Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / Security / December 2004

Tip: Looking for answers? Try searching our database.

[Newbie] How to use public key to encrypt and private key to decrypt

Thread view: 
Enable EMail AlertsStart New Thread
Rogue Chameleon - 23 Sep 2004 21:07 GMT
Hi all

I've managed to generate a public and private key pair, and store them in
separate files.  Now, how do I go about using them to encrypt a file (using
the public key) and decrypt the file (using the private key)?

tia!

Signature

Rogue Chameleon...

Reply to this Message
Edward A. Feustel - 24 Sep 2004 12:39 GMT
> Hi all
>
[quoted text clipped - 4 lines]
>
> tia!

Have you a public key certificate?

If you do, provide it to a friend who can import it into an e-mail client
like outlook, outlook express, mozilla, thunderbird. When sending you
e-mail, have him use that certificate to encrypt mail to you.
Import your private key into your e-mail program and specify that key as the
decryption/signing key.
Your e-mail program will do the work of decryption.

Alternatively, get pgp encryption/decryption and import your keys into it.

Incidentally, you can get freemail certificates and private key from Thawte
(www.thawte.com) [ look for freemail] for free.
Ed
Reply to this Message
Rogue Chameleon - 24 Sep 2004 13:20 GMT
> Have you a public key certificate?
>
[quoted text clipped - 10 lines]
> (www.thawte.com) [ look for freemail] for free.
> Ed

I think I may have mislead you with my question.  Allow me to be a little
more detailed in what it is I am trying to do.

From a web server, I will be creating text based reports that need to be
sent to a customer.  The data in these reports is sensitive and needs to be
encrypted before being emailed out.  What I plan on doing is using a Public
Key (from java.security) to encrypt the file, and using a Private Key (from
java.security) to decrypt the file.

Now, what I've accomplished so far is the creation of the two keys.  What I
am trying to figure out is how to encrypt and decrypt the file within the
JCA.

Rogue Chameleon
Reply to this Message
Edward A. Feustel - 25 Sep 2004 12:24 GMT
>> Have you a public key certificate?
>>
[quoted text clipped - 32 lines]
>
> Rogue Chameleon

Sorry,
I am not that familiar with the JCA.

I think I might take an alternative route IF I had control of the Web Server
and it was running
Mod-SSL Apache for example. I would insist that the client had a Public Key
certificate from
a reliable source known to most browsers. I would get a Public Key
certificate from a reliable source known to most browsers. Then I would set
up SSL for mutual authentication and encryption.
See a book such as Professional Apache for details.

What ever was sent over the SSL channel would be encrypted in both
directions with automatic encryption and decryption as well as certificate
handling  taking place in the browser/server.
The Server can also go through an Authorization step so that only the
clients you wish can have
access to specific file(s). This system is easily generalizable to many
clients and providers who have minimal experience with
encryption/decryption.

If your server system is physically secure you should have no problems with
confidentiality.

Hope this helps.
Ed
Reply to this Message
Sebastian Hentschel - 15 Dec 2004 15:11 GMT
Hi What you need is an Certificate for your
public key. And than do someting like this
to initialize your Cipher.

X509Certificate cert = ...
Cipher rsaCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
rsaCipher.init(Cipher.ENCRYPT_MODE, cert);

With that Cipher you can create an CipherIn- or OutputStream.

At the Decryption site of your application you can
initilize your Cihper with the Private-Key.

You should store the private key in an password encrypted
Keystore (ex. JDKPKCS12KeyStore from BouncyCastle)

Hope it helps

But you should think about symetric encryption.
Create a symetric key, encrypt message with "symkey" and
encrypt the "symkey" with the public key and send both
encrypted message and encrypted "symkey".
On the other side decrypt "symkey" and with that decrypted
"symkey" decrypt the message.

If you must ensure that the message comes from the server
you should sign something: either the symkey before encryption
or the complete messagebundle(encrypted message,encrypted key).

Hope it helps even though my bad english

Kind regards.
Sebastian

> Hi all
>
[quoted text clipped - 3 lines]
>
> tia!
Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.