Hello,
Through several articles, I would like present the cryptographic mechanisms, types of keys, certificate, types of algorithms …etc:
- PRESENTATION : Concepts of Cryptography (concepts, types of keys symmetric/asymmetric, …)
- The principles of SSL
- The principles of Signature and Certificate
- The principles of Hardware Security Module HSM
- Encoding with base64, base64url, rfc-4648
- Encryption with Blowfish (Anonymization)
- Encryption with AES/CBC, AES/EBC (Encryption of files)
- Encryption with PBEWithMD5AndDES (Encryption of files)
- Encryption with RSA (asymmetric keys private and public)
- KeyStore, JCEKS, SecretKey, PrivateKey, PublicKey, Certificate
- Example, Use of SecretKey, PrivateKey, PublicKey, CSV file (CryptoTools, GenericObfuscationFile)
Encryption with Blowfish (Anonymization)
- Presentation
Blowfish is a symmetric (ie, “secret key”) encryption algorithm, using a block size of 64 bits and the variable length key can range from 32 to 448 bits. It is based on the idea that good security against cryptanalysis attacks can be obtained using very large pseudo-random keys.
- Tools
As described in the post http://www.javablog.fr/javacrypto-encryption-list-providers-and-algo.html, we could find the available algorithm, tools (cipher, generator) in each reachable provider. In our case, we use the SunJCE Provider which is enough (http://javasearch.developpez.com/sun/j2se/1.6.0/technotes/guides/security/SunProviders.html#SunJCEProvider)
The following algorithms are available in the SunJCE provider:
[4] SunJCE v1.6: SunJCE Provider (implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE, Diffie-Hellman, HMAC)
- AlgorithmParameters.Blowfish -> com.sun.crypto.provider.BlowfishParameters
- Cipher.Blowfish -> com.sun.crypto.provider.BlowfishCipher
- KeyGenerator.Blowfish -> com.sun.crypto.provider.BlowfishKeyGenerator : = Blowfish ; Default Keysize = 128 bits ; Restrictions = Keysize must be a multiple of 8 bits, ranging from 32 to 448 bits (inclusive).
- Example : Anonymization of data via the algorithm Blowfish and Base64
Details:
* Encryption : Blowfish AND [Base64 and replacing of ‘+’ by ‘-‘, ‘/’ by ‘_’ and removing the ‘=’ at the end]
* Decryption : [Base64 and replacing of ‘-‘ by ‘+’, ‘_’ by ‘/’ and adding at the end a ‘=’] AND Blowfish
… Encryption/ciphering code :final String input = ....; final String secretKey = ....; System.out.println("Input length : " + input.getBytes().length + " bytes"); SecretKeySpec secretKeySpec = new SecretKeySpec(secretKey.getBytes(), "Blowfish"); Cipher cipher = Cipher.getInstance("Blowfish"); cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec); byte[] cipheredBytes = cipher.doFinal(input.getBytes()); System.out.println("Blowfish result length : " + cipheredBytes.length + " bytes");
… Decryption/deciphering code :
byte[] cipheredBytes = ...; final String secretKey = ...; SecretKeySpec secretKeySpec = new SecretKeySpec(secretKey.getBytes(), "Blowfish"); Cipher cipher = Cipher.getInstance("Blowfish"); cipher.init(Cipher.DECRYPT_MODE, secretKeySpec); byte[] decipheredBytes = cipher.doFinal(cipheredBytes); System.out.println("Blowfish source length : " + decipheredBytes.length + " bytes");
…here the main method with Blowfish encryption and Base64 encoding:
public static void main(String[] args) { try{ String input = "123456ds fds àçèé#&çer çer "+System.getProperty("line.separator")+" ^rrr 7897ezrz"; String secretKey = "dfdsfsfsdf"; System.out.println("Original=" + input); String strEnc = AnonymizationBlowfishBase64.cipher(input, secretKey); System.out.println("Encoded=" + strEnc); String strDec = AnonymizationBlowfishBase64.decipher(strEnc, secretKey); System.out.println("Decoded=" + strDec); System.out.println("Decoded is equal to Original=" + (strDec.equals(input))); }catch(Exception ex){ ex.printStackTrace(); } }
…here the outputs:
Original=123456ds fds àçèé#&çer çer
^rrr 7897ezrz
Input length : 43 bytes
Blowfish result length : 48 bytes
Before base64url : 1ow+4nBloj78RHjX4Nh32rkW1Ed+J/f/kTJpgT8AbEopgnI3H2JSaoW7rPbslN+Y
After base64url : 1ow-4nBloj78RHjX4Nh32rkW1Ed-J_f_kTJpgT8AbEopgnI3H2JSaoW7rPbslN-Y
Base64 result length : 64 bytes
Encoded=1ow-4nBloj78RHjX4Nh32rkW1Ed-J_f_kTJpgT8AbEopgnI3H2JSaoW7rPbslN-Y
Before base64 decode : 1ow+4nBloj78RHjX4Nh32rkW1Ed+J/f/kTJpgT8AbEopgnI3H2JSaoW7rPbslN+Y
Decoded=123456ds fds àçèé#&çer çer
^rrr 7897ezrz
Decoded is equal to Original=true
Sources : blowfish.zip
That’s all!!!
Huseyin OZVEREN