A session key is a secret key that is generated
new each time the
The credit card number is encrypted and decrypted with the
same session key. This type of cryptography is called symmetric key
encryption, and in our example, requires the session key and encrypted
credit card number be sent over the ret to the receiving program.
Because the session key is sent over the
net, it too should be protected against unauthorized access.
To protect the session key, it is encrypted with the public key of the
recipient. Even if an unauthorized program gets the session key and
credit card number, he or she would have to decrypt the session key
with the private key to be able to decrypt the credit card number
with the session key.
Anything encrypted with a public key, can only be decrypted with the
private key corresponding to the public key that originally encrypted it.
This type of cryptography is called asymmetric key encryption.
In the example, the public key is made readily available to any client
program that requests it, and the private key is kept secret and made
available to specific, trusted clients only.
As shown in the diagram, this example uses a separate program to
generate the public and private key pair. The public key is
stored in one file, and the private key is stored in another. The
file with the private key must be kept in a very secure place. Many
companies keep the private key file on an external storage medium such
as tape or disk to prevent an unauthorized person or program from breaking
into the system and getting the private key.
The server program loads the public key from the public key file,
and makes it available to order clients for encrypting the session
key. Order processing clients get the encrypted session key and
credit card number, load the private key, use the private key to decrypt
the session key, and use the session key to decrypt the credit card number.
Make sure you have the following entries in
You also need to purchase a package with an asymmetric
algorithm such as the Rivest, Shamir, and Adleman (RSA)
Asymmetric-Cipher algorithm.
The asymmetric algorithm is needed to create the asymmetric cipher for
the public and private key encryption. Add the asymmetric algorithm
package to
Using the documentation in the download, convert the pseudo code
to source code.
Compile and run the example as usual.
Symmetric key encryption uses a symmetric algorithm such as
Data Encryption Standard (DES). The asymmetric key encryption
uses an asymmetric algorithm such as
Rives, Shamir, and Adleman (RSA) Asymmetric-Cipher algorithm.
The DES algorithm is available in the
The pseudo code shows two ways to do the asymmetric encryption
of the session key. One way uses an RSA key to encrypt the symmetric key.
The other way uses another asymmetric algorithm to seal (encrypt)
the symmetric key. Sealing is the preferred way, but
presents a problem when you use the RSA key because the
RSA algorithm imposes a size restriction (discussed below)
on the object being encrypted, and the sealing process makes
the session key too large to be encrypted with an RSA key.
After the cipher is created with the correct symmetric or
asymmetric algorithm, it is initialized for encryption or decryption with a
key. In the case of symmetric encryption, the key is a
secret key, and in the case of asymmetric encryption, the
key is either the public or private key.
RMIClient1Sealed.java:
The RMIClient1.java
code has an
RMIClient2Sealed.java:
The RMIClient2.java
code has a
So, if you have a session key that is only 8 bytes long, sealing
expands it to 3644 bytes, which is way over the size restriction
imposed by the RSA algorithm. This is because the process of
sealing the session key causes extra information such as the
session key class hierarchy to be included. The result is a
RMIClient1.java:
The RMIClient1.java
code has an
RMIClient2.java:
The RMIClient2.java
code has a
[TOP]
[ This page was updated: 26-Jul-99 ]
The Purchase button is clicked.
Changing the session key protects against an unauthorized program
getting the key and decrypting hundreds and thousands of
credit card numbers with it.
Running the Example
If you are within the United States or Canada, you can download
the javax.crypto package from the
Products & APIs
page. It contains documentation and a Java™ Archive (JAR)
file with the cryptographic APIs and default providers. A provider
is a package or set of packages that supplies a concrete
implementation of a cryptographic algorithm. Copy the JAR file to the
/jre/lib/ext directory of your Java 2 SDK, Standard Edition,
installation.
~/jre/lib/security/java.security:
security.provider.1=sun.security.provider.Sun
security.provider.2=com.sun.crypto.provider.SunJCE
~/jre/lib/security/java.security as
security.provider.3= and put it in the
/jre/lib/ext directory with the other JAR files.
Pseudo Code
A cipher object is used in the encryption and decryption process.
The cipher object is created with a specific cryptographic
algorithm depending on the type of encryption in use. In this
example, two types of key encryption are used: symmetric and
asymmetric.
javax.crypto
package by default, but an asymmetric
algorithm must be purchased and installed separately.
Server
The Send interface declares and the
RemoteServer class implements methods to handle
the encrypted credit card number and the encrypted
secret key. It also defines a method to return the public
key when a client requests it. In pseudo code, this is
what the server interface and class need to declare and implement:
A method to get the public key
A method to send the encryped credit card number
A method to get the encrypted credit card number
A method to send the encrypted symmetric key
A method to get the encrypted symmetric key
Generating the Public and Private Key Pair
You need a program to generate a public and private
key pair and store them to separate files. The public
key is read from its file when a client calls the
method to get the public key. The private key is read
from its file when RMIClient2 needs it to
decrypt the secret key.
Generate public and private key pair
using asymmetric algorithm
Store private Key in very safe place
Store public key in accessible place
Sealing the Symmetric Key
Sealing the symmetric key involves creating
a sealed object that uses an asymmetric cipher to
seal (encrypt) the session key. The RSA asymmetric algorithm cannot
be used because it has the size restrictions described
in the next section, and the sealing process makes
the session key too large to use with the RSA algorithm.
encrypt method to encrypt the
credit card number, seal the symmetric key, and send the
encrypted credit card number and sealed key to the
server. Here is the pseudo code to do it:
private void encrypt(credit card number){
Create cipher for symmetric key encryption (DES)
Create a key generator
Create a secret (session) key with key generator
Initialize cipher for encryption with session key
Encrypt credit card number with cipher
Get public key from server
Create cipher for asymmetric encryption (do not use RSA)
Initialize cipher for encryption with public key
Seal session key using asymmetric Cipher
Send encrypted credit card number and sealed
session key to server
}
decrypt method to unseal the symmetric
key and decrypt the credit card number. Here is the pseudo code to
do it:
public byte[] decrypt(encrypted key,
encrypted credit card number){
Get private key from file
Create asymmetric cipher (do not use RSA)
Initialize cipher for decryption with private key
Unseal wrapped session key using asymmetric cipher
Create symmetric cipher
Initialize cipher for decryption with session key
Decrypt credit card number with symmetric cipher
}
Encrypting the Symmetric Key with the RSA Algorithm
The RSA algorithm imposes size restrictions on the object
being encrypted. RSA encryption uses the PKCS#1 standard
with PKCS#1 block type 2 padding. The PKCS RSA encryption padding
scheme needs 11 spare bytes to work. So, if you generate an RSA
key pair with a key size of 512 bits, you cannot use the keys to
encrypt more than 53 bytes (53 = 64 - 11).
javax.crypto.IllegalBlockSizeException run time error.
encrypt method to encrypt the
credit card number, seal (encrypt) the session key, and send the
encrypted credit card number and sealed session key to the
server. Here is the pseudo code to do it:
private void encrypt(credit card number){
Create cipher for symmetric key encryption (DES)
Create a key generator
Create a secret (session) key with key generator
Initialize cipher for encryption with session key
Encrypt credit card number with cipher
Get public key from server
Create cipher for asymmetric encryption (RSA)
Initialize cipher for encryption with public key
Encrypt session key
Send encrypted credit card number and session key to server
}
decrypt method to unseal (decrypt) the symmetric
key and decrypt the credit card number. Here is the pseudo code to
do it:
public String decrypt(encrypted key,
encrypted credit card number){
Decrypt credit card number
Get private key from file
Create asymmetric cipher (RSA)
Initialize cipher for decryption with private key
Decrypt symmetric key
Instantiate symmetric key
Create symmetric cipher
Initialize Cipher for decryption with session key
Decrypt credit card number with symmetric Cipher
}
More Information
You can find more information on key encryption on the
Security Dynamics
Web site (for RSA encryption), or by using a search engine and searching on
RSA Cryptography, asymmetric key encryption, or symmetric
key encryption.
For information, call:
(800) 786-7638
Outside the U.S. and Canada, dial your country's AT&T Direct Access Number first.
Copyright © 1995-99
Sun Microsystems, Inc.
All Rights Reserved. Legal Terms. Privacy Policy.
