Cryptography Tutorials - Herong's Tutorial Examples

http://www.herongyang.com/Cryptography

Copyright © 2009 by Dr. Herong Yang. All rights reserved.

This cryptography tutorial book is a collection of notes and sample codes written by the author while he was learning cryptography technologies himself. Topics include blowfish, certificate, cipher, decryption, DES, digest, encryption, keytool, MD5, OpenSSL, PEM, PKCS#8, PKCS#12, private key, public key, RSA, secret key, SHA1, SSL, X.509.

Table of Contents

About This Book

Cryptography Terminology

Cryptography Basic Concepts

What Is Cryptography?

What Is Function?

What Is Encryption?

Introduction to DES Algorithm

What Is Block Cipher?

DES (Data Encryption Standard) Cipher Algorithm

DES Key Schedule (Round Keys Generation) Algorithm

DES Decryption Algorithm

DES Algorithm - Illustrated with Java Programs

DESSubkeysTest.java - DES Key Schedule Algorithm Illustration

DES Key Schedule Algorithm Illustration Program Output

DESCipherTest.java - DES Cipher Algorithm Illustration

DES Cipher Algorithm Illustration Program Output

DES Algorithm Java Implementation

CipherDES.java - A Java Implementation of DES

Java Implementation of DES - Test Cases

DES Algorithm - Java Implementation in JDK JCE

DES Java Implementation in JDK by Sun

Steps of Using DES Algorithm in JDK JCE

Testing DES Algorithm in JDK JCE

What Is PKCS5Padding?

JceSunDesPaddingTest.java - JCE DES Padding Test

DES Encryption Operation Modes

DES Encryption Operation Mode Introduction

What is ECB (Electronic CodeBook) Operation Mode?

What is CBC (Cipher Block Chaining) Operation Mode?

What is CFB (Cipher FeedBack) Operation Mode?

What is OFB (Output FeedBack) Operation Mode?

DES Operation Modes in JCE

JCE DES Operation Mode Testing Program

JCE DES Operation Mode Testing Program Result

DES in Stream Cipher Modes

Introducting DES Stream Cipher Modes

CFB (Cipher FeedBack) as a Stream Cipher

OFB (Output FeedBack) as a Stream Cipher

CFB and OFB Stream Ciphers Implemented in JCE

JCE DES Stream Ciphers Testing Program

JCE DES Stream Ciphers Testing Program Result

PHP Implementation of DES - mcrypt

mcrypt Library for PHP

mcrypt Encryption Functions

mcrypt DES Encryption Testing Program

Block Padding in mcrypt

Blowfish - 8-Byte Block Cipher

What Is Block Cipher?

Blowfish Cipher Algorithm

Key Schedule (Sub-Keys Generation) Algorithm

BlowfishJ - Java Implementation by Markus Hahn

Blowfish Decryption Algorithm

First 8366 Hex Digits of PI

Secret Key Generation and Management

javax.crypto.SecretKey - The Secret Key Interface

javax.crypto.KeyGenerator - Generating Secret Keys

Converting Secret Keys to and from Byte Arrays

JceSecretKeyTest.java - Secret Key Test Program

Cipher - Secret Key Encryption and Decryption

javax.crypto.Cipher - The Secret Key Encryption Class

JceSecretCipher.java - Secret Key Encryption Sample Program

Blowfish Secret Key Encryption Tests

Private key and Public Key Pair Generation

Private and Public Keys and Related Interfaces

KeyPair and KeyPairGenerator Classes

Key Pair Sample Program - JcaKeyPair.java

DSA Private Key and Public Key Pair Sample

RSA Private Key and Public Key Pair Sample

DiffieHellman Private Key and Public Key Pair Sample

PKCS#8/X.509 Private/Public Encoding Standards

What Is Key Encoding?

PKCS#8 and X.509 Key Encoding Classes

java.security.KeyFactory - Reading Encoded Keys

JcaKeyFactoryTest.java - Key Factory Test Program

Reading DSA Private and Public Key Files

Reading RSA Private and Public Key Files

Cipher - Public Key Encryption and Decryption

javax.crypto.Cipher - The Public Key Encryption Class

JcePublicCipher.java - Public Key Encryption Sample Program

DSA Public Key Encryption Tests

RSA Public Key Encryption Tests

MD5 Mesasge Digest Algorithm

What Is MD5 Message Digest Algorithm?

MD5 Message Digest Algorithm Overview

Using MD5 Message Digest in Java

Using MD5 Message Digest in PHP

Using MD5 Message Digest in Perl

SHA1 Mesasge Digest Algorithm

What Is SHA1 Message Digest Algorithm?

SHA1 Message Digest Algorithm Overview

Using SHA1 Message Digest in Java

Using SHA1 Message Digest in PHP

Using SHA1 Message Digest in Perl

OpenSSL Introduction and Installation

What Is OpenSSL?

Installing OpenSSL on Windows

OpenSSL Generating and Managing RSA Keys

Generating New RSA Key Pairs

Viewing Components of RSA Keys

Encrypting RSA Keys

OpenSSL Managing Certificates

What Is a Certificate?

Generating Self-Signed Certificates

Viewing Components of Certificates

OpenSSL Generating and Signing CSR

Why Certificates Need to Be Signed by CA?

Generating Certificate Signing Request (CSR)

Viewing Components of Certificate Signing Request

Signing a Certificate Signing Request

OpenSSL Validating Certificate Path

What Is a Certification Path?

Certification Path Validation Rules

Creating a Certificate Path with OpenSSL

Validating a Certificate Path with OpenSSL

"keytool" and "keystore" from JDK

Certificates and Certificate Chains

What Is "keystore"?

"keytool" - Command Line Tool

Generating Private Keys

Exporting and Import Certificates

Generating CSR (Certificate Signing Request)

Cloning Certificates with New Identities

"OpenSSL" Signing CSR Generated by "keytool"

"OpenSSL" Acting as a CA (Certificate Authority)

"OpenSSL" Generating CA's Private Key

"OpenSSL" Self-Signing CA's Public Key

"keytool" Generating Maria's Private Key

"keytool" Generating Maria's CSR

"OpenSSL" Signing Maria's CSR

"OpenSSL" Managing Serial Numbers when Signing CSR

"keytool" Importing CA's Own Certificate

""keytool" Importing Maria's Certificate Signed by CA

Migrating Keys from "keystore" to "OpenSSL" Key Files

No "keytool" Command to Export Keys

"keytool -genkeypair" Generating PrivateKeyEntry

"keytool -exportcert" Exporting PrivateKeyEntry

"keytool -printcert" Printing Certificate Details

"openssl x509" Viewing Certificate Details

"DumpKey.java" Dumping Private Keys Out of "keystore"

"openssl enc" Converting Keys from Binary to PEM

"openssl dsa" Viewing Private and Public Key Pair

Certificate X.509 Standard and DER/PEM Formats

X.509 Certificate Standard

What Is DER (Distinguished Encoding Rules) Encoding?

What Is PEM (Privacy Enhanced Mail) Encoding?

Certificate in PEM Format

"keytool" Exporting Certificates in DER and PEM

"OpenSSL" Viewing Certificates in DER and PEM

"OpenSSL" Generating Certificates in DER and PEM

"keytool" Viewing Certificates in DER and PEM

"keytool" Importing Certificates in DER and PEM

Migrating Keys from "OpenSSL" Key Files to "keystore"

What Is PKCS#8?

What Is PKCS#12?

"openssl genrsa" Generating Private Key

"openssl pkcs8" Converting Keys to PKCS#8 Format

"openssl pkcs12" Merging Key with Certificate

"keytool -list" Verifying PKCS#12 Files

"keytool -importkeystore" Importing PKCS#12 Files

Summary - Migrating "OpenSSL" Keys to "keystore"

Summary - Migrating "keystore" Keys to "OpenSSL"

Using Certificates in IE 7

Why Using Certificates with Web Browsers?

Visiting a "https" Web Site with IE

Viewing Certificate Details

Viewing Certificate Path

Installing Certificate Permanently in IE

Managing Certificates in Certificate Stores

Exporting Certificates Out of IE 7

OpenSSL Viewing Certificates Exported from IE 7

Importing CA Certificate into IE 7

Importing Certificate Path into IE 7

Using Certificates in Firefox 3

Visiting a "https" Web Site with Firefox

Viewing Certificate Details

Managing Certificates in Certificate Stores

Exporting Certificates Out of Firefox 3

OpenSSL Viewing Certificates Exported from Firefox 3

Importing CA Certificate into Firefox

Importing Certificate Path into Firefox

References

Printable Copy - PDF Version

Keywords: Cryptography, Encryption, Security, Tutorial, Example

Previous Version: http://www.herongyang.com/crypto/index2.html