book

Java Cryptography

by Jonathan Knudsen

May 1998

Intermediate to advanced

362 pages

10h 8m

English

O'Reilly Media, Inc.

Read now

Unlock full access

VersionsFile NamingCLASSPATHVariable NamingDownloading

Masher SecretWriting
Symmetric Ciphers Asymmetric Ciphers Hybrid SystemsDistributing KeysKey Agreement Protocols
CertificatesCertificate Chains
Size Does MatterNames and NumbersMD5SHA-1HmacMD5 and HmacSHA1DSAElGamal signaturesDESDESede PBEWithMD5AndDESElGamal ciphersDH
SeederPitfalls
KeyPairGeneratorKeyGeneratorAlgorithm-Specific Initialization
SecretKeySpecSecretKeyFactoryFrom things to keysFrom keys to thingsKeyFactory
Diffie-Hellmanjavax.crypto.KeyAgreementSKIPSkipServerSkipClientSkipper: Multiparty key agreement
Key HoldersPrincipalIdentitySignerIdentityScopeKeyManager
KeyStoreGettingLoading and savingAdding private key entriesAdding trusted certificate entriesRetrieving entrieskeytoolCreating a key pairUbiquitous options and defaultsInspecting the keystoreGenerating a CSRImporting certificatesOther optionsChanging the default keystore class
GettingFeedingDigestingOne, Two, Three!Digest StreamsProtected Password LoginDouble-Strength Password Login
Setting UpFeedingCalculating the CodeFor Instance
Generating a Signature Verifying a SignatureHancockLogin, Again SignedObject
java.security.cert.Certificate Generating a CertificateVerifying a CertificateX.509SpillCertificate Revocation Lists
PaddingPKCS#5Other padding schemesModesECBCBCPCBCCFBOFBOther modes
Getting a CipherBasic InformationInitializing a CipherGenericName brandFeeding Data to a Cipher
Cipher Streamsjavax.crypto.SealedObject
Salt and VinegarTest Drive
SPISetupBasic informationInitializingFeedingBlockCipherCBCWrapperCFBWrapper
PGPS/MIMESSLSourcesUsing the browserSET
Prepare a SignerBundle the AppletSign the AppletTest the AppletSet Up the Browser
Prepare a SignerAsk for PermissionSign the AppletBundle the AppletTest the AppletSet Up the Browser
RecipePrepare a SignerBundle the AppletSign the AppletTest the Applet
Algorithm Names and ImplementationsA Simple ProviderAn Algorithm by Any Other NameInstalling the Provider
Key Pair GenerationSignatureCipher
Key ClassesElGamalKeyPairGenerator
First-Time SetupExporting a KeyImporting a KeyStarting a ConversationReceiving a ConversationLoopback Testing
ArchitectureSessionSessionServerReceiverSafeTalk
First-Time SetupPreferencesKeysGetting and Reading MailSending Mail
ArchitectureMessage FormatMessagePOP3SMTPComposerCipherMail
Self-ContainedDemonstration SoftwareClient/ServerClient AppletsAccess Control
SerializationDeleting FilesVirtual MemoryMemory Scanning

Content preview from Java Cryptography

Network Security

The Internet Protocol, the backbone of the Internet, is not a secure protocol. Although you can use an IP network securely, you need to apply cryptography on top of the IP network—in your application, for example.

You should assume that every piece of data that you send or receive over a network can be observed, recorded, and replayed by an attacker. Likewise, don’t trust any network traffic you receive without cryptographic authentication as proof of identity. I get chills down my spine every time I use ftp or telnet. Those applications still accept a password, in plaintext, as authentication. As we discussed in Chapter 6, it’s a bad idea to send a password over the network.

IPng (IP next generation) is a new protocol that can provide authentication and privacy at the protocol layer. If you’d like to read more, see http://playground.sun.com/pub/ipng/html/ipng-main.html.

SafeTalk and CipherMail, presented in Chapter 10 and Chapter 11, show how you can use cryptography to provide authentication and confidentiality in networked Java applications. Even these applications, however, have some interesting shortcomings. Consider SafeTalk, for example. Even though it encrypts the contents of a conversation, it can’t conceal the existence of the conversation. Even if your enemies can’t understand what you and your friends are chatting about, you might not want your enemies to know that you’re even talking. CipherMail has the same property: Even though the contents of your ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Hands-On Cryptography with Java

Erik Costlow

Cryptography and Cryptanalysis in Java: Creating and Programming Advanced Algorithms with Java SE 17 LTS and Jakarta EE 10

Stefania Loredana Nita, Marius Iulian Mihailescu

Java Security Handbook

Jamie Jaworski, Paul J. Perrone, Venkata S.R. Krishna Chaganti

Java Security, 2nd Edition

Scott Oaks

Publisher Resources

ISBN: 1565924029Supplemental Content Errata Page