[ISN] REVIEW: "Java Cryptography"

From: mea culpa (jerichoat_private)
Date: Wed Nov 25 1998 - 00:14:48 PST

  • Next message: mea culpa: "[ISN] REVIEW: "Cryptography and Network Security""

    BKJAVCRP.RVW   981018
    
    "Java Cryptography", Jonathan Knudsen, 1998, 1-56592-402-9,
    U$29.95/C$42.95
    %A   Jonathan Knudsen
    %C   103 Morris Street, Suite A, Sebastopol, CA   95472
    %D   1998
    %G   1-56592-402-9
    %I   O'Reilly & Associates, Inc.
    %O   U$29.95/C$42.95 800-998-9938 fax: 707-829-0104 nutsat_private
    %P   372 p.
    %T   "Java Cryptography"
    
    This book is intended to teach experienced Java programmers how to add
    cryptographic elements to their applications.  The text is not intended to
    teach encryption algorithms, basic Java programming, or the overall Java
    security model: there are other books that fulfill those functions.  There
    is one other limitation: much of the book relies on the Java Cryptography
    Extensions (JCE) which are only available to those in the United States
    and Canada (nudge, nudge, wink, wink). 
    
    Chapter one lists some fundamentals of encryption and the relationship to
    security.  There are also a couple of programs right off the bat that will
    let you explore message digests, and encrypting and decrypting messages. 
    The basics of confidentiality, authentication, and some major
    cryptographic algorithms are outlined in chapter two. The explanations are
    quite terse, but not out of line with the aim of the book.  Java Security
    Architecture (JCA) is explained in chapter three, along with a quick
    overview of the API (Application Programming Interface) and SPI (Service
    Provider Interface).  Chapter four introduces Java's own pseudo-random
    number generator, plus programming for key seeds from keyboard timing. 
    Key management, in chapter five, is somewhat weak.  The APIs only deal
    with hierarchical key certification, but this may simply be an example of
    Knudsen dealing strictly with the language, and leaving the concepts to
    others.  I was, however, bemused at some passages that may have suffered
    from a lack of copy editing: for example, one section that seemed to
    confuse production of Message Authentication Codes with working on
    Macintosh computers.  Authentication of various types is covered quite
    well in chapter six.  Chapter seven's guide to encryption covers details
    not normally dealt with in cryptography texts because it must handle all
    matters related to getting an encryption algorithm to actually function in
    an application. 
    
    Chapter eight gives enough detail about signed applets to prove that they
    are going to be browser specific for a while.  Security provider
    programming is covered in chapter nine, using the ElGamal algorithm as an
    example.  A sample application is created using an encrypted version of
    the talk utility in chapter ten.  An email application is created in
    chapter eleven using th provider previously generated in chapter nine. 
    Chapter twelve closes off by looking at security design for the system
    overall. 
    
    Appendices review BigInteger arithmetic in Java, the Base64 encoding
    scheme (an option for converting binary objects to text characters for
    emailing), Java archive files, Javakey, and a quick reference for the Java
    cryptography classes as covered in the book. 
    
    Knudsen states that the book is written, as far as possible, without
    assuming any prior knowledge of cryptography.  In this aim he succeeds
    rather well.  The programmer with no background in encryption can still
    add a reasonable layer of security to his or her application.  Those who
    study further, of course, will be able to ensure a higher level of
    protection and reliability. 
    
    copyright Robert M. Slade, 1998   BKJAVCRP.RVW   981018
    
    
    -o-
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:12:23 PDT