Chapter 10 only began to explore the fascinating
subject of cryptography.
The JCE is explicated in much more detail by Jonathan Knudsen in
Java Cryptography (O’Reilly &
Associates, 1998) Java Cryptography expands on
the coverage of the
MessageDigest classes you’ll find in this
book. It also includes thorough discussions of the
package and the Java Cryptography Extension (JCE), showing you how to
use security providers and even implement your own provider. It
discusses authentication, key management, and public and private key
encryption and includes a secure talk application that encrypts all
data sent over the network. If you write Java programs that
communicate sensitive data, you’ll find this book
For a more in-depth look at the mathematics and protocols that underlie the JCE, you’ll want to check out Bruce Schneier’s Applied Cryptography (John Wiley & Sons, 1995). This is the standard practical text on cryptographic protocols and algorithms, and the attacks on them. Schneier discusses a wide range of cryptographic algorithms, key management and exchange schemes, one-way hash functions, signature algorithms, and many other problems in sufficient detail to allow a competent programmer to implement them. Although Schneier’s language of choice is C, the techniques discussed are applicable in any language.
The formal specification of the Java Cryptography API is available from Sun at http://java.sun.com/products/jdk/1.2/docs/guide/security/CryptoSpec.html ...