Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to combine a private key and a public key for a shared secret in Java

Tags:

java

cryptography

public-key-encryption

I'm reading the wikipedia about public-key Public-key cryptography ( http://en.wikipedia.org/wiki/Public-key_cryptography ) and in it it says:

In the Diffie–Hellman key exchange scheme, each party generates a public/private key pair and distributes the public key... After obtaining an authentic copy of each other's public keys, Alice and Bob can compute a shared secret offline. The shared secret can be used, for instance, as the key for a symmetric cipher.

I'm wondering how to achieve this in Java? i.e., given an arbitrary public-key and an arbitary private-key, how to generate a share-secret from it?

To make it more clear:

Alice has a public/private key pair key_pair_alice,

Bob has a public/private key pair key_pair_bob,

Assuming my understanding is right, there should be a method combine_keys() so that:

combine_keys(key_pair_alice.private, key_pair_bob.public) == 
    combine_keys(key_pair_alice.public, key_pair_bob.private)

My question is how to implement the combine_keys() method in Java.

Thanks.

like image 764
Wudong Avatar asked Jan 25 '12 11:01

Wudong

People also ask

How do public and private keys work together?

Public keys and private keys are the working parts of Public-key cryptography. Together, they encrypt and decrypt data that resides or moves in a network. The public key is truly public and can be shared widely while the private key should be known only to the owner.

Can private and public key be the same?

In some cases, you could, if you really wanted, make a public key equal the private key. It would completely negate the benefit of using a public key cryptosystem, though, because access to the public key would imply access to the private key.

Can you encrypt with private key and decrypt with public key?

Anyone can encrypt a message by using your public key, but only you can read it. When you receive the message, you decrypt it by using your private key. Similarly, you can encrypt a message for anyone else by using their public key, and they decrypt it by using their private key.

1 Answers

After some research, I have come up with the solution using Java's crypto package.

 public static void main(String[] args) {
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH");
AlgorithmParameterGenerator paramGen = AlgorithmParameterGenerator
    .getInstance("DH");
paramGen.init(1024);

// Generate the parameters
AlgorithmParameters params = paramGen.generateParameters();
DHParameterSpec dhSpec = (DHParameterSpec) params
    .getParameterSpec(DHParameterSpec.class);

keyGen.initialize(dhSpec);

KeyPair alice_key = keyGen.generateKeyPair();
KeyPair bob_key = keyGen.generateKeyPair();

SecretKey secret_alice = combine(alice_key.getPrivate(),
    bob_key.getPublic());

SecretKey secret_bob = combine(bob_key.getPrivate(),
    alice_key.getPublic());

System.out.println(Arrays.toString(secret_alice.getEncoded()));
System.out.println(Arrays.toString(secret_bob.getEncoded()));
}

private static SecretKey combine(PrivateKey private1,
    PublicKey public1)  {
KeyAgreement ka = KeyAgreement.getInstance("DH");
ka.init(private1);
ka.doPhase(public1, true);
SecretKey secretKey = ka.generateSecret("DES");
return secretKey;
}

The sysout in the end shows that alice and bob now shares a same secrete.

like image 151
Wudong Avatar answered Oct 22 '22 05:10

Wudong
Sign in to Comment

Related questions

Eclipse run old version of program
I want to make an Android app with a map that provides directions, but not Google Maps
JPQL: Enum literal in SELECT NEW query
How to make a symbol table
Android Final Variables
How returns XxxSize from JComponent(s) added to the JLabel
What's the difference between "Thread.currentThread().getName" and "this.getName"?
Is there a relation between object size and locking performancein Java?
Java Swing Mac OSX Preferences Menu
How to understand the wait and notify method in Java Thread?
Java Image Cut Off
Difference between BigInteger.probablePrime() and other primality algorithms in java
Amazon S3 Policy Signing in Java
Multithreaded correctness: Using synchronized block
Shutdown tomcat using web application deployed in it
Put JTable in the JTree
Proguard is saying it can't find any classes
HashMap in class diagram (UML)
Why Stateless EJBs are pooled?
Custom Jackson Deserializer Getting Access to Current Field Class

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!