Trusting Your E-mail with Java Security

By Theodore J. Shrader
2003-12-04


Public and private keys

Enter the technology and promise of public and private keys to address the security needs of e-business. This technology addresses the security requirements through what is commonly referred to as the Public Key Infrastructure (PKI). As described before, keys are a unique sequence of bits. Public key technologies require two keys: one public and one private. Information encrypted with either key only can be decrypted with the other key. For example, a private key can encrypt data and only the associated public key can decrypt the encrypted data. The reverse is also true. The difference between this method and the use of a secret key as described in the previous section is that the same key cannot be used to encrypt and decrypt information. Data encrypted by a public key cannot be decrypted by the same public key. Only the associated private key can decrypt the data.

There are two popular public and private key algorithms:

• RSA -- Rivest, Shamir, and Adleman (authors of the RSA algorithm)
• DSA -- Digital Signature Algorithm

RSA is the most commonly used since it can be used for both the encryption of hashed data and for general-purpose encryption. DSA can only be used to encrypt hashed data. As we will learn, encrypted hashes are known as signatures.

We've discussed a characteristic of public and private keys in that they can be used to encrypt data and that certainly addresses our confidentiality requirement. More importantly, the architecture of public and private keys allows the keys to be distributed to provide for accountability and communication. The owner of the key pair always keeps the private key hidden while freely sharing the public key with others through a trusted publication method known as a certificate. The certificate format provides a standard and trusted method for publication, fulfilling our fourth security requirement. The most popular form of a certificate is X.509, and these certificates store public keys at their heart.

By utilizing the nature of public and private keys, wherein the private key is kept hidden and accountable only to the owner of the key pair, we can leverage security algorithms, such as those that sign data, to authenticate senders of information and verify the integrity of the authenticated information.

Tutorial Pages:
» Java technologies give you a complete and secure solution
» Security requirements
» Failing scenarios
» Building closed systems
» Using a secret key
» Opening the message
» Public and private keys
» Signing a message
» Signing messages with Java technologies
» Using PKCS and S/MIME
» Encrypting messages
» Conclusion


First published by IBM DeveloperWorks

Related Tutorials: » All about JAXP, Part 1 » Make Database Queries Without the Database » Load List Values for Improved Efficiency » 2 Ways To Implement Session Tracking » A Simple Way to Read an XML File in Java » Develop Aspect-Oriented Java Applications with Eclipse and AJDT

Tutorials AJAX ASP CGI & Perl CSS Flash HTML Illustrator Java JavaScript Linux MySQL PHP Photoshop Python Wireless XML Miscellaneous Scripts AJAX ASP ASP.NET CGI & Perl Flash Java JavaScript PHP Python Remotely Hosted Tools & Utilities XML Web Hosting Articles ASP.NET Budget Dedicated Servers Ecommerce Linux Resellers Shared Small Business Windows Developer Manuals Learn HTML Learn PHP Learn CSS Learn AJAX Learn JavaScript Learn Pear White Papers Resources Developer Tools Developer Content