Chapter 7. Encryption

Encryption is a tool you can use to protect secrets. You might encrypt files on your hard drive so that the loss or theft of your computer would not compromise your data. You might also want to encrypt your network communications, especially the ones to your bank, or your doctor, or your friends.

A cipher encrypts or decrypts data. Ciphers comes in three flavors:

  • Symmetric , or private key , ciphers use a single secret key to encrypt and decrypt data. Symmetric keys can be useful in applications like hard-disk file encryption, when the same person encrypts and decrypts data.

  • Asymmetric , or public key , ciphers use a pair of keys. One key is public and may be freely distributed. The other key is private and should be kept secret. Data encrypted with either key can be decrypted using the other key.

  • Hybrid systems use a combination of symmetric and asymmetric ciphers. Asymmetric ciphers are much slower than their symmetric counterparts. In a hybrid system, an asymmetric cipher is used to exchange a private key (also called a secret key or a session key). The secret key is used with a symmetric cipher for data encryption and decryption.

This list mixes apples and oranges a little bit. Symmetric and asymmetric ciphers are described by algorithms. A hybrid system is at a higher level; it’s a protocol that uses both public and private key algorithms.

In this chapter, I’ll cover the following topics:

  • Stream and block ciphers

  • Padding for block ciphers

  • Cipher modes, or the ...

Get Java Cryptography now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.