Beginning Cryptography with Java

If you are just beginning Java this may be a little over your head. However, the concepts and sample applications are all relatively simple. The first chapter provides an excellent overview of why and how the Java crypto architecture works. I do not regularly keep up with crypto news so some of the tips in this book have been helpful such as not to use SHA1 anymore. It it helpful when the book goes into potential attacks on code as well in order to provide the reader with ideas of the best approach to building secure architectures. Prior to purchasing this book I had been trying to use several different online examples that did not go into enough depth. I would be willing to recommend this book to anyone trying to do crypto in Java.

This book is the best choice if you need to initiate in the use of java crypto API (as its title claims) and it informs extensively about Bouncy Castle crypto API (which I also recommend). Definitely a good book.

By anyone's measure, cryptography is a dry and dusty subject but Hook has made it a pleasure to read this book both by trying to keep the tone light and having such a deep and thorough understanding of the topic that the discussion is effortless. While he moves through the subject matter briskly, his mastery of the area means that it's elegantly structured and easy to follow. All the Wrox books seem to follow a pretty rigid format and I felt sometimes that had the author been given a little more flexibility there, it could have flowed more easily. That said, the consistent organisation of the book makes it easier to use as a reference.

Whether it is complete or not (of course, it is not), I would challenge anyone to point at a single alternative book covering Java cryptography at a greater level of details. The style is clear, coverage of ASN.1 is very helpful, and selection of BouncyCastle open source cryptoprovider is the most natural one. Lots more of details and code samples can be found in Bouncy Castle javadocs, but to navigate them without conceptual understanding of Java security in general and BouncyCastle implementation in particular, gained from the book like this one, would be a nightmare. "Inside Java 2 Platform Security: Architecture, API Design, and Implementation (2nd Edition)" would be another book to recommend, for general overview of Java Security Platform, and, also, to make sense of Java Cryptography Extension (JCE) APIs standardizing access to cryptoproviders' (such as BouncyCastle) libraries. But, of course, the two books have very little overlap.

Cryptography is still a delicate issue with a lot of people. There are those, especially in certain law enforcement agencies, who believe that access to stong encryption should not be allowed in the hands of the general public. Indeed, there are export regulations that define encryption technology as munitions. ==At the other end of the scale, there is the simple fact that without secure data transmission, web based electronic commerce would simply be impossible. This book is on the use of standard Java encryption libraries. This book is written for people who are Java developers and are trying to make use of cryptography in their applications. It presumes that you are familiar with the Java language, but it does not assume you have any familiarity with the encryption APIs. The book covers the recent updates in the security APIs with J2SE 5.0. This book is very good from the programming point of view, it does not have a lot of history or the background technology of how encryption is done.