O'Reilly logo

Java Security by Scott Oaks

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Cryptographic Engines

In the next few chapters of this book, we’re going to see how Java provides an interface to the algorithms required to perform the sort of authentications we’ve just talked about. We’ll also explore the architecture Java provides for general implementation of these algorithms, including ones (such as encryption) that are not strictly required for authentication. If you’re not familiar with the various cryptographic algorithms we’ve been alluding to so far in this chapter, the next section should sort that all out for you.

Essentially, all cryptographic operations are structured like the diagram in Figure 7.2. Central to this idea is the cryptographic algorithm itself, which is called an engine; the term “algorithm” is reserved to refer to particular implementations of the cryptographic operation. The engine takes some set of input data and (optionally) some sort of key and produces a set of output data. A few points are relevant to this diagram. There are engines that do not require a key as part of their input. In addition, not all cryptographic engines produce symmetric output—that is, it’s not always the case that the original text can be reconstructed from the output data. Also, the size of the output is typically not the same as the size of the input. In the case of message digests and digital signatures, the output size is a small, fixed-size number of bytes; in the case of encryption engines, the output size is typically somewhat larger than the input ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required