The ABA JCE - Executive Overview

Version : $Id: jceexecoverview.html,v 1.7 1998/11/19 23:41:10 leachbj Exp $

Send Comments to ABA

1.0 Introduction

From Java Cryptography, Jonathan Knudsen, O'Reilly & Associates.: The overall design of the cryptography classes classes is governed by the Java Cryptography Architecture (JCA). The JCA specifies design patterns and an extensible architecture for defining cryptographic concepts and algorithms. The JCA is designed to separate cryptographic concepts from implementations.
From http://java.sun.com;: The Java Cryptography Extension (JCE) 1.2 provides a framework and implementations for encryption, key generation and key agreement, and Message Authentication Code (MAC) algorithms. Support for encryption includes symmetric, asymmetric, block, and stream ciphers. The software also supports secure streams and sealed objects.

The ABA JCE consists of;

a clean room implementation of the Java Cryptography Extension (JCE) API as defined by Sun Microsystems;
a provider of underlying cryptographic algorithms.

The purpose of this document is to provide a brief summary of what the JCE is and what facilities the ABA provider makes available.

Readers looking for more technical information should examine the ABA JCE Specification document and http://java.sun.com for details about the JCE. The URL for the JCE changes as the status of the development of the JCE is updated, at the time of writing it can be found in the early access area of the Java Developer Connection.

2.0 The Java Cryptography Extension

The JCE 1.2 provides a framework for encryption, key exchange, Message Authentication Code (MAC) algorithms, secure streams and sealed objects. The JCE is designed so that other cryptography libraries can be plugged in as providers, and new algorithms can be added seamlessly.

ABA has been required to develop an implementation of the JCE as US export regulations mean that the only information outside of the US that is currently available on the JCE is the API documentation.

A concern associated with these export regulations could be the compatibility of the ABA implementation with the Sun implementation. To counter this problem, Sun have made the API documentation as unambiguous as possible. By careful adherence to the API documentation and recognised cryptography standards such as PKCS1, PKCS5, and PKCS7, ABA believes it has implemented an API with the greatest compatibility possible to the Sun implementation. ABA continues to monitor relevant work being done by other implementors of clean room JCEs outside of the US in order to resolve compatibility.

3.0 The ABA Cryptographic Provider

From Java Cryptography, Jonathan Knudsen, O'Reilly & Associates.: A cryptographic provider is a set of classes that implement cryptographic algorithms.

The ABA provider gives the framework provided by the JCE API the necessary support required to perform the actual encryption and digest algorithms. All algorithms have been compared and checked against other implementations, including, where possible, hardware implementations. Care has been taken to ensure that these implementations are standards compliant where appropriate.

The ABA provider supports the following encryption algorithms: DES, DESede (or "triple DES"), IDEA^TM, RC4®, Blowfish, Twofish and RSA. Key generators are provided for all algorithms, including the necessary checks for weak keys where required.

The following message digest algorithms are supported by the ABA provider: SHA-0, SHA-1, and MD5.

4.0 Licensing

The ABA JCE and its associated provider is available in source code under a UC Berkeley style of license agreement. Support contracts are also available.

5.0 Restrictions

This software may be subject to the import/export controls, regulation or legislation of your country.