PV181 Laboratory of security and applied cryptography Seminar 13: Java Crypto Architecture / Java Crypto Extensions Łukasz Chmielewski (based on seminars by Dušan Klinec) chmiel@fi.muni.cz | PV1811 Provider architecture | PV1812 Provider architecture MessageDigest. getInstance(“MD5”); | PV1813 Provider architecture MessageDigest. getInstance(“MD5”, “ProviderC”); | PV1814 JCA • java.security.* • SecureRandom - PRNG • MessageDigest – SHA256, MD5, ... • Signature – RSA, DSA • KeyStore – PKCS12 • KeyPairGenerator, KeyFactory, CertificateFactory, | PV1815 JCE • javax.crypto.* • Cipher – AES, RSA, ElGamal, RC4, Salsa20 • Mac – HMACWithSHA256 • KeyGenerator | PV1816 • Implementation independence • Implementation interoperability • Algorithm extensibility Provider architecture | PV1817 Bouncy Castle | PV1818 Bouncy Castle BouncyCastle | PV1819 Bouncy Castle • Implements a LOT OF ciphers, cipher suites, algorithms, modes, ASN.1, PEM, Certs, PQC, … • Origin: Australian, former advantage (crypto regulations) • Android | PV18110 • getInstance() • update() • digest() • reset() Provider architecture – Engine classes | PV18111 • getInstance() • init() • update() • doFinal() Provider architecture – Engine classes | PV18112 Provider architecture – Spi skeleton | PV18113 Provider architecture – Spi skeleton | PV18114 Provider architecture – Spi skeleton Strong cryptography (History) • Limits the strength of your crypto • the size of the Key • In old Java versions: • AES-256 and RSA-2048 were not available by default • Now even PQC is available • Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files | PV18116 Download NetBeans (maven) project Case sensitive Take from IS: pv181_mvn.zip (UPLOADED TODAY!) | PV18120 Please open Or Eclipse, CLion etc. | PV18121 Pls open | PV18122 If you have a choice indicate that it is a maven project during import. Getting started | PV18123 Cipher – import missing | PV18124 Cipher – import missing | PV18125 Lighbulb helps | PV18126 Getting started CTRL+SHIFT+I | PV18127 Problem again | PV18128 Problem again | PV18129 The web | PV18130 Pls open – the guide Copy java-course-guide.zip from IS (file name is case sensitive): Unzip it and open index.html in a browser. Do, Tasks 0-4. | PV18131 Task01 - SecureRandom • SecureRandom rnd = new SecureRandom() • rnd.nextDouble() • rnd.nextByte() • rnd. .... | PV18132 SecureRandom - solution • SecureRandom rnd = new SecureRandom(); • rnd.nextBytes(buffer); • System.out.println(Globals.bytesToHex(buffer)); | PV18133 Task02 - MessageDigest • MessageDigest md5 = MessageDigest.getInstance(“MD5”); | PV18134 MessageDigest • MessageDigest md5 = MessageDigest.getInstance(“MD5”); • md5.update(inputBuffer, 0, bytesRead); • md5.update(inputBuffer, 0, bytesRead); • md5.update(inputBuffer, 0, bytesRead); • byte[] md5hash = md5.digest() | PV18135 MessageDigest – incremental API MD5 md5.update(data) md5.update(data) md5.update(data) md5.update(data) md5.update(data) md5.update(data) md5.digest() byte[] hash | PV18136 MessageDigest – incremental API | PV18137 MessageDigest – solution | PV18138 Task03 - Cipher • getInstance(“algorithm/mode/padding”); • Default mode: ECB • Default padding: PKCS5 | PV18139 Cipher | PV18140 Cipher • init(mode, key, algorithmParameterSpec) • Cipher.DECRYPT_MODE • new SecretKeySpec(aesKey, "AES") • new IvParameterSpec(iv) | PV18141 Cipher – Key vs KeySpec • Key – opaque key, used in engine • getAlgoritm(), getEncoded() • KeySpec – key specification, transport & storage • getP(), getQ(), getN() | PV18142 Cipher – Key vs KeySpec • SecretKeySpec = Spec & Key in the same time | PV18143 Cipher – Key vs KeySpec | PV18144 Cipher – Key vs KeySpec • Why separated? | PV18145 Cipher – Key vs KeySpec • Why separated? Cipher.init(Cipher.DECRYPT_MODE, key) | PV18146 Cipher – Key vs KeySpec • Why separated? Cipher.init(Cipher.DECRYPT_MODE, key) Handle=0x123330 | PV18147 Cipher – Key vs KeySpec • Why separated? Cipher.init(Cipher.DECRYPT_MODE, key) Handle=0x123330, endpoint=https://… Cloud encryption HSM | PV18148 https://docs.oracle.com/javase/8/docs/tech notes/guides/security/crypto/CryptoSpec.ht ml#KeySpecs Cipher – Key materials • String vs. char[] • String is immutable, cannot zero out • Zero-out mutable byte[] after use to prevent key leakage to swap files (or Heartblead) | PV18149 Cipher – Key materials • GC deallocates but does not zero-out – key still there • Modern GC can copy, reorder mem (heap defrag), unable to properly delete keys from memory nowadays (Java does not specify behaviour, can differ). | PV18150 Cipher – Solution | PV18151 Key Factories • KeySpec → Key • Key → KeySpec • KeyFactory – asymmetric keys • SecretKeyFactory – symmetric keys | PV18152 Key generators • KeyGenerator – symmetric • generateSecret() → SecretKey • KeyPairGenerator – asymmetric • generateKeyPair() → KeyPair | PV18153 Certificate Builder • X509V3CertificateGenerator • Check: • https://web.archive.org/web/20200813000741/http://www.bouncy castle.org/wiki/display/JA1/X.509+Public+Key+Certificate+and+ Certification+Request+Generation • https://github.com/bcgit/bc-java/wiki/BC-%22Version-2%22--- The-post-BC-1.46-changes | PV18154 Diffie Hellman • KeyPairGenerator • KeyAgreement • https://github.com/firatkucuk/diffie-hellman-helloworld | PV18155 Thank you for your attention! Questions | PV18157 Assignment 10 – JavaCrypto • This is a programming assignment. Please upload your scripts/code and the required analysis via the course webpage. • The deadline for submission is January. 5, 2024, 23:59. – -3 points for each started 24h after the deadline. • Please name the submission file as _hw10.zip. Put there all java project folder, and all data produced (as long as the size is reasonable). • The code must contain comments so that it is reasonably easy to understand how to run the script for evaluating each answer. 58 | PV181