Author: William J Buchanan
Reviewer: Alex Armstrong
Why would you read a book on cryptography? You might want to master the math so that you can understand what is going on and perhaps improve or reimplement it. You might want to find out how to use crypto tools or you might want to implement crypto yourself. The last one isn't a particularly good idea unless you take it on yourself to become expert in the first two. It is all too easy to make a mistake that turns a secure system into an open system.
So why learn about crypto beyond the application and use of tools? A good question and one I don't have a clear answer to. This book doesn't attempt to teach you the basics of cryptographic theory. At most it goes over the procedures involved in a particular cryptographic procedure. The illustrations, involving Alice and Bob of course, are very nice and they do help follow some of the complicated transactions.
The book starts with a look at historical ciphers and here we learn about Morse code, Playfair, Caese, Viigenere and one time pad plus a few other less well-known classics. The chapter ends with an unusual look at coding methods including compression, Base64 and so on - not sure why - and some probability and number theory - not enough.
Chapter 2 introduces key-based encryption and here I started to feel like I wanted more detail. For example, what is the S-Box in the AES cipher. I know they exist and what they do, but why someone invented them or what choices were involved I still don't know. Of all cryptographic methods it is the symmetric key methods that are least well explained in most books and this one is no exception. Basically what we have is a long list of methods and shallow explanations complete with nice diagrams.
The same approach continues in the following chapters. Chapter 3 lists hashing methods, problems and uses. Chapter 4 explains public key encryption, RSA, Elliptic curve and ElGamal. None are explained deeply enough for the mathematician or for the programmer.
From here the book moves on to applications of cryptography: Chapter 5 key exchange, Chapter 6 authentication and certificates, Chapter 7 tunneling - i.e. SSL/TLS, VPNs and so on. Chapter 8 moves on to cracking codes and again it's basically a list of possible methods.
The final chapters are on "hot topics". Chatper 9 is about light-weight cryptography and quantum crypto. Chapter 10 is on the blockchain and crypto currency. Chapter 11 is on zero knowledge proof and Chapter 12 is on stream ciphers, including WEP, WPA, and A5.
This is an overview of cryptography. It isn't a 1000ft overview because there is also a lot of detail included - a 10ft overview? It gives you just enough information to be able to reason, a little bit, about the methods described. You can see what might make them less secure and why cracking them might be easier in the future. You don't get the mathematical background and you don't get any implementation details. You don't even get enough information to make use of many of the tools mentioned. It is more like name dropping than a deep presentation.
All this said, however, if you want a bit more than a bluffer's guide to crypto this is a well-written and well-presented book. If you take the time to read it you won't be a crypto expert, but you will be more than the average bluffer trying to convince the world they know what they are talking about.
Recommended to the right reader.
|Last Updated ( Saturday, 05 October 2019 )|