Cryptography, the science of secret writing, is the biggest, baddest security tool in the application programmer's arsenal. Cryptography provides three services that are crucial in secure programming. These include a cryptographic cipher that protects the secrecy of your data; cryptographic certificates, which prove identity (authentication); and digital signatures, which ensure your data has not been damaged or tampered with.This book covers cryptographic programming in Java. Java 1.1 and Java 1.2 provide extensive support for cryptography with an elegant architecture, the Java Cryptography Architecture (JCA). Another set of classes, the Java Cryptography Extension (JCE), provides additional cryptographic functionality. This book covers the JCA and the JCE from top to bottom, describing the use of the cryptographic classes as well as their innards.The book is designed for moderately experienced Java programmers who want to learn how to build cryptography into their applications. No prior knowledge of cryptography is assumed. The book is peppered with useful examples, ranging from simple demonstrations in the first chapter to full-blown applications in later chapters.Topics include:
- The Java Cryptography Architecture (JCA)
- The Java Cryptography Extension (JCE)
- Cryptographic providers
- The Sun key management tools
- Message digests, digital signatures, and certificates (X509v3)
- Block and stream ciphers
- Implementations of the ElGamal signature and cipher algorithms
- A network talk application that encrypts all data sent over the network
- An email application that encrypts its messages
Covers JDK 1.2 and JCE 1.2.
Cryptography isn't all there is to security. But rendering information unintelligible to those without the proper key usually plays a big role in any networked data-sharing system.
Java Cryptography shows the Java programmer (with or without crypto experience) how to implement ciphers, keys, and other data-obscuring techniques in Java.
The Java language includes lots of classes that are designed to facilitate cryptography, and this book explores them in depth. Key management classes, random-number generators, signed applets, and other parts of the Java security mechanism get attention in these pages. But most interesting are the author's examples. He has written a complete implementation of the ElGamal cipher as a provider in the framework of the Java Security API. If you want to understand how the Provider Architecture works, this is what you need to examine. Don't look here for an explanation of the mathematics, however.
In addition to his discussions and examples for individual pieces of the cryptography infrastructure and his implementation of the ElGamal system, Knudsen includes two nifty crypto-enabled programs: a chat system and an e-mail system.
