Eduardo Galan Herrero said
This book is the best choice if you need to initiate in the use of java crypto API (as its title claims) and it informs extensively about Bouncy Castle crypto API (which I also recommend).
Definitely a good book.
Benjamin Golding said
By anyone's measure, cryptography is a dry and dusty subject but Hook has made it a pleasure to read this book both by trying to keep the tone light and having such a deep and thorough understanding of the topic that the discussion is effortless. While he moves through the subject matter briskly, his mastery of the area means that it's elegantly structured and easy to follow.
All the Wrox books seem to follow a pretty rigid format and I felt sometimes that had the author been given a little more flexibility there, it could have flowed more easily. That said, the consistent organisation of the book makes it easier to use as a reference.
Prasad Reddy said
This book does a good introduction but the book needs an update to J2SE 5.x security updates. I like Core Security Patterns by Steel, Nagappan, Lai covers a lot more details on Java security apis than this book.
reviewer said
Whether it is complete or not (of course, it is not), I would challenge anyone to point at a single alternative book covering Java cryptography at a greater level of details. The style is clear, coverage of ASN.1 is very helpful, and selection of BouncyCastle open source cryptoprovider is the most natural one. Lots more of details and code samples can be found in Bouncy Castle javadocs, but to navigate them without conceptual understanding of Java security in general and BouncyCastle implementation in particular, gained from the book like this one, would be a nightmare.
"Inside Java 2 Platform Security: Architecture, API Design, and Implementation (2nd Edition)" would be another book to recommend, for general overview of Java Security Platform, and, also, to make sense of Java Cryptography Extension (JCE) APIs standardizing access to cryptoproviders' (such as BouncyCastle) libraries. But, of course, the two books have very little overlap.
John Matlock said
Cryptography is still a delicate issue with a lot of people. There are those, especially in certain law enforcement agencies, who believe that access to stong encryption should not be allowed in the hands of the general public. Indeed, there are export regulations that define encryption technology as munitions. ==At the other end of the scale, there is the simple fact that without secure data transmission, web based electronic commerce would simply be impossible.
This book is on the use of standard Java encryption libraries. This book is written for people who are Java developers and are trying to make use of cryptography in their applications. It presumes that you are familiar with the Java language, but it does not assume you have any familiarity with the encryption APIs. The book covers the recent updates in the security APIs with J2SE 5.0.
This book is very good from the programming point of view, it does not have a lot of history or the background technology of how encryption is done.
Comments