introduction to security goals and usage of cryptographic algorithms
Cryptography.
Cryptography and Network Security
Cryptography Basics and Symmetric Cryptography
Java Assignment Related
مروري برالگوريتمهاي رمز متقارن(كليد پنهان)
GS: Chapter 4 Symmetric Encryption in Java
Security through Encryption
PART VII Security.
CS/ECE 478 Network Security Dr. Attila Altay Yavuz
Security.
csci5233 computer security & integrity (Chap. 4)
Security Of Wireless Sensor Networks
Symmetric-Key Encryption
The Secure Sockets Layer (SSL) Protocol
Block vs Stream Ciphers
Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS
Security of Wireless Sensor Networks
DISSERTATION ON CRYPTOGRAPHY.
Unit 2: Cryptography & Cryptographic Algorithm
CS 240 – Advanced Programming Concepts
Cryptography and Network Security
EEC 688/788 Secure and Dependable Computing
Secret-Key Encryption
Presentation transcript:

LAB#4 PROGRAMMING USING JAVA CRYPTOGRAPHIC LIBRARIES CPIT 425

Java API  API : Application Programming Interface  2

Views Main Information Area Classes Packages 3

Cryptographic libraries  The cryptography APIs are organized into two distinct packages.  javax.crypto  javax.crypto package: Provides the classes and interfaces for cryptographic operations include encryption, key generation and key agreement, and Message Authentication Code (MAC) generation.  java.security  java.security package: Provides the classes and interfaces to support the generation and storage of cryptographic public key pairs, as well as a number of exportable cryptographic operations including those for message digest and signature generation. 4

javax.crypto package  It is composed of many classes.  There are a few core classes you should know: 1-The Cipher class 2-The Cipher Stream classes 3-The KeyGenerator class 4-The KeyAgreement class 5-The Mac Class  /package-summary.html /package-summary.html 5

Cipher class  It is core class that is required in every cryptographic program.  This class provides the functionality of a cryptographic cipher for encryption and decryption.  To create a Cipher object:  Call the Cipher's getInstance method  Pass the name of the requested transformation to it. And optionally, the name of a provider may be specified. A transformation is a string that describes the operation (or set of operations) to be performed on the given input, to produce some output. It includes: name of a cryptographic algorithm (e.g., DES) a feedback mode (optional) followed by padding scheme. (optional) 6

Cipher class i.e. transformation is of the form: "algorithm/mode/padding" or "algorithm“  For example: Cipher c = Cipher.getInstance("DES/CBC/PKCS5Padding");  To Initialize the cipher object: it must be initialized using the method : init(mode, key).  Mode is one of the class fields : Cipher.ENCRYPT_MODE or Cipher.DECRYPT_MODE and …  Example: c.init(Cipher.ENCRYPT_MODE, secretkey);  method update() can be called any number of times to pass byte arrays for encryption or decryption  For termination: by a doFinal() method : c.doFinal(); 7

Cipher class  For example, the following two lines use the cipher and key instances you created to encrypt a byte array called textBytes.  The result is stored in a byte array called encryptedBytes. Cipher c= Cipher.getInstance(“DES/ECB/PKCS5Padding”); c.init(Cipher.ENCRYPT_MODE, key); byte[] encryptedBytes = c.doFinal( textBytes ); 8

Cipher Stream classes Secure streams are provided by the CipherInputStream and CipherOutputStream classes. 1. CipherInputStream Class:  It is composed of an InputStream and a Cipher.  if the embedded Cipher has been initialized for decryption, the CipherInputStream will attempt to decrypt the data it reads from the underlying InputStream before returning them to the application.  Ex: FileInputStream fis = new FileInputStream("a.txt"); CipherInputStream cis = new CipherInputStream(fis, cipher1); 9

Cipher Stream classes 2. CipherOutputStream Class:  It is composed of an OutputStream and a Cipher.  if the embedded Cipher has been initialized for encryption, the CipherOutputStream will encrypt its data, before writing them out to the underlying output stream.  EX: FileOutputStream fos = new FileOutputStream("b.txt"); CipherOutputStream cos = new CipherOutputStream(fos, cipher1); 10

KeyGenerator class  This class provides the functionality of a (symmetric) key generator.  KeyGenerator objects are reusable, i.e., after a key has been generated, the same KeyGenerator object can be re-used to generate further keys.  There are two ways to generate a key:  Algorithm-Independent Initialization  Algorithm-Specific Initialization  For generating keys use a getInstance() and pass in the algorithm as a string,also you have to implement generateKey() method.  Ex: KeyGenerator kg= KeyGenerator.getInstance("DES"); Key key =kg.generateKey(); 11

KeyAgreement class  This class provides methods for key agreement(or key exchange) protocol such as the Diffie-Hellman protocol.  It provides an engine for the implementation of a key agreement algorithm.  This class allows for two cooperating parties to generate the same secret key while preventing parties unrelated to the agreement from generating the same key. 12

Mac Class  This class provides the functionality of a "Message Authentication Code" (MAC) algorithm.  Similar to Cipher class, the Mac class is initialized to specify what MAC algorithm and key that should be used.  Then, it computes the MAC based on operations such as update(), doFinal() similar to Cipher class methods. 13

Need to do…  Study these slides well,,, you will need them next labs. GOOD LUCK 14