非对称加密算法（1）：DH

一.非对称加密算法：对称加密算法在加密和解密时使用的是同一个秘钥；而非对称加密算法需要两个密钥来进行加密和解密，这两个秘钥是公开密钥（public key，简称公钥）和私有密钥（private key，简称私钥）。

二.优缺点:

非对称加密与对称加密相比，其安全性更好：对称加密的通信双方使用相同的秘钥，如果一方的秘钥遭泄露，那么整个通信就会被破解。而非对称加密使用一对秘钥，一个用来加密，一个用来解密，而且公钥是公开的，秘钥是自己保存的，不需要像对称加密那样在通信之前要先同步秘钥。

非对称加密的缺点是加密和解密花费时间长、速度慢，只适合对少量数据进行加密。

三.常用算法：非对称加密中使用的主要算法有：RSA、Elgamal、背包算法、Rabin、D-H、ECC（椭圆曲线加密算法）等

四.DH 实现个过程

五.具体的实现代码（java）:

import java.security.InvalidAlgorithmParameterException;import java.security.InvalidKeyException;import java.security.KeyFactory;import java.security.KeyPair;import java.security.KeyPairGenerator;import java.security.NoSuchAlgorithmException;import java.security.PrivateKey;import java.security.PublicKey;import java.security.spec.InvalidKeySpecException;import java.security.spec.X509EncodedKeySpec;import javax.crypto.Cipher;import javax.crypto.KeyAgreement;import javax.crypto.SecretKey;import javax.crypto.interfaces.DHPublicKey;import javax.crypto.spec.DHParameterSpec;import org.apache.commons.codec.binary.Base64;public class F_Symmetry_Encrypt {static String src = "我爱编程";public static void main(String[] args) throws Exception {// TODO Auto-generated method stub//初始化发送方的公钥KeyPair senderkeyPair = DH_GetSecretKey();byte [] senderPublicKeyEnc = senderkeyPair.getPublic().getEncoded();//接收方的公钥PublicKey receivePublicKey = DH_ReceiverPulicKey_GetSecretKey(senderPublicKeyEnc);//接收方的私钥KeyPair receivekeyPair = DH_ReceiverPrivateKey_GetSecretKey(receivePublicKey);PrivateKey receiveprivateKey = receivekeyPair.getPrivate();//接收方的秘钥SecretKey receivesecretKey = DH_Receiver_GetSecretKey(receivePublicKey,receiveprivateKey);byte[] receivePublicKeyEnc = receivekeyPair.getPublic().getEncoded();//构建发送方的公钥PublicKey senderPublicKey = DH_SenderPublicKey_GetSecretKey(receivePublicKeyEnc);//构建发送方的秘钥 SecretKey sendersecretKey = DH_Sender_GetSecretKey(senderkeyPair,senderPublicKey);//接收方加密数据 byte [] result = DH_Encrypt(src,receivesecretKey);System.out.println("加密数据："+Base64.encodeBase64String(result));//发送方解密数据 System.out.println("解密数据："+new String(DH_Decrypt(result,sendersecretKey)));}/** * 发送方解密数据  * @param encryptBytes * @param sendersecretKey * @return * @throws Exception */public static byte [] DH_Decrypt(byte[] encryptBytes , SecretKey sendersecretKey) throws Exception{Cipher cipher = Cipher.getInstance("DES");cipher.init(Cipher.DECRYPT_MODE, sendersecretKey);byte [] result = cipher.doFinal(encryptBytes);return result;}/** * 接收方数据加密 * @param src * @param receivesecretKey * @return * @throws Exception */public static byte [] DH_Encrypt(String src , SecretKey receivesecretKey) throws Exception{Cipher cipher = Cipher.getInstance("DES");cipher.init(Cipher.ENCRYPT_MODE, receivesecretKey);byte [] result = cipher.doFinal(src.getBytes());return result;}/** * 发送方的秘钥构建 ，根据接收方的公钥 * @param senderkeyPair * @param senderPublicKey * @return * @throws NoSuchAlgorithmException * @throws InvalidKeyException */public static SecretKey DH_Sender_GetSecretKey(KeyPair senderkeyPair,PublicKey senderPublicKey) throws NoSuchAlgorithmException,InvalidKeyException {KeyAgreement senderkeyAgreement = KeyAgreement.getInstance("DH");senderkeyAgreement.init(senderkeyPair.getPrivate());senderkeyAgreement.doPhase(senderPublicKey, true);SecretKey sendersecretKey = senderkeyAgreement.generateSecret("DES");return sendersecretKey;}/** * 发送方的公钥构建 ，根据接收方的公钥 * @param receivePublicKeyEnc * @return * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */public static PublicKey DH_SenderPublicKey_GetSecretKey(byte[] receivePublicKeyEnc) throws NoSuchAlgorithmException,InvalidKeySpecException {KeyFactory senderKeyFactory = KeyFactory.getInstance("DH");X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(receivePublicKeyEnc);PublicKey senderPublicKey = senderKeyFactory.generatePublic(x509EncodedKeySpec);return senderPublicKey;}/** * 接收方的秘钥构建 ，根据接收方的公钥，私钥 * @param receivePublicKey * @param receiveprivateKey * @return * @throws NoSuchAlgorithmException * @throws InvalidKeyException */public static SecretKey DH_Receiver_GetSecretKey(PublicKey receivePublicKey, PrivateKey receiveprivateKey)throws NoSuchAlgorithmException, InvalidKeyException {KeyAgreement receivekeyAgreement = KeyAgreement.getInstance("DH");receivekeyAgreement.init(receiveprivateKey);receivekeyAgreement.doPhase(receivePublicKey, true);SecretKey receivesecretKey = receivekeyAgreement.generateSecret("DES");return receivesecretKey;}/** * 接收方的私钥构建 ，根据接收方的公钥 * @param receivePublicKey * @return * @throws NoSuchAlgorithmException * @throws InvalidAlgorithmParameterException */public static KeyPair DH_ReceiverPrivateKey_GetSecretKey(PublicKey receivePublicKey) throws NoSuchAlgorithmException,InvalidAlgorithmParameterException {DHParameterSpec dhParameterSpec =  ((DHPublicKey)receivePublicKey).getParams();KeyPairGenerator receivekeyPairGenerator = KeyPairGenerator.getInstance("DH");receivekeyPairGenerator.initialize(dhParameterSpec);KeyPair receivekeyPair = receivekeyPairGenerator.generateKeyPair();return receivekeyPair;}/** * 接收方的公钥构建，根据发送方的公钥 * @param senderPublicKeyEnc * @return * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */public static PublicKey DH_ReceiverPulicKey_GetSecretKey(byte[] senderPublicKeyEnc) throws NoSuchAlgorithmException,InvalidKeySpecException {PublicKey receivePublicKey = DH_SenderPublicKey_GetSecretKey(senderPublicKeyEnc);return receivePublicKey;}/** * 发送方的公钥 * @return * @throws NoSuchAlgorithmException */public static KeyPair DH_GetSecretKey() throws NoSuchAlgorithmException {KeyPairGenerator senderkeyPairGenerator = KeyPairGenerator.getInstance("DH");senderkeyPairGenerator.initialize(512);KeyPair senderkeyPair = senderkeyPairGenerator.generateKeyPair();return senderkeyPair;}}