Print Book $39.99
Safari Books Online
Print Book £20.95
Looking to Reprint this content?
By Jonathan Knudsen
First Edition
May 1998
Pages: 362
ISBN 10: 1-56592-402-9 |
ISBN 13: 9781565924024
(Average of 9 Customer Reviews)
Java Cryptography teaches you how to write secure programs using Java's cryptographic tools. It includes thorough discussions of the java.security package and the Java Cryptography Extensions (JCE), showing you how to use security providers and even implement your own provider. It discusses authentication, key management, public and private key encryption, and includes a secure talk application that encrypts all data sent over the network. If you work with sensitive data, you'll find this book indispensable.
Full Description
- The Java Cryptography Architecture (JCA)
- The Java Cryptography Extension (JCE)
- Cryptographic providers
- The Sun key management tools
- Message digests, digital signatures, and certificates (X509v3)
- Block and stream ciphers
- Implementations of the ElGamal signature and cipher algorithms
- A network talk application that encrypts all data sent over the network
- An email application that encrypts its messages
Register your book | Submit Errata | Author's Article | Getting the JCE | Examples
Browse within this book
Cover | Table of Contents | Index | Sample Chapter | Colophon
Book details
First Edition: May 1998
ISBN: 1-56592-402-9
Pages: 362
Average Customer Reviews: (Based on 9 Reviews)
Featured customer reviews
Java Cryptography Review, December 08 2003
I would recommend this.
Java Cryptography Review, October 14 2002
First of all, I like to say that the book "Java Cryptography" by J. Knudson is very well written
and a pretty good introduction to Java Cryptography Architecture and its extensions (JCE). One can
quickly grasp the necessary details it takes to write one's own Java code that makes use of
cryptographic functions. However, I must confess there are better books on the market to enter
the subject of cryptography. Not that Knudsen's book would not make a decent intro into the
field but if you want to become a Java programmer that understands and knows to deal with more
than some cryptographic concepts/algorithms/protocols you need to consult other literature such
as Schneiers "Applied Cryptography" which has gotten a bit long in the tooth, though, or Menezes/
Oorschot/Vanstone "Handbook of Applied Cryptography" which is oriented more to mathematical
reader. Notice also that the field of cryptography is ever-evolving so what is considered secure
today might be insecure tomorrow. A famous example is the notorious DES algorithm which was broken
by cryptanalysts a few years ago and not only because of its comparatively short keysize but
also of other weaknesses.
Furthermore, I like to comment on a few spots where the author's handling with cryptographic
attainments is a bit too lax. I am referring to page 193 of 1998 edition. He wrote " ..., El-
GamalCipher will fill up an incomplete block with zeros, but it is unable to ..." This kind of
"padding the last block with zeros" is considered bad practice in the cryptographic community
and should be avoided because an attacker might exploit these known plaintext bits of the last
block. A better practice is to fill the remaining space of a block with random bits. I think
the author should have mentioned this factor somewhere but unfortunately he has not.
Next, I am referring to page 184, section "Key Pair Generation", item 2. He wrote "Choose two
other random numbers, g and x, both less than p." You should not choose both variables g and x
this way because g serves a special purpose. Variable g is known to be a primitive element (aka.
generator) of the group Z[p] where p is the prime modulus. A generator generates _all_ p-1 elements
of a group Z[p]. A random number, element of Z[p], not being a primitive element generates a
subgroup of Z[p]. The number of elements in this subgroup might be _significantly_ less than the
number of elements of the original supergroup. Consider the following calculation to show how many
primitive elements there are for a group Z[p] with a 2048 bit prime p.
"HAC" is an acronym for "Handbook of Applied Cryptography" mentioned above.
1 2 3
P(X) = Phi(Phi(p))/p-1 = Phi(p-1)/p-1 > (p-1/6 ln ln (p-1))/p-1 = 1 / 6 ln ln (p-1)
P denotes the probability,
X is the random variable that a number in the range from 1 to p-1 is a primitive element.
1: is by the Fact 2.132, iii
2: is by the Fact 2.101, i
3: is by the Fact 2.102 for p-1 > 5
So if the number of bits of p-1 is 2048 bits then we get 1 / 6 ln ln (p-1) ~ 0.023
That means only every 44th number is a generator and in my opinion this strongly disqualifies
the "any random number" approach by the author as a secure solution.
Do not get my wrong, the "any random number will do" approach might be appropriate for a book
that concentrates on teaching Java cryptography implementation aspects, such as this book, not
elaborating on an all-time secure solution. But if this is so the author is supposed to mention
it somewhere in the text which, unfortunately again, did not happen.
If you want to implement a really secure ElGamalCipher you need to consider precomputed big safe
primes and their associated generators. You can have a look at RFC2412 and at the internet draft
draft-ietf-ipsec-ike-modp-groups-04.txt to be found at www.ietf.org. I think this is a pretty
good excercise for students who mastered the basics.
Overall, I strongly encourage the author to revise the first edition and be a bit more rigorous
on security aspects of the implemented algorithms.
Java Cryptography Review, November 10 2001
Whats wrong with the Math???
Hey this book is a must for the budding Java programmer(make sure you can comfortably program in Java-or else it's just a book you'll struggle to understand the core facts while trying to grasp the language with) Top notch, go buy, go encrypt and stop your aunty sally from reading your "private" mail.
Java Cryptography Review, August 07 2001
The word Cryptography scares many Java Programmers. This book clearly explains the fundamentals of Cryptography easily.
Java Cryptography Review, June 18 2001
A good general read on Java Cryptography. There are a few errors in some of the code examples, but nothing that a quick glance over the Security API javadocs can't quickly fix. We had quite a major project on the go and the book was invaluable during that time. Well worth investing in. I would have given a higher rating, but I am a man in search of perfection and the fact that the book contained erroneous code prevents me from so doing.
Java Cryptography Review, June 07 2001
Excellent book,when i was researching on cryptography
and related stuff,as our company wanted to become CSP
(cryptography service provider)on its own turn,after
loitering across thousands of pages over the net,i
found in this book thoughts that are crystalline and
distilled,about cryptography, where you could find
confluence of real mathematics and serious coding.
i recommend this book without hesitation to any
upcoming programmer,who wants become some day man
of difference.commendable work indeed.
Java Cryptography Review, January 31 2001
There's no better first book on cryptography for a programmer to buy.
You get a great deal of exposure to an important facet of network security through this little gem. It's friendly and to the point.
The Java API is excellent--but the idea of cryptography is little odd to the everyday web or network application programmer. Having someone to kindly bridge the crypto-what-ja-ma-call-its to a world of how-do-i-wrap-it-around-my-web-or-mail-service is simply priceless. There's NO silly cryptomath (because only those cryptoexperts get the math anyway) but instead it's filled with no-nonsense coverage of how each and every common crypto engine and crypto-"protocol" takes your stream of data and converts them to cryptograms. If you always like to learn as MUCH as you could about a particular computational wonder tool before tackling a project without turning your brain to mush with research mathematics--you'll like this book.
It's just one of those books I wished I read a lot earlier so I won't have an excuse to avoid APIs that exposes applied cryptography to network applications all these years. I highly recommend this book before you head on to the math of it.
It's too bad the SSL/TLS API for Java never made it into this first edition (it did make it into O'Reilly's latest Java network programming book though).
Any one know of a book just like this one but for another language like C or Perl? With a book like this you don't need to explain it all over again--but illustration and snippets of code showing how to use the various APIs in other languages would be useful. I think if the author is willing to dabble into all of these issues and give away his findings on a book website it will be just AWESOME! A second edition of said book with all of these issues covered would be just grand too :-)
Java Cryptography Review, July 21 2000
This book is for beginners??
Hmmm, once you get into security world, it should be estimated more than that...I guess..
As a java programmer who wishes to learn and use security algorithms, I couldn't find better book than this...(I didn't get bribes from Knudsen.)
Java Cryptography Review, July 14 2000
This is a good book for begginer's on java cryptography!
OMID :)
Media reviews
"Eventhough a new edition is desireable, 'Java Cryptography'still stands alone as the best book available on this topic."
--Thomas Paul, javaranch.com, April 2001
"A good resource for information on signing code and the nature of digital signatures is 'Java Cryptography' by Jonathan Knudsen."
--Patrick Sean Neville, Java Developer's Journal, January 2000
"You can read a whole chapter, very well-written, on random number generation in Java in the excellent book 'Java Cryptography' by Jonathan Knudsen. Highly recommended. When this one came in I sat down and read it straight through, first."
--Bliss Sloan, OnTheNet Forum, AOL, June 1998
"Anybody writing Java programs, particularly for use in a networked environment, needs to be concerned about the safety of the data those programs sling about. 'Java Cryptography' explores the programming involved in two important aspects of security: encryption and decryption. Read this book if you're an experienced Java hand with a need to implement cipherware."
--David Wall, amazon.com, July 1998
" 'Java Cryptography' teaches you how to write secure programs using Java's cryptographic tools. It thoroughly discusses the Java security package and the Java Cryptography Extensions (JCE), showing you how to use security providers and even how to implement your own provider. If you work with sensitive data, you'll find this indispensable."
--amazon.com
"This recommended book takes a comprehensive look at the three pillars of computer security —confidentiality, integrity, and authentication and how they are addressed in the science of cryptography in the Java API."
--Dr. Adrian Rossi, Computer Bulletin,Nov 1998
" 'Java Cryptography', by Jonathan Knudsen, delivers the goods on cryptography, a complicated topic, but well explored in this book's 300-plus pages. In fact, if you're working with a product that includes cryptographic solutions, this book is an absolute must.… can't recommend this bbook highly enough for developers who need to understand cryptography. The topic matter is broad and difficult to understand on your own, mostly because so many issues, such as keys, certificates, encryption, and authentication, are so interrelated. 'Java Cryptography' cuts through the fog and presents the reader with a logical progression and explanation of the important issues surrounding this sometimes confusing technological realm."
--Claude Duguay, DevX, JavaZone December 1998
" 'Java in Cryptography' impressed me right off the bat. I read a lot of security books (and even tech edit them on occasion). The first couple of pages of this book have the clearest, easiest to understand section on general security principals I've ever seen... Overall, a good book and one that fills a niche nicely. I'd recommend it if you are doing cryptography in Java."
--Billy Barron, Javamug.org
