**Cryptography Tutorials - Herong's Tutorial Examples** - v5.40, by Dr. Herong Yang

Cryptography Terminology

This section provides descriptions on some commonly used cryptography terminologies

**AES (Advanced Encryption Standard)**: A data encryption standard adopted in 2001
by the US government to replace DES (Advanced Encryption Standard).
AES uses Rijndael ciphers developed by Joan Daemen and Vincent Rijmen.
AES ciphers are symmetric 128-bit block encryptions with 128-bit, 196-bit and 256-bit keys.
AES ciphers are more secure and faster than DES ciphers.

**Blowfish**: A Feistel network iterating a simple encryption function 16 times.
The block size is 64 bits,
and the key can be any length up to 448 bits. Although there is a complex
initialization phase required before any encryption can take place, the actual
encryption of data is very efficient on large microprocessors.

**CBC (Cipher Block Chaining)**: An operation mode for block ciphers, where each plaintext block is XORed
with the previous ciphertext block before encryption.

**Certification Chain**: Also called Certificate Path. An ordered list of certificates where the subject entity
of one certificate is identical to the issuing entity of the next certificate.

**Certificate Path**: Also called Certification Chain. An ordered list of certificates where the subject entity
of one certificate is identical to the issuing entity of the next certificate.

**CFB (Cipher FeedBack)**: An operation mode for block ciphers, where each block of plaintext is XORed with the encrypted version of
the previous ciphertext to generate the current ciphertext block.

**DES (Data Encryption Standard)**: A 16-round Feistel cipher with block size of 64 bits.
DES was developed by IBM in 1974 in response to a federal government public
invitation for data encryption algorithms. In 977, DES was published as a
federal standard, FIPS PUB 46.

**ECB (Electronic CodeBook)**: An operation mode for block ciphers, where each plaintext block is encrypted
independent from other blocks.

**MD5 (Message Digest 5)**: A message-digest algorithm, which
takes as input a message of arbitrary length and produces
as output a 128-bit "fingerprint" or "message digest" of the input.
It is conjectured that it is computationally infeasible to produce
two messages having the same message digest, or to produce any
message having a given pre-specified target message digest.

**OFB (Output FeedBack)**: An operation mode for block ciphers, where each block of plaintext is XORed with the encrypted version of
the previous ciphertext to generate the current ciphertext block.

**OpenSSL**: A cryptography toolkit implementing the Secure Sockets Layer
(SSL v2/v3) and Transport Layer Security (TLS v1) network protocols and
related cryptography standards required by them.

**PKCS5Padding**: A padding schema for block ciphers, where the number of padded bytes equals
to "8 - numberOfBytes(clearTextMessage) mod 8", and the value of each padded byte is an integer
value of the number of padded bytes.

**RSA (Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman)**: A public key algorithm
invented in 1976 by three MIT mathematicians, Ronald L. Rivest, Adi Shamir,
and Leonard M. Adleman.

**SHA1 (Secure Hash Algorithm 1)**: A message-digest algorithm, which takes
an input message of any length < 2^64 bits and produces a 160-bit output
as the message digest.

Table of Contents

Introduction to AES (Advanced Encryption Standard)

DES Algorithm - Illustrated with Java Programs

DES Algorithm Java Implementation

DES Algorithm - Java Implementation in JDK JCE

DES Encryption Operation Modes

PHP Implementation of DES - mcrypt

Blowfish - 8-Byte Block Cipher

Secret Key Generation and Management

Cipher - Secret Key Encryption and Decryption

RSA Implementation using java.math.BigInteger Class

Introduction of DSA (Digital Signature Algorithm)

Java Default Implementation of DSA

Private key and Public Key Pair Generation

PKCS#8/X.509 Private/Public Encoding Standards

Cipher - Public Key Encryption and Decryption

OpenSSL Introduction and Installation

OpenSSL Generating and Managing RSA Keys

OpenSSL Generating and Signing CSR

OpenSSL Validating Certificate Path

"keytool" and "keystore" from JDK

"OpenSSL" Signing CSR Generated by "keytool"

Migrating Keys from "keystore" to "OpenSSL" Key Files

Certificate X.509 Standard and DER/PEM Formats

Migrating Keys from "OpenSSL" Key Files to "keystore"