Choosing a Cryptographic Algorithm
Throughout this chapter
we’ve shown how objects from the Java Security API, such as
KeyPairGenerators and
Ciphers, can be created by specifying a
particular cryptographic algorithm for the implementation of the
object. We haven’t yet discussed the issues involved in picking
one algorithm over another.
Features of Cryptographic Algorithms
Cryptography includes a broad range of techniques under its umbrella. Some of the characteristics that distinguish one technique from another follow.
Level of protection
Some encryption techniques provide a virtually unbreakable barrier to information theft; others just require a determined attacker with moderate resources to be broken. One way to compare techniques on this level is to estimate how much CPU time would be required on a machine of a given processing speed to iterate through all the possible keys to the encoded data. For example, “A 128-bit XYZ cryptographic key requires 14.5 months of CPU time on an Acme 24-processor server to be broken.” But other issues can affect the level of effort required to break the encrypted data, and make it difficult to objectively compare the security of encryption techniques. For example, if the attacker is not familiar with the format of the data being transmitted, and the data isn’t easily interpreted on its own, then it may be tough to tell if an attempt to decode the data has worked or not.
Sophistication and complexity
Encryption techniques are usually based upon ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access