Java Programming, Lecture Notes # 714, Revised 4/15/99.
Due to the difficulty of distributing this material in a meaningful electronic format because of U.S. export laws, students in Prof. Baldwin's Advanced Java Programming classes at ACC will not be responsible for knowing and understanding the material in this lesson.
This lesson was originally written on April 15, 1999.
The programs in this lesson were tested using JDK 1.2 and JCE 1.2 under Win95
WARNING: The programs in this lesson use classes from JCE 1.2 to perform the encryption. It is illegal to export JCE 1.2 or electronic documentation on JCE 1.2 outside the United States and Canada.
I claim absolutely no expertise in the area of security. I am simply a college professor attempting to gather information about Java on one hand and present it to my students on the other. I disclaim any responsibility for any security problems that may occur as a result of anyone using any of the material in any of my tutorial lessons.
You are responsible for your own actions. With regard to security, you should study not only the material that I will present, but also material provided by others who possess expertise in the security area. Hopefully my material will be useful in getting you started in that direction.
Two good books on security published by O'Reilly & Associates are:
I highly recommend both of these books.
This lesson introduces you to the topic of symmetric cryptographic keys, and the encryption of data using a symmetric key.
Three sample programs are presented. The first sample program shows you how to create a (CENSORED due to U.S. Government export regulations) object containing a symmetric key. It also shows you how to save the key in a disk file using object serialization.
The second program shows you how to read the (CENSORED due to U.S. Government export regulations) object from the disk file and how to use it to encrypt a text document. The raw document and the encrypted document are displayed in Base64 format to show you how they compare. The encrypted document is written into a disk file.
The third program shows you how to read the encrypted document and the (CENSORED due to U.S. Government export regulations) object from the disk file and how to use the key to decrypt the document.
There are two major aspects of Java and security on the Internet:
For the most part, my tutorial lessons will concentrate on the mechanics of using the Java tools. I won't attempt to give advice on overall security procedures. Rather, I will leave that to others who have given a great deal of thought to the topic of who can do what to you and how can they do it.
An earlier lesson suggested that when exchanging data electronically, the parties to the communication might be interested in the following three aspects of that communication:
This lesson deals only with confidentiality and ignores the very difficult issues associated with key management. The assumption is made that a means exists for each party to a communication to gain secure access to the secret key used to encrypt and decrypt the data. For example, the key might be written onto a diskette and exchanged between the parties via diplomatic courier pouch. Future lessons will contain some discussions as to how secret keys can be exchanged electronically in a secure manner.
This program demonstrates the generation of the symmetric key, and the saving of that key in a disk file using object serialization.
The program is the first in a group of three programs designed to demonstrate the use of symmetric keys. The group consists of:
A discussion of the other two programs is provided in later sections of this tutorial.
All three programs were tested using JDK 1.2, JCE 1.2, and Win95.
The first fragment shows CENSORED due to U.S. Government export regulations
/*File Security01A.java CENSORED due to U.S. Government export regulations |
This program demonstrates the use of a symmetric key to encrypt a clear text document and to write the encrypted document into a disk file.
The first fragment shows CENSORED due to U.S. Government export regulations
/*File Security01B.java CENSORED due to U.S. Government export regulations |
This program demonstrates the use of a symmetric key to decrypt an encrypted document that was encrypted using the same key.
The first fragment shows CENSORED due to U.S. Government export regulations
/*File Security01C.java CENSORED due to U.S. Government export regulations |
-end-