com.feilong.security.symmetric.SymmetricType Maven / Gradle / Ivy
Show all versions of feilong Show documentation
/*
* Copyright (C) 2008 feilong
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.feilong.security.symmetric;
/**
* 对称加密的类型.
*
* 对比
*
*
*
* Use AES.
*
* In more details:
* Comparison of
* DES, Triple DES, AES, blowfish encryption for data
*
*
*
*
* 字段
* 说明
*
*
*
* {@link #DES}
* is the old "data encryption standard" from the seventies.
* Its key size is too short for proper security (56 effective bits; this can be brute-forced, as has been demonstrated more than ten years
* ago).
* Also, DES uses 64-bit blocks, which raises some potential issues when encrypting several gigabytes of data with the same key (a gigabyte
* is not that big nowadays).
*
*
*
* {@link #DESede} or {@link #TripleDES}
* is a trick to reuse DES implementations, by cascading three instances of DES (with distinct keys).
* 3DES is believed to be secure up to at least "2112" security (which is quite a lot, and quite far in the realm of
* "not breakable with today's technology").
* But it is slow, especially in software (DES was designed for efficient hardware implementation, but it
* sucks in software; and 3DES sucks three times as much).
*
*
*
* {@link #Blowfish}
* is a block cipher proposed by Bruce Schneier, and deployed in some softwares.
* Blowfish can use huge keys and is believed secure, except with regards to its block size, which is 64 bits, just like DES and 3DES.
* Blowfish is efficient in software, at least on some software platforms (it uses key-dependent lookup tables, hence performance depends on
* how the platform handles memory and caches).
*
*
*
* {@link #AES}(推荐使用)
* is the successor of DES as standard symmetric encryption algorithm for US federal organizations (and as standard for pretty much
* everybody else, too).
* AES accepts keys of 128, 192 or 256 bits (128 bits is already very unbreakable), uses 128-bit blocks (so no issue there), and is
* efficient in both software and hardware.
* It was selected through an open competition involving hundreds of cryptographers during several years.
* Basically, you cannot have better than that.
*
*
*
*
*
* So, when in doubt, use AES.
*
* Note that a block cipher is a box which encrypts "blocks" (128-bit chunks of data with AES). When encrypting a "message" which may be
* longer than 128 bits, the message must be split into blocks, and the actual way you do the split is called the mode of operation or
* "chaining". The naive mode (simple split) is called ECB and has issues. Using a block cipher properly is not easy, and it is more
* important than selecting between, e.g., AES or 3DES.
*
*
*
* @author feilong
* @version 1.0 2012-3-24 下午11:36:22
* @see 加解密在线测试网站
* @see JCA Reference Guide
* @see JCA Standard Algorithm Name
* Documentation
*/
public enum SymmetricType{
/**
* Data Encryption Standard,即数据加密算法.
*
*
* 数据示例: LdCGo0dplVASWwJrvlHqpw==
*
*
* key size must be equal to 56
*
*
* 它是IBM公司于1975年研究成功并公开发表的
*
*
* DES算法把64位的明文输入块变为64位的密文输出块,它所使用的密钥也是64位
* DES共有四种工作模式{@code -->>}ECB:电子密码本模式、CBC:加密分组链接模式、CFB:加密反馈模式、OFB:输出反馈模式
*
* 最常用的对称加密算法,安全性较差,
* The Digital Encryption Standard as described in FIPS PUB 46-2.
*/
DES("DES"),
/**
* Triple DES Encryption (DES-EDE),针对DES安全性的改进产生了能满足当前安全需要的TripleDES算法,等于 {@link #TripleDES}
*
* 数据示例: sIVcl7DB9hzAsiGKGFVJ2g==
*
*
* key size must be equal to 112 or 168.
*
*
* 3DES(或称为Triple DES)是三重数据加密算法(TDEA,Triple Data Encryption Algorithm)块密码的通称.
* 它相当于是对每个数据块应用三次DES加密算法.由于计算机运算能力的增强,原版DES密码的密钥长度变得容易被暴力破解;
* 3DES即是设计用来提供一种相对简单的方法,即通过增加DES的密钥长度来避免类似的攻击,而不是设计一种全新的块密码算法.
*
* @see 加解密在线测试网站
*/
DESede("DESede"),
/**
* The Triple des.
*
* @deprecated please use {@link #DESede}
*/
@SuppressWarnings("dep-ann")
TripleDES("TripleDES"),
/**
* (对称加密首选) Advanced Encryption
* Standard as specified by NIST in a draft FIPS.
*
*
* 是替代DES算法的新算法,可提供很好的安全性.
*
*
*
* 数据示例: MKNbK/ieTaepCk8SefgPMw==
*
*
* Based on the Rijndael algorithm by Joan Daemen and Vincent Rijmen
* AES is a 128-bit block cipher supporting keys of 128, 192, and 256 bits
*/
AES("AES"),
/**
* Blowfish.
*
* 数据示例: BVl2k0U5+qrX8Otcg/4NXQ==
*
* The block cipher designed by Bruce Schneier,key size must be multiple of 8, and can only range from 32 to 448 (inclusive)
* 密钥长度可达448位.
*/
Blowfish("Blowfish"),
/**
* RC2.
*
* 数据示例: CyJ22S/ct5YAhv5wMCTFZQ==
*
* key size must be between 40 and 1024 bits.
*/
RC2("RC2"),
/**
* RC4.
*
* 数据示例: Jo5UARgjNRbDaL0VW77a
*
*
* s key size must be between 40 and 1024 bits.
*/
RC4("RC4"),
/**
* ARCFOUR.
*
* 数据示例: R1qRmIN8s4VY7OTRspIA
*
*/
ARCFOUR("ARCFOUR");
// java.security.NoSuchAlgorithmException: RSA KeyGenerator not available
// java.security.InvalidKeyException: No installed provider supports this key: (null)
// RSA,
// java.security.NoSuchAlgorithmException: Cannot find any provider supporting RC5
// RC5,
// java.security.NoSuchAlgorithmException: Cannot find any provider supporting Serpent
// Serpent,
// Cannot find any provider supporting Twofish
// Twofish,
// PBEWithMD5AndDES KeyGenerator not available
// PBEWithMD5AndDES,
//---------------------------------------------------------------
// Cannot find any provider supporting PBE
// PBE,
// Cannot find any provider supporting HMAC
// HMAC,
// Cannot find any provider supporting HmacMD5
// HmacMD5,
//Cannot find any provider supporting HmacSHA1
//HMAC(Hash Message Authentication Code,散列消息鉴别码,基于密钥的Hash算法的认证协议。
// HmacSHA1("HMAC-SHA1")
//---------------------------------------------------------------
/** 算法. */
private String algorithm;
//---------------------------------------------------------------
/**
* Instantiates a new symmetric type.
*
* @param algorithm
* the algorithm
*/
private SymmetricType(String algorithm){
this.algorithm = algorithm;
}
//---------------------------------------------------------------
/**
* Gets the 算法.
*
* @return the algorithm
*/
public String getAlgorithm(){
return algorithm;
}
}