https://stackoverflow.com/questions/32437550/whats-the-difference-between-instant-and-localdatetime
SHA is a family of “Secure Hash Algorithms” is not encryption , it is a hash function. SHA functions take a large document or value and compute a “digest” (also called “hash”) of the input. Please note this is a one-way process. You can’t retrieve the document from the Hash
AES( Advanced Encryption Standard) is symmetric block encryption. Both sides must have the same secret key to encrypt and decrypt
RSA is asymmetric encryption. Each side has a public and private key. You share your public key so that others can encrypt a message but only you can read it (with your private key)
In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as cipher text Only authorized parties can decipher a ciphertext back to plaintext and access the original information.
Modern encryption schemes utilise the concepts of public-key and symmetric-key
Public-key cryptography, or asymmetric cryptography, is a cryptographic system that uses pairs of keys: public keys, which may be disseminated widely, and private keys, which are known only to the owner. Ex – RSA
Two of the best-known uses of public key cryptography are:
- Public key encryption, in which a message is encrypted with a recipient’s public key. The message cannot be decrypted by anyone who does not possess the matching private key, who is thus presumed to be the owner of that key and the person associated with the public key. This is used in an attempt to ensure confidentiality.
- Digital signatures, in which a message is signed with the sender’s private key and can be verified by anyone who has access to the sender’s public key. This verification proves that the sender had access to the private key, and therefore is likely to be the person associated with the public key. This also ensures that the message has not been tampered with, as a signature is mathematically bound to the message it originally was made with, and verification will fail for practically any other message, no matter how similar to the original message.
Symmetric key
In symmetric-key schemes the encryption and decryption keys are the same. Communicating parties must have the same key in order to achieve secure communication. EX – AES , DES, HMAC
Integrity protection of ciphertexts
Encryption, by itself, can protect the confidentiality of messages, but other techniques are still needed to protect the integrity and authenticity of a message; for example, verification of a message authentication code (MAC) or a digital signature.
Padding
In cryptography, padding is any of a number of distinct practices which all include adding data to the beginning, middle, or end of a message prior to encryption. In classical cryptography, padding may include adding nonsense phrases to a message to obscure the fact that many messages end in predictable ways, e.g. sincerely yours.
Cryptographic hash algorithms
- MD5, SHA-1, RIPEMD-160, Whirlpool, SHA-2, SHA-3
The MD5 message-digest algorithm is a widely used hash function producing a 128-bit hash value.It can still be used as a checksum to verify data integrity, but only against unintentional corruption.
In cryptography, SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function which takes an input and produces a 160-bit (20-byte) hash value known as a message digest .
The ideal situation is encrypt-then-MAC. See this question for more information why.
I would say that a checksum is necessarily a hashcode. However, not all hashcodes make good checksums.
AES encryption and decryption to secure and protect data during communication. secret key must be minimum of 16 digit for AES-128 bit key and 32 digit for AES-256. (AES-128, AES-192 and AES-256)
| Cryptographic function | Key lengths | Initialization vector lengths (all modes) | ||
|---|---|---|---|---|
| In bytes | In bits | In bytes | In bits | |
| AES | 16, 24 or 32 | 128, 192 or 256 | 16 | 128 |
Cipher cipher = Cipher.getInstance(“AES/CBC/PKCS5PADDING“, “SunJCE”);
Base 64 character encoding and decoding
Checksum : mainly used to avoid man in the middle attack or integrity of the data.
1. While generating checksum for the request use TreeMap while generating and verifying the checksum .. small change in the order will result checksum failure.
2. The most commonly used algorithms used to generate the checksum are MD5 and SHA family (SHA1, SHA256, SHA384, and SHA512).
MessageDigest messageDigest = MessageDigest.getInstance(“SHA-256”);
hashValue = byteArray2Hex(messageDigest.digest(value.getBytes()));
General Algo to use both checksum and aes encryption
Signature : AES(Hash([{“id”:”1234″,”typ”:”abc”}] + | + 8Random)+8Random)
rk_sehara 