Presentation is loading. Please wait.

Presentation is loading. Please wait.

Csci5931 Web Security1 GS: Chapter 4 Symmetric Encryption in Java.

Published byMarcia Lawson Modified over 8 years ago

Similar presentations

Presentation on theme: "Csci5931 Web Security1 GS: Chapter 4 Symmetric Encryption in Java."— Presentation transcript:

1 csci5931 Web Security1 GS: Chapter 4 Symmetric Encryption in Java

2 csci5931 Web Security2 Topics A. Blowfish B. Password-based encryption (PBE) C. Key storage D. Modes E. Cipher streams and IV (initialization vector) F. Sealed objects

3 csci5931 Web Security3 Applications of symmetric encryptions  File encryption  Network encryption  Database encryption  Applications that require encryption of large amount of data.

4 csci5931 Web Security4 Javax.crypto.KeyGenerator  http://java.sun.com/j2se/1.4.1/docs/api/javax/crypto/KeyGenerator.html http://java.sun.com/j2se/1.4.1/docs/api/javax/crypto/KeyGenerator.html  Provides the functionality of a (symmetric) key generator  Key generators are constructed using one of the getInstance class methods.  KeyGenerator objects are reusable, i.e., after a key has been generated, the same KeyGenerator object can be re-used to generate further keys.  There are two ways to generate a key: in an algorithm-independent manner, and in an algorithm-specific manner. The only difference between the two is the initialization of the object.

5 csci5931 Web Security5 Javax.crypto.KeyGenerator  Using KeyGenerator A. Create a new key generator: KeyGenerator keyGenerator = KeyGenerator.getInstance (“DESede”); Note: DESede is a triple DES variant with three DES keys k1, k2, k3. The message is encrypted with k1 first, then decrypted with k2, and finally encrypted again with k3. This increases the key space and prevents brute force attacks. B. Initialize the key generator with the size of the key: keyGenerator.init (168); // initialized to 168 bits C. Generate the key object: Key myKey = keyGenerator.generateKey ( );

6 csci5931 Web Security6 Java.security.Key  http://java.sun.com/j2se/1.4.1/docs/api/java/security/Key.html http://java.sun.com/j2se/1.4.1/docs/api/java/security/Key.html java.security Interface Key All Superinterfaces: Serializable All Known Subinterfaces: DHPrivateKeyDHPrivateKey, DHPublicKey, DSAPrivateKey, DSAPublicKey, PBEKey, PrivateKey, PublicKey, RSAMultiPrimePrivateCrtKey, RSAPrivateCrtKey, RSAPrivateKey, RSAPublicKey, SecretKeyDHPublicKeyDSAPrivateKeyDSAPublicKey PBEKeyPrivateKeyPublicKeyRSAMultiPrimePrivateCrtKey RSAPrivateCrtKeyRSAPrivateKeyRSAPublicKeySecretKey All Known Implementing Classes: KerberosKeyKerberosKey, SecretKeySpecSecretKeySpec

7 csci5931 Web Security7 Java.security.Key  The Key interface is the top-level interface for all keys. It defines the functionality shared by all key objects.  All keys have three characteristics: 1. The key algorithm for that key; 2. An external encoded form for the key used when a standard representation of the key is needed outside the Java Virtual Machine, as when transmitting the key to some other party; 3. The name of the format of the encoded key  Keys are generally obtained through key generators, key factory, certificates, or various Identity classes used to manage keys.  Examples: javax.crypto.KeyGenerator( ) ; java.security.KeyFactory( ) ;

8 csci5931 Web Security8 Javax.crypto.Cipher  http://java.sun.com/j2se/1.4.1/docs/api/ http://java.sun.com/j2se/1.4.1/docs/api/ public class Cipher extends ObjectObject This class provides the functionality of a cryptographic cipher for encryption and decryption. It forms the core of the Java Cryptographic Extension (JCE) framework.  To use a Cipher: getInstance( ), init( ), update( ), doFinal( ).

9 csci5931 Web Security9 Javax.crypto.Cipher.getInstance( ) A. In order to create a Cipher object, the application calls the Cipher's getInstance method, and passes the name of the requested transformation to it. static Cipher getInstance(String transformation) Generates a Cipher object that implements the specified transformation.CiphergetInstanceString static Cipher getInstance(String transformation, Provider provider) Creates a Cipher object that implements the specified transformation, as supplied by the specified provider.CiphergetInstanceStringProvider static Cipher getInstance(String transformation, String provider) Creates a Cipher object that implements the specified transformation, as supplied by the specified provider.CiphergetInstanceString

10 csci5931 Web Security10 Javax.crypto.Cipher.getInstance( )  Examples: Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding"); Cipher cipher = Cipher.getInstance(“DESede/ECB/PKCS5Padding”);

11 csci5931 Web Security11 Javax.crypto.Cipher.init( ) B. Initialize an instance of Cipher: 1. Declares the operating mode (ENCRYPT_MODE, DECRYPT_MODE, WRAP_MODE, UNWRAP_MODE) 2. Pass a key (java.security.Key) to the cipher Example: Cipher.init (Cipher.ENCRYPT_MODE, myKey); Note: When a Cipher object is initialized, it loses all previously-acquired state. In other words, initializing a Cipher is equivalent to creating a new instance of that Cipher and initializing it.

12 csci5931 Web Security12 Javax.crypto.Cipher.update( ) C. Pass the information to be encrypted/decrypted to the cipher: 1. The information must be in the form of a byte array. 2. Note: Ciphers typically buffer their output. If the buffer has not been filled, null will be returned. Alternative update( ) methods: byte[ ] update (byte[] input)update byte[ ] plaintext = myString.getBytes (“UTF8”); byte[ ] ciphertext = cipher.update (plaintext); int update (byte[ ] input, int inputOffset, int inputLen, byte[ ] output, int outputOffset)update Continues a multiple-part encryption or decryption operation (depending on how this cipher was initialized), processing another data part.

13 csci5931 Web Security13 Javax.crypto.Cipher.doFinal( ) D. Finish the operation: byte[ ] doFinal( ) Finishes a multiple-part encryption or decryption operation, depending on how this cipher was initialized.doFinal byte[ ] doFinal(byte[] input) Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation.doFinal Example: Byte[ ] ciphertext = cipher.doFinal ( );

14 csci5931 Web Security14 SimpleExample.java  P.69: SimpleExample.java (see http://sce.cl.uh.edu/yang/teaching/proJavaSecurityCode.html) http://sce.cl.uh.edu/yang/teaching/proJavaSecurityCode.html  Sample output: >java SimpleExample "How are you doing?" Plain Message=How are you doing? Generating a TripleDES key... Done generating the key. Now encrypting the message Message Encrypted Ciphertext=-74-45759-44-115-19-8-56-99-47794393-45-107-41-125-127-233271855 Now decrypting the message Message decrypted Decrypted text: How are you doing?

15 csci5931 Web Security15 BlowfishExample.java  Blowfish keys can be any bit size from 8 to 448, as long as the number if divisible by 8.  p.69: BlowfishExample.java (see http://sce.cl.uh.edu/yang/teaching/proJavaSecurityCode.html) http://sce.cl.uh.edu/yang/teaching/proJavaSecurityCode.html  Sample output: >java BlowfishExample "It's a wonderful day!" Generating a Blowfish key... Done generating the key. Plaintext: 73 116 39 115 32 97 32 119 111 110 100 101 114 102 117 108 32 100 97 121 33 Ciphertext: -77 56 -88 61 -52 -12 -57 43 -10 66 -54 -98 -86 56 -86 51 -127 -125 30 48 -64 11 2 -37 -125 Decrypted text: It's a wonderful day!

16 csci5931 Web Security16 Password-based encryption (PBE)  hashing + symmetric encryption  The user-provided password is hashed by a message digest algorithm, such as SHA.  The hash value is then used to construct a key for a symmetric encryption algorithm, such as Blowfish.  The plaintext is then encrypted by the symmetric encryption algorithm.  Problems? 1. PBE is usually less secure, due to its smaller key space. 2. Passwords may suffer ‘dictionary attack’. 3. Two people might choose the same password, which would create two identical entries in the password file.

17 csci5931 Web Security17 Password-based encryption (PBE)  PBE + salt + iteration count  A salt is a randomly generated piece of data, say 64 bits, that is added to each password.  The combined salt+password is used to generate the key.  The key is then used to generate a symmetric cipher.  For the purpose of decryption, the salt must be stored as part of the ciphertext.  See figures on page 74.

18 csci5931 Web Security18 Password-based encryption (PBE)

19 csci5931 Web Security19 Base64 Encoding  Effective in representing ASCII data as 6-bit characters (save one bit per character)  Widely used in networking transmissions of data; e.g., in MIME emails & other Internet-related applications  Input: N bytes  Number of output characters  (N * 8 / 24) * 4, if N*8 % 24 is zero;  (N * 8 / 24 + 1) * 4, otherwise. Example: N = 8 bytes. (64 / 24 + 1) * 4  12 characters  See http://nas.cl.uh.edu/yang/teaching/csci5939DatabaseSecurity/base64.ppt, RFC2045, and Appendix C. http://nas.cl.uh.edu/yang/teaching/csci5939DatabaseSecurity/base64.ppt

20 csci5931 Web Security20 Password-based encryption (PBE)

21 csci5931 Web Security21 Password-based encryption (PBE)  Random.nextBytes (byte[ ] bytes) Generates random bytes and places them into a user- supplied byte array.  public class PBEKeySpec extends Object implements KeySpec A user-chosen password that can be used with password-based encryption (PBE). The password can be viewed as some kind of raw key material, from which the encryption mechanism that uses it derives a cryptographic key.

22 csci5931 Web Security22 Password-based encryption (PBE)  public class SecretKeyFactory extends Object This class represents a factory for secret keys. Key factories are used to convert keys (opaque cryptographic keys of type Key ) into key specifications (transparent representations of the underlying key material), and vice versa. Secret key factories operate only on secret (symmetric) keys. Key factories are bi-directional, i.e., they allow to build an opaque key object from a given key specification (key material), or to retrieve the underlying key material of a key object in a suitable format. Application developers should refer to their provider's documentation to find out which key specifications are supported by the generateSecret and getKeySpec methods.

23 csci5931 Web Security23 Password-based encryption  Twofish encryption algorithm: A symmetric block cipher that accepts keys of any length, up to 256 bits; Among the new encryption algorithms being considered by the National Institute of Science and Technology (NIST) as a replacement for the DES algorithm; Highly secure and flexible; Works extremely well with large microprocessors, 8-bit smart card microprocessors, and dedicated hardware. (Source: http://www.wiley.com/cda/product/0,,0471353817,00.html)http://www.wiley.com/cda/product/0,,0471353817,00.html

24 csci5931 Web Security24 Password-based encryption  An example program: PBE.java (see http://sce.cl.uh.edu/yang/teaching/proJavaSecurityCode.html) http://sce.cl.uh.edu/yang/teaching/proJavaSecurityCode.html  Sample PBE encryption/decryption: >java PBE -e sasquatch "Hello World!" yrVhjq5djco=eSIS1LbeAtu5KIKf5ntNhg== >java PBE -e sasquatch "Hello World!" lQ1lzMl8ONM=GBJFXSnpbltXowvJTmck1w== >java PBE -d sasquatch "lQ1lzMl8ONM=GBJFXSnpbltXowvJTmck1w==" Hello World!

25 csci5931 Web Security25 Key storage  Storage of keys in a persistent media (file, database) for later retrieval or transportation  Objectives: The stored keys must be protected.  Problems? - If the key storage is compromised, the data protected by the keys become unprotected.  Solutions?  Use PBE to encrypt the keys. Problems?

26 csci5931 Web Security26 Key storage  Key Wrapping The wrap( ) method, defined in javax.crypto.Cipher, takes a key as an argument and returns the encrypted value of the key as a byte array. Example: cipher.init (Cipher.WRAP_MODE, passwordKey, paramSpec); byte[ ] encryptedKeyBytes = cipher.wrap (secretKey);  To decrypt the key: cipher.init (Cipher.UNWRAP_MODE, passwordKey, paramSpec); Key key = cipher.unwrap(encryptedKeyBytes, “Blowfish”, Cipher.SECRET_KEY);

27 csci5931 Web Security27 Key storage  Key Encryption Use the getEncoded( ) method, as defined in java.security.Key, to encrypt the key. Example: byte[ ] keyBytes = myKey.getEncoded( ); cipher.init (Cipher.ENCRYPT_MODE, passwordKey, paramSpec); byte[ ] encryptedKeyBytes = cipher.doFinal (keyBytes);  To decrypt the key: cipher.init (Cipher.DECRYPT_MODE, passwordKey, paramSpec); byte[ ] keyBytes = cipher.doFinal (encryptedKeyBytes); SecretKeySpec myKey = new SecretKeySpec (keyBytes, “Blowfish” );

28 csci5931 Web Security28 Padding  Padding is needed to make the size of the plaintext to be a multiple of the block size.  Most symmetric algorithms use one of two types of padding:  No padding – requires the data end on a block exactly  PKCS#5 padding – (PKCS = Public Key Cryptography Standard) Suppose there are N bytes in a block that need to be padded. Fill each of the N bytes with the value N. If the data end on a multiple of the block size, add an entire block of padding. (See the illustration on p.81.)

29 csci5931 Web Security29 Modes of DES  ECB, CBC  CFB (Cipher FeedBack)  Similar to CBC, but may work on smaller chunks of data (8 bits for example).  OFB (Output FeedBack)  Similar to CFB, but provides better protection against data loss during transmission.  That is, a single-bit error will not cause the whole block to be lost, as in the cases of ECB, CBC and CFB.

30 csci5931 Web Security30 Cipher streams and IV  Javax.crypto.CipherInputStream  javax.crypto.CipherOutputStream  They provide convenient wrappers around standard input and output streams for them to be automatically encrypted or decrypted.  Initialization Vector (IV):  A sequence of random bytes appended to the front of the plaintext before encryption by a block cipher.  Adding the initialization vector to the beginning of the plaintext eliminates the possibility of having the initial ciphertext block the same for any two messages.  How to determine the size of a IV, given a cipher? Example: A 256-bit Rijndael cipher needs a 16-byte IV.

31 csci5931 Web Security31 IV in Java  public class IvParameterSpec extends Object implements AlgorithmParameterSpec This class specifies an initialization vector (IV). Examples which use IVs are ciphers in feedback mode, e.g., DES in CBC mode and RSA ciphers with OAEP encoding operation. (NOTE: See page 434 for RSA-OAEP padding.)

32 csci5931 Web Security32 Rijndael  What is Rijndael ? (Dutch, pronounced as ‘Rain Doll’) “Rijndael is a block cipher, designed by Joan Daemen and Vincent Rijmen as a candidate algorithm for the AES. The cipher has a variable block length and key length. We currently specified how to use keys with a length of 128, 192, or 256 bits to encrypt blocks with al length of 128, 192 or 256 bits.” (Source: http://www.esat.kuleuven.ac.be/~rijmen/rijndael/)http://www.esat.kuleuven.ac.be/~rijmen/rijndael/  After nearly four years of evaluation, in October 2000, Rijndael was selected by the NIST as the `AES' (Advanced Encryption Standard). See the press release.press release

33 csci5931 Web Security33 FileEncryptor.java  FileEncryptor.java (see http://sce.cl.uh.edu/yang/teaching/proJavaSecurityCode.html) http://sce.cl.uh.edu/yang/teaching/proJavaSecurityCode.html  Four functions:  createKey( password )  loadKey ( password )  encrypt ( password, inputFile, outputEncryptedFile )  decrypt ( password, inputEncryptedFile, outputfile)

34 csci5931 Web Security34 Sealed objects  Sealed object: An object that is encrypted.  The object must be serializable.  Sealed objects can be useful for storing or transferring an encrypted version of an object.  The default JDK 1.2 prevents extensions from using the class loader to create classes that are neither standard objects nor extensions. That is, a custom object such as a CreditCard object, won’t be able to be decrypted.  See Appendix D “the EncryptedObject class” for a better sealed object implementation.

35 csci5931 Web Security35 Sealed objects  SealedObjectExample.java (see http://sce.cl.uh.edu/yang/teaching/proJavaSecurityCode.html) SealedObjectExample.java http://sce.cl.uh.edu/yang/teaching/proJavaSecurityCode.html  Sample output: >java SealedObjectExample Creating a key. Encrypting the object. Unencrypting the object. Credit card number: 1234567890

36 csci5931 Web Security36 Next  Asymmetric Encryption (GS: 5)  Relevant links:  RFC 1829 - The ESP DES-CBC Transform - This document describes the DES-CBC security transform for the IP Encapsulating Security Payload (ESP). RFC 1829 - The ESP DES-CBC Transform  The GNU Crypto project – This project aims at providing free, versatile, high-quality, and provably correct implementations of cryptographic primitives and tools in the Java programming language for use by programmers and end-users. It’s also got a comprehensive listing of crypto-related algorithms. The GNU Crypto project

Download ppt "Csci5931 Web Security1 GS: Chapter 4 Symmetric Encryption in Java."

Similar presentations

“Advanced Encryption Standard” & “Modes of Operation”

“Advanced Encryption Standard” & “Modes of Operation”
Modern Symmetric-Key Ciphers

Modern Symmetric-Key Ciphers
Modern Symmetric-Key Ciphers

Modern Symmetric-Key Ciphers
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Web Security for Network and System Administrators1 Chapter 4 Encryption.

Web Security for Network and System Administrators1 Chapter 4 Encryption.
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
Cryptography and Network Security Chapter 6. Chapter 6 – Block Cipher Operation Many savages at the present day regard their names as vital parts of themselves,

Cryptography and Network Security Chapter 6. Chapter 6 – Block Cipher Operation Many savages at the present day regard their names as vital parts of themselves,
Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.

Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.
Block Ciphers 1 Block Ciphers Block Ciphers 2 Block Ciphers  Modern version of a codebook cipher  In effect, a block cipher algorithm yields a huge.

Block Ciphers 1 Block Ciphers Block Ciphers 2 Block Ciphers  Modern version of a codebook cipher  In effect, a block cipher algorithm yields a huge.
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptographic Technologies

Cryptographic Technologies
EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 4 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
CSE331: Introduction to Networks and Security Lecture 18 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 18 Fall 2002.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.
15-441 Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from 15-441, semester’s past and others.

Computer Networking Lecture 21: Security and Cryptography Thanks to various folks from , semester’s past and others.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.

Similar presentations

Ads by Google