Cryptography Tutorials - Herong's Tutorial Examples

https://www.herongyang.com/Cryptography

Copyright © 2002-2023 Herong Yang. All rights reserved.

Cryptography Tutorials This cryptography tutorial book is a collection of notes and sample codes written by the author while he was learning cryptography technologies himself. Topics include MD5 and SHA1 message digest algorithms and implementations, DES, Blowfish and AES secret key cipher algorithms and implementations, RSA and DSA public key encryption algorithms and implementations, Java and PHP cryptography APIs, OpenSSL, keytool and other cryptography tools, PKI certificates and Web browser supports. Updated in 2023 (Version v5.42) with minor changes.

Table of Contents

About This Book

Cryptography Terminology

Cryptography Basic Concepts

What Is Cryptography?

What Is Function?

What Is Encryption?

Introduction to AES (Advanced Encryption Standard)

What Is AES (Advanced Encryption Standard)?

AES, or Rijndael, Encryption Algorithm

AES Key Schedule Algorithm

AES Key Schedule Example

AES MixColumns() Procedure Algorithm

Example Vector of AES Encryption

AES Standard Decryption Algorithm

AES Equivalent Decryption Algorithm

Introduction to DES Algorithm

What Is Block Cipher?

DES (Data Encryption Standard) Cipher Algorithm

DES Key Schedule (Round Keys Generation) Algorithm

DES Decryption Algorithm

DES Algorithm - Illustrated with Java Programs

DESSubkeysTest.java - DES Key Schedule Algorithm Illustration

DES Key Schedule Algorithm Illustration Program Output

DESCipherTest.java - DES Cipher Algorithm Illustration

DES Cipher Algorithm Illustration Program Output

DES Algorithm Java Implementation

DES Algorithm - Java Implementation in JDK JCE

DES Java Implementation in JDK by Sun

Steps of Using DES Algorithm in JDK JCE

Testing DES Algorithm in JDK JCE

What Is PKCS5Padding?

JceSunDesPaddingTest.java - JCE DES Padding Test

DES Encryption Operation Modes

DES Encryption Operation Mode Introduction

What is ECB (Electronic CodeBook) Operation Mode?

What is CBC (Cipher Block Chaining) Operation Mode?

What is CFB (Cipher FeedBack) Operation Mode?

What is OFB (Output FeedBack) Operation Mode?

DES Operation Modes in JCE

JCE DES Operation Mode Testing Program

JCE DES Operation Mode Testing Program Result

DES in Stream Cipher Modes

Introducting DES Stream Cipher Modes

CFB (Cipher FeedBack) as a Stream Cipher

OFB (Output FeedBack) as a Stream Cipher

CFB and OFB Stream Ciphers Implemented in JCE

JCE DES Stream Ciphers Testing Program

JCE DES Stream Ciphers Testing Program Result

PHP Implementation of DES - mcrypt

mcrypt Library for PHP

mcrypt Encryption Functions

mcrypt DES Encryption Testing Program

Block Padding in mcrypt

Blowfish - 8-Byte Block Cipher

What Is Block Cipher?

Blowfish Cipher Algorithm

Key Schedule (Sub-Keys Generation) Algorithm

BlowfishJ - Java Implementation by Markus Hahn

Blowfish Decryption Algorithm

First 8336 Hex Digits of PI

Secret Key Generation and Management

javax.crypto.SecretKey - The Secret Key Interface

javax.crypto.KeyGenerator - Generating Secret Keys

Converting Secret Keys to and from Byte Arrays

JceSecretKeyTest.java - Secret Key Test Program

Cipher - Secret Key Encryption and Decryption

javax.crypto.Cipher - The Secret Key Encryption Class

JceSecretCipher.java - Secret Key Encryption Sample Program

Blowfish Secret Key Encryption Tests

Introduction of RSA Algorithm

What Is Public Key Encryption?

RSA Public Key Encryption Algorithm

Illustration of RSA Algorithm: p,q=5,7

Illustration of RSA Algorithm: p,q=7,19

Proof of RSA Public Key Encryption

How Secure Is RSA Algorithm?

How to Calculate "M**e mod n"

Efficient RSA Encryption and Decryption Operations

Proof of RSA Encryption Operation Algorithm

Finding Large Prime Numbers

RSA Implementation using java.math.BigInteger Class

Introduction of DSA (Digital Signature Algorithm)

What Is a Digital Signature?

What Is DSA (Digital Signature Algorithm)?

Illustration of DSA Algorithm: p,q=7,3

Illustration of DSA Algorithm: p,q=23,11

Illustration of DSA Algorithm with Different k and h

Proof of DSA Digital Signature Algorithm

Java Default Implementation of DSA

DsaKeyGenerator.java - Generating DSA Key Pair

DSA 512-bit and 1024-bit Key Pair Examples

DsaKeyChecker.java - Reading and Checking DSA Keys

Example of DSA Key Parameters and Properties

java.security.Signature - The Data Signing Class

DsaSignatureGenerator.java - Generating DSA Digital Signature

DsaSignatureGenerator.java Test Results

DsaSignatureVerifier.java - Verifying DSA Digital Signature

DsaSignatureVerifier.java Test Results

Private key and Public Key Pair Generation

Private and Public Keys and Related Interfaces

KeyPair and KeyPairGenerator Classes

Key Pair Sample Program - JcaKeyPair.java

DSA Private Key and Public Key Pair Sample

RSA Private Key and Public Key Pair Sample

DiffieHellman Private Key and Public Key Pair Sample

PKCS#8/X.509 Private/Public Encoding Standards

What Is Key Encoding?

PKCS#8 and X.509 Key Encoding Classes

java.security.KeyFactory - Reading Encoded Keys

JcaKeyFactoryTest.java - Key Factory Test Program

Reading DSA Private and Public Key Files

Reading RSA Private and Public Key Files

Cipher - Public Key Encryption and Decryption

javax.crypto.Cipher - The Public Key Encryption Class

JcePublicCipher.java - Public Key Encryption Sample Program

DSA Public Key Encryption Tests

RSA Public Key Encryption Tests

MD5 Mesasge Digest Algorithm

What Is MD5 Message Digest Algorithm?

MD5 Message Digest Algorithm Overview

Using MD5 Message Digest in Java

Using MD5 Message Digest in PHP

Using MD5 Message Digest in Perl

SHA1 Mesasge Digest Algorithm

What Is SHA1 Message Digest Algorithm?

SHA1 Message Digest Algorithm Overview

Using SHA1 Message Digest in Java

Using SHA1 Message Digest in PHP

Using SHA1 Message Digest in Perl

OpenSSL Introduction and Installation

What Is OpenSSL?

Installing OpenSSL on Windows

OpenSSL Generating and Managing RSA Keys

Generating New RSA Key Pairs

Viewing Components of RSA Keys

Encrypting RSA Keys

OpenSSL Managing Certificates

What Is a Certificate?

Generating Self-Signed Certificates

Viewing Components of Certificates

OpenSSL Generating and Signing CSR

OpenSSL Validating Certificate Path

What Is a Certification Path?

Certification Path Validation Rules

Creating a Certificate Path with OpenSSL

Validating a Certificate Path with OpenSSL

"keytool" and "keystore" from JDK

Certificates and Certificate Chains

What Is "keystore"?

"keytool" - Command Line Tool

Generating Private Keys

Exporting and Import Certificates

Generating CSR (Certificate Signing Request)

Cloning Certificates with New Identities

"OpenSSL" Signing CSR Generated by "keytool"

"OpenSSL" Acting as a CA (Certificate Authority)

"OpenSSL" Generating CA's Private Key

"OpenSSL" Self-Signing CA's Public Key

"keytool" Generating Maria's Private Key

"keytool" Generating Maria's CSR

"OpenSSL" Signing Maria's CSR

"OpenSSL" Managing Serial Numbers when Signing CSR

"keytool" Importing CA's Own Certificate

""keytool" Importing Maria's Certificate Signed by CA

Migrating Keys from "keystore" to "OpenSSL" Key Files

No "keytool" Command to Export Keys

"keytool -genkeypair" Generating PrivateKeyEntry

"keytool -exportcert" Exporting PrivateKeyEntry

"keytool -printcert" Printing Certificate Details

"openssl x509" Viewing Certificate Details

"DumpKey.java" Dumping Private Keys Out of "keystore"

"openssl enc" Converting Keys from Binary to PEM

"openssl dsa" Viewing Private and Public Key Pair

Certificate X.509 Standard and DER/PEM Formats

X.509 Certificate Standard

What Is DER (Distinguished Encoding Rules) Encoding?

What Is PEM (Privacy Enhanced Mail) Encoding?

Certificate in PEM Format

"keytool" Exporting Certificates in DER and PEM

"OpenSSL" Viewing Certificates in DER and PEM

"OpenSSL" Generating Certificates in DER and PEM

"keytool" Viewing Certificates in DER and PEM

"keytool" Importing Certificates in DER and PEM

Migrating Keys from "OpenSSL" Key Files to "keystore"

What Is PKCS#8?

What Is PKCS#12?

"openssl genrsa" Generating Private Key

"openssl pkcs8" Converting Keys to PKCS#8 Format

"openssl pkcs12" Merging Key with Certificate

"keytool -list" Verifying PKCS#12 Files

"keytool -importkeystore" Importing PKCS#12 Files

Summary - Migrating "OpenSSL" Keys to "keystore"

Summary - Migrating "keystore" Keys to "OpenSSL"

Using Certificates in IE

Visiting a "https" Web Site with IE

Viewing Certificate Details

Viewing Certificate Path

Installing Certificate Permanently in IE

Managing Certificates in Certificate Stores with IE

Exporting Certificates Out of IE

OpenSSL Viewing Certificates Exported from IE

Importing CA Certificate into IE

Importing Certificate Path into IE

Using Certificates in Google Chrome

Visiting an "https" Web Site with Chrome

Viewing Certificate Details

Exporting Certificate from Chrome to File

Managing Certificates in Certificate Stores

Using Certificates in Firefox

Visiting an "https" Web Site with Firefox

Viewing Certificate Details

Managing Certificates in Certificate Stores

Exporting Certificates Out of Firefox

OpenSSL Viewing Certificates Exported from Firefox

Importing CA Certificate into Firefox

Importing Certificate Path into Firefox

Archived Tutorials

Archived: Visiting "https" Web Site with Chrome 24

Archived: Visiting an "https" Web Site with Firefox 18

Archived: Managing Certificates in Firefox 18

Archived: Visiting "https" Web Site with Firefox 3

Archived: Managing Certificates in IE 9

Archived: Visiting "https" Web Site with IE 7

References

Full Version in PDF/EPUB

Keywords: Cryptography, Encryption, Security, Tutorial, Example