Chapter 2. Concepts
At the application programming level, there are many options for making a program secure. Cryptography is the biggest, baddest tool in the application programmer’s arsenal. But it is important to realize that a cryptographically enabled program is not necessarily a secure one. Without a carefully planned and constantly scrutinized security strategy, cryptography won’t do you much good.
Correctly used, cryptography provides these standard security features:
Confidentiality assures you that data cannot be viewed by unauthorized people.
Integrity assures you that data has not been changed without your knowledge.
Authentication assures you that people you deal with are not imposters.
Random numbers are used in many cryptographic algorithms. I’ll talk a little bit about computer-generated random numbers at the end of the chapter. I’ll wrap up by discussing the cryptographic algorithms used in this book.