非对称加密算法（1）：DH

一.非对称加密算法：对称加密算法在加密和解密时使用的是同一个秘钥；而非对称加密算法需要两个密钥来进行加密和解密，这两个秘钥是公开密钥（public
key，简称公钥）和私有密钥（private key，简称私钥）。

二.优缺点:

非对称加密与对称加密相比，其安全性更好：对称加密的通信双方使用相同的秘钥，如果一方的秘钥遭泄露，那么整个通信就会被破解。而非对称加密使用一对秘钥，一个用来加密，一个用来解密，而且公钥是公开的，秘钥是自己保存的，不需要像对称加密那样在通信之前要先同步秘钥。

非对称加密的缺点是加密和解密花费时间长、速度慢，只适合对少量数据进行加密。

三.常用算法：非对称加密中使用的主要算法有：RSA、Elgamal、背包算法、Rabin、D-H、ECC（椭圆曲线加密算法）等

四.DH 实现个过程



五.具体的实现代码（java）:

import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;

import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.DHParameterSpec;

import org.apache.commons.codec.binary.Base64;

public class F_Symmetry_Encrypt {

static String src = "我爱编程";

public static void main(String[] args) throws Exception {
// TODO Auto-generated method stub
//初始化发送方的公钥
KeyPair senderkeyPair = DH_GetSecretKey();
byte [] senderPublicKeyEnc = senderkeyPair.getPublic().getEncoded();

//接收方的公钥
PublicKey receivePublicKey = DH_ReceiverPulicKey_GetSecretKey(senderPublicKeyEnc);

//接收方的私钥
KeyPair receivekeyPair = DH_ReceiverPrivateKey_GetSecretKey(receivePublicKey);
PrivateKey receiveprivateKey = receivekeyPair.getPrivate();

//接收方的秘钥
SecretKey receivesecretKey = DH_Receiver_GetSecretKey(receivePublicKey,receiveprivateKey);
byte[] receivePublicKeyEnc = receivekeyPair.getPublic().getEncoded();

//构建发送方的公钥
PublicKey senderPublicKey = DH_SenderPublicKey_GetSecretKey(receivePublicKeyEnc);

//构建发送方的秘钥
SecretKey sendersecretKey = DH_Sender_GetSecretKey(senderkeyPair,senderPublicKey);

//接收方加密数据
byte [] result = DH_Encrypt(src,receivesecretKey);
System.out.println(
4000
"加密数据："+Base64.encodeBase64String(result));

//发送方解密数据
System.out.println("解密数据："+new String(DH_Decrypt(result,sendersecretKey)));

}

/**
* 发送方解密数据
* @param encryptBytes
* @param sendersecretKey
* @return
* @throws Exception
*/
public static byte [] DH_Decrypt(byte[] encryptBytes , SecretKey sendersecretKey) throws Exception{
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.DECRYPT_MODE, sendersecretKey);
byte [] result = cipher.doFinal(encryptBytes);
return result;
}

/**
* 接收方数据加密
* @param src
* @param receivesecretKey
* @return
* @throws Exception
*/
public static byte [] DH_Encrypt(String src , SecretKey receivesecretKey) throws Exception{
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.ENCRYPT_MODE, receivesecretKey);
byte [] result = cipher.doFinal(src.getBytes());
return result;
}

/**
* 发送方的秘钥构建 ，根据接收方的公钥
* @param senderkeyPair
* @param senderPublicKey
* @return
* @throws NoSuchAlgorithmException
* @throws InvalidKeyException
*/
public static SecretKey DH_Sender_GetSecretKey(KeyPair senderkeyPair,
PublicKey senderPublicKey) throws NoSuchAlgorithmException,
InvalidKeyException {
KeyAgreement senderkeyAgreement = KeyAgreement.getInstance("DH");
senderkeyAgreement.init(senderkeyPair.getPrivate());
senderkeyAgreement.doPhase(senderPublicKey, true);
SecretKey sendersecretKey = senderkeyAgreement.generateSecret("DES");
return sendersecretKey;
}

/**
* 发送方的公钥构建 ，根据接收方的公钥
* @param receivePublicKeyEnc
* @return
* @throws NoSuchAlgorithmException
* @throws InvalidKeySpecException
*/
public static PublicKey DH_SenderPublicKey_GetSecretKey(
byte[] receivePublicKeyEnc) throws NoSuchAlgorithmException,
InvalidKeySpecException {
KeyFactory senderKeyFactory = KeyFactory.getInstance("DH");
X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(receivePublicKeyEnc);
PublicKey senderPublicKey = senderKeyFactory.generatePublic(x509EncodedKeySpec);
return senderPublicKey;
}

/**
* 接收方的秘钥构建 ，根据接收方的公钥，私钥
* @param receivePublicKey
* @param receiveprivateKey
* @return
* @throws NoSuchAlgorithmException
* @throws InvalidKeyException
*/
public static SecretKey DH_Receiver_GetSecretKey(
PublicKey receivePublicKey, PrivateKey receiveprivateKey)
throws NoSuchAlgorithmException, InvalidKeyException {
KeyAgreement receivekeyAgreement = KeyAgreement.getInstance("DH");
receivekeyAgreement.init(receiveprivateKey);
receivekeyAgreement.doPhase(receivePublicKey, true);
SecretKey receivesecretKey = receivekeyAgreement.generateSecret("DES");
return receivesecretKey;
}

/**
* 接收方的私钥构建 ，根据接收方的公钥
* @param receivePublicKey
* @return
* @throws NoSuchAlgorithmException
* @throws InvalidAlgorithmParameterException
*/
public static KeyPair DH_ReceiverPrivateKey_GetSecretKey(
PublicKey receivePublicKey) throws NoSuchAlgorithmException,
InvalidAlgorithmParameterException {
DHParameterSpec dhParameterSpec = ((DHPublicKey)receivePublicKey).getParams();
KeyPairGenerator receivekeyPairGenerator = KeyPairGenerator.getInstance("DH");
receivekeyPairGenerator.initialize(dhParameterSpec);
KeyPair receivekeyPair = receivekeyPairGenerator.generateKeyPair();
return receivekeyPair;
}

/**
* 接收方的公钥构建，根据发送方的公钥
* @param senderPublicKeyEnc
* @return
* @throws NoSuchAlgorithmException
* @throws InvalidKeySpecException
*/
public static PublicKey DH_ReceiverPulicKey_GetSecretKey(
byte[] senderPublicKeyEnc) throws NoSuchAlgorithmException,
InvalidKeySpecException {
PublicKey receivePublicKey = DH_SenderPublicKey_GetSecretKey(senderPublicKeyEnc);
return receivePublicKey;
}

/**
* 发送方的公钥
* @return
* @throws NoSuchAlgorithmException
*/
public static KeyPair DH_GetSecretKey() throws NoSuchAlgorithmException {
KeyPairGenerator senderkeyPairGenerator = KeyPairGenerator.getInstance("DH");
senderkeyPairGenerator.initialize(512);
KeyPair senderkeyPair = senderkeyPairGenerator.generateKeyPair();
return senderkeyPair;
}
}