In this section, I’ll briefly discuss the impact of key size on security. Then I’ll introduce the algorithms that will be used in this book.

Size Does Matter

Key size affects the security of signatures and ciphers. In general, the longer the key, the harder it will be for an attacker to decrypt your ciphertext or forge a signature. Basically, longer keys have more possible values. If your attacker is trying every possible key to find the right one (a brute-force attack), a longer key gives the attacker more work. Keep in mind, however, that key size is only part of the story. A long key won’t do you much good if the algorithm itself is weak.

Asymmetric ciphers and signatures have a variable key size. It’s up to your application or users to choose an appropriate key length. Although longer keys are more secure, they are also slower. Picking the right key size is a trade-off between finding a comfortable level of security and having your application run too slowly.

Symmetric ciphers can either have a fixed or variable key length; it depends on the algorithm.

Names and Numbers

Table 2.1 summarizes the algorithms that I’ll use in this book. We’ll implement the ElGamal signature and cipher algorithms in Chapter 9. All the other algorithms have been implemented as part of software supplied by Sun.

Table 2-1. Algorithms Used in This Book





Message digest

RFC 1321


Message digest

NIST FIPS 180-1 ...

Get Java Cryptography now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.