The first step in utilizing JXTA’s security infrastructure is to obtain the necessary set of keys. The security infrastructure supports and uses two kinds of keys:
These are symmetric keys that encrypt and decrypt data. They are symmetric because the same key converts plain-text to ciphertext (encrypted text) and ciphertext to plain-text. The standard JXTA bindings support secret keys for RC4 ciphers.
These are asymmetric keys used for a variety of operations. Data that is encrypted (or signed) with a public key can be decrypted only with a corresponding private key, and vice versa. JXTA supports algorithms based on RSA public/private key pairs.
The big difference between these types of keys is how they are shared. Public and private key pairs have a big advantage here: you keep your private key private, but you can share your public key with the whole world. People who want to send you data can use your public key to encrypt the data; they know that only you can decrypt the data because only you have the necessary private key. Conversely, if you send data encrypted with your private key to someone else, she can verify that the data was sent by you: your public key can decrypt the data, which proves that it was initially encrypted with your private key.
Shared keys, on the other hand, must be shared between both participants in a data exchange; however, each must have the same shared key at their disposal. This can be very ...