Advertisement
Membership
Login
ACCU Buttons
Search in Book Reviews
Search is a simple string search in either book title or book author. The full text search is a search of the text of the review.
Cryptographic applications are always critical. If they fail your sensitive data may be compromised. If your data is not sensitive enough to make you worry about potential failures then there is no reason to apply cryptography in the first place. It is therefore reasonable to assume that someone trusted with the design and implementation of cryptographic (Java-)components of your system has at least basic knowledge of computer science fundamentals, is able to use Java's primitive types properly and knows enough about undergraduate abstract algebra to comprehend the concepts of algorithms like RSA. Galbreath considers it necessary to explain all these details. I'd agree if this was an undergraduate textbook that introduces computer science students to cryptography, but not if the book is explicitly written for software engineers, i.e. practitioners with at least some experience. As it is, the basics take too much room and other discussions, e.g. ease of use vs. security, are kept short.
Whatever the target readership, the errors in the book are too many to be overlooked. I am not talking about the numerous typos, layout glitches or syntax errors in sample code. There are serious errors in the text that may confuse readers in the best case and cause them to write insecure code in the worst. The sections on key storage fail to mention special purpose hardware like, e.g. smartcards.
The book's strong points (like its extensive, partially commented bibliography) cannot make up for its shortcomings. Not recommended.