-1

I am a beginner with asymmetric cryptography. I am understand something about basic asymmetric cryptography on public key and private key but I want to implement its with java programming for do authentication like login username and password. I don't know how to implement a public key and store its to database and generate private key from my input password for validate with public key. Addition I seen other approach like BCrypt and SCrypt password hashing function and they're good to use? If i wrote something wrong please advice. Please provide some code for me to know its. Thank you in advance!

Jony
  • 101
  • 5
  • Research about asymmetric key cryptography first like RSA. Know the algorithm and then implement it – mb0850 Jun 12 '18 at 13:23
  • Not sure if i understand you correctly: what's your usecase? If you want to perform login/password authentication, then hashing is the proper way to go. – sjahan Jun 12 '18 at 13:25
  • My use case want secure to login authentication. But I don't know how to implement its with java. Thank you again! – Jony Jun 12 '18 at 13:29
  • @mb0850 RSA is generate key randomly, I want to use my password as private key. – Jony Jun 12 '18 at 13:31
  • @Jony What have you tried so far? – mb0850 Jun 12 '18 at 13:35
  • @mb0850 I don't know how to find some code for test it. I have test some code about RSA but I don't know how to applied its with my case of login password. RSA used keygenerator and public key private key class so i don't know how to use my password with its. – Jony Jun 12 '18 at 13:42
  • @Jony you need to show more effort. Start by implementing simple stuff with Java. Implement Caesar cipher, RSA by yourself. Then dive into finding the right algorithm for your desired output. – mb0850 Jun 12 '18 at 13:51
  • There is a book: [Beginning cryptography with Java](http://www.wrox.com/WileyCDA/WroxTitle/Beginning-Cryptography-with-Java.productCd-0764596330.html) from one of the members of the Legion of the Bouncy Castle, a well known Java crypto library (or rather set of libraries). – Maarten Bodewes Jun 12 '18 at 17:41

1 Answers1

0

If your intention is to do authentication using login and password, say in a web service, then you do not need to write any custom code. Many java frameworks support the same.

Then you want to store the password securely, using some hashing function, SHA256, bcrypt etc. Again the frameworks like spring security, keycloak etc will take care of this. It is all about configuring these frameworks properly. For that you will surely need some understanding of the underlying concepts but you will not have to write any code.

gagan singh
  • 1,591
  • 1
  • 7
  • 12