Weapons grade cryptography is now a simple matter using Java. What does it mean for the Web, Sun, Microsoft? O'Reilly's Web site editor Allen Noren interviewed Jonathan Knudsen, author of O'Reilly's upcoming Java Cryptography for some ideas.

Jonathan is a staff writer for O'Reilly & Associates, a job that allows him to exercise the right and left sides of his brain but little of his body. In 1977, when Jonathan was knee-high to a grasshopper, he began his computer career by progamming in BASIC on a TRS-80. In 1993 he graduated cum laude from Princeton with a degree in mechanical engineering. Jonathan is still unsure what mechanical engineers do for a living. His current interests include embedded system MIDI programming, Java Sound, and user interface design. He is coauthor of the Java Fundamental Classes Reference and writes a column for Sun Server.

Noren:

Why is cryptography important?

Knudsen:

Cryptography is important for the same reasons that photo IDs are important and fences are important. In the digital world, cryptography offers three essential services that protect you and your data from theft and fraud. These services are authentication, integrity, and confidentiality.

There's a saying that "on the Internet, nobody knows you're a dog." One of the things that's attractive about the Internet is the anonymity it offers. But if you're trying to conduct business, it's a nightmare. Customers need to know that they're ordering goods and services from real businesses. Cryptography offers "certificates" as a solution. Certificates are sometimes called "digital IDs," because they can be used to verify the identity of someone you don't know. This process is called "authentication", where you decide whether someone is authentic or not.

Certificates can be used with another technique, "digital signatures", to ensure that nobody can impersonate you. It's very easy to forge email, but it's really hard to forge a digitally signed email message. And similarly, it's very hard for somebody else to modify a message that you have digitally signed. This is called protecting the integrity of data.

It's very easy to eavesdrop on email, or any other transaction that takes place on a computer network. How can you be sure that nobody finds out about your financial transactions, or your medical records, or your secret business deals? Again, cryptography has a solution, something called a "cipher". A cipher knows how to encrypt and decrypt data. Before you send sensitive data over a network, or store it on a disk, you can encrypt it, which turns it into an unreadable mess. When you need the data again, you use the cipher to decrypt the data. If you play your cards right, you are the only person that will be able to decrypt the data. If you're sending data to someone, you can ensure that only that person is able to decrypt the message. Ciphers provide confidentiality because they keep information secret.

Noren:

How difficult is it to work with cryptography in Java?

Knudsen:

It's not difficult at all. Sun did a nice job designing the cryptography APIs. There are classes that represent each cryptographic concept, like Cipher and Signature. The API separates the concepts from the implementations. This means that, for example, you only need to worry about what a cipher does, without worrying about the details of a particular algorithm like DES or IDEA. In turn, this means that your applications can work with different algorithms without changing any of your code. Maybe you can even let your users choose which algorithms to use, based on what they have installed. Part of the Cryptography API is the "Provider Architecture," which makes it really easy to plug in different cryptographic algorithms.

Noren:

Cryptography is legally classified by the US government as a weapon. You're not allowed to export cryptography software, like PGP, and we're not even putting many of the most important examples from your book on our site like we normally do. It's serious business. What's the impact of Java cryptography?

Knudsen:

In a way, you've answered your own question. The Cryptography API enabled me to write weapons-grade software without busting a gut. All Java developers now have the option of using the important services of cryptography in their applications. My biggest examples, an email client and a network talk application, use cryptography for authentication and confidentiality. But if you go look at the source code, most of it is concerned with the rest of the application, not the cryptographic part. When the JDK first came out in 1995, one of the neat things about it was the Socket and ServerSocket classes, which made it easy to write networked applications. Now the Cryptography API has made it easy to develop cryptographically enabled applications.

US export law is only one of the factors that shapes the world of cryptographic software. One other factor has to do with patents on algorithms. As I wrote this book, a patent expired on a cipher and signature algorithm called ElGamal. One of the really exciting things for me is including a full implementation of ElGamal ciphers and signatures in this book.

Noren:

Where do you see Java developing in the next year?

Knudsen:

I think the platform will stabilize. One of the big complaints about Java has been the quirks of different JVMs. The Java Activator should go a long way towards standardizing the Java environment that is available in browsers.

Noren:

What are the most important problems that still need to be solved?

Knudsen:

Java's biggest problem now is user experience. The Java platform can be as elegant, robust, and secure as it wants, but if users don't have a reason to choose applications developed in Java, they won't. Right now, Java is very popular with geeks like me. But it's users that pony up the bucks and actually buy software. Java's traditional weakness is performance; I'm hoping that just-in-time compilers and HotSpot technology, coupled with ever-faster processors, will address this problem. On another front, Sun is trying to deliver a framework for advanced user interfaces with the Java Foundation Classes. The user experience is being enhanced from two sides.

Noren:

How successful do you think Microsoft will be in positioning itself against Java?

Knudsen:

Microsoft has an uncanny ability to either kill, subvert, or absorb competing technologies. They're definitely attempting to embrace, extend, and, ultimately, exterminate Java. Again, their success depends on users. Developers are savvy to Microsoft's wiles, but if Microsoft is able to offer users a significantly better experience with MS-Java applications than with real Java applications, then that's where the money will go, and developers will have to follow.

Noren:

You're an O'Reilly staff author. Mike Loukides, our Java series editor, found you through a newsgroup. How was it to write this book and what will you be working on next?

Knudsen:

Actually, I found O'Reilly through a feature called DreamJobs in HotWired magazine. I really enjoyed writing Java Cryptography, which is my first solo book. It's funny because when I started, I didn't think cryptography was interesting at all. Once I started to learn about it, I discovered a fascinating and volatile world. A lot of people make fun of the feds for being so paranoid about cryptography. But they have a point--it is scary stuff, in some ways. If you and I can use cryptography to prevent anyone from reading our email or finding out our credit cards numbers when we buy something, then surely thieves and terrorists can use cryptography to keep their plans a secret. Like any other powerful tool, cryptography is available to the good guys and the bad guys.

Jonathan Knudsen