ESES/j-Crypto and its application

Abstract

e-businesses have been spreading and many existing firms have been changing to take advantages of e-commerce model. However, most e-commerce site visitors are reluctant to shop online due to security concerns. Therefore trust and control of security are imperative for participating in e-business and critical to its success. In order to provide security and cryptographic services such as digital signature, encryption and message digest to web application developers, the Java platform provides two types of APIs (application programming interfaces): the Java Cryptography Architecture (JCA) and the Java Cryptography Extension (JCE). In this paper, we introduce ESES/j-Crypto that is developed as a subsystem of ESES (ETRI Secure E-commerce Service) system for supporting secure electronic commerce. ESES/j-Crypto is compatible with the JCA and the JCE 1.2 and provides a cryptographic basis to ESES/Signature and ESES/Cipher that are other subsystems of ESES. It consists of two software components: one is implementation of the JCE specification that defines and supports cryptographic services, and the other is a cryptographic service provider, called the CSP. The ESES CSP includes not only generally used cryptographic algorithms, such as DSA, RSA, DES, and SHA1, but also algorithms adopted as domestic standard, such as SEED, KCDSA. It can be associated with other packages well and we can add new algorithms to it easily. This paper explains how ESES/j-Crypto processes offer security services and present a simple application that works for a cipher for an XML document.