4 Message integrity and authentication
This chapter covers
- Guaranteeing data integrity using the Secure Hash Algorithm
- Ensuring sender authenticity with a hash-based message authentication code (HMAC)
- Ensuring data integrity using an HMAC
- Using the Java Cryptography Architecture and Java Cryptography Extensions
This chapter is the first step in a friendly introduction to cryptographic algorithms for application developers. We won’t cover the mathematics behind these algorithms. Instead, we’ll demonstrate cryptography concepts with working Java examples so you can build the intuition and background you need to understand application security.
Cryptographic algorithms are the foundational security building blocks, no matter what programming language you write code in or which cloud provider you deploy your application on. These documentation and mysterious error messages from security libraries make perfect sense if you understand the basics of cryptography. You’ll no longer get stuck or blindly copy and paste from Stack Overflow and blog posts.
Definition A cryptographic algorithm is a set of mathematical rules used to secure information. Depending on its purpose, it can hide data (encryption), detect changes (hashing), prove who created the data (digital signatures), or securely establish shared secrets (key exchange).