Java 7 中的椭圆曲线密码学实现
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/7440453/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Elliptic Curve Cryptography implementation in Java 7
提问by Akash
I am trying to implement Elliptic Curve Cryptography (ECC) in java as java 7 provides native provider SunEC which supports Elliptic Curve Cryptography (ECC) But I am always getting an error java.security.InvalidKeyException: Invalid key length: 91 bytes because the Elliptic curve I am creating is not appropriate.
我正在尝试在 java 中实现椭圆曲线加密 (ECC),因为 java 7 提供了支持椭圆曲线加密 (ECC) 的本机提供程序 SunEC 但我总是收到错误 java.security.InvalidKeyException: Invalid key length: 91 bytes because Elliptic我正在创建的曲线不合适。
I am using java 7 my task is to use ECC to generate key for encryption and decryption
我正在使用 java 7 我的任务是使用 ECC 生成用于加密和解密的密钥
package com.acc;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.EllipticCurve;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.spec.DESKeySpec;
public class TestECC {
public static void main(String args[]) {
try {
Provider p[] = Security.getProviders();
Provider p1 = Security.getProvider("SunEC");
System.out.println(p1.getName());
KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC", "SunEC");
System.out.println(kpg.getAlgorithm());
Cipher cipher = Cipher.getInstance("DES");
System.out.println("provider=" + cipher.getProvider());
ECGenParameterSpec ecsp = new ECGenParameterSpec("sect163r2");
kpg.initialize(ecsp);
KeyPair kyp = kpg.genKeyPair();
PublicKey pubKey = kyp.getPublic();
PrivateKey privKey = kyp.getPrivate();
System.out.println(cipher.getProvider());
cipher.init(Cipher.ENCRYPT_MODE, pubKey);
String cleartextFile = "cleartext.txt";
String ciphertextFile = "ciphertextECIES.txt";
byte[] block = new byte[64];
FileInputStream fis = new FileInputStream(cleartextFile);
FileOutputStream fos = new FileOutputStream(ciphertextFile);
CipherOutputStream cos = new CipherOutputStream(fos, cipher);
int i;
while ((i = fis.read(block)) != -1) {
cos.write(block, 0, i);
}
cos.close();
// Decrypt
String cleartextAgainFile = "cleartextAgainECIES.txt";
cipher.init(Cipher.DECRYPT_MODE, privKey, ecsp);
fis = new FileInputStream(ciphertextFile);
CipherInputStream cis = new CipherInputStream(fis, cipher);
fos = new FileOutputStream(cleartextAgainFile);
while ((i = cis.read(block)) != -1) {
fos.write(block, 0, i);
}
fos.close();
} catch (Exception e) {
System.out.println(e);
}
}
}
Output: SunEC EC provider=SunJCE version 1.7 SunJCE version 1.7 java.security.InvalidKeyException: Invalid key length: 91 bytes
输出:SunEC EC provider=SunJCE version 1.7 SunJCE version 1.7 java.security.InvalidKeyException:无效的密钥长度:91 字节
Can you please help with ECC curve and Algorithm to use
你能帮忙使用 ECC 曲线和算法吗
回答by duskwuff -inactive-
From what I read, you are trying to:
根据我的阅读,您正在尝试:
- Generate a random key pair using ECC
- Use the ECC private key as a DES symmetric key for encryption
- Use the ECC public key as a DES symmetric key for decryption
- Expect the result to be a round-trip
- 使用 ECC 生成随机密钥对
- 使用 ECC 私钥作为 DES 对称密钥进行加密
- 使用ECC公钥作为DES对称密钥进行解密
- 期望结果是往返
This will not work -- DES is a symmetric algorithm; it requires that the same 56-bit key be used for encryption and decryption. Throwing an ECC key at it won't magically make it accept a different key for the two operations!
这是行不通的——DES 是一种对称算法;它要求加密和解密使用相同的 56 位密钥。向它扔一个 ECC 密钥不会神奇地使它接受两个操作的不同密钥!
回答by Robert
As duskwuff already pointed out you can not mix-up Elliptic curve with DES encryption.
正如 duskwuff 已经指出的那样,您不能将椭圆曲线与 DES 加密混淆。
The problem is that the new SunEC provider does only implement Elliptic Curve Diffie-Hellman (ECDH) and Elliptic Curve Digital Signature Algorithm (ECDSA).
问题是新的 SunEC 提供商只实施了椭圆曲线 Diffie-Hellman (ECDH) 和椭圆曲线数字签名算法 (ECDSA)。
The encryption standard using EC would be Elliptic Curve Integrated Encryption Scheme (ECIES)- which is not implemented in Java 7. Therefore you can not use EC for encryption without using an external library.
使用 EC 的加密标准是Elliptic Curve Integrated Encryption Scheme (ECIES)——它没有在 Java 7 中实现。因此你不能在不使用外部库的情况下使用 EC 进行加密。
回答by Bogdan Alexandru
What you can do is use ECDH to exchange a secret, symmetric key that you can then use for encrypting and decrypting DES.
您可以做的是使用 ECDH 交换一个秘密的对称密钥,然后您可以使用它来加密和解密 DES。
