A newer version of this book is located at http://www.herongyang.com/Cryptography/.
You will be automatically redirected this new location. Thank you for your visiting!
 Herong
Cryptography Tutorials  Herong's Tutorial Notes
Version 4.00
Dr. Herong Yang
Copyright © 1998  2007 by Dr. Herong Yang. All rights reserved.
Table of Contents
About This Book
Terminology
Basic Concepts
 Cryptography
 Function
 Encryption
Cipher  DES Algorithm
 Block Cipher
 DES (Data Encryption Standard) Cipher Algorithm
 DES Key Schedule (Round Keys Generation) Algorithm
 DES Decryption Algorithm
DES Algorithm  Illustrated with Java Programs
 DESSubkeysTest.java  DES Key Schedule Algorithm Illustration
 DESCipherTest.java  DES Cipher Algorithm Illustration
DES Algorithm  Java Implementation
 CipherDES.java  A Simple Java Implementation of DES
 Test Cases of DES Encryption and Decryption
DES Algorithm  Java JCE SUN Implementation
 DES Java Implementation by Sun
 Using DES Algorithm in JDK JCE Package
 Test Cases of DES Encryption and Decryption
 What Is PKCS5Padding?
 JceSunDesPaddingTest.java  JCE DES Padding Testing Program
DES Algorithm  Operation Modes and JCE SUN Implementation
 DES Encryption Operation Modes
 What is ECB (Electronic CodeBook) Operation Mode?
 What is CBC (Cipher Block Chaining) Operation Mode?
 What is CFB (Cipher FeedBack) Operation Mode?
 What is OFB (Output FeedBack) Operation Mode?
 Sun Java Implementation of DES Operation Modes
 JceSunDesOperationModeTest.java  JCE DES Operation Mode Testing Program
 Test Cases of DES Operation Modes
DES Algorithm  Stream Cipher Modes and JCE SUN Implementation
 DES in Stream Cipher Modes
 CFB (Cipher FeedBack) Operation Mode as a Stream Cipher
 OFB (Output FeedBack) Operation Mode as a Stream Cipher
 Sun Java Implementation of DES Operation Modes
 JceSunDesStreamCipherTest.java  JCE DES Stream Cipher Mode Testing Program
 Test Cases of DES Stream Cipher Modes
DES Algorithm  PHP Implementation in mcrypt
 mcrypt Library for PHP
 mcrypt Encryption Functions
 des_mcrypt_operation_mode_test.php  mcrypt Operation Mode Test PHP Script
 Block Padding in mcrypt
 Other PHP Implementations of DES Algorithm
JDK/JCE  Cipher for Encryption and Decryption
 The Cipher Class
 JceSecretCipher.java  Cipher with Secret Key
 JcePublicCipher.java  Cipher with Private and Public Key Pair
Cipher  Blowfish Algorithm
 Block Cipher
 Blowfish Cipher Algorithm
 Blowfish Key Schedule (SubKeys Generation) Algorithm
 BlowfishJ  Java Implementation by Markus Hahn
 Blowfish Decryption Algorithm
 8366 Hex Digits of PI
Message Digest  MD5 Algorithm
 What is MD5?
 MD5 Algorithm Overview
 MD5 Implementation in Java
 MD5 Implementation in PHP
 MD5 Implementation in Perl
Message Digest  SHA1 Algorithm
 What is SHA1?
 SHA1 Algorithm Overview
 SHA1 Implementation in Java
 SHA1 Implementation in PHP
 SHA1 Implementation in Perl
OpenSSL  Installation on Windows
 What is OpenSSL?
 Installing OpenSSL on Windows
OpenSSL  Generating RSA Private and Public Keys
 What is RSA?
 Generating RSA Key Pairs
 Viewing Components of RSA Keys
 Encrypting RSA Keys
OpenSSL  Generating SelfSigned Certificates
 What is a certificate?
 Generating SelfSigned Certificates
 Viewing Components of Certificates
OpenSSL  Signing Certificates from Others

Why Certificates Need to Be Signed by CAs?

Generating a Certificate Signing Request for Your Own Public Key

Viewing Components of Certificate Signing Request

Signing a Certificate Signing Request
OpenSSL  Certification Path and Validation

What Is a Certification Path?

Certification Path Validation

Certification Path Testing with OpenSSL
keytool  JDK Tool to Manage Certificates Using 'keystore'
 Certificates and Certificate Chains
 What is "keystore"?
 "keytool"  Key and Certificate Management Tool
 "keytool" Example  Generating Key Pairs and SelfSigned Certificates
 "keytool" Example  Exporting and Import Certificates
 "keytool" Example  Cloning Certificates with New Identities
Using Certificates with Web Browsers

Why Using Certificates with Browser?

Exporting Certificates Out of Internet Explorer (IE)

Importing Certificates into IE

View Certificates in FireFox

Importing Certificates into FireFox
'OpenSSL' Signing CSR Generated by 'keytool'
 Using "OpenSSL" to Act as a CA (Certificate Authority)
 "OpenSSL" Generating CA's Private Key
 "OpenSSL" Selfsigning CA's Public Key Certificate
 "keytool" Generating Maria's Private Key
 "keytool" Generating Maria's CSR (Certificate Sign Request)
 "OpenSSL" Signing Maria's CSR (Certificate Sign Request)
 "keytool" Managing Serial Numbers when Signing CSR
 "keytool" Importing CA's Certificate into Keystore Files
 "keytool" Importing Maria's Own Certificate
Migrating Keys from 'keytool' to 'OpenSSL'
 "keytool" Generating Private and Public Key Pair
 "keytool" Exporting PrivateKeyEntry
 "keytool" Printing Certificate Details
 "OpenSSL" Viewing "keytool" Generated Certificates
 DumpKey.java  Dumping Private Keys Out of "keystore"
 "OpenSSL" Converting Keys from Binary to PEM
 "OpenSSL" Viewing "keytool" Keys
Certificate Formats  X.509, DER and PEM
 X.509 Certificate Standard
 PEM (Privacy Enhanced Mail) Encoding
 DER (Distinguished Encoding Rules) Encoding
 "keytool" Exporting Certificates in DER and PEM
 "OpenSSL" Verifying "keytool" Certificates
 "OpenSSL" Generating Certificates in DER and PEM
 "keytool" Viewing "OpenSSL" Certificates
 "keytool" Importing "OpenSSL" Certificates
Key Formats PKCS#8 and PKCS#12 and Migration
 What is PKCS#8?
 What is PKCS#12?
 "OpenSSL" Private Key in Traditional Format
 "OpenSSL" Private Key in PKCS#8 Format
 "OpenSSL" Key and Certificate in PKCS#12 Format
 "keytool" Converting PKCS12 to JKS
 Summary  Migrating "OpenSSL" Keys to "keytool"
 Summary  Migrating "keytool" Keys to "OpenSSL"
References
Key Words:
blowfish, CA, certificate, certification path, cipher, CSR, decryption, DER, DES, digest, encryption,
Java, JCE, JDK, keytool, MD5, message, OpenSSL, PEM, PKCS#8, PKCS#12, private key, public key, RSA,
secret key, selfsigned certificate, SHA1, SSL, X.509
