aspose file tools*
The moose likes Security and the fly likes help needed to implement encryption and decryption Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "help needed to implement encryption and decryption" Watch "help needed to implement encryption and decryption" New topic
Author

help needed to implement encryption and decryption

Bala Raju Mandala
Ranch Hand

Joined: Sep 21, 2006
Posts: 40
Hi All,

I need to develope a application. The requirement is i need to develope a program, which will be used by N number of users. Who will encrypt there files using a public key and move them to a common location in a server.

A Server side program will decrypt them using private key.

Can you please help me designing this. I am confused by readign JCE.

What are providers, do i need to install them everywhere where the program encrypting files. I mean do i need to modify security policy or i have any dynamic loading perocess.

Do we have any algorithems in java, which will have public key and private key facility. Without modifying any files at user side.
Set Cruz
Greenhorn

Joined: Jan 31, 2008
Posts: 26
Hi
"What are providers?"
Read this from the Security FAQs


SCJP, Oracle PL/SQL Developer
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42608
    
  65
You don't need to install anything, nor modify security policies, nor load anything dynamically. As long as a JRE (1.4 or newer) is available, nothing else needs to be added.

Here's a complete example of how to use JCE, demonstrating encryption and decryption. Note that it uses the DES algorithm, which is kind of obsolete. Either TripleDES or AES would be better choices.


Ping & DNS - my free Android networking tools app
Bala Raju Mandala
Ranch Hand

Joined: Sep 21, 2006
Posts: 40
Set Cruz and Ulf Dittmer, thank you for your reply.

Dittmer can i implement RSA here. I mean as i am giving the key to user, he can decrypt others information also. So i need a public and private key mechanisem.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42608
    
  65
Yes, JCE supports RSA; see here.

My first name is Ulf, by the way. If you prefer addressing me by my last name, the polite thing to do is to prefix it with "Mr". First name is fine, though.
Bala Raju Mandala
Ranch Hand

Joined: Sep 21, 2006
Posts: 40
I am sorry. I will call you as Ulf.


Thank you again for your help.
[ August 07, 2008: Message edited by: Bala Raju Mandala ]
Bala Raju Mandala
Ranch Hand

Joined: Sep 21, 2006
Posts: 40
Hi Ulf,

We required Providers to implement RSA. But i don't want to change java.security file in user meshine. Is we have any alternative so that we can skip modifing files in user meshine?

I just want to give a pack of files, it will have a .class file and if possible some jars also. i am planning to use batch file to set class path and run java file.

Please suggest some ideas.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42608
    
  65
There's no need to add providers via the policy files. You can do that programmatically using
Bala Raju Mandala
Ranch Hand

Joined: Sep 21, 2006
Posts: 40
Hi Ulf,

My requirement is to send >50 MB files. Is RSA is a good algorithem to implement for encrypting and decrypting that considerable large files?
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42608
    
  65
No, RSA is kind of slow. Check out TripleDES or AES instead.
Henry Wong
author
Sheriff

Joined: Sep 28, 2004
Posts: 18988
    
  40

Originally posted by Ulf Dittmer:
No, RSA is kind of slow. Check out TripleDES or AES instead.


A common trick used by routers/VPNs, which gives speed to the safety of public/private key is to... Generate a random key. Use the public key to encrypt it as the beginning of the file (packet). Encrypt the rest of the file (data) with DES (or 3DES, AES, etc.).

On the other side... Decrypt the generated key using the private key. Decrypt the rest of the file using the generated key. etc.

There is also a fancy protocol to constantly change the symetric key every few seconds, but that may be overkill here.

Henry


Books: Java Threads, 3rd Edition, Jini in a Nutshell, and Java Gems (contributor)
Pat Farrell
Rancher

Joined: Aug 11, 2007
Posts: 4659
    
    5

Originally posted by Bala Raju Mandala:
My requirement is to send >50 MB files. Is RSA is a good algorithem to implement for encrypting and decrypting that considerable large files?

What Ulf said. RSA is totally inappropriate for your use. RSA can only encipher or decipher blocks that are exactly the same size as the key. So if you have a 1024 bit key, you can only work with 1024 bit long blocks.

And RSA is really slow. It would take forever to do 50Meg.

Normal practice is to generate a random number, called a session key, say 256 bits long. Use RSA to send it securely between Alice and Bob. Then use AES, Blowfish, or some other fast algorithm, keyed by the 256 bit secret, to protect your 50Meg of data.
Bala Raju Mandala
Ranch Hand

Joined: Sep 21, 2006
Posts: 40
Henry and Pat thank you verymuch for your reply.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: help needed to implement encryption and decryption