对称加密算法原理与常用实现
生活随笔
收集整理的這篇文章主要介紹了
对称加密算法原理与常用实现
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
目錄
- 定義
- 常用對稱加密算法
- DES
- 3DES
- AES
- PEB
- 常用對稱加密算法的java實現
- DES實現
- 3DES實現
- AES實現
- PEB實現
定義
原文通過加密秘鑰生成密文,密文通過解密秘鑰得到原文。
對于加密秘鑰和解密秘鑰是相同的算法,就叫對稱加密算法。
常用對稱加密算法
DES
Data Encryption Standard
初代對稱加密算法
從98年開始不斷被破解,到現在已經完全不具備安全性了。
現在基本沒人用了,但很值得學習。
秘鑰長度56位
3DES
由于DES算法長度不夠,衍生出2重DES算法,3重DES算法,4重DES算法等。
用的最多的是3重DES算法。
3重DES,秘鑰長度增加,迭代次數增加。
秘鑰長度112或168,默認168。
AES
由于3DES效率有些低,所以又有了AES加密算法。
AES是目前使用最多的對稱加密算法。而且至今未被破解。
常用于移動通信系統加密和一些基于SSH協議的軟件(SSH Client、secureCRT)。
AES秘鑰長度128或192或256,默認128。
額外注意,用JDK的實現中,使用256位秘鑰需要獲得無政府限制權限文件(美國政府的限制,所以一般場景不用)。
PEB
PBE(password based encryption),基于口令的加密算法。
PBE算法,其實是對之前的AES、DES的包裝升級。
口令一般是用戶自己創建管理的。為了防止暴力破解,要對口令進行加鹽操作。
常用的PEB算法:
PBEWithMD5AndDES,秘鑰長度56位
PBEWithMD5AndTripleDES,秘鑰長度112、168位,默認168位
PBEWithSHA1AndDESede,秘鑰長度112、168位,默認168位
PBEWithSHA1AndRC2_40,秘鑰長度40~1024位(8的倍數),默認128位
常用對稱加密算法的java實現
DES實現
import org.apache.commons.codec.binary.Hex;import javax.crypto.Cipher; import javax.crypto.KeyGenerator; import javax.crypto.SecretKey; import javax.crypto.SecretKeyFactory; import javax.crypto.spec.DESKeySpec; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom;/*** @Author: zhangshuai* @Date: 2020-04-22 22:38* @Description:**/ public class DESTest {public static void main(String[] args) throws Exception {String name = "hello word";String password = getPassword(); // String password = "1122334455667788";System.out.println("秘鑰:"+password);byte[] encrypt = encrypt(name.getBytes(), password);String encryptString = Hex.encodeHexString(encrypt);System.out.println("秘鑰加密后的密文:"+encryptString);byte[] decodeHex = Hex.decodeHex(encryptString.toCharArray());byte[] decrypt = decrypt(decodeHex, password);System.out.println("秘鑰解密后的明文:"+new String(decrypt));}/*** 獲取隨機秘鑰*/public static String getPassword() throws NoSuchAlgorithmException {KeyGenerator keyGenerator = KeyGenerator.getInstance("DES");keyGenerator.init(56);SecretKey secretKey = keyGenerator.generateKey();byte[] keyEncoded = secretKey.getEncoded();return Hex.encodeHexString(keyEncoded);}/*** 加密*/public static byte[] encrypt(byte[] datasource, String password) {try{SecureRandom random = new SecureRandom();DESKeySpec desKey = new DESKeySpec(password.getBytes());//密匙工廠SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");SecretKey securekey = keyFactory.generateSecret(desKey);//Cipher對象實際完成加密操作Cipher cipher = Cipher.getInstance("DES");//用密匙初始化Cipher對象cipher.init(Cipher.ENCRYPT_MODE, securekey, random);//現在,獲取數據并加密//正式執行加密操作return cipher.doFinal(datasource);}catch(Throwable e){e.printStackTrace();}return null;}/*** 解密*/public static byte[] decrypt(byte[] src, String password) throws Exception {// DES算法要求有一個可信任的隨機數源SecureRandom random = new SecureRandom();// 創建一個DESKeySpec對象DESKeySpec desKey = new DESKeySpec(password.getBytes());// 密匙工廠SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");// 將DESKeySpec對象轉換成SecretKey對象SecretKey securekey = keyFactory.generateSecret(desKey);// Cipher對象實際完成解密操作Cipher cipher = Cipher.getInstance("DES");// 用密匙初始化Cipher對象cipher.init(Cipher.DECRYPT_MODE, securekey, random);// 解密return cipher.doFinal(src);} }3DES實現
import org.apache.commons.codec.binary.Hex;import javax.crypto.Cipher; import javax.crypto.KeyGenerator; import javax.crypto.SecretKey; import javax.crypto.SecretKeyFactory; import javax.crypto.spec.DESedeKeySpec; import java.security.Key; import java.security.NoSuchAlgorithmException;public class Test3DES {public static void main(String[] args) throws Exception {String name = "hello word";byte[] password = getPassword();System.out.println("秘鑰:" + Hex.encodeHexString(password));byte[] encrypt = encrypt(name.getBytes(), password);String encryptString = Hex.encodeHexString(encrypt);System.out.println("秘鑰加密后的密文:" + encryptString);byte[] decodeHex = Hex.decodeHex(encryptString.toCharArray());byte[] decrypt = decrypt(decodeHex, password);System.out.println("秘鑰解密后的明文:" + new String(decrypt));}/*** 獲取隨機秘鑰*/public static byte[] getPassword() throws NoSuchAlgorithmException {KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede");keyGenerator.init(168);SecretKey secretKey = keyGenerator.generateKey();byte[] keyEncoded = secretKey.getEncoded();return keyEncoded;}/*** 秘鑰轉換為DESede專用密鑰*/private static Key getSecretKey(byte[] key) {try {DESedeKeySpec deSedeKeySpec = new DESedeKeySpec(key);SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");Key secretKey = factory.generateSecret(deSedeKeySpec);return secretKey;} catch (Exception ex) {ex.printStackTrace();}return null;}/*** 加密*/public static byte[] encrypt(byte[] datasource, byte[] password) {try {Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");// 創建密碼器cipher.init(Cipher.ENCRYPT_MODE, getSecretKey(password));// 初始化為加密模式的密碼器byte[] result = cipher.doFinal(datasource);// 加密return result;} catch (Exception ex) {ex.printStackTrace();}return null;}/*** 解密*/public static byte[] decrypt(byte[] src, byte[] password) {try {// 實例化Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");cipher.init(Cipher.DECRYPT_MODE, getSecretKey(password));byte[] result = cipher.doFinal(src);return result;} catch (Exception ex) {ex.printStackTrace();}return null;} }AES實現
import org.apache.commons.codec.binary.Hex;import javax.crypto.Cipher; import javax.crypto.KeyGenerator; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; import java.security.Key; import java.security.NoSuchAlgorithmException;public class TestAES {public static void main(String[] args) throws Exception {String name = "hello word";byte[] password = getPassword();System.out.println("秘鑰:" + Hex.encodeHexString(password));byte[] encrypt = encrypt(name.getBytes(), password);String encryptString = Hex.encodeHexString(encrypt);System.out.println("秘鑰加密后的密文:" + encryptString);byte[] decodeHex = Hex.decodeHex(encryptString.toCharArray());byte[] decrypt = decrypt(decodeHex, password);System.out.println("秘鑰解密后的明文:" + new String(decrypt));}/*** 獲取隨機秘鑰*/public static byte[] getPassword() throws NoSuchAlgorithmException {KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");keyGenerator.init(128);SecretKey secretKey = keyGenerator.generateKey();byte[] keyEncoded = secretKey.getEncoded();return keyEncoded;}/*** 獲取專用密鑰*/private static Key getSecretKey(byte[] key) {try {return new SecretKeySpec(key, "AES");} catch (Exception ex) {ex.printStackTrace();}return null;}/*** 加密*/public static byte[] encrypt(byte[] datasource, byte[] password) {try {Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");// 創建密碼器cipher.init(Cipher.ENCRYPT_MODE, getSecretKey(password));// 初始化為加密模式的密碼器byte[] result = cipher.doFinal(datasource);// 加密return result;} catch (Exception ex) {ex.printStackTrace();}return null;}/*** 解密*/public static byte[] decrypt(byte[] src, byte[] password) {try {// 實例化Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");cipher.init(Cipher.DECRYPT_MODE, getSecretKey(password));byte[] result = cipher.doFinal(src);return result;} catch (Exception ex) {ex.printStackTrace();}return null;}PEB實現
import org.apache.commons.codec.binary.Hex;import javax.crypto.Cipher; import javax.crypto.SecretKeyFactory; import javax.crypto.spec.PBEKeySpec; import javax.crypto.spec.PBEParameterSpec; import java.security.Key; import java.security.SecureRandom;public class TestPBE {public static void main(String[] args) throws Exception {String name = "hello word";String password = "123456";System.out.println("秘鑰:" + password);PBEParameterSpec salt = getSalt();byte[] encrypt = encrypt(name.getBytes(), password, salt);String encryptString = Hex.encodeHexString(encrypt);System.out.println("秘鑰加密后的密文:" + encryptString);byte[] decrypt = decrypt(encrypt, password, salt);System.out.println("秘鑰解密后的明文:" + new String(decrypt));}/*** 獲取專用密鑰*/private static Key getSecretKey(String password) {try {PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray());SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWITHMD5andDES");return factory.generateSecret(pbeKeySpec);} catch (Exception ex) {ex.printStackTrace();}return null;}/*** 獲取鹽*/private static PBEParameterSpec getSalt() {SecureRandom secureRandom = new SecureRandom();byte[] salt = secureRandom.generateSeed(8);// 100次加鹽迭代return new PBEParameterSpec(salt, 100);}/*** 加密*/public static byte[] encrypt(byte[] datasource, String password, PBEParameterSpec salt) {try {Cipher cipher = Cipher.getInstance("PBEWITHMD5andDES");// 創建密碼器cipher.init(Cipher.ENCRYPT_MODE, getSecretKey(password), salt);// 初始化為加密模式的密碼器byte[] result = cipher.doFinal(datasource);// 加密return result;} catch (Exception ex) {ex.printStackTrace();}return null;}/*** 解密*/public static byte[] decrypt(byte[] src, String password, PBEParameterSpec salt) {try {// 實例化Cipher cipher = Cipher.getInstance("PBEWITHMD5andDES");cipher.init(Cipher.DECRYPT_MODE, getSecretKey(password), salt);byte[] result = cipher.doFinal(src);return result;} catch (Exception ex) {ex.printStackTrace();}return null;}總結
以上是生活随笔為你收集整理的对称加密算法原理与常用实现的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: linux---基础01
- 下一篇: storm的流分组策略