Understanding Java SecureRandom Algorithms on Linux

High-quality random numbers are essential for cryptography, secure key generation, and other security-sensitive applications. Standard pseudo-random number generators (PRNGs) produce…

Read More »

Java 21 Key Encapsulation Mechanism (KEM) API

Secure communication relies on exchanging cryptographic keys safely over untrusted networks. Until Java 21, implementing this in Java required combining…

Read More »

Electronic Signature Using The WebCrypto API

Sometimes we need to let users sign something electronically. Often people understand that as placing your handwritten signature on the…

Read More »

Don’t just randomize, truly randomize!

The state of web application cryptography has changed, and each development language provides its own way of working with it.…

Read More »

Getting A List of Available Cryptographic Algorithms

How do you learn what cryptographic algorithms are available to you? The Java spec names several required ciphers, digests, etc.,…

Read More »

Cryptography & Theory 2: What is Pseudorandom

As was concluded in the first part of this series, security without randomness is impossible. Deterministic ciphers are unable to…

Read More »

This is Stuff: Cryptography & Theory 1: Meaning of Secure

Cryptography & Theory is series of blog posts on things I learned in coursera stanford online crypto class. The class contained…

Read More »

How to use ECC with OpenJDK

Everyone who ever tried to use Elliptic Curve Cryptography (ECC) in Java with an OpenJDK was either forced to use…

Read More »

Creating Password-Based Encryption Keys

This article discusses creating password-based encryption PBE keys. First a reminder of earlier points – as a rule you should,…

Read More »