Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Cryptography and Java applications

Implementing cryptography with Java applications is an important security measure. Fortunately, the Java platform supports a number of cryptographic services, explains expert Ramesh Nagappan.

How do I work with Java Cryptography Extension for the best security?

In Java-based applications, cryptography plays a vital role for ensuring confidentiality and integrity of Java objects, data and trusted communication. To support cryptographic services, the Java platform facilitates an extensible security architectural model via standard API mechanisms for integrating cryptography providers. There is support for digital signatures, message digests, encryption/decryption algorithms, PKI, Certificate authorities (CA), SSL/TLS based communication and PKCS#11 devices such as cryptographic hardware accelerators and smart cards.

To work with Java cryptographic services in your Java applications, the Java platform offers the following set of API frameworks and their implementations:

    1. Java Cryptographic Architecture (JCA) :
      JCA provides basic cryptographic services and algorithms, which include support for digital signatures and message digests.

    1. Java Cryptography Extension (JCE):
      JCE augments JCA functionalities with added cryptographic services that are subjected to U.S. export control regulations and includes support for encryption and decryption operations, secret key generation and agreement, and message authentication code (MAC) algorithms.

    1. Java Certification Path (CertPath):
      CertPath provides the functionality of checking, verifying and validating the authenticity of certificate chains.

  1. Java Secure Socket Communication (JSSE):
    JSSE facilitates secure communication by protecting the integrity and confidentiality of data exchanged using SSL/TLS protocols.

For more details on understanding the implementation, look to the Java Security API documentation and refer to the book Core Security Patterns for practical guidance and best practices.

More information:

Dig Deeper on Software Testing Tools and Frameworks

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.