Sept 26th, 2007
CMSC414, Fall 2007
Prof: Udaya Shankar
TA: Phil Huynh
Project 1: Using DES in Java
Description
This project is to get you familiar with the Java Cryptography Extension (JCE)
library from Sun, in particular, with the javax.crypto
package. You will use the package to complete the implementation of two
functions, encryptDES( ) and
decryptDES( ), in the supplied file DesEncrypter.java.
The first function takes plaintext message and password and returns ciphertext.
The second function takes ciphertext and password and returns plaintext message.
Your functions will essentially be wrappers for corresponding encryption
functions in javax.crypto. Because of this and the information given below, the
project is a piece of cake.
Details
- public String encryptDES( String msg, String password )
- Takes plaintext message and password and returns ciphertext. It
prepends a "salt" to the message before encryption.
- The message and password strings are in UTF8 encoding scheme.
- The output is the ciphertext converted to a string in
sun.misc.BASE64 encoding scheme. The BASE64 encoding ensures that
the output string has no non-displayable characters.
- Use the encryption algorithm PBEWithMD5AndDES from
javax.crypto. You may want to make the function call:
SecretKeyFactory kf = SecretKeyFactory.getInstance("PBEWithMD5AndDES")
- Operation mode is CBC
- Padding scheme is PKCS5Padding
- public String decryptDES(String cipher, String password)
- Takes ciphertext string produced by encryptDES() and a password and
returns the decrypted plaintext string (without the salt).
- Encoding scheme is the same as in encryptDES() function
- File DesEncrypter.java defines static variables
ITERATION_COUNT, salt, algorithmParamSpec. Do NOT change them.
ITERATION_COUNT and salt are used to produce
algorithmParamSpec, which is used when initializing your cipher. The
latter is done by by calling
Cipher.init(Cipher.DECRYPT_MODE, key, algorithmParamSpec).
- Do NOT change the package name for this project, which is
cmsc414.project1
- You will need to read up on the following in the
Java API: AlgorithmParameterSpec, PBEParameterSpec, KeySpec,
PBEKeySpec, SecretKeyFactory, SecretKey, Cipher, sun.misc.BASE64Encoder,
sun.misc.BASE64Decoder.
- UPDATE:
sun.misc.BASE64Decoder/Encoder are classes
inside the standard JDK 5.0 but not documented. In order to use these 2
classes, just need to import the package that they belong to, in this case,
"import sun.misc.*;" If you are using Eclipse, the "intellisense"
feature will allow you to discovery these classes' API.
Any question about the project please direct them to the TA
Delivery and Submission
The file src.zip, avaliable in /afs/glue.umd.edu/class/fall2007/cmsc/414/0101/public/p1_handout,
contains the DesEncrypter.java skeleton.
Modify the DesEncrypter.java file in src.zip, then re-zip the src directory
to src.zip. Do NOT change the directory structure.
Submit the zip file by typing the following in the directory where you have
your src.zip:
/afs/glue/class/fall2007/cmsc/414/0101/public/submit-p1 src.zip
Late submissions
Submit time is as indicated by the clock on the grace machines.
- submit time < deadline: graded out of 100%
- deadline < submit time < deadline + 1 hour: graded out of 90%
- deadline + 1 hour < submit time < deadline + 24 hours: graded out of 80%
- deadline + 48 hours < submit time: NOT ACCEPTED
p1tester
For your convenience, we have provided a program p1tester that you can
use for testing your solution. You can input a password and a message and it
will output the encrypted cipher text, which you can then compare it with the
output from your solution.
- Log in to scary.umd.edu with your grace
login account.
- cd to /afs/glue.umd.edu/class/fall2007/cmsc/414/0101/public/
- Run: tap java150
- Run: p1tester
Additional
- JDK 5.0 is used for testing.
- Always login to scary.umd.edu since you need to do your work on a
linux machine
- To access Java 5.0 on this machine, run tap java150.