Synopses & Reviews
Cryptography, the science of secret writing, is the biggest, baddest security tool in the application programmer's arsenal. Cryptography provides three services that are crucial in secure programming. These include a cryptographic cipher that protects the secrecy of your data; cryptographic certificates, which prove identity (authentication); and digital signatures, which ensure your data has not been damaged or tampered with.This book covers cryptographic programming in Java. Java 1.1 and Java 1.2 provide extensive support for cryptography with an elegant architecture, the Java Cryptography Architecture (JCA). Another set of classes, the Java Cryptography Extension (JCE), provides additional cryptographic functionality. This book covers the JCA and the JCE from top to bottom, describing the use of the cryptographic classes as well as their innards.The book is designed for moderately experienced Java programmers who want to learn how to build cryptography into their applications. No prior knowledge of cryptography is assumed. The book is peppered with useful examples, ranging from simple demonstrations in the first chapter to full-blown applications in later chapters.Topics include:
- The Java Cryptography Architecture (JCA)
- The Java Cryptography Extension (JCE)
- Cryptographic providers
- The Sun key management tools
- Message digests, digital signatures, and certificates (X509v3)
- Block and stream ciphers
- Implementations of the ElGamal signature and cipher algorithms
- A network talk application that encrypts all data sent over the network
- An email application that encrypts its messages
Covers JDK 1.2 and JCE 1.2.
Synopsis
"Java Cryptology" teaches you how to write secure programs using Java's cryptographic tools. It thoroughly discusses the Java security package and the Java Cryptography Extensions (JCE), showing you how to use security providers and even how to implement your own provider. If you work with sensitive data, you'll find this book indispensable.
Synopsis
"Java Cryptology" teaches you how to write secure programs using Java's cryptographic tools. It thoroughly discusses the Java security package and the Java Cryptography Extensions (JCE), showing you how to use security providers and even how to implement your own provider. If you work with sensitive data, you'll find this book indispensable.
About the Author
Jonathan Knudsen is an author at O'Reilly & Associates. His books include The Unofficial Guide to Lego Mindstorms Robots, Java 2D Graphics, and Java Cryptography. He is the Courseware Writer for LearningPatterns.com.
Table of Contents
Preface; Who Are You?; About This Book; What's Not in This Book; About the Examples; Font Conventions; Request for Comments; Acknowledgments; Chapter 1: Introduction; 1.1 Secure Systems; 1.2 Cryptography; 1.3 Platform Security; 1.4 Astute Inequalities; 1.5 Hello, zoT1wy1njA0=!; Chapter 2: Concepts; 2.1 Confidentiality; 2.2 Integrity; 2.3 Authentication; 2.4 Random Numbers; 2.5 Algorithms; Chapter 3: Architecture; 3.1 Alphabet Soup; 3.2 Concept Classes; 3.3 API and SPI; 3.4 Factory Methods; 3.5 Standard Names; 3.6 The Provider Architecture; 3.7 Key Management; 3.8 Summary; Chapter 4: Random Numbers; 4.1 SecureRandom; 4.2 Self-Seeding; 4.3 Keyboard Timing; 4.4 SeederDialog; Chapter 5: Key Management; 5.1 Keys; 5.2 Key Generators; 5.3 Key Translators; 5.4 Key Agreement; 5.5 The Identity Key Management Paradigm; 5.6 The KeyStore Key Management Paradigm; Chapter 6: Authentication; 6.1 Message Digests; 6.2 MACs; 6.3 Signatures; 6.4 Certificates; Chapter 7: Encryption; 7.1 Streams and Blocks; 7.2 Block Ciphers; 7.3 Algorithms; 7.4 javax.crypto.Cipher; 7.5 Cipher's Close Relatives; 7.6 Passphrase Encryption; 7.7 Inside Cipher; 7.8 Hybrid Systems; Chapter 8: Signed Applets; 8.1 Renegade; 8.2 HotJava; 8.3 Navigator; 8.4 Internet Explorer; 8.5 Summary; Chapter 9: Writing a Provider; 9.1 Getting Started; 9.2 Adding the ElGamal Classes; 9.3 ElGamal; 9.4 Generating Keys; 9.5 Signature; 9.6 Cipher; Chapter 10: SafeTalk; 10.1 Using SafeTalk; 10.2 Under the Hood; Chapter 11: CipherMail; 11.1 Using CipherMail; 11.2 Under the Hood; Chapter 12: Outside the Box; 12.1 Application Design; 12.2 Decompilers and Bytecode Obfuscation; 12.3 Endpoint Security; 12.4 File Security; 12.5 Network Security; 12.6 Summary; BigInteger; Base64; JAR; Creating; Extracting; The Manifest; Signing; Javakey; Creating; Inspecting; Gimme the Keys...; Certificates; To and Fro; Sign of the Times; The Care and Feeding of Keys; Quick Reference; Package java.security; Package java.security.cert; Package java.security.interfaces; Package java.security.spec; Package javax.crypto; Package javax.crypto.interfaces; Package javax.crypto.spec; Colophon;