Rating: 
Summary: Good Book on Java Cryptography
Review: This book impressed me right off the bat. I read a lot of security books (and even tech edit them on occasion). The first couple of pages of this book have the clearest, easiest to understand section on general security principals I've ever seen.</p> From skimming the rest of the book (unfortunately, don't have time to read cover to cover right now), it appears to be a typical O'Reilly book, which means it is concise, clear, and full of examples. It covers all of the key aspets of cryptography.</p> Overall, a good book and one that fills a niche nicely . I'd recommend it if you are doing cryptography in Java.</p>
Rating:
Summary: One of the best books on the subject
Review: Are you concerned about someone outside your company intercepting a password between your applet and your server? Are you worried about someone inside your company using a packet sniffer to capture the credit card numbers of your customers? No? Well, perhaps you should be! As a first step towards closing your security holes you should pick up a copy of "Java Cryptography". This book is written for the experienced Java developer with no cryptography background who needs to build cryptography into their application. The book starts off with a brief description of secure systems and demonstrates a "Hello zoT1WY1NJA0=!" program. It then gives a fairly detailed description of cryptographic concepts and the Java Cryptography Architecture (JCA). Subsequent chapters discuss how to use the Java Cryptography Extension (JCE). Chapter 5 covers generating and managing symmetric and asymmetric keys with an explanation of the difference. Chapter 6 discusses authenticating users and messages. Signatures and certificates are covered. Chapter 7 covers encryption techniques using different types of ciphers. Chapter 8 covers signing applets. The last chapters include sample encrypted chat and e-mail programs. The end result is a book that provides excellent coverage of cryptography in Java. The only defect in the book is that it is three years old (Java 2 was in beta). Fortunately, the book was written recently enough to include the new utilities used in Java 2. Even though a new edition is desirable, "Java Cryptography" still stands alone as the best book available on this topic.
Rating: 
Summary: If I could have given this zero stars I would have.
Review: Do not waste your money or time. This is a very poor book and is very much out of date.
Rating:
Summary: Good introduction to Java's Cryptography classes.
Review: Good introduction to Cryptography and the Java Cryptography Extensions. The book covered what I expected at about the level that I expected.
Rating:
Summary: Great for beginners
Review: If you're new to cryptography in general, I'd recommend this book. Within the first chapter I was able to understand quite a few concepts that I had been struggling with. Thanks to the author for not trying to talk over everyone's heads and just getting things laid out simply, with good diagrams. Another reader had the opinion that this book does not introduce the Best Way of doing things, so it's not worth reading. I would disagree. You should read this book with the understanding that it's not going to make you a master cryptography expert, but will give a good introduction.
Rating:
Summary: Great for beginners
Review: If you're new to cryptography in general, I'd recommend this book. Within the first chapter I was able to understand quite a few concepts that I had been struggling with. Thanks to the author for not trying to talk over everyone's heads and just getting things laid out simply, with good diagrams. Another reader had the opinion that this book does not introduce the Best Way of doing things, so it's not worth reading. I would disagree. You should read this book with the understanding that it's not going to make you a master cryptography expert, but will give a good introduction.
Rating:
Summary: Once again OReilly did a great job ! ! !
Review: Impressed me??? Yes this book did impressed me. I read alot of java books but I have found this books to hit the spot out of all the security books.
Rating: 
Summary: Wait for a REAL Java Crypto book
Review: Java Cryptography was the first O'Reilly book I found disapointing. I had expected a book like this to contain examples of really cool encryption, demonstrating the usefulness of the Java Cryptography Extensions. I had expected it to at least offer an implementation of RSA, and possibly SSL (secure socket layers). The book was disapointing, there is no CD containing source code or the required Java Cryptography Extensions, and by the books own omission, some of the examples aren't even available online. I understand that the publishers were limited by US export laws, but without solid examples of things Java developers might want to write (SSL), without the JCE which international readers will be unable to obtain, this book was extremely disappointing.
Rating:
Summary: Teaches cryptography the wrong way
Review: The goal of this book is to show how to implement a secure application. It does not achieve this. Generally, it is a good idea to rely on algorithms and protocol that are published, well analyzed and preferably standardized. Specially public key cryptography has many pitfalls that are difficult to avoid. However, the author of this book designs his own key exchange protocol and uses ad-hoc padding schemes. This procedure sets a bad example for the reader. The result is what one has to expect from an ad-hoc design: The applications have serious design flaws. For example the ElGamal signature scheme in chapter 9 does not use a hash function besides other omissions. The padding scheme for the ElGamal encryption simply adds 0's and therefore does not prevent chosen message attacks. The key exchange protocol in chapter 10 constructs a session key from two halves that are sent seperately. Each half can be attacked seperately in a reply attack, etc. To conclude, this book does certainly not show the proper use of cryptography, and hence is hardly worth reading.
Rating:
Summary: Not good at all
Review: The reviewer who mentioned this book is out of date is absolutely correct. Worse than that, this book on cryptography is written by someone who doesn't actually understand cryptography very well. Lots of bad practices are recommended, and there are several examples in the book that are insecure as written. I would also give this book zero stars if it were possible.
| 
