Cryptography, the science of secret writing, is the biggest, baddest security tool in the application programmer's arsenal. Cryptography provides three services that are crucial in secure programming. These include a cryptographic cipher that protects the secrecy of your data; cryptographic certificates, which prove identity (authentication); and digital signatures, which ensure your data has not been damaged or tampered with. This book covers cryptographic programming in Java. Java 1.1 and Java 1.2 provide extensive support for cryptography with an elegant architecture, the Java Cryptography Architecture (JCA). Another set of classes, the Java Cryptography Extension (JCE), provides additional cryptographic functionality. This book covers the JCA and the JCE from top to bottom, describing the use of the cryptographic classes as well as their innards. The book is designed for moderately experienced Java programmers who want to learn how to build cryptography into their applications. No prior knowledge of cryptography is assumed. The book is peppered with useful examples, ranging from simple demonstrations in the first chapter to full-blown applications in later chapters. Topics include:

• The Java Cryptography Architecture (JCA)

• The Java Cryptography Extension (JCE)

• Cryptographic providers

• The Sun key management tools

• Message digests, digital signatures, and certificates (X509v3)

• Block and stream ciphers

• Implementations of the ElGamal signature and cipher algorithms

• A network talk application that encrypts all data sent over the network

• An email application that encrypts its messages

Covers JDK 1.2 and JCE 1.2.

Amazon.com® Reader Reviews (Ranked by Helpfulness)

Average Amazon.com® Rating:  Based on 16 Ratings

Not good at all - 2003-03-05
Reviewer Rating:
The reviewer who mentioned this book is out of date is absolutely correct. Worse than that, this book on cryptography is written by someone who doesn't actually understand cryptography very well. Lots of bad practices are recommended, and there are several examples in the book that are insecure as written.

I would also give this book zero stars if it were possible.

If I could have given this zero stars I would have. - 2002-04-23
Reviewer Rating:
Do not waste your money or time. This is a very poor book and is very much out of date.

One of the best books on the subject - 2001-12-05
Reviewer Rating:
Are you concerned about someone outside your company intercepting a password between your applet and your server? Are you worried about someone inside your company using a packet sniffer to capture the credit card numbers of your customers? No? Well, perhaps you should be! As a first step towards closing your security holes you should pick up a copy of "Java Cryptography". This book is written for the experienced Java developer with no cryptography background who needs to build cryptography into their application. The book starts off with a brief description of secure systems and demonstrates a "Hello zoT1WY1NJA0=!" program. It then gives a fairly detailed description of cryptographic concepts and the Java Cryptography Architecture (JCA). Subsequent chapters discuss how to use the Java Cryptography Extension (JCE). Chapter 5 covers generating and managing symmetric and asymmetric keys with an explanation of the difference. Chapter 6 discusses authenticating users and messages. Signatures and certificates are covered. Chapter 7 covers encryption techniques using different types of ciphers. Chapter 8 covers signing applets. The last chapters include sample encrypted chat and e-mail programs. The end result is a book that provides excellent coverage of cryptography in Java. The only defect in the book is that it is three years old (Java 2 was in beta). Fortunately, the book was written recently enough to include the new utilities used in Java 2. Even though a new edition is desirable, "Java Cryptography" still stands alone as the best book available on this topic.

Good introduction but I expect more - 2005-08-27
Reviewer Rating:
Good introduction and explanation of cryptography, great for begineers, great view of Java. Specially chapters from 1, 2, 3, 4, 6, 7, 9. The rest is sometimes poor, sometimes obsolete. It's a good job, but since 1998 a lot of things came to this area. Maybe a second edition will be a good idea. For provider architecture I prefer Scott Oaks' Java Security. I miss some explanation of cryptography. But the explanations included are very clear. I agree the average from the rest of the reviews and I think 3 stars is the deserved rate for this book.

Review of Java Cryptography/Jonathan Knudsen - 2009-04-10
Reviewer Rating:
Java Cryptography (Java Series)

The book is written very well. It starts simple with explanations of principles of Cryptography and shows its usage on simple examples. Then Java Sun classes for Cryptography are presented and again their usage is demonstrated on examples which are never difficult to understand and thoroughly commented. Then more theory and more examples follow. Terms used and explained are Keys, Key Generators and Translators, Authentication, Integrity, Encryption, Signatures, Certificates.

The strength of the book is in the fact that the reader is able to start with Java Cryptography rather fast. The examples are easy to understand and fully explained. The book is not trivial and it is good to know something about random number generators and have a good grasp of Java programming and Java socket programming in particular, even knowledge of awt GUI principles is useful. Java professionals who intend to devote their work to Cryptography should find this book very helpful.

The coverage of this book ends with JDK 1.2 - we have JDK 1.6 now when this review is being written. It actually may be a strength. Instead of trying to grasp latest software features attention may be more diverted to principles which is always a good thing. Generally, I would recommend this book

Browse Similar Topics

Top Level Categories:
Networking
Programming
Security

Sub-Categories:
Networking > Security
Security > Public-Key Cryptography
Programming > Java
Security > Software Engineering
Software Engineering > Security and Cryptography