如何在Java中使用加密?

huangapple go评论69阅读模式
英文:

How to use encryption in Java?

问题

以下是代码部分的翻译:

private static void ReadBook() {
    try {
        FileInputStream fi = new FileInputStream("bookData.ser");
        ObjectInputStream oi = new ObjectInputStream(fi);

        bookList = (ArrayList<Book>) oi.readObject();
        oi.close();
    } catch (Exception e) {
        e.printStackTrace();
    }
}

protected static void SaveBook(ArrayList<Book> books) {
    ArrayList<Book> tempbookList = books;
    try {
        FileOutputStream fs = new FileOutputStream("bookData.ser");
        ObjectOutputStream os = new ObjectOutputStream(fs);
        os.reset();
        os.writeObject(tempbookList);
        os.close();
    } catch (Exception e) {
        e.printStackTrace();
    }
}
private static void ReadStudent() {
    try {
        FileInputStream fi = new FileInputStream("studentData.ser");
        ObjectInputStream oi = new ObjectInputStream(fi);

        studentList = (ArrayList<Student>) oi.readObject();
        oi.close();
    } catch (Exception e) {
        e.printStackTrace();
    }
}
protected static void SaveStudent(ArrayList<Student> students) {
    ArrayList<Student> tempstudentList = students;
    try {
        FileOutputStream fs = new FileOutputStream("studentData.ser");
        ObjectOutputStream os = new ObjectOutputStream(fs);
        os.reset();
        os.writeObject(tempstudentList);
        os.close();
    } catch (Exception e) {
        e.printStackTrace();
    }
}
英文:

Does anyone know how I can include encryption and decryption in my code? I am using FileInput and FileOutput Stream for serialized files. I have an arraylist of students, and I have an arraylist of books. I can save and read them from their individual files. But for security, I want to encrypt and decrypt them. How do I do that?

private static void ReadBook() {
try {
FileInputStream fi = new FileInputStream(&quot;bookData.ser&quot;);
ObjectInputStream oi = new ObjectInputStream(fi);
bookList = (ArrayList&lt;Book&gt;) oi.readObject();
oi.close();
} catch (Exception e) {
e.printStackTrace();
}
}
protected static void SaveBook(ArrayList&lt;Book&gt; books) {
ArrayList&lt;Book&gt; tempbookList = books;
try {
FileOutputStream fs = new FileOutputStream(&quot;bookData.ser&quot;);
ObjectOutputStream os = new ObjectOutputStream(fs);
os.reset();
os.writeObject(tempbookList);
os.close();
} catch (Exception e) {
e.printStackTrace();
}
}
private static void ReadStudent() {
try {
FileInputStream fi = new FileInputStream(&quot;studentData.ser&quot;);
ObjectInputStream oi = new ObjectInputStream(fi);
studentList = (ArrayList&lt;Student&gt;) oi.readObject();
oi.close();
} catch (Exception e) {
e.printStackTrace();
}
}
protected static void SaveStudent(ArrayList&lt;Student&gt; students) {
ArrayList&lt;Student&gt; tempstudentList = students;
try {
FileOutputStream fs = new FileOutputStream(&quot;studentData.ser&quot;);
ObjectOutputStream os = new ObjectOutputStream(fs);
os.reset();
os.writeObject(tempstudentList);
os.close();
} catch (Exception e) {
e.printStackTrace();
}

答案1

得分: 1

你想要的并不可能在没有外部秘密的情况下实现。问题是,你可以对此进行“加密”,但如果没有涉及密钥,它实际上并不是加密(只是混淆),而密钥的作用是:如果你知道它,你就可以解密它。

那么,密钥从哪里来?你不能将它硬编码到源代码中(源代码可以被反编译或者用十六进制编辑器打开),你也不能从文件中加载它(因为任何能够获取加密文件的人也可以获取包含密钥的文件,从而拥有解密数据所需的一切)。你可以尝试在其中添加多层保护,但这只是无休止的循环:如果应用程序本身可以获取秘密,而未经授权的人可以完全访问运行该应用程序的计算机,这是根本不可能的。

一个解决方法是实际上说计算机的所有者并不真正拥有它 - 这使我们涉足安全芯片,比如苹果的 T2 或 Windows 生态系统的 TPM。在没有本地代码的情况下,你无法从 Java 与这些芯片交互。

另一个简单得多的方法是确保应用程序在没有帮助的情况下无法解密数据。每次用户启动应用程序时,只需要求用户输入密码。然后,只要应用程序处于打开状态,任何黑客都可以对虚拟机进行内存转储并获取数据,但一旦关闭应用程序并清理内存(有时会有点棘手),数据就会再次变成秘密。

首先,考虑一下你想要保护哪些场景,以及如何保护它们。只有在此之后,才是思考如何实现这些内容的时候。

认真思考类似于詹姆斯·邦德(James Bond)的情节。根据你希望对抗这些情节的程度对它们进行评分(提示:这并非免费)。

例如:如果计算机被盗,我希望能够说,只要断电并且盗贼不会做一些疯狂的事情,比如拔掉内存芯片并向其喷射二氧化碳来冻结它们 - 我希望数据会被删除 - 这是可行的。但请注意,用户自己可以更好地实现这一点:让操作系统应用全盘加密。他们会做得比你好得多,而且他们确实可以享受到安全芯片(例如TPM或T2)的好处。

另一个例子:“拥有一些知识并且能够进入房间的人,我希望阻止这些人查看数据”。这非常棘手,他们可以使用物理键盘记录器(在键盘和系统之间插入一个微小的USB dongle,或者在屏幕和键盘之间安装摄像头),或者只是打开计算机并安装自定义启动。如果你想要把这些人挡在外面,我们需要讨论保护机箱,或者用物理警报系统、自定义设备或其他极端措施来保护房间本身。了解到,这种特定威胁(所谓的“恶意女仆攻击”)很可能不是你希望保护的内容(安全涉及权衡。要正确评估权衡,你需要这些情节)。

英文:

What you want isn't possible without an external secret. The problem is, you can 'encrypt' this, but it's not actually encryption (just obfuscation) unless there is a key involved, and the point of a key is: If you know it, you can decrypt it.

So, where does the key come from? You can't hardcode it into your source (sources can be decompiled or just opened with a hex editor), you can't load it off of a file (because anybody that can fetch the encrypted file can also fetch the file with the key in it and thus now they have all they need to decrypt the data). You can try to add layers into this, but it's turtles all the way down: If the application itself can obtain the secret, and the unauthorized person has full access to the computer that the application runs on, this is just not possible.

One way out is to actually say that the owner of the computer doesn't own it - this gets us into messing with security chips such as apple's T2 or the windows ecosystem's TPM. You can't interact with these from java without native code.

Another much simpler way out is to ensure that the application cannot decrypt the data unassisted. Simply ask the user for a password every time they start up the app. Then as long as the app is open, any hacker can just memorydump the VM and get the data, but once the app is closed and the memory is cleaned up (a little tricky at times), it's a secret again.

First think about those more high flying concepts of exactly which scenarios you want to protect and how you want to protect them. Only after that is it time to think about how you implement such things.

Seriously: Write down james bond scenarios. Rate them according to how much you want to protect against them (hint: It won't come for free).

For example: If the computer is stolen, I want to be able to say that as long as the power was pulled and the thieves aren't doing crazy stuff such as pulling the memory chips and blasting a can of CO2 at it to freeze them - I want the data to be gone - that's workable. But note that this is far better achieved by the user themselves: Have the OS apply full disk encryption. They'll do a far better job than you can, and those DO get to enjoy the benefits of security chips (TPM or T2, for example).

Another example: "Someone with a little knowledge and access to the room, I want to prevent these people from looking at the data". That's VERY tricky, they can use physical keyloggers (stick a tiny little USB dongle in between keyboard and system, or install a camera pointing at screen and keyboard) or just open the computer up and install a custom boot. If you want to keep those out, we need to talk about securing the case, or protecting the room itself with physical alarm systems, custom devices, or other extreme measures. It's good to know that this particular threat (so-called 'evil maid attack') is most likely not what you want to protect against (security involves tradeoffs. To properly assess tradeoffs, you need these scenarios).

huangapple
  • 本文由 发表于 2020年10月11日 23:12:08
  • 转载请务必保留本文链接:https://go.coder-hub.com/64305605.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定