In this course, you will learn how to implement document hashing and secure password hashing into Java applications using the Java Cryptography Architecture. This applies to Web applications and Java-based Desktop applications (e.g., Swing, AWT, SWT/RCP, JavaFX), but also database and backend applications as well as Android apps.
Get practical security background information from an IT security expert. Learn how to encode hashes in-memory and stream-based. Learn how to use salt and iteration count for secure password hashing following PBKDF2 from the security standard PKCS#5.
You should be an experienced Java developer to take this course. We will do hands-on coding examples that can be directly used within your enterprise applications.
Get to know the Java Cryptography Architecture and the basic hashing class.
Implement a real world in-memory file hashing example.
Learn how to use a MAC, e.g. HMAC, with Java. This is also the basis for secure password hashing.
Learn how to implement and integrate a secure password hashing scheme into your application. Get practical advice how to use these algorithms securely.
In this lecture, you see what wrapper libraries do and offer, in case you do not want to deal with the Java Cryptography Architecture and crypto parameters directly.
This is an installation tutorial how to install the “Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files” without downloading. If you run into trouble regarding the usage of the JCA in conjunction with strong crypto algorithms, you have to configure your JRE installation accordingly.
Frank Hissen successfully studied Computer Science at Darmstadt University of Technology (Germany) focusing on IT security. For over 15 years, he works as IT consultant and software engineer; for over 10 years, he also works in various positions as security expert in IT development and consulting projects. He mainly worked for large businesses but also medium-sized companies.
He develops software and system architectures for complex systems and implements them or supervises the implementation. Moreover, he creates studies and function specifications.
In the area of IT security, Mr. Hissen is specialized in applied and technical IT security. For major as well as smaller companies, he equally developed and implemented security solutions and accompanied processes for secure product and software development.
In the area of cryptography and encryption, Mr. Hissen developed security solutions as Senior Solution Engineer at SECUDE before he became self-employed in 2009. Since then he works as freelancing expert in the area of web and cloud application security. He creates secure conceptual designs of system architectures but also takes care of their secure implementation and corresponding security requirements. One other focus is the technical examination and validation of the actual implementation.
Until now, Mr. Hissen worked in various projects amongst others for Deutsche Telekom AG, SECUDE, Allianz AG, ITO Darmstadt UT and SAP Research.