DES Avec Java

Tutorial 4 Cryptography Algorithms

Tutorial 4 Cryptography Algorithms in JAVA

Objectives

Getting started with JavaBasic Java ProgrammingJava Cryptography ExtensionUsing Java to encrypt and decrypt text files

Exercises

Tutorial for CS 5285 Information Security for E-commerce 1


1 Getting started with Java

1.1 Something about Java

A programming Language developed by Sun Microsystems

Object Oriented, platform-independent, interpreted, multithreading ……

A Java source program is compiled to Java byte-code.

A Java virtual machine sitting on each platform, interpreting Java byte-code to local machine instructions and executing them

Two kinds of Java program: (1) java application

Run on local machine, no need to embed it into HTML

Have full access to all machine resources (disk!)

(2) java program It is application on the Internet You must embed it into HTML pages to run it. Secure, no access outside virtual machine



1.2 Major steps for running java program

Edit source program.

You can use NotePad or other Editor program to write your source program

compile your java program to byte code(e.g. your java program is program.java)

javac program.java run your program (application or applet)

a) Application java program

b) AppletFirst, you should write a HTML file (e.g. program.html)

to invoke this java apple, then you can use appletviewer program.html or use IE, Netscape to open this HTML file.

Alternatively, you may use commercially available visual environment such as Jbuilder:http://www.borland.com/jbuilder/


Java Source Code

Java Compiler

JavaByte Code

Java Virtual Machine

Native machine Instruction

http://www.borland.com/jbuilder/


Examples

One simple java application

import java.io.*;public class HelloKitty { public static void main(String args[]) { System.out.println(“HelloKitty”); }}

One simple java applet

import java.applet.*;import java.awt.*;

public class HelloKitty2 extends Applet { public void paint(Graphics g) { g.drawString("Hello Kitty",10,10); }}

write a html file to embed this applet

<HTML><HEAD><TITLE>A HTML to test applet</TITLE></HEAD><BODY><applet code="HelloKitty2.class" Width="80" Height="100"></applet></BODY></HTML>



2 Basic Java Programming

Because this course is not a program designing course, we don’t teach the details of Java programming. You can check following URL to get useful materials.

Javasoft & Sun: http://www.javasoft.com & www.sun.com

Developer.com: http://java.developer.com

Download the tutorial: http://web2.java.sun.com/docs/books/tutorial/information/download.html Furthermore, you can find a lot of books on java in the library.

You should grasp a lot of basic knowledge about java programming, such as variables, constants, Arithmetic, Relational, Shift, Logical and Conditional operators, Control statements (including selection statements, repetition statements and Exception Handling Statements), and some advanced techniques in java (such as AWT, multi-thread, socket).


http://web2.java.sun.com/docs/books/tutorial/information/download.html

http://web2.java.sun.com/docs/books/tutorial/information/download.html

http://java.developer.com/

http://www.sun.com/

http://www.javasoft.com/


3 Java Cryptography Extension

The standard Java Development Kit comes with a security framework called the Java Cryptography Architecture (JCA).

To encrypt or decrypt data, you must use the Java Cryptography Extension (JCE) or a third-party encryption library. JCE has been integrated into the Java TM 2 SDK, Standard Edition, v 1.4, or you can download the JCE from Sun at http://java.sun.com/products/jce/index.html

The Java Security API is a set of packages that are used for writing secure programs in Java. In particular, the classes and interfaces in the following packages are part of the Security API:

java.security.Keyjava.security.PrivateKeyjava.security.PublicKeyjavax.crypto.SecretKey

Use to encrypt and sign messages

java.crypto.Cipher Cipherjava.security.MessageDigest Message digest functionjava.security.Signature Digital signaturejava.security.cert.Certificate Authenticationjava.security.KeyFactory javax.crypto.KeyAgreementjavax.crypto.KeyGeneratorjavax.crypto.SecretKeyFactory

Symmetric Keys and Asymmetric Keys management

java.security.SecureRandom Secure random number generator

Javax.crypto.Mac Message Authentication Code


http://proquest.safaribooksonline.com/?x=1&mode=section&sortKey=title&sortOrder=asc&view=&xmlid=1-56592-402-9/ch06-1-fm2xml&open=true&catid=&s=1&b=1&f=1&t=1&c=1&u=1&srchText=

http://java.sun.com/products/jce/index.html

http://java.sun.com/products/jce/index-14.html

http://java.sun.com/products/jce/index-14.html


4 Using Java to encrypt and decrypt text files

4.1 An application to encrypt text files

import java.io.*;import javax.crypto.*;import javax.crypto.spec.*;

public class EncryptFile { public static void main(String args[]) {

if (args.length < 1) { System.out.println("Usage: java EncryptFile <file name>"); System.exit(-1); }

try { File desFile = new File("encrypt.des"); FileInputStream fis; FileOutputStream fos; CipherInputStream cis;

// Creation of Secret key byte key[] = "abcdEFGH".getBytes(); SecretKeySpec secretKey = new SecretKeySpec(key,"DES");

// Creation of Cipher objects Cipher encrypt = Cipher.getInstance("DES/ECB/PKCS5Padding");

encrypt.init(Cipher.ENCRYPT_MODE, secretKey);

// Open the Plaintext file try {



fis = new FileInputStream(args[0]); } catch(IOException err) { System.out.println("Cannot open file!"); System.exit(-1); } cis = new CipherInputStream(fis, encrypt); // Write to the Encrypted file fos = new FileOutputStream(desFile); byte[] b = new byte[8]; int i = cis.read(b); while (i != -1) { fos.write(b, 0, i); i = cis.read(b); } fos.flush(); fos.close(); cis.close(); fis.close(); } catch(Exception e){ e.printStackTrace(); } }}

4.2 An application to decrypt text files

import java.io.*;import javax.crypto.*;import javax.crypto.spec.*;

public class DecryptFile { public static void main(String args[]) { try { File desFile = new File("encrypt.des");



File desFileBis = new File("decrypt.des"); FileInputStream fis; FileOutputStream fos; CipherInputStream cis;

// Creation of Secret key byte key[] = "abcdEFGH".getBytes(); SecretKeySpec secretKey = new SecretKeySpec(key,"DES");

// Creation of Cipher objects Cipher decrypt = Cipher.getInstance("DES/ECB/PKCS5Padding"); decrypt.init(Cipher.DECRYPT_MODE, secretKey);

// Open the Encrypted file fis = new FileInputStream(desFile); cis = new CipherInputStream(fis, decrypt);

// Write to the Decrypted file fos = new FileOutputStream(desFileBis); byte[] b = new byte[8]; int i = cis.read(b); while (i != -1) { fos.write(b, 0, i); i = cis.read(b); } fos.flush(); fos.close(); cis.close(); fis.close(); } catch(Exception e){ e.printStackTrace(); } }}



4.3 An application to retrieve web pages

import java.net.*;import java.io.*;

public class UrlRetriever { public static void main(String[] args) {

if (args.length!=1) { System.out.println("Usage: UrlRetriever <URL>"); System.exit(-1); }

try { URL url=new URL(args[0]); BufferedInputStream buffer=new BufferedInputStream(url.openStream());

DataInputStream in= new DataInputStream(buffer); String line; while ((line=in.readLine())!=null) System.out.println(line); in.close(); } catch(MalformedURLException mue) { System.out.println(args[0]+"is an invalid URL:"+mue); } catch(IOException ioe) { System.out.println("IOException: "+ioe); } }}



5 Exercises

Run the programs above Check if you can supply a key as user input? What other encryption algorithms you may use? And Try

them.

Write a java program to retrieve the HTML file at URL http://www.cs.cityu.edu.hk/~deng/ , encrypt the contents and store it into a local file “deng.enc”, then decrypt the file “deng.enc” and store it into a local file “deng.dec”.

Try to encrypt your emails sent to your friends.


http://www.cs.cityu.edu.hk/~deng/

Documents

DES Avec Java