AnyBook4Less.com	Find the Best Price on the Web Order from a Major Online Bookstore
Home  |  Store List  |  FAQ  |  Contact Us  |
Ultimate Book Price Comparison Engine Save Your Time And Money Keyword AuthorISBN

Title: Java Cryptography by Jonathan Knudsen ISBN: 1-56592-402-9 Publisher: O'Reilly & Associates Pub. Date: May, 1998 Format: Paperback Volumes: 1 List Price(USD): $29.95

Your Country USA Canada United Kingdom Australia Austria Belgium France Germany Italy Netherlands Switzerland Currency AutoUSD CAD GBP EUR AUD CHF Delivery Only cheapest delivery All delivery options Include Used Books Are you a club member of: Barnes and Noble Books A Million Chapters.Indigo.ca

Average Customer Rating: 3.14 (14 reviews)

Rating: 3
Summary: Written for those without prior crypto experience
Comment: This book is intended to teach experienced Java programmers how to add cryptographic elements to their applications. The text is not intended to teach encryption algorithms, basic Java programming, or the overall Java security model: there are other books that fulfill those functions. There is one other limitation: much of the book relies on the Java Cryptography Extensions (JCE) which are only available to those in the United States and Canada (nudge, nudge, wink, wink).

Chapter one lists some fundamentals of encryption and the relationship to security. There are also a couple of programs right off the bat that will let you explore message digests, and encrypting and decrypting messages. The basics of confidentiality, authentication, and some major cryptographic algorithms are outlined in chapter two. The explanations are quite terse, but not out of line with the aim of the book. Java Security Architecture (JCA) is explained in chapter three, along with a quick overview of the API (Application Programming Interface) and SPI (Service Provider Interface). Chapter four introduces Java's own pseudo-random number generator, plus programming for key seeds from keyboard timing. Key management, in chapter five, is somewhat weak. The APIs only deal with hierarchical key certification, but this may simply be an example of Knudsen dealing strictly with the language, and leaving the concepts to others. I was, however, bemused at some passages that may have suffered from a lack of copy editing: for example, one section that seemed to confuse production of Message Authentication Codes with working on Macintosh computers. Authentication of various types is covered quite well in chapter six. Chapter seven's guide to encryption covers details not normally dealt with in cryptography texts because it must handle all matters related to getting an encryption algorithm to actually function in an application.

Chapter eight gives enough detail about signed applets to prove that they are going to be browser specific for a while. Security provider programming is covered in chapter nine, using the ElGamal algorithm as an example. A sample application is created using an encrypted version of the talk utility in chapter ten. An e-mail application is created in chapter eleven using th provider previously generated in chapter nine. Chapter twelve closes off by looking at security design for the system overall.

Appendices review BigInteger arithmetic in Java, the Base64 encoding scheme (an option for converting binary objects to text characters for e-mailing), Java archive files, Javakey, and a quick reference for the Java cryptography classes as covered in the book.

Knudsen states that the book is written, as far as possible, without assuming any prior knowledge of cryptography. In this aim he succeeds rather well. The programmer with no background in encryption can still add a reasonable layer of security to his or her application. Those who study further, of course, will be able to ensure a higher level of protection and reliability.

Rating: 4
Summary: One of the best books on the subject
Comment: Are you concerned about someone outside your company intercepting a password between your applet and your server? Are you worried about someone inside your company using a packet sniffer to capture the credit card numbers of your customers? No? Well, perhaps you should be! As a first step towards closing your security holes you should pick up a copy of "Java Cryptography". This book is written for the experienced Java developer with no cryptography background who needs to build cryptography into their application. The book starts off with a brief description of secure systems and demonstrates a "Hello zoT1WY1NJA0=!" program. It then gives a fairly detailed description of cryptographic concepts and the Java Cryptography Architecture (JCA). Subsequent chapters discuss how to use the Java Cryptography Extension (JCE). Chapter 5 covers generating and managing symmetric and asymmetric keys with an explanation of the difference. Chapter 6 discusses authenticating users and messages. Signatures and certificates are covered. Chapter 7 covers encryption techniques using different types of ciphers. Chapter 8 covers signing applets. The last chapters include sample encrypted chat and e-mail programs. The end result is a book that provides excellent coverage of cryptography in Java. The only defect in the book is that it is three years old (Java 2 was in beta). Fortunately, the book was written recently enough to include the new utilities used in Java 2. Even though a new edition is desirable, "Java Cryptography" still stands alone as the best book available on this topic.

Rating: 1
Summary: Not good at all
Comment: The reviewer who mentioned this book is out of date is absolutely correct. Worse than that, this book on cryptography is written by someone who doesn't actually understand cryptography very well. Lots of bad practices are recommended, and there are several examples in the book that are insecure as written.

I would also give this book zero stars if it were possible.

Similar Books:

	Title: Java Security (2nd Edition) by Scott Oaks ISBN: 0596001576 Publisher: O'Reilly & Associates Pub. Date: May, 2001 List Price(USD): $44.95
	Title: Java Network Programming by Elliotte Rusty Harold ISBN: 1565928709 Publisher: O'Reilly & Associates Pub. Date: August, 2000 List Price(USD): $39.95
	Title: Java Threads, Second Edition by Scott Oaks, Henry Wong ISBN: 1565924185 Publisher: O'Reilly & Associates Pub. Date: January, 1999 List Price(USD): $34.95
	Title: Java Security Handbook by Jamie Jaworski, Paul Perrone ISBN: 0672316021 Publisher: SAMS Pub. Date: 21 September, 2000 List Price(USD): $49.99
	Title: Professional Java Security by Jess Garms ISBN: 1861004257 Publisher: Wrox Press Inc Pub. Date: May, 2001 List Price(USD): $49.99