Thread: Java Crypto Libraries

I am very new to java programming and I need to implement a security project in Java, any idea how to go about it?

The project involes encryption messages in google docs. below is the details of the project.

<> Google Docs is a free, Web-based word processor, spreadsheet, presentation,
and form application offered by Google. It allows users to create and edit
documents online while collaborating in real-time with other users. 2 One
problem with Google Docs is, you need to trust Google with respect to security
of your files. In this project, you need to write a program to securely open,
process and store text files in encrypted format using Google Docs and verify
that it has not been modified while it is stored on Google Docs.
In order to do this, first, you need to encrypt your message so that no one else
should be able to read your private message details without knowing the
encryption key. To do this, use AES Algorithm in CTR mode. Second, in
addition to privacy, you should also guarantee the authenticity of your
message. As a part of the encryption of the message, your program should
calculate HMAC of the plaintext and append the HMAC value of the plaintext
to the message. It should then encrypt the full string (message and MAC)
using AES in CTR mode. Whenever you want to access your message, your
implementation should first verify that the content of the stored message has
not been changed by recalculating the HMAC value of the ciphertext. By doing
so, you will make sure that if someone has altered the contents of the
encrypted message on the Google servers. If the HMAC value of the retrieved
message is different from the recalculated HMAC, then you should inform the
user that contents have been modified.
You are also encouraged to build up a user interface that shows your program
working for each process including calculating and appending the HMAC
code, encryption of the message, uploading, downloading, decryption and etc.
Here is a sample of the implementation (Secure Notepad):


1. Create a new encrypted file using an
input password (key) and an underlying encrypt algorithm. You should
calculate the HMAC for the message, append it to the message, then
encrypt the entire string. Then by pressing the “save file” button, you can
save the file at Google Docs.

2. Decryption fetch the encrypted file from the
Google Docs and decrypt it. Then, separate the message into the body
and MAC. Calculate the HMAC of the message to ensure that the
integrity of the data has not been compromised. If their values are not
equal, which means the message content has been changed, prompt a
warning that tells the user the original message has been modified.
Otherwise, the message will be successfully decrypted using the correct
key you provide and shown in the “File content” area. Of course, the
message must be exactly as the same as the original one.</>