Your SlideShare is downloading. ×
0
Cryptography in Java               tnngo2@gmail.com
Cryptography      to maintain and protect the confidentiality of the information when      it is transmitted on a communic...
Cryptography Schemes     The process of cryptography is achieved with the help of     encryption algorithm and an encrypti...
Cryptography Algorithm Types      Secret Key Cryptography (Symmetric)              Two entities share the same secret key....
Need for cryptography      In order to develop a secure database application, cryptography is      needed to identify all ...
Purpose of Cryptography      Authentication                  prevents spoofing by applying the digital                  si...
Java Cryptography Architecture (JCA)      JCA is a framework written in Java to access and develop      cryptographic func...
Design Principles of JCA      JCA was designed to access cryptography and security concepts.      Implementation independe...
Components of JCA     Cryptographic Service Providers             is a package or a set of packages defined by the JCA to ...
Cryptographic Service      The Service provider classes are also known as Engine classes.
Classes and Interfaces of JCA
Core Engine Classes of JCA
Java Cryptography Extension (JCE)      JCA is a set of packages that form a framework and provides      implementations fo...
Java Cryptography Extension APIs      Symmetric block encryption      Symmetric stream encryption      Password-based encr...
Packages in JCE
Cipher         is the object capable of performing encryption and decryption as per         an encryption algorithm.      ...
Methods of Cipher      getInstance()      init()      update()      doFinal()      getBlockSize()      getAlgorithm()     ...
Password Based encryption (PBE)      generates a secret encryption key based on a password provided by      the end user. ...
Password Based encryption (PBE)      mix in a random number with the password, called the salt      prevent dictionary att...
PBEParameterSpec Class
SecretKeyFactory Class
Encrypting Data using Passwords      Take the string and create an instance of PBEKeySpec      Use a SecretKeyFactory to p...
Encrypting Data using Passwords
Encrypting Data using Passwords
Upcoming SlideShare
Loading in...5
×

Jdbc 6

721

Published on

Published in: Technology, Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
721
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
29
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Jdbc 6"

  1. 1. Cryptography in Java tnngo2@gmail.com
  2. 2. Cryptography to maintain and protect the confidentiality of the information when it is transmitted on a communication medium is the mechanism of encoding information is secret coded form. keep communications limited and private to only the sender and receiver enhances the security, authenticity and integrity of the information passed across the communication medium
  3. 3. Cryptography Schemes The process of cryptography is achieved with the help of encryption algorithm and an encryption key The encryption algorithm is a mathematical procedure to encrypt or decrypt the data. Encryption key is the input that encryption algorithm takes
  4. 4. Cryptography Algorithm Types Secret Key Cryptography (Symmetric) Two entities share the same secret key. Public Key Cryptography (Asymmetric) Operates under two different keys. One is used for encoding, the second for decoding. Hash Functions (One-way cryptography, Message digests) Encrypt the information into an irreversible codes.
  5. 5. Need for cryptography In order to develop a secure database application, cryptography is needed to identify all the possible threats to the application and provide measures to prevent them. The threats: Violation of Privacy/confidentiality Data can be read by an unintended receiver. Tampering modifying or deleting a resource without proper access privilege Spoofing impersonating the identity of a different user and use it in an unauthorized way
  6. 6. Purpose of Cryptography Authentication prevents spoofing by applying the digital signature Privacy/confidentiality verifies, prevents unintended receiver from reading the data Integrity verifies whether the data received by the receiver is the same data as sent by the sender Non-repudiation ensures that a user or a business organization or program entity has performed a transaction
  7. 7. Java Cryptography Architecture (JCA) JCA is a framework written in Java to access and develop cryptographic functionality, and forms part of the Java security API Java Cryptography Extension (JCE) extends the underlying architecture of JCA to implement encryption, key exchange JCA and JCE together provide a complete, platform-independent API.
  8. 8. Design Principles of JCA JCA was designed to access cryptography and security concepts. Implementation independence and interoperability. Algorithm independence and extensibility
  9. 9. Components of JCA Cryptographic Service Providers is a package or a set of packages defined by the JCA to implement one or more cryptographic services. Key Management manage the library of keys and certificates which in a database called keystore. KeyStore class in the java.security package
  10. 10. Cryptographic Service The Service provider classes are also known as Engine classes.
  11. 11. Classes and Interfaces of JCA
  12. 12. Core Engine Classes of JCA
  13. 13. Java Cryptography Extension (JCE) JCA is a set of packages that form a framework and provides implementations for encryption, key generations and agreement, and Message Authentication Code (MAC) algorithms. Additional cryptographic libraries can be plugged in.
  14. 14. Java Cryptography Extension APIs Symmetric block encryption Symmetric stream encryption Password-based encryption Key Agreement Message Authentication Codes
  15. 15. Packages in JCE
  16. 16. Cipher is the object capable of performing encryption and decryption as per an encryption algorithm. is one of core classes from JCE javax.crypto
  17. 17. Methods of Cipher getInstance() init() update() doFinal() getBlockSize() getAlgorithm() getProvider()
  18. 18. Password Based encryption (PBE) generates a secret encryption key based on a password provided by the end user. is one of core classes from JCE javax.crypto
  19. 19. Password Based encryption (PBE) mix in a random number with the password, called the salt prevent dictionary attacks or pre-computation attacks
  20. 20. PBEParameterSpec Class
  21. 21. SecretKeyFactory Class
  22. 22. Encrypting Data using Passwords Take the string and create an instance of PBEKeySpec Use a SecretKeyFactory to produce a SecretKey instance Generate a random salt Select an iteration count and create a PBEParameterSpec Create a Cipher from the SecretKey and PBEParameterSpec Encrypt the data with the Cipher and write output of the Cipher
  23. 23. Encrypting Data using Passwords
  24. 24. Encrypting Data using Passwords
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×