Encryption and signature in data transmission

First, we will talk about symmetric encryption and asymmetric encryption:

  • Symmetric encryption, whose important feature is that the encryption key and decryption key are the same, encryption speed is fast, but to solve the security problem of key transmission.
  • Asymmetric encryption, in the process of encryption and decryption, a pair of private key and public key is used, which has high security but slow encryption speed.

 

Because RSA encryption is involved in the work, here is an example.

RSA asymmetric encryption principle

step Explain describe Remarks
1 Find prime numbers P ,Q -
2 Calculate common modulus N = P * Q -
3 Euler function φ(N) = (P-1)(Q-1) -
Compute public key E 1 < E < φ(N) The values of e must be integers E and φ (N) must be coprime
Calculate private key D E * D % φ(N) = 1 -
6 encryption C = M^E mod N C: Ciphertext M: clear text
7 Decrypt M =C^D mod N C: Ciphertext M: clear text


Public key = (E, n)
Private key = (D, N)

Externally, we only expose the public key.

Example
1. Find out prime numbers P and Q

P = 3  
Q = 11

2. Calculate common modulus

N = P * Q = 3 * 11 = 33

N = 33
3. Euler function

φ(N) = (P-1)(Q-1) = φ(N) = 2 * 10 = 20

φ(N) = 20
4. Compute public key E
1 < E < φ(N)

1 <E < 20

The value range of E {3, 7, 9, 11, 13, 17, 19}
The value of e must be an integer, and E and φ (N) must be coprime (coprime is a concept in mathematics, that is, a non-zero natural number whose common factor of two or more integers is only 1). Two nonzero natural numbers with a common factor of only 1 are called coprime numbers. )
For testing, we take the minimum value E =3
3 and φ (N) =20 are prime numbers, satisfying the conditions

5. Calculate private key D
E * D % φ(N) = 1

3 * D % 20 = 1

According to the above calculation, D = 7

6. Public key encryption
For demonstration, we encrypt a relatively small number M = 2

Formula: C = ME mod N

M = 2
E = 3
N = 33

C = 2^3 % 33 = 8

Plaintext "2" becomes ciphertext "8" after being encrypted by RSA

7. Private key decryption
M =CD mod N

C = 8
D = 7
N = 33

M = 8^7 % 33
8 * 8 * 8 * 8 * 8 * 8 * 8=2097152
8 * 8 * 8 * 8 * 8 * 8 * 8 % 33 = 2

Ciphertext "8" becomes plaintext 2 after being decrypted by RSA.
 

Usage of asymmetric key encryption:

  • A to send information to B, a and B both produce a pair of public and private keys for encryption and decryption.
  • A's private key is confidential, a's public key tells B; B's private key is confidential, and B's public key tells a.
  • When A wants to send information to B, A encrypts the information with B's public key, because A knows B's public key.
  • A sends this message to B (the message has been encrypted with B's public key).
  • After B receives this message, B decrypts the message of A with its own private key. All other people who receive this message cannot decrypt it, because only B has B's private key.
  • In turn, the same is true for B to send A message to A

 

Here is the data signature:

Signature: generally, a person's signature means that he / she has acknowledged something. Based on the characteristics of public key and private key, someone signs - encrypts the data with private key. When sending data, he / she sends the signature together with the original data. At this time, he / she can decrypt the signature into the original data through the sender's public key, and the receiver can know whether the data is sent by the private key owner Data.

 

java Native algorithm example

import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;

import javax.crypto.Cipher;

import org.apache.commons.codec.binary.Base64;

/**
 * Asymmetric encryption only widely accepted and implemented data encryption & digital signature public key encryption, private key decryption private key encryption, public key decryption
 * 
 * @author jjs
 *
 */
public class RSADemo {

    private static String src = "infcn";

    private static RSAPublicKey rsaPublicKey;
    private static RSAPrivateKey rsaPrivateKey;

    static {
        // 1. Initialization key
        KeyPairGenerator keyPairGenerator;
        try {
            keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(512);// Integral multiple of 64
            KeyPair keyPair = keyPairGenerator.generateKeyPair();
            rsaPublicKey = (RSAPublicKey) keyPair.getPublic();
            rsaPrivateKey = (RSAPrivateKey) keyPair.getPrivate();
            System.out.println("Public Key : " + Base64.encodeBase64String(rsaPublicKey.getEncoded()));
            System.out.println("Private Key : " + Base64.encodeBase64String(rsaPrivateKey.getEncoded()));
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        }
    }

    /**
     * Public key encryption, private key decryption
     * @author jijs
     */
    public static void pubEn2PriDe() {
        //Public key encryption
        X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(rsaPublicKey.getEncoded());
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.ENCRYPT_MODE, publicKey);
        byte[] result = cipher.doFinal(src.getBytes());
        System.out.println("Public key encryption, private key decryption --encryption: " + Base64.encodeBase64String(result));

        //Private key decryption
        PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(rsaPrivateKey.getEncoded());
        keyFactory = KeyFactory.getInstance("RSA");
        PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
        cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.DECRYPT_MODE, privateKey);
        result = cipher.doFinal(result);
        System.out.println("Public key encryption, private key decryption --Decrypt: " + new String(result));
    }


    /**
     * Private key encryption, public key decryption
     * @author jijs
     */
    public static void priEn2PubDe() {

        //Private key encryption
        PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(rsaPrivateKey.getEncoded());
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        PrivateKey privateKey = keyFactory.generatePrivate(pkcs8EncodedKeySpec);
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.ENCRYPT_MODE, privateKey);
        byte[] result = cipher.doFinal(src.getBytes());
        System.out.println("Private key encryption, public key decryption --encryption : " + Base64.encodeBase64String(result));

        //Public key decryption
        X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(rsaPublicKey.getEncoded());
        keyFactory = KeyFactory.getInstance("RSA");
        PublicKey publicKey = keyFactory.generatePublic(x509EncodedKeySpec);
        cipher = Cipher.getInstance("RSA");
        cipher.init(Cipher.DECRYPT_MODE, publicKey);
        result = cipher.doFinal(result);
        System.out.println("Private key encryption, public key decryption   --Decrypt: " + new String(result));
    }

    public static void main(String[] args) {
        pubEn2PriDe();  //Public key encryption, private key decryption
        priEn2PubDe();  //Private key encryption, public key decryption
    }
}

 

Reference resources:

https://blog.csdn.net/hmxz2nn/article/details/91394256

https://blog.csdn.net/qy20115549/article/details/83105736

https://blog.csdn.net/jijianshuai/article/details/80582187

 

Tags: Java Apache codec

Posted on Fri, 10 Jan 2020 06:55:26 -0500 by RiBlanced