Java Cryptography Architecture and Security of ...

Java Cryptography Architecture and Security of Electronic Commerce Shen Guicheng1,2 1

School of Information Engineering Beijing University of Science and Technology Beijing, China [email protected]

Abstract-In this paper, the security of Electronic Commerce and the security methods are introduced firstly. Then, the history of Java Security Architecture and its design principles are described. After that, partial implementation of Elliptic Curve Cryptosystem developed with Java is discussed. In the end, the advantages of Electronic Commerce Systems developed with Java language and Java Security Architecture are displayed. Keywords-ElectronicCommercet; Information Security; publickey Cryptography; Java Security Architecture

I.

Zheng Xuefeng1 2

School of Information Beijing Wuzi University Beijing, China [email protected]

transaction information, private information. Cryptographic systems can be broadly divided into two kinds. In symmetric-key schemes, the communicating entities firstly agree upon keying material that is both secret and authentic. Subsequently, they may use a symmetric-key encryption scheme such as the Data Encryption Standard (DES), RC4, or the Advanced Encryption Standard (AES) to achieve confidentiality. They must also use a message authentication code (MAC) algorithm such as HMAC to achieve data integrity and data origin authentication.

INTRODUCTION

As the rapid development of Internet technology, a transaction revolution is taking place in Electronic Commerce (EC), and it is sure to bring the traditional market with high efficiency, globalization, therefore EC is surely the trend of international commerce in the future. By using digital and electronic methods, EC [1] exchanges data and develops commercial actions, and it is also named electronic trade and commerce electronicalization. EC systems connect shops, enterprise, customers, banks, financial organizations and governments, and realize the electronicalization of online transaction and transaction procedures, and change them into one entity. To accomplish the whole transaction favorably, the common methods and mechanics of electronic transactions is needed to construct and ensure that all partners can take part in commercial actions safely and reliability [2]. Although EC can not only help enterprises to improve their sales and cut down cost, but bring customers an chance that they can buy goods indoor and give them more selections, it is estimated that its production value in the United States is only $2,900,000,000,000 in 2001 [3], and is less than 3 percent of GDP. Perhaps people attribute this to the low level of computer networks, but many corporations or enterprises with high level of networks do not use this new form of commercial actions. The source of this problem is security problem, and it is the main course of hindering the development of electronic commerce, thus, the success or failure depends on weather electronic commerce is safe. There are many methods to ensure the security of electronic commerce, and the most important method is cryptography for it can prevent the illegal people from reading

Figure 1. Symmetric-Key cryptography

Diffe, Hellman and Merkle to address the shortcomings of symmetric-key cryptography introduced the notion of publickey cryptography in 1975. Public-key schemes require only that the communicating entities exchange keying material that is authentic (but not secret). Each entity selects a single key pair (e, d) consisting of a public key e, and a related private key d (that the entity keeps secret). The keys have the property that it is computationally infeasible to determine the private key solely from knowledge of the public key. Every unsymmetrical cryptosystem is based on a mathematical difficult problem. RSA [4] is based on the Integer Factorization problem (IFP); Diffie-Hellman is based on Discrete Logarithm Problem; Elliptic Curve Cryptography [5, 6] is based on Elliptic Curve Discrete Logarithm Problem. Public-key cryptography can solve confidentiality, nonrepudiation, integrity, but its speed is far slower than symmetric-key cryptography. In real case, we use public-key cryptosystem to signature, encrypt and decrypt the symmetric

978-1-4244-2108-4/08/$25.00 © 2008 IEEE

key, and use symmetric-key cryptosystem to encrypt and decrypt messages.

(CFB), Output Feedback (OFB), and Propagating Cipher Block Chaining (PCBC) modes. III.

DESIGN PRINCIPLES

The Java Cryptography Architecture (JCA) was designed around implementation independence and interoperability, and Algorithm independence and extensibility.

Figure 2. Public-key cryptography

As electronic-commerce systems run on different platforms, it is needed that the developing language must support platform independence. Therefore, java is the best choice to be used in developing electronic-commerce systems for Java is interpreted, and platform independent although the system is slower, thus public-key cryptosystem and symmetric-key cryptosystems can be implemented with Java language. What is more, Java provides JavaTM Security Architecture to support this trend. II.

HISTORY OF JAVA SECURITY ARCHITECTURE

The first release of Security API in JDK 1.1 introduced the "Java Cryptography Architecture" (JCA), a framework for accessing and developing cryptographic functionality for the Java platform. In JDK 1.1, the JCA included APIs for digital signatures and message digests. In subsequent releases, the Java 2 SDK significantly extended the Java Cryptography Architecture. It also upgraded the certificate management infrastructure to support X.509 v3 certificates, and introduced a new Java Security Architecture for fine-grain, highly configurable, flexible, and extensible access control. The Java Cryptography Architecture encompasses the parts of the Java 2 SDK Security API related to cryptography, as well as a set of conventions and specifications provided in this document. It includes a provider architecture that allows for multiple and interoperable cryptography implementations. The JavaTM Cryptography Extension (JCE) provides a framework and implementations for encryption, key generation and key agreement, and Message Authentication Code (MAC) algorithms. It supports encryption including symmetric, asymmetric, block, and stream ciphers. J2SE 5 comes standard with a JCE provider named "SunJCE", which comes pre-installed and registered and which supplies the following cryptographic services: an implementation of the DES (FIPS PUB 46-1), Triple DES, and Blowfish encryption algorithms in the Electronic Code Book (ECB), Cipher Block Chaining (CBC), Cipher Feedback

Implementation independence and algorithm independence are complementary; you can use cryptographic services, such as digital signatures and message digests, without worrying about the implementation details or even the algorithms that form the basis for these concepts. When complete algorithmindependence is not possible, the JCA provides standardized, algorithm- specific APIs. When implementation independence is not desirable, the JCA lets developers indicate a specific implementation. Algorithm independence is achieved by defining types of cryptographic "engines" (services), and defining classes that provide the functionality of these cryptographic engines. These classes are called engine classes, and examples are the MessageDigest, Signature, KeyFactory, and KeyPairGenerator classes. Implementation interoperability means that various implementations can work with each other, use each other's keys, or verify each other's signatures. This would mean, for example, that for the same algorithms, a key generated by one provider would be usable by another, and a signature generated by one provider would be verifiable by another. Algorithm extensibility means that new algorithms that fit in one of the supported engine classes can be added easily. IV. A.

SECURITY ARCHITECTURE

Cryptographic Service Providers

The Java Cryptography Architecture introduced the notion of a Cryptographic Service Provider. For example, in JDK 1.1 a provider could contain an implementation of one or more digital signature algorithms, message digest algorithms, and key generation algorithms. Java 2 SDK adds five additional types of services: key factories, keystore creation and management, algorithm parameter management, algorithm parameter generation, and certificate factories. It also enables a provider to supply a random number generation (RNG) algorithm. Previously, RNGs were not provider-based; a particular algorithm was hard-coded in the JDK. Sun's version of the Java runtime environment comes standard with a default provider, named SUN. Other Java runtime environments may not necessarily supply the SUN provider. The SUN provider package includes an implementation of the Digital Signature Algorithm (DSA), described in NIST FIPS 186, an implementation of the MD5 (RFC 1321) and SHA-1 (NIST FIPS 180-1) message digest algorithms, a DSA key pair generator for generating a pair of public and private keys suitable for the DSA algorithm, a DSA algorithm parameter generator, a DSA algorithm parameter

978-1-4244-2108-4/08/$25.00 © 2008 IEEE

manager, a DSA key factory providing bi-directional conversions between (opaque) DSA private and public key objects and their underlying key material, an implementation of the proprietary "SHA1PRNG" pseudo-random number generation algorithm, following the recommendations in the IEEE P1363 standard, a certificate path builder and validator for PKIX, as defined in the Internet X.509 Public Key Infrastructure Certificate and CRL Profile, a certificate store implementation for retrieving certificates and CRLs from Collection and LDAP directories, using the PKIX LDAP V2 Schema (RFC 2587), a certificate factory for X.509 certificates and Certificate Revocation Lists (CRLs), a keystore implementation for the proprietary keystore type named JKS. B. Key Management A database called a "keystore" can be used to manage a repository of keys and certificates. A keystore is available to applications that need it for authentication or signing purposes. Applications can access a keystore via an implementation of the KeyStore class, which is in the java.security package. A default KeyStore implementation is provided by Sun Microsystems. It implements the keystore as a file, using a proprietary keystore type (format) named "JKS". Applications can choose different types of keystore implementations from different providers, using the getInstance factory method supplied in the KeyStore class. C.

Support RSA, Diffe-Hellman, ECC

Starting in J2SE 5, full support for ECC classes to facilitate providers, which support ECC, have been included. The security package provides ECField, ECKey, ECPublicKey, ECPrivateKey, ECFieldF2m, ECFieldFp, ECCGenParameterSpec, ECPramaterSpec, ECPoint, ECPrivateKeySpec, ECPublicKeySpec.

In public-key cryptosystem, the most important operation is finite element field operation, for example RSA and Elliptic Curve Cryptosystem are on the finite element field. In RSA, the core operation is to compute md mod n and ce mod n, where m is the plaintext, c is the cipher text, d is public key, e is private key, n is the product of two primes. In Elliptic Curve Cryptosystem, Elliptic Curve is on a finite element field. In java.math package, there is a class named BigInteger that provides the most operations on a finite element. The operations include add, subtract, multiply, divide, mod and inverse. We can use BigInteger to implement all operations in RSA. In this paper, we can use several classes to demonstrate how to implement Elliptic Curve Cryptosystem. In Elliptic curve Cryptography, There is an elliptic curve on a finite element field, and points on the curve forms an Abel group with point addition. The curve is described as the following equation. 2

3

2

y + a xy+ a y = x + a x + a x + a ,a ∈ F 1

3

2

4

i

(1)

If char(F) is not equal to 2 and 3, the above equation can be reduced as follows. 2

3

y =x

+ ax + b, a ∈ F , b ∈ F

(2)

If point P and point Q are different, let R = P+Q, figure 3 describes how two points add. If point P and point Q are the same, figure 4 describe how two same points add.

Support for HmacSHA256, HmacSHA384, HmacSHA512, HmacSHA-256, HmacSHA-384, and HmacSHA-512 algorithms have been added to J2SE 5, and RSA Encryption to SunJCE Provider, and a publicly accessible RSA encryption implementation has been added to the SunJCE provider. It also supports for RC2 and ARCFOUR Ciphers to SunJCE Provider, and the SunJCE provider now implements the RC2 (RFC 2268) and ARCFOUR (an RC4TM-compatible algorithm) ciphers.

Figure 3. R=P+Q

It supports for XML Encryption Padding Algorithm in JCE Block Encryption Ciphers. V.

6

PARTIAL IMPLEMENTATION OF ELLIPTIC CURVE CRYPTOSYSTEM

Although the systems developed with Java Language is slower than the systems developed with Assemble Language and C language and C++ language in the first impression for Java System is interpreted, Java library is implemented by native language. Now Java provides many classes to implement public-key cryptosystem.

978-1-4244-2108-4/08/$25.00 © 2008 IEEE

Figure 4. R=P+P

F is a finite element field F(pm), and p is a prime. In this paper, we suppose p is a large prime, and q is 1. The filed must support add, subtract, multiply, inverse. We define a class myECField, which extends the class ECFiledFP. import java.math.*; import java.security.speci.*; class myECField extends ECFieldFP { public myECField(BigInteger PRIME) …… public BigInteger add(BigInteger a, BigInteger b) …… public BigInteger subtract(BigInteger a, BigInteger b) …

VI.

CONCLUSIONS

As there are many classes for us to use, and these classes involve various sides in electronic commerce. These sides include digital signature, signature verification, encryption, decryption, key agreement, x509 certificate, and etc. it is useful to use java language to develop electronic commerce systems. Therefore, such systems can run on various platforms. As the security library is developed with native language, security systems developed with Java language also have high efficiency. By using this security architecture, different developers can develop various information security parts of Electronic Commerce, and these parts can be integrated into one system.

public BigInteger multiply(BigInteger a,BigInteger b) … ACKNOWLEDGEMENT

public BigInteger inverse(BigInteger a) { BigInteger P = getP(); return a.modInverse(P); } } The efficiency of BigInteger is very high. We use BigInteger modInverse method to compute the inverse of an element in the filed, and we compute an inverse of an element for 1000000 times for the cost time is very small. We use NIST primes Suggested by FIGs 186-2 standard. Suppose P = 2192-264-1, A=2190-1, its inverse is 1332017 50210766574338204049062441704876280816936127174781 85176037969244446809146823022360294308401920571278 3578996, and the total time is 31 seconds. That is to say, the computing time is only 3.1e-5 second. Suppose P = 2521-1, A=2510+1, its inverse is 207798151 71928792653919821882408393515948720829729345770243 26543128060101059237207769290899466173704947680908 17948967346053297105361269353279122375113715541443 68046628531006235845202802014237278430401542739436 00691684208581182834050980554991665534645508088989 38825388854132758971716363931390118806635270352105 94545, and its total time is 200 seconds. That is to say, the computing time is only 2e-4 second. As value is very close to P, the cost time is almost the most time consuming. Our test platform is only a desktop; its CPU is 1.8G HZ; the size of its memory is 0.9GM. Elliptic Curve class can be implemented in the same way, and the implementation details are omitted. The class BigInteger also provides a method to compute primes and the method name is nexProbablePrime().

This paper is supported by five projects including Funding Project for Academic Human Resources Development in Institutions of Higher Learning under the Jurisdiction of Beijing Municipality, Research on Digitalization Picking System based on Information Fusion Technology, Construction of Practice Architecture for Electronic Commerce Specialty (PXM2006_014214_023239), Creative Platform for Science and Technology of Beijing Wuzi University, and Research on Security Architecture of Electronic Commerce of Beijing Wuzi University. REFERENCES [1]

Zhang Fude. “Technologies of China Electronic Commerce”[M]. Blue Sky Press. 1999, p1-8, p102-121 [2] Wang Ting, Lu Shuwang. “Electronic Commerce and Elliptic Curve Cryptography”[J]. Research on Computer Applications. 2000. p19-21 [3] Zhang Qinghua, Yang Chunde. “Application of Elliptic Curve Cryptotgraphy in Electronic Commerce”[J]. Computer Engineering and Application. 2004-9. p155-157. [4] R.L.Rivest,A.Shamir, andL.Adleman. “A method for obtaining digital signatures and public-key cryptosystems”. Communications of theACM,Feb, 1978, 21 (2) :120-126 . [5] Miller V. “Users of elliptic curves in cryptography” [M]. Advances in Cryptography – Crypto’85[c]. Berling: Springer-Verlag, 1986. 417-426 [6] Koblitz N. “Elliptic curve cryptosystems”[J]. Mathematics of Computation, 1987, 148:203-209 [7] Wang Yanbo. “View of the cryptography on Elliptic Curves”[J]. Journal of PLA University of Science and Technology. Vol.s No.6 Dec. 2002. 18-25 [8] William J Caelli, Edward P Dawson, Scott A Rea. “PKI Elliptic Curve Cryptography and Digital Signatures”[J]. Computer & Security, 1998, 18(1):47-66 [9] Darrel Hankerson, Alfred Menezes, Scott Vanstone. “Guide to Elliptic Curve Cryptography”[M]. Springer-Verlag New York. Inc. [10] JDK Documents. http://java.sun.com

In public Cryptography, Producing an integer randomly is very important, especially in Elgmal and ECC, and Java Security Architecture provides a class named SecureRandom to produce integers randomly. An object of this class is crated by an argument named seed. The method producing integers randomly is nextBytes()

978-1-4244-2108-4/08/$25.00 © 2008 IEEE