Guarding Against Malicious Attacks
Your choice of private keys versus private/public key pairs depends on the kind of communications you are doing and the possible ways someone might attack your communications.
Presumably, the reason you are encrypting your data is to hide something in the data from prying eyes. This hidden information might be a credit card number, it might be the password to another system somewhere, or it might just be personal information.
When you create secure applications, you need to have some idea of the ways someone can attack your application. In general, there are two types of attack:
Simple eavesdropping— An eavesdropping attack is a passive attack that can be conducted by monitoring network traffic. You should assume ...
Get Special Edition Using Java™ 2 Enterprise Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
