|
Information security is now of increasing importance to businesses. Even small firms need to protect data about customers, suppliers, finances, reports, and so on.
There are many ready-made information security solutions that are already built into business software. These are developments of well-known companies, certified, widely used and well supported. But this is also a minus for such software. If hackers find a vulnerability in generic software, all its users are at risk.
At the same time, developers of individual software can use unusual software solutions that are simply not profitable for hackers to crack due to their low prevalence, complex and unusual algorithms.
However, individual programmers do not have the high ratings that well-known companies do. You may have doubts. What to do?
RSA Encoding
You can use individual programmers or their technical projects as an additional encryption tool on top of the standard Windows software protection tools. If your company has a lot of couriers or vehicles, then you can encode all transmitted information and store it in databases in an encrypted form. And even process in coded form.
Then you can avoid access to information by unauthorized persons even if some employee copies databases or steals hard drives. The well-known RSA encryption standard is extremely difficult to crack. This requires supercomputers and several years of processing. If you wish, you can make the information encrypted by RSA generally inaccessible to hacking.
Given that the database (Oracle, MS SQL) will store information in encrypted form, it can be processed in the usual way - sorting, searching, adding, deleting, selecting, archiving. Information can also be sent via SMS, mail, instant messengers.
With the RSA protocol, software can work on Android smartphones or tablets, Windows and Linux computers, PHP scripts for web servers.
The convenience of such encryption is that the keys for decoding can be held by one person. For example, a director. Or the key can be divided into parts and each part will be with several persons, and part of the key is "recorded" in the bowels of the company's software.
Another way to protect data and software in business is to encrypt URLs (links). This is especially interesting for scripts that are easy for hackers to parse if they can access the files.
public class MainActivity extends AppCompatActivity {
//=====================================================
//
// RSA and Write encoded text to file and Read from file oflameron.txt
// rsaload.Load(FILENAME, str2)
//
//=====================================================
final static String LOG_TAG = "myLogs";
public static String str=" "; //File contents oflameron.txt
public static String str2=" "; //File contents oflameron.txt
public static String str3=" "; //File contents key.txt - public key
public static String str4=" "; //File contents pkey.txt - private key
public static String FILENAME = "oflameron.txt";//File for writing encoded data
public static String Content = "EditText Content";//String variable for text copy
public static Key publicKey = null; //RSA
public static Key privateKey = null; //RSA
public static Key publicKey2 = null; //RSA
public static Key privateKey2 = null; //RSA
public static Key kpprivateKey = null; //RSA restored Private Key
public static Key kppublicKey = null; //RSA restored Public Key
public static byte[] privateKeyBytes = null; //RSA
public static byte[] publicKeyBytes = null; //RSA
public static byte[] encodedBytes = null; //RSA
public static byte[] decodedBytes = null; //RSA
// Original text (RSA)
public static String testText = "Open Source Java Project Valery Shmelev OFLAMERON";
public static Context Maincontext;
@RequiresApi(api = Build.VERSION_CODES.R)
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
Maincontext = getApplicationContext(); //To work with context
TextView originalTextView = (TextView) findViewById(R.id.TXTV);
originalTextView.setText("[ORIGINAL]:\n" + testText + "\n");
// ============================================================
// Generate key pair for 1024-bit RSA encryption and decryption
// ============================================================
RSACode rsagente = new RSACode(); // Class instance RSACode
Key[] KeyPMass = new Key[2]; //An array of two keys to return values from a method
KeyPMass = rsagente.RSAKeyGen(); //GENERATE Key Pair
publicKey = KeyPMass[0];
privateKey = KeyPMass[1];
// ============================================================
// ============================================================
// Encode the original text with RSA private key
// ============================================================
RSACode rsacde = new RSACode(); // Class instance RSACode
encodedBytes = rsacde.RSATextEncode(publicKey, privateKey, testText); //Encode text via RSACode.java class
TextView encodedTextView = (TextView)findViewById(R.id.textViewEncoded);
encodedTextView.setText("[ENCODED]:\n" + Base64.encodeToString(encodedBytes, Base64.DEFAULT) + "\n");
//--------------------------------------------------------
// Coded Text -> str -> Save to file
//--------------------------------------------------------
str = Base64.encodeToString(encodedBytes, Base64.DEFAULT); //Convert Byte Array to String
rsacde.Save("oflameron.txt",str, Maincontext); //Write Coded Text to file oflameron.txt from str
encodedBytes = null; // This line is optional. For debugging only
//--------------------------------------------------------
// Load Coded Text from file -> str2
//--------------------------------------------------------
RSALib rsalib = new RSALib(); // Class instance RSALib
str2 = rsalib.Load(FILENAME, str2, Maincontext);
encodedBytes = Base64.decode(str2, Base64.DEFAULT); //Convert String to Byte Array
//--------------------------------------------------------
//--------------------------------------------------------
// The most important part of encryption/decoding is saving
// and restoring the public and private keys. Otherwise, after
// restarting the application, you will not be able to decrypt
// the encoded text, because new keys will be generated.
//
// Save Keys -> to file
//--------------------------------------------------------
publicKeyBytes = publicKey.getEncoded();
privateKeyBytes = privateKey.getEncoded();
str = Base64.encodeToString(publicKeyBytes, Base64.DEFAULT); //Convert Byte Array (Public Key) to String
rsalib.Save("key.pub",str, Maincontext); //Write Public Key to file key.txt from str
str = Base64.encodeToString(privateKeyBytes, Base64.DEFAULT); //Convert Byte Array (Private Key) to String
rsalib.Save("pkey.pri",str, Maincontext); //Write Private Key to file pkey.txt from str
publicKey = null; // This line is optional. For debugging only
privateKey = null; // This line is optional. For debugging only
RSACode rsaload = new RSACode(); // Class instance RSACode
str3 = rsaload.Load("key.pub", str3, Maincontext); //Here we read and decode Public Key (RSACode class)
str4 = rsaload.Load("pkey.pri", str4, Maincontext); //Here we read and decode Private Key (RSACode class)
//--------------------------------------------------------
// Referring to the special class RSACode.java
// To restore saved keys from files
//--------------------------------------------------------
RSACode rsacd = new RSACode(); // Class instance RSACode
Key[] KeyMass = new Key[2]; //An array of two keys to return values from a method
KeyMass = rsacd.RSAKeyReGenerate(str3, str4);
publicKey = KeyMass[0];
privateKey = KeyMass[1];
//--------------------------------------------------------
// If you run the application, you will see that the original text is correctly decoded.
// Those. we run the application and immediately encode the text and immediately decode it. Everything is working.
// ============================================================
// Decoding the ciphertext
// ============================================================
// Let's call a method from the class RSACode.java
RSACode rsadecode = new RSACode(); // Class instance RSACode
decodedBytes = rsadecode.RSATextDecode(KeyMass[0], KeyMass[1], encodedBytes); //Text decoding (publicKey = KeyMass[0], privateKey = KeyMass[1])
TextView decodedTextView = (TextView)findViewById(R.id.textViewDecoded);
decodedTextView.setText("[DECODED]:\n" + new String(decodedBytes) + "\n"); //Show decoded text
} //OnCreate
}
Quite a bit of code for working with the RSA encryption protocol. In this case, encryption keys are generated, saved, restored, converted to text format and can be exported.
You can use a longer encryption key of 2048 bits. This is already a military level of encryption.
This is the first version of Java code. The Java code for working with text encryption is constantly being upgraded and many new features have now been added.
Open Source Programming >>
Web sites are increasingly using data encryption (https:// - SSL, TLS). Data protection is being used more and more frequently. A business built without data protection in mind does not have a long-term perspective.
Having created convenient classes for working with RSA and AES encryption, you can start a new topic - working with the MySQL databases and the Room and Realm interfaces. We will effectively encrypt critical data in the database fields (personal and financial data), select, export and import. Then we will create a special class for turning encrypted data into potentially unbreakable.
Another interesting topic is the protection of URLs (links) in PHP scripts and corporate web pages using RSA or a simpler AES. Even if hackers can copy your corporate web site with PHP scripts, it will be extremely difficult to analyze the operation of the scripts - something on the level of analyzing military codes.
For Example
For example, you can make data protection already when registering a new client. To do this, the client scans the QR-code, follows the link recorded there to the corporate web page, downloads a simple application for registration, in which the personal data entered is encrypted. Already encrypted data is sent to the corporate server. Recorded and stored in the database also in encrypted form.
Java Source Projects >>
Open Source Code (Full Android Studio Java PROJECTS)
AudioREG_ENG.ZIP >> - Audio Registrar Source Code
CryptoNote_password_OK.ZIP >> - Crypto Note Source Code
CryptoNOTE_AES.ZIP >> - AES Crypto Note Source Code
RSA Crypto Project >> - RSA Keys, encoding, decodind
AES Crypto Project >> - AES Crypto Note Source Code
PhotoREGISTRAR >> - Photo Registrar with FTP Client
GNU GPL Valery Shmelev
Complete Android Studio projects Java applications for smartphones. Everything is compiled into working applications. Full comments, full source code. All libraries are included (if used).
An excellent base for developing your own photo and audio recorders, cryptographic systems.
Writing encrypted data to a database has several advantages. For example, you can record them from a client Android device without intermediate decryption. And so de forward to the client device. This saves time and significantly improves safety.
However, there are difficulties with data pom, sorting. But they are easy to bypass if you know how.
Private Key Obfuscation
In this case, the private key is not just encrypted. He does not work. It cannot be used to decrypt data unless you know how to reanimate the key.
By using obfuscation of the private PCA key and encrypted data, it is possible to achieve a higher level of encryption than the commercial level.
The military cryptographers will You respect, and the decryption professionals will think long and hard.
GitHUB Repository
Java code of an example Android SQLite (API 29) database with the functions of creating a database, adding, paging, editing records
SQLite >>
|
|