I need to develope a application. The requirement is i need to develope a program, which will be used by N number of users. Who will encrypt there files using a public key and move them to a common location in a server.
A Server side program will decrypt them using private key.
Can you please help me designing this. I am confused by readign JCE.
What are providers, do i need to install them everywhere where the program encrypting files. I mean do i need to modify security policy or i have any dynamic loading perocess.
Do we have any algorithems in java, which will have public key and private key facility. Without modifying any files at user side.
Originally posted by Ulf Dittmer: No, RSA is kind of slow. Check out TripleDES or AES instead.
A common trick used by routers/VPNs, which gives speed to the safety of public/private key is to... Generate a random key. Use the public key to encrypt it as the beginning of the file (packet). Encrypt the rest of the file (data) with DES (or 3DES, AES, etc.).
On the other side... Decrypt the generated key using the private key. Decrypt the rest of the file using the generated key. etc.
There is also a fancy protocol to constantly change the symetric key every few seconds, but that may be overkill here.
Originally posted by Bala Raju Mandala: My requirement is to send >50 MB files. Is RSA is a good algorithem to implement for encrypting and decrypting that considerable large files?
What Ulf said. RSA is totally inappropriate for your use. RSA can only encipher or decipher blocks that are exactly the same size as the key. So if you have a 1024 bit key, you can only work with 1024 bit long blocks.
And RSA is really slow. It would take forever to do 50Meg.
Normal practice is to generate a random number, called a session key, say 256 bits long. Use RSA to send it securely between Alice and Bob. Then use AES, Blowfish, or some other fast algorithm, keyed by the 256 bit secret, to protect your 50Meg of data.
Bala Raju Mandala
Joined: Sep 21, 2006
Henry and Pat thank you verymuch for your reply.
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link: http://aspose.com
subject: help needed to implement encryption and decryption