4 Message Integrity and Authentication

 

This chapter covers

  • Guaranteeing data integrity using the Secure Hash Algorithm (SHA)
  • Ensuring sender authenticity using a Hashed Message Authentication Code (HMAC)
  • Ensuring data integrity using an HMAC
  • Using the Java Cryptography Architecture (JCA) and Extensions (JCE)

This chapter is the first step in a friendly introduction to cryptographic algorithms for application developers. We will not cover the mathematics of the cryptography algorithms. Instead, we will demonstrate cryptography concepts with working Java examples so you can build the intuition and background to understand application security.

Cryptographic algorithms are the foundational security building blocks, no matter what programming language you write code in or which cloud provider you deploy your application on. Terse documentation and mysterious error messages from security libraries make perfect sense if you understand the basics of cryptography. No more getting stuck and blindly copying and pasting from stackoverflow.com and blog posts.

4.1 The goals of cryptography

 
 

4.2 Cryptographic hash functions

 
 

4.2.1 Secure Hash Algorithm (SHA)

 
 

4.2.2 Verifying integrity using a cryptographic hash function

 

4.2.3 Design for hash function change

 
 

4.2.4 Exercises

 
 
 
 

4.3 Java cryptography architecture and extensions

 
 

4.3.1 Google and Amazon JCA providers

 
 
 

4.3.2 Exercises

 
 
 

4.4 Implementing message integrity in Java

 
 
 

4.5 Message Authentication Code (MAC)

 

4.5.1 Hashed Message Authentication Code (HMAC)

 
 

4.5.2 Guaranteeing authenticity using HMAC

 
 

4.5.3 Exercises

 
 
 
 

4.6 Summary

 
 
 
 
sitemap

Unable to load book!

The book could not be loaded.

(try again in a couple of minutes)

manning.com homepage
test yourself with a liveTest