Often we write applications that require users to choose a password or enter a credit card number. Storing this sensitive data in its raw form (called cleartext) represents a security risk: if someone were to gain unauthorized access to our database, he or she could query for this information and we’d be liable for any damage done. A nice alternative to persisting these fields in human-legible format is to encrypt them using our application. Because this is a simple request-response model requiring no conversational state, the stateless session bean is ideally suited to handle these requirements efficiently. Other EJBs or standalone clients may later leverage the generic encryption service we provide in this component.

The EncryptionEJB example is discussed in full detail in Appendix B.

There are two techniques we’ll consider:

Cryptographic hashing is the process in which some input is transformed into a reproducible, fixed-size result. The algorithm is unidirectional, meaning that it’s not mathematically possible to un-hash the output back to its original form. By storing the hash of passwords only, we may compare hashes of login attempts against the stored value (see Figure 5-3).

Figure 5-3. Comparing input with a hash of the expected result

Sometimes we need to be able to get the cleartext back out of ...