Documente Academic
Documente Profesional
Documente Cultură
generation
Kendi Balazs
Table of Contents
About cryptography...............................................................................................................................3
Symmetric cryptography..................................................................................................................3
Asymmetric cryptography................................................................................................................3
Digital signature....................................................................................................................................4
Creating a digital signature:..............................................................................................................4
Digital certificates.................................................................................................................................5
Cryptographic hash function.................................................................................................................6
The program..........................................................................................................................................7
The code of this parts:.......................................................................................................................7
Step by step explanation:..................................................................................................................9
Bibliography........................................................................................................................................11
About cryptography
The word cryptography is coming from the greek word kryptos which means hidden secret.
It is studying and practicing the techniques for secure communication. The modern cryptography
concerns itself with the following four objectives:
Confidentiality: the information can be understood just by the person for whom it was intended.
Integrity: the information cannot be modified in storage or transit between the receiver and
sender without the alteration being detected
Non-repudiation: the sender cannot deny at a later stage the creation or transmission of the
information
Authentication: the receiver and sender can confirm each others identity and destination and
origin of the information
Symmetric cryptography
Symmetric-key algorithms are algorithms that use the same key to encrypt and decrypt data.
The best know algorithm is DES (Data Encryption Standard) which was developed at IBM in 1977 and
is one of the worlds most secure encryption algorithms. The problem with symmetric keys is how to
securely get the secret keys to each end of the exchange and keep them secure after that. For this reason
and asymmetric key system is now often used that is knows as the public key infrastructure.
Asymmetric cryptography
Asymmetric cryptography is cryptography in which a pair of keys (public and private) is used to
encrypt and decrypt the information so that it arrives securely. At the beginning, a network user
receives a public and private key pair from a certificate authority. Any other user who wants to send an
encrypted message can get the intended recipient's public key from a public directory. They use this
key to encrypt the message, and they send it to the recipient. When the recipient gets the message, they
decrypt it with their private key, which no one else should have access to. In our code we will use
asymmetric cyptography.
Digital signature
Digital signature is a data with limited length attached to a message, meant to help the receiver
in identifying the sender and validates the sent message (can check if the message was falsificated). To
create a digital signature we use public key cryptography and hash function.
To create a digital signature we have to use a public key algorithm, for example RSA (RivestShamir-Adleman) or DSA (Digital Signature Algorithm), are cryptosystems used for public-key
encryption, and are widely used for securing sensitive data. Using one of this algorithms one can
generate two keys a public, and a private -, which are mathematically linked. The message is
encrypted using the public key, and decrypted using the private key. Most modern messaging programs
programs support digital signatures and certificates, making it easy to sign any outgoing data and
validate already signed incoming messages. They are also used to provide authenticity and data
integrity of transactions over the internet.
Digital certificates
A digital certificate is an electronic document used prove the authenticity of a website. Using
this users can securely exchange information over the
internet. It is based on public key infrastructure also (PKI).
The certificate is released by a Certificate Authority (CA)
who is trusted by all the users of the system. The released
electronic certificate proves without any doubt the inhesion
between the public and private key and contains contains
data which can be used to identify the certificate holder:
Version number: the number of the acutal version
Serial number: a unique number to identify the
certificate
Information about the certification authority:
name, address, web address, etc.
Validity:
the date when it was emitted
expiration date
Information about the certificate holder: name,
address, web address, etc.
Information about the public key:
the algorithm used to encrypt the data
the public key of the holder
Attachment (optional)
As we can see the certificate is divided in two parts:
the first one contains data of the certificates
the second one contains the signature of the certification authority
Digital certificates have a huge role in keeping the surfing on the internet safe, because they
guarantee the authenticity of the server. For example when we are paying using our bank account we
have to be sure that the servers are verified and nobody will compromise the security of our account.
For example the Java Class MessageDigest uses this hash functions to encrypt data into SHA-1 or
SHA-256.
The ideal has function has generally 3 important properties:
it is easy to generate a hash for a given database
it is very hard to calculate an alphanumeric text that has a given hash
it is very unlikely that separated messages will have the same message digest
The program
The program I wrote is a simple demonstration of digital signatures. We enter a message that we
encrypt, and after that we try to decrypt it and see if the message was compromised or not.
It has 3 important parts:
the generation of the key pairs (public and private)
the encryption of the messages
conversion of the message into MD5
singing of the MD5 hash using the private key
the decryption of the encrypted message using the public key
The decryption:
//We read the public key from the txt file
ObjectInputStream stream = new ObjectInputStream(new FileInputStream("src/pubkey.txt"));
final PublicKey publickey = (PublicKey) stream.readObject();
boolean t=false;
//We try to decrypt the message
try
{
Signature sig = Signature.getInstance("SHA1withDSA", "SUN");
sig.initVerify(publickey);
sig.update(m_md5.getBytes());
t=sig.verify(encrypted_m);
}
catch(Exception e)
{
System.err.println("Decrypt exception occured: "+e.toString());
}
//we notify the user if the message was compromised or not
if(t==true)
{
textBox4.setText("Encrypted message: "+encrypted_m+"\nDecrypted message: "+m_md5+"\nThe
message was not compromised!");
}
else textBox4.setText("Decrypted message MD5: "+m_md5+"\nThe message was compromised!");
Steps:
1. We enter the message we want to encrypt and click on encrypt.
2. If we want to modify the message we enter the modifications in the 2nd text box and after we hit
Modify.
3. We try to decrypt the message by clicking the Decrypt button.
For example, lets suppose that our message that we want to encrypt is Students in Poland. If
we click on Encrypt and after that on Decrypt, the result will be the following:
As we can see the message was not compromised, because we didn't modified the message.
If we would have modified the message to Students in Poland., then the following result would have
appeared:
Bibliography
http://searchsecurity.techtarget.com/definition/digital-signature
https://en.wikipedia.org/wiki/Digital_signature
https://www.comodo.com/resources/small-business/digital-certificates-intro.php
http://searchsecurity.techtarget.com/definition/digital-certificate
https://en.wikipedia.org/wiki/Public_key_certificate
https://docs.oracle.com/