Guarding Against Malicious Attacks

Your choice of private keys versus private/public key pairs depends on the kind of communications you are doing and the possible ways someone might attack your communications.

Presumably, the reason you are encrypting your data is to hide something in the data from prying eyes. This hidden information might be a credit card number, it might be the password to another system somewhere, or it might just be personal information.

When you create secure applications, you need to have some idea of the ways someone can attack your application. In general, there are two types of attack:

  • Simple eavesdropping— An eavesdropping attack is a passive attack that can be conducted by monitoring network traffic. You should assume ...

Get Special Edition Using Java™ 2 Enterprise Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.