Publisher: O'Reilly, 1998, 344 pages
ISBN: 1-56592-402-9
Keywords: IT Security, Java
Cryptography, the science of secret writing, is the biggest, baddest security tool in the application programmer's arsenal.
Cryptography provides three services that are crucial in secure programming. These include a cryptographic cipher that protects the secrecy of your data; cryptographic certificates, which prove identity (authentication); and digital signatures, which ensure your data has not been damaged or tampered with. This book covers cryptographic programming in Java. Java 1.1 and Java 1.2 provide extensive support for cryptography with an elegant architecture, the Java Cryptography Architecture (JCA). Another set of classes, the Java Cryptography Extension (JCE), provides additional cryptographic functionality. This book covers the JCA and the JCE from top to bottom, describing the use of the cryptographic classes as well as their innards. The book is designed for moderately experienced Java programmers who want to learn how to build cryptography into their applications. No prior knowledge of cryptography is assumed. The book is peppered with useful examples, ranging from simple demonstrations in the first chapter to full-blown applications in later chapters. Topics include:
Covers JDK 1.2 and JCE 1.2.
Worse example of security immaturity will be hard to find!
The author obviously doesn't know neither crypto nor secure programming, as he introduces some very bad practices!
He also more or less just gives the API some fairy-tale rationale and demonstrates a profound non-understanding of security issues and especially cryptology.
It's reading books like this that produces idiots to security programmers…
Avoid at all costs. If you need some information on Java's crypto API, you'll get more info out of the standard manual.
Comments
There are currently no comments
New Comment