Home » Tag Archives: Cryptography

Tag Archives: Cryptography

Don’t just randomize, truly randomize!

The state of web application cryptography has changed, and each development language provides its own way of working with it. I will touch on the current state of random number generation and the differences found with it within the Java and JavaScript development languages. When designing and building web applications, security concerns obviously play a crucial role. The term security ...

Read More »

Getting A List of Available Cryptographic Algorithms

How do you learn what cryptographic algorithms are available to you? The Java spec names several required ciphers, digests, etc., but a provider often offers more than that. Fortunately this is easy to learn what’s available on our system.           public class ListAlgorithms { public static void main(String[] args) { // Security.addProvider(new // org.bouncycastle.jce.provider.BouncyCastleProvider()); // get ...

Read More »

Cryptography & Theory 2: What is Pseudorandom

As was concluded in the first part of this series, security without randomness is impossible. Deterministic ciphers are unable to protect against strong attackers and true random generators are impractical or hard to get, so cryptography is build on pseudorandom generators. First two chapters of this post define what they are and explain what kind of pseudorandom generators secure cryptography ...

Read More »

This is Stuff: Cryptography & Theory 1: Meaning of Secure

Cryptography & Theory is series of blog posts on things I learned in coursera stanford online crypto class. The class contained just right mixture of theory, math and programming and I enjoyed it a lot. This first part explains what is meant by expression “good cipher”. It contains definition of a cipher and multiple definitions of cipher security. Although it does ...

Read More »

How to use ECC with OpenJDK

Everyone who ever tried to use Elliptic Curve Cryptography (ECC) in Java with an OpenJDK was either forced to use Bouncy Castle or fumble with the SunEC provider. The SunEC provider offers the following algorithms according to the documentation (quote): AlgorithmParameters EC KeyAgreement ECDH KeyFactory EC KeyPairGenerator EC Signature NONEwithECDSA SHA1withECDSA SHA256withECDSA SHA384withECDSA SHA512withECDSA Unfortunately, this provider is not shipped ...

Read More »

Creating Password-Based Encryption Keys

This article discusses creating password-based encryption PBE keys. First a reminder of earlier points – as a rule you should, when practical, use the PBE key as a master key that is used solely to unlock a working key. This has three major benefits: You can have multiple passwords, e.g., an escrowed recovery key, You can change your password without ...

Read More »

Cryptography Using JCA – Services In Providers

The Java Cryptography Architecture (JCA) is an extensible framework that enables you to use perform cryptographic operations. JCA also promotes implementation independence (program should not care about who’s providing the cryptographic service) and implementation interoperability (program should not be tied to a specific provider of a particular cryptographic service). JCA allows numerous cryptographic services e.g. ciphers, key generators, message digests ...

Read More »

Using Cryptography in Java Applications

This post describes how to use the Java Cryptography Architecture (JCA) that allows you to use cryptographic services in your applications. Java Cryptography Architecture Services The JCA provides a number of cryptographic services, like message digests and signatures. These services are accessible through service specific APIs, like MessageDigest and Signature. Cryptographic services abstract different algorithms. For digests, for instance, you ...

Read More »

Want to take your Java skills to the next level?

Grab our programming books for FREE!

Here are some of the eBooks you will get:

  • Spring Interview QnA
  • Multithreading & Concurrency QnA
  • JPA Minibook
  • JVM Troubleshooting Guide
  • Advanced Java
  • Java Interview QnA
  • Java Design Patterns