endtoend
Class EndtoEnd

java.lang.Object
  |
  +--java.awt.Component
        |
        +--java.awt.Container
              |
              +--java.awt.Panel
                    |
                    +--java.applet.Applet
                          |
                          +--endtoend.EndtoEnd
All Implemented Interfaces:
javax.accessibility.Accessible, java.awt.image.ImageObserver, java.awt.MenuContainer, java.io.Serializable

public class EndtoEnd
extends java.applet.Applet

EndtoEnd is an applet that is used to encrypt and decrypt data between the browser and the application server.

In a multi-tier architecture, there is usually a dedicated web server between the browser and the application server. This web server will normally perform the HTTPS protocol. What this means is that the data from the web server to the application server becomes unencrypted clear text - this includes passwords and credit card numbers entered at the browser. If the web server at the front line became compromised, so will the sensitive information.

This module intends to solve this by making it possible to encrypt the data all the way to the application server or even the database server. The return data can also be encrypted. Thus the term "end-to-end" encryption. One can even say that with end-to-end encryption, there may be no need for HTTPS if only data security is of concern (Note that there are other used of HTTPS besides data encyrption).

It is also the intend for this module to be very very light weight in terms of applet file size and CPU processing. Thus, only the basic of the basic encryption is implemented. Please visit the web site at http://.... for more information.

The encryption algorithm and protocol is similar in concept to that of SSL or HTTPS.

  1. Firstly, the applet and a public key is sent to the browser.
  2. The applet generates a random number (128 bits) that will become the symmetric encryption key for the data transfer. The AES (Rijndael) encryption algorithm is used here. A different number will be generated each time the applet is used (unlike HTTPS that uses the same key in one session).
  3. This symmetric key is then encrypted with the public key using RSA algorithm. The RSA key length is 1024 bits.
  4. The entire chunk is base64 encoded and submitted to the application server via the normal HTTP POST.
  5. The application server does the reverse - decrypts the symmetric key using the private key and then decrypts the data.
  6. Return data to the browser can also be encrypted by the application server using the same symmetric key and decrypted by the applet.

Advantage of using end-to-end encryption over HTTPS:

Much comments and feedback is appreciated. Please email to ???@???.
Web site: http://......

Version:
0.5.0.1
See Also:
Serialized Form

Field Summary
 
Fields inherited from class java.awt.Component
BOTTOM_ALIGNMENT, CENTER_ALIGNMENT, LEFT_ALIGNMENT, RIGHT_ALIGNMENT, TOP_ALIGNMENT
 
Fields inherited from interface java.awt.image.ImageObserver
ABORT, ALLBITS, ERROR, FRAMEBITS, HEIGHT, PROPERTIES, SOMEBITS, WIDTH
 
Constructor Summary
EndtoEnd()
           
 
Method Summary
 java.lang.String done()
          Finalize the data to be sent back.
 java.lang.String get(java.lang.String param)
          Retrieve the decrypted value of the return data from the application server.
 void init()
          Reads in the public key that is sent together with this applet.
 void unpack(java.lang.String data)
          Decode, decrypt and deserialize data returned from the application server.
 void update(java.lang.String param, java.lang.String value)
          Reads in the name-value pair data that is to be encrypted.
 
Methods inherited from class java.applet.Applet
destroy, getAccessibleContext, getAppletContext, getAppletInfo, getAudioClip, getAudioClip, getCodeBase, getDocumentBase, getImage, getImage, getLocale, getParameter, getParameterInfo, isActive, newAudioClip, play, play, resize, resize, setStub, showStatus, start, stop
 
Methods inherited from class java.awt.Panel
addNotify
 
Methods inherited from class java.awt.Container
add, add, add, add, add, addContainerListener, addImpl, addPropertyChangeListener, addPropertyChangeListener, applyComponentOrientation, areFocusTraversalKeysSet, countComponents, deliverEvent, doLayout, findComponentAt, findComponentAt, getAlignmentX, getAlignmentY, getComponent, getComponentAt, getComponentAt, getComponentCount, getComponents, getContainerListeners, getFocusTraversalKeys, getFocusTraversalPolicy, getInsets, getLayout, getListeners, getMaximumSize, getMinimumSize, getPreferredSize, insets, invalidate, isAncestorOf, isFocusCycleRoot, isFocusCycleRoot, isFocusTraversalPolicySet, layout, list, list, locate, minimumSize, paint, paintComponents, paramString, preferredSize, print, printComponents, processContainerEvent, processEvent, remove, remove, removeAll, removeContainerListener, removeNotify, setFocusCycleRoot, setFocusTraversalKeys, setFocusTraversalPolicy, setFont, setLayout, transferFocusBackward, transferFocusDownCycle, update, validate, validateTree
 
Methods inherited from class java.awt.Component
action, add, addComponentListener, addFocusListener, addHierarchyBoundsListener, addHierarchyListener, addInputMethodListener, addKeyListener, addMouseListener, addMouseMotionListener, addMouseWheelListener, bounds, checkImage, checkImage, coalesceEvents, contains, contains, createImage, createImage, createVolatileImage, createVolatileImage, disable, disableEvents, dispatchEvent, enable, enable, enableEvents, enableInputMethods, firePropertyChange, firePropertyChange, firePropertyChange, getBackground, getBounds, getBounds, getColorModel, getComponentListeners, getComponentOrientation, getCursor, getDropTarget, getFocusCycleRootAncestor, getFocusListeners, getFocusTraversalKeysEnabled, getFont, getFontMetrics, getForeground, getGraphics, getGraphicsConfiguration, getHeight, getHierarchyBoundsListeners, getHierarchyListeners, getIgnoreRepaint, getInputContext, getInputMethodListeners, getInputMethodRequests, getKeyListeners, getLocation, getLocation, getLocationOnScreen, getMouseListeners, getMouseMotionListeners, getMouseWheelListeners, getName, getParent, getPeer, getPropertyChangeListeners, getPropertyChangeListeners, getSize, getSize, getToolkit, getTreeLock, getWidth, getX, getY, gotFocus, handleEvent, hasFocus, hide, imageUpdate, inside, isBackgroundSet, isCursorSet, isDisplayable, isDoubleBuffered, isEnabled, isFocusable, isFocusOwner, isFocusTraversable, isFontSet, isForegroundSet, isLightweight, isOpaque, isShowing, isValid, isVisible, keyDown, keyUp, list, list, list, location, lostFocus, mouseDown, mouseDrag, mouseEnter, mouseExit, mouseMove, mouseUp, move, nextFocus, paintAll, postEvent, prepareImage, prepareImage, printAll, processComponentEvent, processFocusEvent, processHierarchyBoundsEvent, processHierarchyEvent, processInputMethodEvent, processKeyEvent, processMouseEvent, processMouseMotionEvent, processMouseWheelEvent, remove, removeComponentListener, removeFocusListener, removeHierarchyBoundsListener, removeHierarchyListener, removeInputMethodListener, removeKeyListener, removeMouseListener, removeMouseMotionListener, removeMouseWheelListener, removePropertyChangeListener, removePropertyChangeListener, repaint, repaint, repaint, repaint, requestFocus, requestFocus, requestFocusInWindow, requestFocusInWindow, reshape, setBackground, setBounds, setBounds, setComponentOrientation, setCursor, setDropTarget, setEnabled, setFocusable, setFocusTraversalKeysEnabled, setForeground, setIgnoreRepaint, setLocale, setLocation, setLocation, setName, setSize, setSize, setVisible, show, show, size, toString, transferFocus, transferFocusUpCycle
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

EndtoEnd

public EndtoEnd()
Method Detail

init

public void init()
Reads in the public key that is sent together with this applet.

Overrides:
init in class java.applet.Applet

update

public void update(java.lang.String param,
                   java.lang.String value)
Reads in the name-value pair data that is to be encrypted. The data can be password, credit card number, or any information. This method can be called multiple times to append more data to send back.

Parameters:
param - name of the parameter. Example "password", "userid" (without the double quotes).
value - associated data of the parameter. Can be any String.
See Also:
done()

done

public java.lang.String done()
Finalize the data to be sent back. The data gathered in the 'update' method are serialized, encrypted and encoded.

Returns:
the encrypted and encoded String that can be directly submitted back to the application server.
See Also:
update(String, String)

unpack

public void unpack(java.lang.String data)
Decode, decrypt and deserialize data returned from the application server. The data are then stored in a hashtable instance variable in this object.

Parameters:
data - the return encrypted String from the application server.
See Also:
get(String)

get

public java.lang.String get(java.lang.String param)
Retrieve the decrypted value of the return data from the application server. This method simply returns the value of the parameter from the hashtable.

Parameters:
param - name of the parameter.
Returns:
the associated data of the parameter.
See Also:
unpack(String)