1. 對稱加解密的加密與解密使用的是同樣的密鑰,所以速度快,但由於需要將密鑰在網絡上傳輸,所以安全性不高。
2. 非對稱加解密使用了一對密鑰(公鑰與私鑰),所以安全性高,但加密與解密速度慢。
3. 解決的辦法是將對稱加解密的密鑰使用非對稱加解密的公鑰進行加密,然後發送出去,接收方使用私鑰進行解密得到對稱加密的密鑰,然後雙方可以使用對稱加密來進行溝通。
三種對稱加解密算法的簡單測試:3DES、AES、PBE
一.對稱加密算法之3DES
DES是對稱加解密算法的標準,因爲DES可以被黑客破解,所以之後的項目中不在使用DES。由DES延伸出了3DES,在實際應用中十分廣泛。
3DES的好處:1.密鑰長度增強 2.迭代次數提高 3.JDK和BC都提供了相應的實現
public class Test3DES {
private static int KEY_SIZE=168;
private static String KEY_3DES="DESede";
public static void main(String[] args) {
String data = "3DES加密算法";
//1.生成KEY
String keyStr = createKey();
//2.數據加密
String securitData = EnSecuritData(data.getBytes(),Base64.decodeBase64(keyStr));
//3.數據解密
DeSecuritData(Base64.decodeBase64(securitData),Base64.decodeBase64(keyStr));
}
public static String createKey(){
byte[] byteKey = null;
try {
KeyGenerator keyGenerator = KeyGenerator.getInstance(KEY_3DES);
keyGenerator.init(KEY_SIZE);
//keyGenerator.init(new SecureRandom()); //根據KEY類型生成相應的默認KEY長度
SecretKey secretKey = keyGenerator.generateKey();
byteKey = secretKey.getEncoded();
System.out.println("生成KEY:"+Base64.encodeBase64String(byteKey));
} catch (Exception e) {
e.printStackTrace();
}
return Base64.encodeBase64String(byteKey);
}
public static String EnSecuritData(byte[] data,byte[] byteKey){
String securitData =null;
try {
//KEY轉換
Key key = new SecretKeySpec(byteKey, KEY_3DES);
//數據加密
Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] byteData = cipher.doFinal(data);
securitData = Base64.encodeBase64String(byteData);
System.out.println("加密後數據:"+securitData);
} catch (Exception e) {
e.printStackTrace();
}
return securitData;
}
public static void DeSecuritData(byte[] data,byte[] byteKey){
try {
//KEY轉換
Key key = new SecretKeySpec(byteKey, KEY_3DES);
//數據加密
Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] byteData = cipher.doFinal(data);
System.out.println("解密後數據:"+new String(byteData));
} catch (Exception e) {
e.printStackTrace();
}
}
}目前使用比較廣泛的,通常用於移動通信系統加密以及基於SSH協議的軟件。
public class TestAES {
private static String KEY_AES="AES";
public static void main(String[] args) {
String data = "AES加密算法";
//1.生成KEY
String keyStr = createKey();
//2.數據加密
String securitData = EnSecuritData(data.getBytes(),Base64.decodeBase64(keyStr));
//3.數據解密
DeSecuritData(Base64.decodeBase64(securitData),Base64.decodeBase64(keyStr));
}
/**
* 生成KEY
*/
public static String createKey(){
byte[] byteKey = null;
try {
KeyGenerator keyGenerator = KeyGenerator.getInstance(KEY_AES);
keyGenerator.init(new SecureRandom()); //根據KEY類型生成相應的默認KEY長度
SecretKey secretKey = keyGenerator.generateKey();
byteKey = secretKey.getEncoded();
System.out.println("生成KEY:"+Base64.encodeBase64String(byteKey));
} catch (Exception e) {
e.printStackTrace();
}
return Base64.encodeBase64String(byteKey);
}
public static String EnSecuritData(byte[] data,byte[] byteKey){
String securitData =null;
try {
//KEY轉換
Key key = new SecretKeySpec(byteKey, KEY_AES);
//數據加密
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] byteData = cipher.doFinal(data);
securitData = Base64.encodeBase64String(byteData);
System.out.println("加密後數據:"+securitData);
} catch (Exception e) {
e.printStackTrace();
}
return securitData;
}
public static String DeSecuritData(byte[] data,byte[] byteKey){
String result =null;
try {
//KEY轉換
Key key = new SecretKeySpec(byteKey, KEY_AES);
//數據加密
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] byteData = cipher.doFinal(data);
result = new String(byteData);
System.out.println("解密後數據:"+result);
} catch (Exception e) {
e.printStackTrace();
}
return result;
}
}PBE算法結合了消息摘要算法和對稱加密算法的優點;PBE基於口令加密;是對已有算法的包裝;
public class TestPBE {
private static String KEYINS="PBEWITHMD5andDES";
public static void main(String[] args) {
String data = "PBE加解密";
try {
//初始化鹽
SecureRandom random = new SecureRandom();
byte[] salt = random.generateSeed(8);
//口令轉換成密鑰
String pwd = "pwd1234"; //口令
PBEKeySpec keySpec = new PBEKeySpec(pwd.toCharArray());
SecretKeyFactory factory =SecretKeyFactory.getInstance(KEYINS);
Key key = factory.generateSecret(keySpec);
//加密
PBEParameterSpec parameterSpec = new PBEParameterSpec(salt, 100);
Cipher cipher = Cipher.getInstance(KEYINS);
cipher.init(Cipher.ENCRYPT_MODE, key, parameterSpec);
byte[] securitData = cipher.doFinal(data.getBytes());
System.out.println("加密後的數據:"+Base64.encodeBase64String(securitData));
//解密
cipher.init(Cipher.DECRYPT_MODE, key, parameterSpec);
byte[] resultData = cipher.doFinal(securitData);
System.out.println("加密後的數據:"+new String(resultData));
} catch (Exception e) {
e.printStackTrace();
}
}
}