Need Advice on Assymetric Key Encryption
843811Nov 5 2009 — edited Dec 3 2009Hi,
I have some questions regarding cyptography that need experts advice here.
I know that I may be asking some stupid questions, but the below questions already took me few days time yet not able to get a clear picture on it.
Here is the background story:
My company is developing the an web-application to bank, and the web-app server to be hosted us. Meanwhile, we need transfering of plan text files between bank and us for some batch update of database, these files contains confidential data. We are using Secure FTP which already provide secure file transfering media, however the files that stored in FTP server still in clear text format, anybody get access to the files still able to read the confidential data.
The solution in my mind is to using assymetric encrypt the files content before transfering them, where we will give our public key to bank and vice versa. Hence I would like to know in Java is there any approach to generate keypair where the public key is just a public key without embedded into certificate ? what is the approach to export this public key and send to bank ? As it is not certificates, can we still store this public keys & private key into keystore (JKS file) ? And how do we use this keys to encrypt & decrypt the files (e.g. what class could I use) ?
Besides, from some forum I found that diffie-hellman is assymetric encryption. Whereas based on my understanding the diffie-hellman is a key exchange approach something like 2 custodian to generate a key, it is still symmetric key. Please advise ?
I have experience in symmetric key encryption, however noob in asymmetric encryption.
Any expert please advise on this. Thanks a lot in advance.
Regards,
YekHon