1. 什么是对称式加密和非对称式加密
对称式加密:解密方式是加密方式的逆运算,即加密和解密使用的是同一个密钥(初等加密算法)。
非对称式加密:加密和解密需要两个密钥进行,这两个密钥是公钥和私钥(高等加密算法)。
2. 对称式加密和非对称式加密的主要实现方式
对称式加密主要实现方式:
1) DES(Data Encryption Standard):安全性较差,一般不建议使用。
2) 3DES:三重DES,针对DES密钥长度较短的问题,3DES可以实现最少112位、最高168位密钥长度。
3) AES:相比于3DES拥有更好的安全性。
4) PBE(Password Based Encryption):基于口令的加密,结合了DES和AES的优点。
非对称式加密主要实现方式:
1) DH(Diffie-Hellman):密钥交换算法。
2) RSA:基于因子分解。
3) ElGamal:基于离散对数。
4) ECC(Elliptical Curve Cryptography):椭圆曲线加密。
3. 对称式加密和非对称式加密的对比
非对称加密与对称加密相比,其安全性更好:对称加密的通信双方使用相同的秘钥,如果一方的秘钥遭泄露,那么整个通信就会被破解。而非对称加密使用一对秘钥,一个用来加密,一个用来解密,而且公钥是公开的,秘钥是自己保存的,不需要像对称加密那样在通信之前要先同步密钥。
4. 对称式加密在Java中的实现(PBE加密):
[java]viewplaincopyprint?
1. public class PBE {
2. private static String src="security with PBE";
3. public static void main(String[] args){
4. jdkPBE();
5. }
6.
7. public static void jdkPBE(){
8. try {
9. //初始化盐(扰码)
10. SecureRandom random=new SecureRandom();
11. byte[] salt=random.generateSeed(8);
12.
13. //口令与密钥
14. String password="";
15. PBEKeySpec pbeKeySpec=new PBEKeySpec(password.toCharArray());
16. SecretKeyFactory factory=SecretKeyFactory.getInstance("PBEWITHMD5andEDS");
17. Key key=factory.generateSecret(pbeKeySpec);
18.
19. //加密
20. PBEParameterSpec pbeParameterSpec=new PBEParameterSpec(salt,100);//参数1.盐,参数2.迭代次数
21. Cipher cipher=Cipher.getInstance("PBEWITHMD5andEDS");
22. cipher.init(Cipher.ENCRYPT_MODE,key,pbeParameterSpec);
23. byte[] result=cipher.doFinal(src.getBytes());
24. System.out.println("jdk pbe encrypt:" + Base64.encodeToString(result,1));
25.
26. //解密
27. cipher.init(Cipher.DECRYPT_MODE,key,pbeParameterSpec);
28. result=cipher.doFinal(result);
29. System.out.println("jdk pbe decrypt:"+new String(result));
30. } catch (Exception e) {
31. e.printStackTrace();
32. }
33. }
34. }
public class PBE {
private static Stringsrc="security with PBE";
public static void main(String[]args){
jdkPBE();
}
public static void jdkPBE(){
try {
//初始化盐(扰码)
SecureRandom random=newSecureRandom();
byte[]salt=random.generateSeed(8);
//口令与密钥
Stringpassword="";
PBEKeySpecpbeKeySpec=new PBEKeySpec(password.toCharArray());
SecretKeyFactoryfactory=SecretKeyFactory.getInstance("PBEWITHMD5andEDS");
Keykey=factory.generateSecret(pbeKeySpec);
//加密
PBEParameterSpecpbeParameterSpec=new PBEParameterSpec(salt,100);//参数1.盐,参数2.迭代次数
Cipher cipher=Cipher.getInstance("PBEWITHMD5andEDS");
cipher.init(Cipher.ENCRYPT_MODE,key,pbeParameterSpec);
byte[]result=cipher.doFinal(src.getBytes());
System.out.println("jdk pbe encrypt:" +Base64.encodeToString(result,1));
//解密
cipher.init(Cipher.DECRYPT_MODE,key,pbeParameterSpec);
result=cipher.doFinal(result);
System.out.println("jdk pbe decrypt:"+new String(result));
} catch (Exception e) {
e.printStackTrace();
}
}
}
5. 非对称式加密在JAVA中的实现(DH加密):
[java]viewplaincopyprint?
1. public class DH {
2. private static String src="security with DH";
3. public static void main(String[] args){
4. jdkDH();
5. }
6.
7. public static void jdkDH(){
8. try {
9. //初始化发送方密钥
10. KeyPairGenerator senderKeyPairGenerator=KeyPairGenerator.getInstance("DH");
11. senderKeyPairGenerator.initialize(512);
12. KeyPair senderKeyPair=senderKeyPairGenerator.generateKeyPair();
13. byte[] senderPublicKeyEnc=senderKeyPair.getPublic().getEncoded();
14.
15. //初始化接收方密钥
16. KeyFactory receiverKeyFactory=KeyFactory.getInstance("DH");
17. X509EncodedKeySpec x509EncodedKeySpec=new X509EncodedKeySpec(senderPublicKeyEnc);
18. PublicKey receiverPublicKey=receiverKeyFactory.generatePublic(x509EncodedKeySpec);
19. DHParameterSpec dhParameterSpec=((DHPublicKey)receiverPublicKey).getParams();
20. KeyPairGenerator receiverKeyPairGenerator=KeyPairGenerator.getInstance("DH");
21. receiverKeyPairGenerator.initialize(dhParameterSpec);
22. KeyPair receiverKeyPair=receiverKeyPairGenerator.generateKeyPair();
23. PrivateKey receiverPrivateKey=receiverKeyPair.getPrivate();
24. byte[] receiverPublicKeyEnc =receiverKeyPair.getPublic().getEncoded();
25.
26. //密钥构建
27. KeyAgreement receiverKeyAgreement = KeyAgreement.getInstance("DH");
28. receiverKeyAgreement.init(receiverPrivateKey);
29. receiverKeyAgreement.doPhase(receiverPublicKey, true);
30. SecretKey receiverDesKey=receiverKeyAgreement.generateSecret("DES");
31.
32. KeyFactory senderKeyFactory=KeyFactory.getInstance("DH");
33. x509EncodedKeySpec=new X509EncodedKeySpec(receiverPublicKeyEnc);
34. PublicKey senderPublicKey=senderKeyFactory.generatePublic(x509EncodedKeySpec);
35. KeyAgreement senderKeyAgreement=KeyAgreement.getInstance("DH");
36. senderKeyAgreement.init(senderKeyPair.getPrivate());
37. senderKeyAgreement.doPhase(senderPublicKey, true);
38. SecretKey senderDesKey=senderKeyAgreement.generateSecret("DES");
39. if(Objects.equals(receiverDesKey,senderDesKey)){
40. System.out.println("双方密钥相同");
41. }
42.
43. //加密
44. Cipher cipher=Cipher.getInstance("DES");
45. cipher.init(Cipher.ENCRYPT_MODE,senderDesKey);
46. byte[] result=cipher.doFinal(src.getBytes());
47. System.out.println("jdk dh encrypt:"+Base64.encodeToString(result,1));
48.
49. //解密
50. cipher=Cipher.getInstance("DES");
51. cipher.init(Cipher.DECRYPT_MODE,receiverDesKey);
52. result=cipher.doFinal(result);
53. System.out.println("jdk dh encrypt:"+new String(result));
54.
55. } catch (Exception e) {
56. e.printStackTrace();
57. }
58. }
59. }
public class DH {
private static Stringsrc="security with DH";
public static void main(String[]args){
jdkDH();
}
public static void jdkDH(){
try {
//初始化发送方密钥
KeyPairGeneratorsenderKeyPairGenerator=KeyPairGenerator.getInstance("DH");
senderKeyPairGenerator.initialize(512);
KeyPairsenderKeyPair=senderKeyPairGenerator.generateKeyPair();
byte[]senderPublicKeyEnc=senderKeyPair.getPublic().getEncoded();
//初始化接收方密钥
KeyFactoryreceiverKeyFactory=KeyFactory.getInstance("DH");
X509EncodedKeySpecx509EncodedKeySpec=new X509EncodedKeySpec(senderPublicKeyEnc);
PublicKeyreceiverPublicKey=receiverKeyFactory.generatePublic(x509EncodedKeySpec);
DHParameterSpecdhParameterSpec=((DHPublicKey)receiverPublicKey).getParams();
KeyPairGeneratorreceiverKeyPairGenerator=KeyPairGenerator.getInstance("DH");
receiverKeyPairGenerator.initialize(dhParameterSpec);
KeyPairreceiverKeyPair=receiverKeyPairGenerator.generateKeyPair();
PrivateKeyreceiverPrivateKey=receiverKeyPair.getPrivate();
byte[]receiverPublicKeyEnc =receiverKeyPair.getPublic().getEncoded();
//密钥构建
KeyAgreementreceiverKeyAgreement = KeyAgreement.getInstance("DH");
receiverKeyAgreement.init(receiverPrivateKey);
receiverKeyAgreement.doPhase(receiverPublicKey,true);
SecretKeyreceiverDesKey=receiverKeyAgreement.generateSecret("DES");
KeyFactorysenderKeyFactory=KeyFactory.getInstance("DH");
x509EncodedKeySpec=newX509EncodedKeySpec(receiverPublicKeyEnc);
PublicKeysenderPublicKey=senderKeyFactory.generatePublic(x509EncodedKeySpec);
KeyAgreementsenderKeyAgreement=KeyAgreement.getInstance("DH");
senderKeyAgreement.init(senderKeyPair.getPrivate());
senderKeyAgreement.doPhase(senderPublicKey, true);
SecretKeysenderDesKey=senderKeyAgreement.generateSecret("DES");
if(Objects.equals(receiverDesKey,senderDesKey)){
System.out.println("双方密钥相同");
}
//加密
Ciphercipher=Cipher.getInstance("DES");
cipher.init(Cipher.ENCRYPT_MODE,senderDesKey);
byte[]result=cipher.doFinal(src.getBytes());
System.out.println("jdk dhencrypt:"+Base64.encodeToString(result,1));
//解密
cipher=Cipher.getInstance("DES");
cipher.init(Cipher.DECRYPT_MODE,receiverDesKey);
result=cipher.doFinal(result);
System.out.println("jdk dhencrypt:"+new String(result));
} catch (Exception e) {
e.printStackTrace();
}
}
}
6. 非对称式加密在JAVA中的实现(RSA加密):
[java]viewplaincopyprint?
1. public class RSA {
2. private static String src="security with rsa";
3. public static void main(String[] args){
4. jdkRSA();
5. }
6.
7. public static void jdkRSA(){
8. try {
9. //初始化密钥
10. KeyPairGenerator keyPairGenerator=KeyPairGenerator.getInstance("RSA");
11. keyPairGenerator.initialize(512);//64的整倍数,512~65536
12. KeyPair keyPair=keyPairGenerator.generateKeyPair();
13. RSAPrivateKey rsaPrivateKey= (RSAPrivateKey) keyPair.getPrivate();
14. RSAPublicKey rsaPublicKey= (RSAPublicKey) keyPair.getPublic();
15. System.out.println("Public key:"+ Base64.encodeToString(rsaPrivateKey.getEncoded(),1));
16. System.out.println("Private key:"+ Base64.encodeToString(rsaPrivateKey.getEncoded(),1));
17.
18. //私钥加密,公钥解密——加密
19. PKCS8EncodedKeySpec pkcs8EncodedKeySpec=new PKCS8EncodedKeySpec(rsaPrivateKey.getEncoded());
20. KeyFactory keyFactory=KeyFactory.getInstance("RSA");
21. PrivateKey privateKey=keyFactory.generatePrivate(pkcs8EncodedKeySpec);
22. Cipher cipher=Cipher.getInstance("RSA");
23. cipher.init(Cipher.ENCRYPT_MODE, privateKey);
24. byte[] result=cipher.doFinal(src.getBytes());
25. System.out.println("私钥加密,公钥解密——加密:"+Base64.encodeToString(result,1));
26.
27. //私钥加密,公钥解密——解密
28. X509EncodedKeySpec x509EncodedKeySpec=new X509EncodedKeySpec(rsaPublicKey.getEncoded());
29. keyFactory=KeyFactory.getInstance("RSA");
30. PublicKey publicKey=keyFactory.generatePublic(x509EncodedKeySpec);
31. cipher=Cipher.getInstance("RSA");
32. cipher.init(Cipher.DECRYPT_MODE,publicKey);
33. result=cipher.doFinal(result);
34. System.out.println(new String(result));
35.
36. //公钥加密,私钥解密——加密
37. x509EncodedKeySpec=new X509EncodedKeySpec(rsaPublicKey.getEncoded());
38. keyFactory=KeyFactory.getInstance("RSA");
39. publicKey=keyFactory.generatePublic(x509EncodedKeySpec);
40. cipher=Cipher.getInstance("RSA");
41. cipher.init(Cipher.ENCRYPT_MODE,publicKey);
42. result=cipher.doFinal(src.getBytes());
43. System.out.println("钥加密,私钥解密——加密:"+Base64.encodeToString(result,1));
44.
45. //公钥加密,私钥解密——解密
46. pkcs8EncodedKeySpec=new PKCS8EncodedKeySpec(rsaPrivateKey.getEncoded());
47. keyFactory=KeyFactory.getInstance("RSA");
48. privateKey=keyFactory.generatePrivate(pkcs8EncodedKeySpec);
49. cipher=Cipher.getInstance("RSA");
50. cipher.init(Cipher.DECRYPT_MODE,privateKey);
51. cipher.doFinal(result);
52. System.out.println("公钥加密,私钥解密——解密:" + Base64.encodeToString(result, 1));
53.
54. } catch (Exception e) {
55. e.printStackTrace();
56. }
57. }
58. }
public class RSA {
private static Stringsrc="security with rsa";
public static void main(String[]args){
jdkRSA();
}
public static void jdkRSA(){
try {
//初始化密钥
KeyPairGeneratorkeyPairGenerator=KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(512);//64的整倍数,512~65536
KeyPairkeyPair=keyPairGenerator.generateKeyPair();
RSAPrivateKeyrsaPrivateKey= (RSAPrivateKey) keyPair.getPrivate();
RSAPublicKeyrsaPublicKey= (RSAPublicKey) keyPair.getPublic();
System.out.println("Public key:"+Base64.encodeToString(rsaPrivateKey.getEncoded(),1));
System.out.println("Private key:"+ Base64.encodeToString(rsaPrivateKey.getEncoded(),1));
//私钥加密,公钥解密——加密
PKCS8EncodedKeySpecpkcs8EncodedKeySpec=new PKCS8EncodedKeySpec(rsaPrivateKey.getEncoded());
KeyFactorykeyFactory=KeyFactory.getInstance("RSA");
PrivateKeyprivateKey=keyFactory.generatePrivate(pkcs8EncodedKeySpec);
Ciphercipher=Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
byte[]result=cipher.doFinal(src.getBytes());
System.out.println("私钥加密,公钥解密——加密:"+Base64.encodeToString(result,1));
//私钥加密,公钥解密——解密
X509EncodedKeySpecx509EncodedKeySpec=new X509EncodedKeySpec(rsaPublicKey.getEncoded());
keyFactory=KeyFactory.getInstance("RSA");
PublicKeypublicKey=keyFactory.generatePublic(x509EncodedKeySpec);
cipher=Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE,publicKey);
result=cipher.doFinal(result);
System.out.println(newString(result));
//公钥加密,私钥解密——加密
x509EncodedKeySpec=newX509EncodedKeySpec(rsaPublicKey.getEncoded());
keyFactory=KeyFactory.getInstance("RSA");
publicKey=keyFactory.generatePublic(x509EncodedKeySpec);
cipher=Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE,publicKey);
result=cipher.doFinal(src.getBytes());
System.out.println("钥加密,私钥解密——加密:"+Base64.encodeToString(result,1));
//公钥加密,私钥解密——解密
pkcs8EncodedKeySpec=newPKCS8EncodedKeySpec(rsaPrivateKey.getEncoded());
keyFactory=KeyFactory.getInstance("RSA");
privateKey=keyFactory.generatePrivate(pkcs8EncodedKeySpec);
cipher=Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE,privateKey);
cipher.doFinal(result);
System.out.println("公钥加密,私钥解密——解密:" + Base64.encodeToString(result, 1));
} catch (Exception e) {
e.printStackTrace();
}
}
}
