Java Cryptography Architecture: Secure Password Hashing
Learn how to implement secure hashing for Java Web, Backend and Desktop Applications as well as Android Apps
Description
In this course, you will learn how to implement document hashing and secure password hashing into Java applications using the Java Cryptography Architecture (JCA / JCE) APIs. This applies to Web applications and Java-based Desktop applications (e.g., JavaFX, Swing, AWT, SWT, RCP), but also database and backend applications as well as Android Apps.
Get practical security background information from an IT security expert. Learn how to encode hashes in-memory and stream-based. Learn how to use salt and iteration count properly for secure password hashing following PBKDF2 from the security standard PKCS#5. This is still one the most used secure hashing standards today.
You should be an experienced Java developer to take this course. We will do hands-on coding examples that can be directly used within your own (enterprise) applications!
We are using an older version of Eclipse in this course, however, the course’s content is still up-to-date. This is because PBKDF2 can be applied to current computing power by simply increasing the ‘famous’ iteration count (as used in various applications like VeraCrypt).
Content:
Setup: Download and import all necessary libraries
Simple Hashing Example
Real-world Hashing Example
Efficient stream-based Hashing
Message Authentication Code (MAC)
Secure Password Hashing with PBKDF2 / PKCS#5
Commercial Wrapper Libraries: Demo
JCE Unlimited Strength Policy File Installation (applies only for older JREs)
What You Will Learn!
- Integrate file hashing into Java applications and Android apps
- Integrate secure password hashing into Java applications and Android apps
Who Should Attend!
- You should be an experienced Java developer before taking this course. For hashing, you only need a basic understanding. Details of secure hashing, practical background information and hands-on tips will be provided in the course.