Archives
  Columns
  Features
  Print Archives
1994-1998
  Special
  BYTE Digest
  Michael Abrash's Graphics Programming Black Book
  101 Perl Articles
  About Us
  How to Access BYTE.com
  Write to BYTE.com
  Advertise with BYTE.com

Newsletter
Free E-mail Newsletter from BYTE.com
 
    
  HOME   ABOUT US   ARCHIVES   CONTACT US   ADVERTISE   REGISTER
Visit the home page Browse the four-year online archive Download platform-neutral CPU/FPU benchmarks Find information for advertisers, authors, vendors, subscribers Request free information on products written about or advertised in BYTE Submit a press release, or scan recent announcements Talk with BYTE's staff and readers about products and technologies

ArticlesMak ing Java Development JSafe

January 1998 / Reviews / Making Java Development JSafe

RSA's cryptographic toolkit targets Java as the platform of choice for secured Internet applications.

Peter Wayner

The write-once, run-anywhere philosophy optimizes Java as a tool for network computing. And enabling Internet applications for digital commerce probably tantalizes developers more than any other use. The generally accepted solution to security concerns -- bundling an application with encryption and digital signatures -- was just made easier with the release of JSafe 1.0 , RSA Data Security's Java-toolkit implementation of its cryptographic algorithms.

Computationally intensive, cryptographic functions drive most developers to code Internet applications tightly, often by using assembly language or C to optimize performance. Applications tuned for single platforms lack Java's run- anywhere feature, and RSA believes developers will trade the speed of native code for Java's platform independence.

JSafe offers RSA's "brand-name" algorithms, including symmetric key ciphers, such as DES; triple-DES; and RSA's proprietary RC2, RC4, and RC5 ciphers for high-performance block encryption. It also includes RSA's public-key-encryption and digital-signature algorithms, as well as the Diffie-Hellman algorithm for key negotiation over an insecure channel like the Internet. The package's secure hash-function support, integral to the tamper-proofing of data, includes RSA's MD5 and SHA1, the Secure Hash Algorithm.

JSafe was clearly designed to expand and include more algorithms with time. Available options might grow as RSA's patents expire; right now, JSafe steers users toward RSA's algorithms.

JSafe lacks the prosaic routines that programmers need to produce a complete implementation. For example, while the package includes routines to output standard BER-encoded data, which can in turn be converted to BASE64 for 7-bit encoding, it lacks the routines necessary to convert certificates to and from PGP format. These extra routines would certainly simplify the programmer's job.

JSafe handles most of the grungiest work for the average developer of crypto-enabled Java applications and applets. The JSafe SDK costs $290, but developers must negotiate licensing directly with RSA for any JSafe-developed programs they distribute, either as part of shipping products or for use within an organization or by an organization's customers. While JSafe represents a solid basis for cryptographic programming in Java, it could benefit from added support for programmable interoperability.

Where to Find 


JSafe 1.0 SDK................
..........$290

Licensing: 
 A separate license must be negotiated to ship a 
 product with JSafe. RSA offers volume discounts,
 site licenses, and other deals.

RSA Data Security, Inc. (a Security Dynamics company)
Redwood City, CA
Phone:    800-732-8743
Phone:    650-595-8782
Internet: 
http://www.rsa.com

Enter HotBYTEs No. 1036.
Information on 
this product
 and similar products (security)


HotBYTEs
 - information on products covered or advertised in BYTE

JSafe 1.0 Ratings

Technology * * * *
Implementation * * * *
Key: ***** Outstanding, **** Very Good, *** Good, ** Poor, * Fair

Simple Encryption

screen_link (23 Kbytes)

This simple JSafe applet takes random text from the top window and encrypts it in the bottom window.

Peter Wayner is a BYTE consulting editor based in Baltimore. His home page is at http://www.a ccess.digex.net/~pcw/pcwpage.html .
Up to the Reviews section contentsGo to previous article: Go to next article: Java and Encryption
Flexible C++
Matthew Wilson
My approach to software engineering is far more pragmatic than it is theoretical--and no language better exemplifies this than C++.

more...

BYTE Digest

BYTE Digest editors every month analyze and evaluate the best articles from Information Week, EE Times, Dr. Dobb's Journal, Network Computing, Sys Admin, and dozens of other CMP publications—bringing you critical news and information about wireless communication, computer security, software development, embedded systems, and more!

Find out more
BYTE.com Store

BYTE CD-ROM
NOW, on one CD-ROM, you can instantly access more than 8 years of BYTE.
 
The Best of BYTE Volume 1: Programming Languages
The Best of BYTE
Volume 1: Programming Languages
In this issue of Best of BYTE, we bring together some of the leading programming language designers and implementors...

Copyright © 2005 CMP Media LLC, Privacy Policy, Your California Privacy rights, Terms of Service
Site comments: webmaster@byte.com
SDMG Web Sites: BYTE.com, C/C++ Users Journal, Dr. Dobb's Journal, MSDN Magazine, New Architect, SD Expo, SD Magazine, Sys Admin, The Perl Journal, UnixReview.com, Windows Developer Network