**Cryptography Tutorials - Herong's Tutorial Examples** - Version 5.31, by Dr. Herong Yang

Cryptography Tutorials - Herong's Tutorial Examples

http://www.herongyang.com/Cryptography

Copyright © 2015 by Dr. Herong Yang. All rights reserved.

This cryptography tutorial book is a collection of notes and sample codes written by the author while he was learning cryptography technologies himself. Topics include AES, blowfish, certificate, cipher, decryption, DES, digest, encryption, keytool, MD5, OpenSSL, PEM, PKCS#8, PKCS#12, private key, public key, RSA, secret key, SHA1, SSL, X.509.

Table of Contents

Introduction to AES (Advanced Encryption Standard)

What Is AES (Advanced Encryption Standard)?

AES, or Rijndael, Encryption Algorithm

AES MixColumns() Procedure Algorithm

Example Vector of AES Encryption

AES Standard Decryption Algorithm

AES Equivalent Decryption Algorithm

DES (Data Encryption Standard) Cipher Algorithm

DES Key Schedule (Round Keys Generation) Algorithm

DES Algorithm - Illustrated with Java Programs

DESSubkeysTest.java - DES Key Schedule Algorithm Illustration

DES Key Schedule Algorithm Illustration Program Output

DESCipherTest.java - DES Cipher Algorithm Illustration

DES Cipher Algorithm Illustration Program Output

DES Algorithm Java Implementation

CipherDES.java - A Java Implementation of DES

Java Implementation of DES - Test Cases

DES Algorithm - Java Implementation in JDK JCE

DES Java Implementation in JDK by Sun

Steps of Using DES Algorithm in JDK JCE

Testing DES Algorithm in JDK JCE

JceSunDesPaddingTest.java - JCE DES Padding Test

DES Encryption Operation Modes

DES Encryption Operation Mode Introduction

What is ECB (Electronic CodeBook) Operation Mode?

What is CBC (Cipher Block Chaining) Operation Mode?

What is CFB (Cipher FeedBack) Operation Mode?

What is OFB (Output FeedBack) Operation Mode?

JCE DES Operation Mode Testing Program

JCE DES Operation Mode Testing Program Result

Introducting DES Stream Cipher Modes

CFB (Cipher FeedBack) as a Stream Cipher

OFB (Output FeedBack) as a Stream Cipher

CFB and OFB Stream Ciphers Implemented in JCE

JCE DES Stream Ciphers Testing Program

JCE DES Stream Ciphers Testing Program Result

PHP Implementation of DES - mcrypt

mcrypt DES Encryption Testing Program

Blowfish - 8-Byte Block Cipher

Key Schedule (Sub-Keys Generation) Algorithm

BlowfishJ - Java Implementation by Markus Hahn

Secret Key Generation and Management

javax.crypto.SecretKey - The Secret Key Interface

javax.crypto.KeyGenerator - Generating Secret Keys

Converting Secret Keys to and from Byte Arrays

JceSecretKeyTest.java - Secret Key Test Program

Cipher - Secret Key Encryption and Decryption

javax.crypto.Cipher - The Secret Key Encryption Class

JceSecretCipher.java - Secret Key Encryption Sample Program

Blowfish Secret Key Encryption Tests

What Is Public Key Encryption?

RSA Public Key Encryption Algorithm

Illustration of RSA Algorithm: p,q=5,7

Illustration of RSA Algorithm: p,q=7,19

Proof of RSA Public Key Encryption

Efficient RSA Encryption and Decryption Operations

Proof of RSA Encryption Operation Algorithm

RSA Implementation using java.math.BigInteger Class

Generating Prime Number with BigInteger Class

Performance of Prime Number Generation

RSA Encryption Implementation using BigInteger Class

RsaKeyGenerator.java for RSA Key Generation

RSA Keys Generated by RsaKeyGenerator.java

RsaKeyValidator.java for RSA Key Validation

64-bit RSA Key Validated by RsaKeyValidator.java

Converting Byte Sequences to Positive Integers

Cleartext Block Size for RSA Encryption

Cleartext Message Padding and Revised Block Size

Ciphertext Block Size for RSA Encryption

RsaKeyEncryption.java for RSA Encryption Operation

RsaKeyDecryption.java for RSA Decryption Operation

Testing RsaKeyEncryption.java with a 16-bit Key

Testing RsaKeyEncryption.java with a 64-bit Key

Testing RsaKeyEncryption.java with a 3072-bit Key

Introduction of DSA (Digital Signature Algorithm)

What Is DSA (Digital Signature Algorithm)?

Illustration of DSA Algorithm: p,q=7,3

Illustration of DSA Algorithm: p,q=23,11

Illustration of DSA Algorithm with Different k and h

Proof of DSA Digital Signature Algorithm

Java Default Implementation of DSA

DsaKeyGenerator.java - Generating DSA Key Pair

DSA 512-bit and 1024-bit Key Pair Examples

DsaKeyChecker.java - Reading and Checking DSA Keys

Example of DSA Key Parameters and Properties

java.security.Signature - The Data Signing Class

DsaSignatureGenerator.java - Generating DSA Digital Signature

DsaSignatureGenerator.java Test Results

DsaSignatureVerifier.java - Verifying DSA Digital Signature

DsaSignatureVerifier.java Test Results

Private key and Public Key Pair Generation

Private and Public Keys and Related Interfaces

KeyPair and KeyPairGenerator Classes

Key Pair Sample Program - JcaKeyPair.java

DSA Private Key and Public Key Pair Sample

RSA Private Key and Public Key Pair Sample

DiffieHellman Private Key and Public Key Pair Sample

PKCS#8/X.509 Private/Public Encoding Standards

PKCS#8 and X.509 Key Encoding Classes

java.security.KeyFactory - Reading Encoded Keys

JcaKeyFactoryTest.java - Key Factory Test Program

Reading DSA Private and Public Key Files

Reading RSA Private and Public Key Files

Cipher - Public Key Encryption and Decryption

javax.crypto.Cipher - The Public Key Encryption Class

JcePublicCipher.java - Public Key Encryption Sample Program

DSA Public Key Encryption Tests

RSA Public Key Encryption Tests

What Is MD5 Message Digest Algorithm?

MD5 Message Digest Algorithm Overview

Using MD5 Message Digest in Java

Using MD5 Message Digest in PHP

Using MD5 Message Digest in Perl

What Is SHA1 Message Digest Algorithm?

SHA1 Message Digest Algorithm Overview

Using SHA1 Message Digest in Java

Using SHA1 Message Digest in PHP

Using SHA1 Message Digest in Perl

OpenSSL Introduction and Installation

OpenSSL Generating and Managing RSA Keys

Viewing Components of RSA Keys

Generating Self-Signed Certificates

Viewing Components of Certificates

OpenSSL Generating and Signing CSR

Why Certificates Need to Be Signed by CA?

Generating Certificate Signing Request (CSR)

Viewing Components of Certificate Signing Request

Signing a Certificate Signing Request

OpenSSL Validating Certificate Path

Certification Path Validation Rules

Creating a Certificate Path with OpenSSL

Validating a Certificate Path with OpenSSL

"keytool" and "keystore" from JDK

Certificates and Certificate Chains

Exporting and Import Certificates

Generating CSR (Certificate Signing Request)

Cloning Certificates with New Identities

"OpenSSL" Signing CSR Generated by "keytool"

"OpenSSL" Acting as a CA (Certificate Authority)

"OpenSSL" Generating CA's Private Key

"OpenSSL" Self-Signing CA's Public Key

"keytool" Generating Maria's Private Key

"keytool" Generating Maria's CSR

"OpenSSL" Managing Serial Numbers when Signing CSR

"keytool" Importing CA's Own Certificate

""keytool" Importing Maria's Certificate Signed by CA

Migrating Keys from "keystore" to "OpenSSL" Key Files

No "keytool" Command to Export Keys

"keytool -genkeypair" Generating PrivateKeyEntry

"keytool -exportcert" Exporting PrivateKeyEntry

"keytool -printcert" Printing Certificate Details

"openssl x509" Viewing Certificate Details

"DumpKey.java" Dumping Private Keys Out of "keystore"

"openssl enc" Converting Keys from Binary to PEM

"openssl dsa" Viewing Private and Public Key Pair

Certificate X.509 Standard and DER/PEM Formats

What Is DER (Distinguished Encoding Rules) Encoding?

What Is PEM (Privacy Enhanced Mail) Encoding?

"keytool" Exporting Certificates in DER and PEM

"OpenSSL" Viewing Certificates in DER and PEM

"OpenSSL" Generating Certificates in DER and PEM

"keytool" Viewing Certificates in DER and PEM

"keytool" Importing Certificates in DER and PEM

Migrating Keys from "OpenSSL" Key Files to "keystore"

"openssl genrsa" Generating Private Key

"openssl pkcs8" Converting Keys to PKCS#8 Format

"openssl pkcs12" Merging Key with Certificate

"keytool -list" Verifying PKCS#12 Files

"keytool -importkeystore" Importing PKCS#12 Files

Summary - Migrating "OpenSSL" Keys to "keystore"

Summary - Migrating "keystore" Keys to "OpenSSL"

Using Certificates in IE (Internet Explorer)

Why Using Certificates with Web Browsers?

Visiting a "https" Web Site with IE

Installing Certificate Permanently in IE

Managing Certificates in Certificate Stores

Exporting Certificates Out of IE

OpenSSL Viewing Certificates Exported from IE

Importing CA Certificate into IE

Importing Certificate Path into IE

Visiting a "https" Web Site with Firefox

Managing Certificates in Certificate Stores

Exporting Certificates Out of Firefox

OpenSSL Viewing Certificates Exported from Firefox

Importing CA Certificate into Firefox

Importing Certificate Path into Firefox

Using Certificates in Google Chrome

Visiting a "https" Web Site with Chrome

Installing Certificate Permanently in Chrome - Not Supported

Managing Certificates in Certificate Stores

Outdated: Visiting an "https" Web Site with Firefox 3

**Keywords:** Cryptography, Encryption, Security, Tutorial, Example