Cryptography isn't all there is to security. But rendering information unintelligible to those without the proper key usually plays a big role in any networked data-sharing system.
Java Cryptography shows the Java programmer (with or without crypto experience) how to implement ciphers, keys, and other data-obscuring techniques in Java.
The Java language includes lots of classes that are designed to facilitate cryptography, and this book explores them in depth. Key management classes, random-number generators, signed applets, and other parts of the Java security mechanism get attention in these pages. But most interesting are the author's examples. He has written a complete implementation of the ElGamal cipher as a provider in the framework of the Java Security API. If you want to understand how the Provider Architecture works, this is what you need to examine. Don't look here for an explanation of the mathematics, however.
In addition to his discussions and examples for individual pieces of the cryptography infrastructure and his implementation of the ElGamal system, Knudsen includes two nifty crypto-enabled programs: a chat system and an e-mail system.
User review
Review of Java Cryptography/Jonathan Knudsen
Java Cryptography (Java Series)
The book is written very well. It starts simple with explanations of principles of Cryptography and shows its usage on simple examples. Then Java Sun classes for Cryptography are presented and again their usage is demonstrated on examples which are never difficult to understand and thoroughly commented. Then more theory and more examples follow. Terms used and explained are Keys, Key Generators and Translators, Authentication, Integrity, Encryption, Signatures, Certificates.
The strength of the book is in the fact that the reader is able to start with Java Cryptography rather fast. The examples are easy to understand and fully explained. The book is not trivial and it is good to know something about random number generators and have a good grasp of Java programming and Java socket programming in particular, even knowledge of awt GUI principles is useful. Java professionals who intend to devote their work to Cryptography should find this book very helpful.
The coverage of this book ends with JDK 1.2 - we have JDK 1.6 now when this review is being written. It actually may be a strength. Instead of trying to grasp latest software features attention may be more diverted to principles which is always a good thing. Generally, I would recommend this book
User review
Good introduction but I expect more
Good introduction and explanation of cryptography, great for begineers, great view of Java. Specially chapters from 1, 2, 3, 4, 6, 7, 9. The rest is sometimes poor, sometimes obsolete. It's a good job, but since 1998 a lot of things came to this area. Maybe a second edition will be a good idea. For provider architecture I prefer Scott Oaks' Java Security. I miss some explanation of cryptography. But the explanations included are very clear. I agree the average from the rest of the reviews and I think 3 stars is the deserved rate for this book.
User review
Not good at all
The reviewer who mentioned this book is out of date is absolutely correct. Worse than that, this book on cryptography is written by someone who doesn't actually understand cryptography very well. Lots of bad practices are recommended, and there are several examples in the book that are insecure as written.
I would also give this book zero stars if it were possible.
User review
If I could have given this zero stars I would have.
Do not waste your money or time. This is a very poor book and is very much out of date.
User review
One of the best books on the subject
Are you concerned about someone outside your company intercepting a password between your applet and your server? Are you worried about someone inside your company using a packet sniffer to capture the credit card numbers of your customers? No? Well, perhaps you should be! As a first step towards closing your security holes you should pick up a copy of `Java Cryptography`. This book is written for the experienced Java developer with no cryptography background who needs to build cryptography into their application. The book starts off with a brief description of secure systems and demonstrates a `Hello zoT1WY1NJA0=!` program. It then gives a fairly detailed description of cryptographic concepts and the Java Cryptography Architecture (JCA). Subsequent chapters discuss how to use the Java Cryptography Extension (JCE). Chapter 5 covers generating and managing symmetric and asymmetric keys with an explanation of the difference. Chapter 6 discusses authenticating users and messages. Signatures and certificates are covered. Chapter 7 covers encryption techniques using different types of ciphers. Chapter 8 covers signing applets. The last chapters include sample encrypted chat and e-mail programs. The end result is a book that provides excellent coverage of cryptography in Java. The only defect in the book is that it is three years old (Java 2 was in beta). Fortunately, the book was written recently enough to include the new utilities used in Java 2. Even though a new edition is desirable, `Java Cryptography` still stands alone as the best book available on this topic.
