Title: Professional Java Security
ISBN: 1861004257
US Price: $ 49.99
Canadian Price:
C$ 74.95
UK Price: £ 39.99
© Wrox Press Limited, US and UK.

Reviews : Java Books :
Professional Java Security : Symmetric Encryption

Symmetric Encryption

In Chapter 3 we introduced symmetric encryption, and in this chapter we're going to elaborate on the subject by describing how to use the JCE to perform symmetric encryption. To begin with, we will look at how we encrypt and decrypt using symmetric encryption. Then we discuss applications for symmetric encryption, followed by some examples, which deal with the following aspects of encryption:

  • Basic encryption
  • Encryption using Blowfish
  • Password-based encryption

The main topics discussed in this chapter are:

  • Key storage, including wrapping and unwrapping
  • Modes
  • Cipher streams and how to initialize ciphers with an initialization vector
  • Sealed objects

Remember, before trying to run any of the code in the chapter you'll need an encryption engine installed. Here we'll be using the Bouncy Castle provider because it has support for many algorithms, and won't restrict us from using any other providers in the future (instructions for its installation are provided in the previous chapter).

Encryption and Decryption

Symmetric encryption, also known as secret-key encryption, is the simplest type of encryption. A single key is used, which must be kept secret, hence the name. In order to encrypt data, we take the key and use it to initialize a cipher. The cipher can then be used to encrypt data passed to it. Decryption is similar – a cipher gets initialized with the same key, and the data passed in is decrypted.

The strength of encryption is based on the length of the key. For symmetric encryption, that key length is typically between 40 and 128 bits, but some algorithms can have even longer keys.  DES, which is probably the most commonly used symmetric algorithm, has a key length of 56 bits, which is really not enough for a secure system, as we discussed in Chapter 3. We should use at least 128 bit keys if we're going to use symmetric encryption.

How to Add Java Applets to Your Site

New on the Java Boutique:

New Review:

Time Management Made Easy with the Quartz Enterprise Job Scheduler
Why not just use the Java timer API? This open source scheduling API boasts simplicity, ease-of-integration, a well-rounded feature set, and it's free!

New Applet:

Reverse Complement
Reverse Complement is a simple applet that converts DNA or RNA sequences into three useful formats.

Elsewhere on internet.com:

WebDeveloper Java
Lots of Java information on webdeveloper.com

WDVL Java
Thorough Java resource at the Web Developer's Virtual Library.

ScriptSearch Java
Hundreds of free Java code files to download.

jGuru: Your View of the Java Universe
Customizable portal with online training, FAQs, regular news updates, and tutorials.