Tutorial 4 Cryptography Algorithms
Tutorial 4 Cryptography Algorithms in JAVA
Objectives
Getting started with JavaBasic Java ProgrammingJava Cryptography ExtensionUsing Java to encrypt and decrypt text files
Exercises
Tutorial for CS 5285 Information Security for E-commerce 1
Tutorial 4 Cryptography Algorithms
1 Getting started with Java
1.1 Something about Java
A programming Language developed by Sun Microsystems
Object Oriented, platform-independent, interpreted, multithreading ……
A Java source program is compiled to Java byte-code.
A Java virtual machine sitting on each platform, interpreting Java byte-code to local machine instructions and executing them
Two kinds of Java program: (1) java application
Run on local machine, no need to embed it into HTML
Have full access to all machine resources (disk!)
(2) java program It is application on the Internet You must embed it into HTML pages to run it. Secure, no access outside virtual machine
Tutorial for CS 5285 Information Security for E-commerce 2
Tutorial 4 Cryptography Algorithms
1.2 Major steps for running java program
Edit source program.
You can use NotePad or other Editor program to write your source program
compile your java program to byte code(e.g. your java program is program.java)
javac program.java run your program (application or applet)
a) Application java program
b) AppletFirst, you should write a HTML file (e.g. program.html)
to invoke this java apple, then you can use appletviewer program.html or use IE, Netscape to open this HTML file.
Alternatively, you may use commercially available visual environment such as Jbuilder:http://www.borland.com/jbuilder/
Tutorial for CS 5285 Information Security for E-commerce 3
Java Source Code
Java Compiler
JavaByte Code
Java Virtual Machine
Native machine Instruction
Tutorial 4 Cryptography Algorithms
Examples
One simple java application
import java.io.*;public class HelloKitty { public static void main(String args[]) { System.out.println(“HelloKitty”); }}
One simple java applet
import java.applet.*;import java.awt.*;
public class HelloKitty2 extends Applet { public void paint(Graphics g) { g.drawString("Hello Kitty",10,10); }}
write a html file to embed this applet
<HTML><HEAD><TITLE>A HTML to test applet</TITLE></HEAD><BODY><applet code="HelloKitty2.class" Width="80" Height="100"></applet></BODY></HTML>
Tutorial for CS 5285 Information Security for E-commerce 4
Tutorial 4 Cryptography Algorithms
2 Basic Java Programming
Because this course is not a program designing course, we don’t teach the details of Java programming. You can check following URL to get useful materials.
Javasoft & Sun: http://www.javasoft.com & www.sun.com
Developer.com: http://java.developer.com
Download the tutorial: http://web2.java.sun.com/docs/books/tutorial/information/download.html Furthermore, you can find a lot of books on java in the library.
You should grasp a lot of basic knowledge about java programming, such as variables, constants, Arithmetic, Relational, Shift, Logical and Conditional operators, Control statements (including selection statements, repetition statements and Exception Handling Statements), and some advanced techniques in java (such as AWT, multi-thread, socket).
Tutorial for CS 5285 Information Security for E-commerce 5
Tutorial 4 Cryptography Algorithms
3 Java Cryptography Extension
The standard Java Development Kit comes with a security framework called the Java Cryptography Architecture (JCA).
To encrypt or decrypt data, you must use the Java Cryptography Extension (JCE) or a third-party encryption library. JCE has been integrated into the Java TM 2 SDK, Standard Edition, v 1.4, or you can download the JCE from Sun at http://java.sun.com/products/jce/index.html
The Java Security API is a set of packages that are used for writing secure programs in Java. In particular, the classes and interfaces in the following packages are part of the Security API:
java.security.Keyjava.security.PrivateKeyjava.security.PublicKeyjavax.crypto.SecretKey
Use to encrypt and sign messages
java.crypto.Cipher Cipherjava.security.MessageDigest Message digest functionjava.security.Signature Digital signaturejava.security.cert.Certificate Authenticationjava.security.KeyFactory javax.crypto.KeyAgreementjavax.crypto.KeyGeneratorjavax.crypto.SecretKeyFactory
Symmetric Keys and Asymmetric Keys management
java.security.SecureRandom Secure random number generator
Javax.crypto.Mac Message Authentication Code
Tutorial for CS 5285 Information Security for E-commerce 6
Tutorial 4 Cryptography Algorithms
4 Using Java to encrypt and decrypt text files
4.1 An application to encrypt text files
import java.io.*;import javax.crypto.*;import javax.crypto.spec.*;
public class EncryptFile { public static void main(String args[]) {
if (args.length < 1) { System.out.println("Usage: java EncryptFile <file name>"); System.exit(-1); }
try { File desFile = new File("encrypt.des"); FileInputStream fis; FileOutputStream fos; CipherInputStream cis;
// Creation of Secret key byte key[] = "abcdEFGH".getBytes(); SecretKeySpec secretKey = new SecretKeySpec(key,"DES");
// Creation of Cipher objects Cipher encrypt = Cipher.getInstance("DES/ECB/PKCS5Padding");
encrypt.init(Cipher.ENCRYPT_MODE, secretKey);
// Open the Plaintext file try {
Tutorial for CS 5285 Information Security for E-commerce 7
Tutorial 4 Cryptography Algorithms
fis = new FileInputStream(args[0]); } catch(IOException err) { System.out.println("Cannot open file!"); System.exit(-1); } cis = new CipherInputStream(fis, encrypt); // Write to the Encrypted file fos = new FileOutputStream(desFile); byte[] b = new byte[8]; int i = cis.read(b); while (i != -1) { fos.write(b, 0, i); i = cis.read(b); } fos.flush(); fos.close(); cis.close(); fis.close(); } catch(Exception e){ e.printStackTrace(); } }}
4.2 An application to decrypt text files
import java.io.*;import javax.crypto.*;import javax.crypto.spec.*;
public class DecryptFile { public static void main(String args[]) { try { File desFile = new File("encrypt.des");
Tutorial for CS 5285 Information Security for E-commerce 8
Tutorial 4 Cryptography Algorithms
File desFileBis = new File("decrypt.des"); FileInputStream fis; FileOutputStream fos; CipherInputStream cis;
// Creation of Secret key byte key[] = "abcdEFGH".getBytes(); SecretKeySpec secretKey = new SecretKeySpec(key,"DES");
// Creation of Cipher objects Cipher decrypt = Cipher.getInstance("DES/ECB/PKCS5Padding"); decrypt.init(Cipher.DECRYPT_MODE, secretKey);
// Open the Encrypted file fis = new FileInputStream(desFile); cis = new CipherInputStream(fis, decrypt);
// Write to the Decrypted file fos = new FileOutputStream(desFileBis); byte[] b = new byte[8]; int i = cis.read(b); while (i != -1) { fos.write(b, 0, i); i = cis.read(b); } fos.flush(); fos.close(); cis.close(); fis.close(); } catch(Exception e){ e.printStackTrace(); } }}
Tutorial for CS 5285 Information Security for E-commerce 9
Tutorial 4 Cryptography Algorithms
4.3 An application to retrieve web pages
import java.net.*;import java.io.*;
public class UrlRetriever { public static void main(String[] args) {
if (args.length!=1) { System.out.println("Usage: UrlRetriever <URL>"); System.exit(-1); }
try { URL url=new URL(args[0]); BufferedInputStream buffer=new BufferedInputStream(url.openStream());
DataInputStream in= new DataInputStream(buffer); String line; while ((line=in.readLine())!=null) System.out.println(line); in.close(); } catch(MalformedURLException mue) { System.out.println(args[0]+"is an invalid URL:"+mue); } catch(IOException ioe) { System.out.println("IOException: "+ioe); } }}
Tutorial for CS 5285 Information Security for E-commerce 10
Tutorial 4 Cryptography Algorithms
5 Exercises
Run the programs above Check if you can supply a key as user input? What other encryption algorithms you may use? And Try
them.
Write a java program to retrieve the HTML file at URL http://www.cs.cityu.edu.hk/~deng/ , encrypt the contents and store it into a local file “deng.enc”, then decrypt the file “deng.enc” and store it into a local file “deng.dec”.
Try to encrypt your emails sent to your friends.
Tutorial for CS 5285 Information Security for E-commerce 11