用Java加密敏感的应用程序数据
[英]Encrypting sensitive application data in Java
问题描述
I'm currently assessing a project where highly sensitive personal information is handled thus it needs to be encrypted. 
我目前正在评估一个处理高度敏感的个人信息,因此需要对其进行加密的项目。 We are talking like several 100 megabytes of multimedia files, like MP3 or something else. 我们正在谈论的是几百兆的多媒体文件,例如MP3或其他东西。 The application will most certainly be implemented in Java with JavaFX as GUI/Frontend. 该应用程序肯定会在JavaFX中以JavaFX作为GUI / Frontend来实现。 Now I am searching for a feasible solution to protect that data from unintentional/intentional misuse. 现在,我正在寻找一种可行的解决方案,以保护该数据免受意外/故意的滥用。 The data needs to be encrypted somehow. 数据需要以某种方式进行加密。 The user needs to provide login credentials before using the software, so using the password to unlock a key used for symmetric crypto would be possible. 用户在使用该软件之前需要提供登录凭据,因此可以使用密码来解锁用于对称加密的密钥。 The users of the application will be non professional thus things like TrueCrypt or similar solutions won't do the trick. 该应用程序的用户将是非专业人士,因此TrueCrypt之类的解决方案或类似解决方案将无法解决问题。 Although some kind of transparent solution would be best. 尽管某种透明的解决方案是最好的。 So is there any (semi-) standard solution for this problem? 那么,对于此问题是否有(半)标准解决方案?
Thanks for the help 谢谢您的帮助
Greetings, 问候,
Andreas 安德烈亚斯
2 个解决方案
解决方案1
2 已采纳 2010-12-13 14:47:54
The following method encrypts a given byte array, where keyC is the encryption key. 以下方法对给定的字节数组进行加密,其中keyC是加密密钥。 initalVector is the initial vector used for the encryption. initalVector是用于加密的初始向量。 This vector is typically used for AES encryption in counter (CTR) mode, but is not necessary for other modes. 此向量通常用于计数器(CTR)模式下的AES加密,但对于其他模式则不是必需的。 It's an array of a certain 16 bytes, used for encrypting and decrypting. 它是一个大约16个字节的数组,用于加密和解密。
private byte[] encryptAES128(byte[] input, byte[] initialVector) {
SecretKey aeskey = new SecretKeySpec(keyC, 0, 16, "AES");
AlgorithmParameterSpec paramSpec = new IvParameterSpec(initialVector);
cipher = Cipher.getInstance("AES/CTR/NOPADDING");
getAesCTRCipher().init(Cipher.ENCRYPT_MODE, aeskey, paramSpec);
return getAesCTRCipher().doFinal(input);
}
This method returns a new byte array, being the encrypted input array. 此方法返回一个新的字节数组,即加密的输入数组。 It always works in blocks of 16 bytes. 它始终以16字节的块工作。 For larger files, you need run a for loop over the bytes and concatenate the result :) 对于较大的文件,您需要在字节上运行for循环并连接结果:)
Good luck! 祝好运!
Edit: After encrypting a block of 16 bytes, you need to increment the initial vector, that is if the encryption runs in Counter mode :) 编辑:加密一个16字节的块后,您需要增加初始向量,也就是说,如果加密以计数器模式运行:)
解决方案2
-3 2010-12-09 22:54:20
Use a public-key encryption algorithm, such as RSA. 使用公共密钥加密算法,例如RSA。 strong, almost uncrackable and easy to use and understand. 强大,几乎不可破解且易于使用和理解。 there's probably even a method or even a class for RSA or similar encryptions in Java. 甚至可能还有用于RSA或Java中类似加密的方法或类。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.