Innovation / security method of data protection based on shared key in Java

Java

I have been trying some basic encryption techniques in Java (my preferred programming language), and there is a simple example, which uses modular exponentiation to generate shared keys between two client pairs

However, considering the shared secret, what are the simple (but secure) methods to encrypt / decrypt or encrypt / decrypt the data sent over the line?

For example, if I have a string:

"So long,and thanks for all the fish"

And share secrets (BigInteger):

1110278255331388386297296974141977

How to send a string over a line in a way that allows customers to understand each other, while ensuring that no secret is shared and no middleman can interpret it?

I'm not asking for implementation, just ideas or references to algorithms / technologies that can be used I also avoid relying on existing programs or APIs (such as public / private keys) because this is only a side project for my own educational purposes

Solution

There is a standard way to accomplish what you pursue, which is called password based key derivation You need to use a secure symmetric encryption algorithm Of course you can choose asymmetric products like RSA, but there is a shared secret, which is redundant

However, you do not want to use the shared key directly

>Your shared password may be of an inappropriate size to use as a key For example, AES, as a good choice, accepts 128 bit and 256 bit keys, and the shared keys may not match well. > The key of your symmetric selection algorithm should be secure enough, which means that it should have the randomness of the security level that your shared secret may lack

This is the algorithm invented for pbkdf2 (password based key derivation function 2) Pbkdf2 is already implemented in standard Java and you can use it It generates a security key of any size based on the "passphrase", in which case it is just a shared key These algorithm families have iteration parameters that indicate the number of times the hash function is applied to derive the key Make sure it is set to a high number of thousands

I should note that security (confidentiality and integrity of transmitted data) depends on your shared secret, which is actually secret I don't know how you make it, but you need to make sure the process is safe Diffie Hellman key exchange is a good example If you are not familiar with this, I suggest you take a look and see what can be done to ensure the safety of the process

As already stated in the comments, you do not need (and should not) to innovate cryptography in practical applications You will find anything you have implemented and proven safe Although my last words have a hint of salt

The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
分享
二维码
< <上一篇
下一篇>>