[ISN] REVIEW: Handbook of Applied Cryptography

From: mea culpa (jerichoat_private)
Date: Wed Nov 04 1998 - 07:27:58 PST

  • Next message: mea culpa: "[ISN] Forbes replies to ISN Feedback"

      This message is in MIME format.  The first part should be readable text,
      while the remaining parts are likely unreadable without MIME-aware tools.
      Send mail to mimeat_private for more info.
    
    --------------74B740B62C
    Content-Type: TEXT/PLAIN; CHARSET=us-ascii
    Content-ID: <Pine.SUN.3.96.981104082622.14318jat_private>
    
    
    http://www.slashdot.org/books/98/11/04/0851244.shtml
    
    
    Review: Handbook of Applied Cryptography
    Posted by Hemos on Wednesday November 04, @08:51AM
    
    Giving some actual theory to the whole cryptography discussion, Ian S. 
    Nelson's review of Handbook of Applied Cryptography takes a look at this
    veritable tome of information.  This isn't a book for those of you trying
    to figure out exactly what the NSA actually does; this is for the real
    meat and numbers behind it all.  Click below for more info. 
    
    REVIEW:    Handbook of Applied
                   Cryptography
                Alfred J. Menezes,
              Paul C. van Oorschot,
                Scott A. Vanstone
                 CRC Press (ISBN
                  0-8493-8523-7)
    
    Required reading for any cryptography freak.
    
    ReviewRating: 9/10
    
    The Scenario
    
    CRC Press has been building a series of books on discrete mathematics and
    its applications. Doug Stinson wrote the theory book on cryptography
    (Cryptography: Theory and Practice (ISBN: 0-8493-8521-0, if you don't like
    this book you'll vomit when you see the Stinson book) and this is the
    application book on cryptography.  It's close to 800 pages chocked full of
    information. 
    
    I must confess that I'm a cryptography freak and I'm a little sick of the
    constant political discussions and lack of tech talk, this book is all
    tech and might even be a little much if you're not into math. It's a
    wonderful companion to the Schneier books (Applied Cryptography 1st or 2nd
    Edition A.K.A. "the crypto bible") if you're into the nitty gritty details
    of cryptography. 
    
    What's Bad? 
    
    I really like this book and I can't find a lot that I don't like about
    it... but I think in places the math gets a little thick. I have a degree
    in math and I find myself returning to the math overview section more
    often than I'd like to admit. If you're not familiar with discrete math
    and combinatorics then this book probably isn't for you. If you enjoy that
    stuff, then this will be a piece of cake. If you're looking to build your
    crypto book library up I'd highly recommend this book before you get some
    of the more hard-core books. 
    
    Something else I feel is lacking is cryptanalysis on ciphers. They discuss
    attacks on various protocols and hashes but actual attacks on ciphers are
    glossed over. As a companion to Cryptography: Theory and Practice, which
    covers cryptanalysis in more detail, it is understandable to leave that
    material out of this book but I think they could discuss it a little more
    than they do without going into specifics. 
    
    The no-nonsense style can be a little dry at times, there aren't a lot of
    jokes or anecdotes to lighten things up in this book. 
    
    What's Good? 
    
    Cipher isn't spelled with a 'y' anywhere in this book. It's not filled
    with a lot of opinion or rumor. It doesn't hardly bring up ITAR, key
    escrow, or the NSA's mystical superpowers. This book is about
    cryptographic techniques and a listing of patents is about as political or
    opinionated as it gets. 
    
    It is kind of like a textbook without the problems at the end of each
    chapter. It is written in an outline format with subitems of "Definition",
    "Fact", "Notes", "Example", and "Algorithm." Each subitem is followed by a
    few short but concise paragraphs of explanation. 
    
    Plenty of charts and figures fill the pages and everything is explained
    well. While it lacks source code, there is certainly enough information
    for you to implement any of the ciphers, hashes, or protocols covered. It
    even includes some test vectors for a lot of the algorithms. 
    
    So What's In It For Me? 
    
    If you want to learn about cryptography, not the politics but the actual
    technology, then this is a great book to get before you get over your
    head. It's very readable and while the math can be a little heavy in
    places it is accessible and useful. It gives you a good flavor of how more
    advanced papers and books on the subject are and it avoids the nonacademic
    discussions surrounding cryptography. 
    
    To pick this book up, head over to Amazon and help Slashdot out. 
    
    Table of Contents
    
      1. Overview of Cryptography
           1. Introduction
           2. Information Security and
              Cryptography
           3. Background on Functions
           4. Basic Terminology and
              Concepts
           5. Symmetric-key Encryption
           6. Digital Signatures
           7. Authentication and
              Identification
           8. Public-key Cryptography
           9. Hash Functions
          10. Protocols and mechanisms
          11. Key establishment,
              management, and
              certification
          12. Pseudorandom numbers and
              sequences
          13. Classes of attacks and
              security models
          14. Notes and further
              references
      2. Mathematical Background
           1. Probability theory
           2. Information theory
           3. Complexity theory
           4. Number theory
           5. Abstract algebra
           6. Finite fields
           7. Notes and further
              references
      3. Number-Theoretic Reference
         Problems
           1. Introduction and overview
           2. The integer factorization
              problem
           3. The RSA problem
           4. The quadratic residuosity
              problem
           5. Computing Square roots in
              Zn
           6. The Discrete logarithm
              problem
           7. The Diffie-Hellman problem
           8. Composite moduli
           9. Computing individual bits
          10. The subset sum problem
          11. Factoring polynomials over
              finite fields
          12. Notes and further
              references
      4. Public-Key Parameters
           1. Introduction
           2. Probabilistic primality
              tests
           3. (True)Primality tests
           4. Prime number generation
           5. Irreducible polynomials
              over Zp
           6. Generators and elements of
              high order
           7. Notes and further
              references
      5. Pseudorandom Bits and Sequences
           1. Introduction
           2. Random bit generation
           3. Pseudorandom bit generation
           4. Statistical tests
           5. Cryptographically secure
              pseudorandom bit generation
           6. Notes and further
              references
      6. Stream Ciphers
           1. Introduction
           2. Feedback shift registers
           3. Stream ciphers based on
              LFSRs
           4. Other stream ciphers
           5. Notes and further
              references
      7. Block Ciphers
           1. Introduction
           2. Background and general
              concepts
           3. Classical ciphers and
              historical development
           4. DES
           5. FEAL
           6. IDEA
           7. SAFER, RC5, and other block
              ciphers
           8. Notes and further
              references
      8. Public-Key Encryption
           1. Introduction
           2. RSA public-key encryption
           3. Rabin public-key encryption
           4. ElGamal public-key
              encryption
           5. McElliece public-key
              encryption
           6. Knapsack public-key
              encryption
           7. Probabilistic public-key
              encryption
           8. Notes and further
              references
      9. Hash Functions and Data
         Integrity
           1. Introduction
           2. Classification and
              framework
           3. Basic constructions and
              general results
           4. Unkeyed hash functions
              (MDCs)
           5. Keyed hash functions (MACs)
           6. Data integrity and message
              authentication
           7. Advanced attacks on hash
              functions
           8. Notes and further
              references
     10. Identification and Entity
         Authentication
           1. Introduction
           2. Passwords (weak
              authentication)
           3. Challenge-response
              identification (strong
              authentication)
           4. Customized zero-knowledge
              identification protocols
           5. Attacks on identification
              protocols
           6. Notes and further
              references
     11. Digital Signatures
           1. Introduction
           2. A framework for digital
              signature mechanisms
           3. RSA and related signature
              schemes
           4. Fiat-Shamir signature
              schemes
           5. The DSA and related
              signature schemes
           6. One-time digital signatures
           7. Other signatures schemes
           8. Signatures with additional
              functionality
           9. Notes and further
              references
     12. Key Establishment Protocols
           1. Introduction
           2. Classification and
              framework
           3. Key transport based on
              symmetric encryption
           4. Key agreement based on
              symmetric techniques
           5. Key transport based on
              public-key encryption
           6. Key agreement based on
              asymmetric techniques
           7. Secret Sharing
           8. Conference Keying
           9. Analysis of key
              establishment protocols
          10. Notes and further
              references
     13. Key Management Techniques
           1. Introduction
           2. Background and basic
              concepts
           3. Techniques for distributing
              confidential keys
           4. Techniques for distributing
              public keys
           5. Techniques for controlling
              key usage
           6. Key management involving
              multiple domains
           7. Key life cycle issues
           8. Advanced trusted third
              party services
           9. Notes and further
              references
     14. Efficient Implementation
           1. Introduction
           2. Multiple-precision integer
              arithmetic
           3. Multiple-precision modular
              arithmetic
           4. Greatest common divisor
              algorithms
           5. Chinese remainder theorem
              for integers
           6. Exponentiation
           7. Exponent recoding
           8. Notes and further
              references
     15. Patents and Standards
           1. Introduction
           2. Patents on cryptographic
              techniques
           3. Cryptographic standards
           4. Notes and further
              references
     16. Appendix A: Bibligraphy of
         Papers from Selected
         Cryptographic Forums
           1. Asiacrypt/Auscrypt
              Proceedings
           2. Crypto Proceedings
           3. Eurocrypt Proceedings
           4. Fast Software Encryption
              Proceedings
           5. Journal of Cryptology
              papers
    
    
    --------------74B740B62C--
    -o-
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:10:05 PDT