Cryptography & Encryption

Symmetric Key Encryption – Both parties use shared key
Known as PBE (password based encryption) when a user’s password is used to generate the encryption key

  • DES (1970s)
  • Blowfish (1993)
  • AES (2001)

Digests – one way hash functions, output is fixed length value

  • MD5 (1991) – broken
  • SHA1 (1993) – produces 160 bit digests
  • SHA2 (2001)
    • SHA256 – produces 256 bit digests
    • See MessageDigest class in Java API
//import java.security.MessageDigest;
MessageDigest.getInstance("SHA-256");

Public-Key Crypotgraphy

  • RSA (1978)
  • Can be used for Encryption or Signatures
  • Encryption:
    • Encrypt message with public key
    • Decrypt message with private key
  • Signatures
    • Sign with private key
    • Anyone can decrypt with public key

Encoding

  • UTF-8
    • 4 bytes of 8 bits
    • Uses Unicode
    • Backwards compatible with ASCII
  • Base64
    • Binary to text (ASCII)
      • ASCII is a 7 bit character encoding scheme
      • 128 characters
    • Uses set of 64 characters: A-Z, a-z, 0-9
    • Uses = & == for padding
  • Hex
  • Can use Apache commons-codec utility classes:
<dependency>
    <groupId>commons-codec</groupId>
    <artifactId>commons-codec</artifactId>
    <version>${commons.codec.version}</version>
</dependency>
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.binary.Hex;

Salts

  • Prevents attacks from rainbow tables
  • If random salt is used, then ok to store next to password
  • if fixed salt is used (not recommended), then keep salt secret
Advertisements
Posted in Encryption

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: