Title: Cryptography for Visual Basic
Author: Richard Bondi
Length: 459 Pages
Format: Paperback
Publisher: Wiley
Published date: 2000
ISBN-13: 978-1931841252
Richard Bondi introduces the subjects of cryptography and digital certificates in an easy-to-follow way. The symmetric and asymmetric varieties of ciphers are described using concepts like session keys, hash functions, PRNGs (Pseudo-Random Number Generators) and cipher-block chaining mode. Binary, bits and XOR functions pave the way for Visual Basic declarations of the Windows CryptoAPI, originally written in C, consequently producing a lot of explanation how Windows API data types and parameter passing are translated into their VB equivalents. After 100 pages or so, I was quite impressed, especially as it would appear that cryptography could be set up using VB in an ASP page. The next chapter then delves into the complications of using VB objects as pointers, encoding ASCII as hexadecimal so SQL strings could be interpreted, bitwise arithmetic and error trapping. As much as the methods explained are illuminating, a cryptographic system would seem to be no small feat. There follows an in-depth description of the CryptoAPI and how to use it in VB via the open-source WCCO (Wiley CryptoAPI COM Objects) interface (source code is contained in the book and on the CD). The main objects like the provider and container, then key objects, hashing, signing, messagetext are described in great detail. Testing strategies, key management and some philosophical and political ideas surrounding cryptography bring us to the book’s conclusion.
Like graphics programming, crypto-programming seems from the outside quite involved so be prepared for some work! I give praise to the author for explaining many general concepts well and giving clues as to how to handle VB in the context of the Windows API and bitwise modes. One feature I liked in the book was the way concepts were explained with several example scenarios you may encounter with suggestions of how to tackle each. With VB6 and a Windows front end seeming a little dated, perhaps implementing via ASP could seem more relevant. Nevertheless as an introduction to a language specific crypto-programming exercise this books seems to be of some use. If further developed, the end results could be worth their weight in these days of secure business.
VB CryptoAPI is an encryption method that has developed and is mature; looking at it from a simpler perspective for Java here are two easy tutorials from CompSci Studio for encryption and decryption which could be templates for the cryptography we’ve so far experimented in Sense. I’ve found this O’Reilly book which covers Java methods in a little more depth: Java Cryptography by Jonathan Knudsen.