Presentation is loading. Please wait.

Presentation is loading. Please wait.

MT311 Java Application Development and Programming Languages Li Tak Sing ( 李德成 )

Published bySuzan Logan Modified over 9 years ago

Similar presentations

Presentation on theme: "MT311 Java Application Development and Programming Languages Li Tak Sing ( 李德成 )"— Presentation transcript:

1 MT311 Java Application Development and Programming Languages Li Tak Sing ( 李德成 )

2 Message Authentication Code (MAC) As we have mentioned earlier, we cannot use the message digest alone to guarantee the integrity of a message. We need to add a secret key protection so that the resulting string would also depends on the secret key. Such an encrypted message digest is called a message authentication code(MAC). MAC protects the authentication and integrity of a message.

3 MAC When a user want to send a message, it would use the secret key to produce a MAC of the message. Then he/she sends the message and the MAC to the receiver. The receiver would then use the same secret key and the message to generate another MAC. The two MACs would then be compared. If they are the same, then the message is really from the supposed sender and the message has not been messed with by others.

4 message MAC keyed hash message MAC send to the recipient keyed hash compare

5 MAC The followings are the steps to create an MAC of a message: – create a secret key – create an Mac object – initialize the Mac object with the key – update the Mac object with the contents of the message – get the MAC from the Mac object.

6 Create a secret key KeyGenerator kg = KeyGenerator.getInstance("HmacMD5"); SecretKey sk = kg.generateKey(); Note that the key is randomly generated. So different key would be generated if the generateKey is invoked for many times. So if you want to share this key, you need to save the key to a file and then share the file.

7 Create an Mac object Mac mac = Mac.getInstance("HmacMD5");

8 Initialize the Mac object with the key mac.init(sk);

9 update the Mac object with the contents of the message mac.update(buf); where buf is an array of bytes. You can call this method as many times as you wish.

10 get the MAC from the Mac object. byte[] result=mac.doFinal();

11 The MD5 program KeyGenerator kg = KeyGenerator.getInstance("HmacMD5"); SecretKey sk = kg.generateKey(); Mac mac = Mac.getInstance("HmacMD5"); mac.init(sk); mac.update(buf); byte[] result=mac.doFinal();

12 Public key method In the secret key method, there is a problem in distributing the key because both the sender and recipient need to have the same key. It is possible that the key is intercepted when it is transmitted from one person to another.

13 Public key method The public key method, you need a pair of keys to perform the encryption and decryption process. The two keys are called public key and private key. You cannot deduce the private key from the public key. When a message is encrypted with the public key, it must be decrypted with the private key. When a message is decrypted with the private key, it must be decrypted with the public key.

14 Public key methods A user first generates a key pair that consists of a public key and private key. He/she now informs others about the public key. Then anybody can now encrypt a message with the public key and send the encrypted message to the user. Now, the user can decrypt the message with the private key.

15 Public key methods Note that the public key does not have to be send over a secured channel because any one who knows the public key would still not be able to decrypt any message that has been encrypted with the public key. The method protects the confidentiality of the message.

16 Java classes for the public key methods Most java classes for the public key methods are in the package java.security. KeyPairGenerator – the static method static public KeyPairGenerator getInstance(String) would return a KeyPairGenerator with the specified method. The most popular method is RSA. So the following statement get a RSA public key generator:

17 original message encrypted with public key encrypted message encrypted message original message decrypted with private key original message encrypted with private key encrypted message encrypted message original message decrypted with public key

18 Java classes for the public key methods KeyPairGenerator generator=KeyPairGenerator("RSA"); The following method of KeyPairGenerator would initial the KeyPairGenerator to generate a key of the specified byte length: public void initialize(int length) For example, the following statement would initialize a KeyPairGenerator to generate a key of size 2048 bits long: generator.initialize(2048);

19 Java classes for the public key methods The following statement create a key pair: KeyPair key=generator.generateKeyPair(); The following statement finds the public key: PublicKey publicKey=key.getPublic(); The following statement finds the private key: Privatekey privatekey=key.getPrivate();

20 Java classes for the public key methods After obtaining the key pair, we can use Cipher to encode or decode a message like what we have done in the secret key algorithm. The following statement initializes a Cipher to be used to encrypt a message using the private key: Cipher cipher=Cipher.getInstance("RSA"); cipher.init(Cipher.ENCRYPT_MODE, key.getPrivate());

21 Java classes for the public key methods The following statement initializes a Cipher to be used to encrypt a message using the public key: Cipher cipher=Cipher.getInstance("RSA"); cipher.init(Cipher.ENCRYPT_MODE, key.getPublic());

22 Java classes for the public key methods The following statement initializes a Cipher to be used to decrypt a message using the private key: Cipher cipher=Cipher.getInstance("RSA"); cipher.init(Cipher.DECRYPT_MODE, key.getPivate());

23 Java classes for the public key methods The following statement initializes a Cipher to be used to decrypt a message using the public key: Cipher cipher=Cipher.getInstance("RSA"); cipher.init(Cipher.DECRYPT_MODE, key.getPublic());

24 Java classes for the public key methods Then, we can use the update and doFinal method Cipher to encrypt or decrypt the message. If the message is short, we can simply use the doFinal straight away to decrypt the message.

25 Digital signature When you receive a message from a person, how do you be sure that the message is really from that person? This can be done by using digital signature.

26 Digital signature A digital signature is like a MAC but the key used is the private key of the key pair. To produce a digital signature, we first create a message digest and then encrypt the message digest with the private key of the message. We would say that we sign the message with the private key.

27 Digital signature Then, the sender would send the message together with the digital signature. The receiver would then first use the public key of the sender to decrypt the digital signature and then get back the message digest. The receiver then calculate another message digest from the message.

28 Digital signature If the two digital digests match, then we can sure of two things: – integrity. That is the message has not been changed by another person. – authentication. The message is really from the supposed sender because only he/she has the private key.

29 message digest hash digital signature encrypt with private key message digital signature send to the recipient message digest hash message digest decrypt with public key compare

30 Java classes to create a digital signature First we create a key pair first like what we did for the public key method. However, we would specify that we want to use the DSA algorithm which is a digital signature algorithm: KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA");

31 Java classes to create a digital signature Then, we initialize the key as before: kpg.initialize(1024); Then, we can use this key pair generator to generate a key pair: KeyPair keyPair=kpg.generateKeyPair();

32 Java classes to create a digital signature We can then get the public key and private key of the key pair: PublicKey publicKey=keyPair.getPublic(); PrivateKey privateKey=keyPair.getPrivate(); You should then save the two keys to a files and send the public key to your recipients.

33 Java classes to create a digital signature Now, assume that we want to create a digital signature of a message. Signature sig=Signature.getInstance("DSA"); sig.initSign(privateKey); Then, you can use the update method of Signature to check the contents of the message: sig.update(message);

34 Java classes to create a digital signature The digital signature is generated by invoked by the method sign: sig.sign(); This method returns an array of bytes which is the digital signature of the message. To verify a signature, we need the following statements: Signature sig=Signature.getInstance("DSA"); sig.initVerify(publicKey);

35 Java classes to create a digital signature Then, we use the update method of signature to put in the content of the message just like what we did when we generated the digitial message. sig.update(message);

36 Java classes to create a digital signature Then, we can check whether the message has been correctly signed by invoking the method verify of Signature: sig.verify(); This method would return true or false depending on whether the message has been correctly signed or not.

Download ppt "MT311 Java Application Development and Programming Languages Li Tak Sing ( 李德成 )"

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Network Security: Lab#2 J. H. Wang Apr. 28, 2011.

Network Security: Lab#2 J. H. Wang Apr. 28, 2011.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.

Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Rennes, 23/10/2014 Cristina Onete Putting it all together: using multiple primitives together.

Rennes, 23/10/2014 Cristina Onete Putting it all together: using multiple primitives together.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
1 Pertemuan 12 E-mail Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 12 Security Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
CSE331: Introduction to Networks and Security Lecture 21 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 21 Fall 2002.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
1 Information System Security AABFS-Jordan Summer 2006 Digital Signature and Hashing Functions Prepared by: Maher Abu Hamdeh & Adel Hamdan Supervised by:

1 Information System Security AABFS-Jordan Summer 2006 Digital Signature and Hashing Functions Prepared by: Maher Abu Hamdeh & Adel Hamdan Supervised by:
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
Information Security. Information Security Requirements Confidentiality: Protection from disclosure to unauthorised persons Access control: Unauthorised.

Information Security. Information Security Requirements Confidentiality: Protection from disclosure to unauthorised persons Access control: Unauthorised.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
Encryption Methods By: Michael A. Scott 20140508.

Encryption Methods By: Michael A. Scott
Csci5233 Computer Security1 GS: Chapter 5 Asymmetric Encryption in Java.

Csci5233 Computer Security1 GS: Chapter 5 Asymmetric Encryption in Java.

Similar presentations

Ads by Google