[ISN] REVIEW: Handbook of Applied Cryptography

From: mea culpa (jerichoat_private)
Date: Wed Nov 04 1998 - 07:27:58 PST

  • Next message: mea culpa: "[ISN] Forbes replies to ISN Feedback"

      This message is in MIME format.  The first part should be readable text,
      while the remaining parts are likely unreadable without MIME-aware tools.
      Send mail to mimeat_private for more info.
    Content-Type: TEXT/PLAIN; CHARSET=us-ascii
    Content-ID: <Pine.SUN.3.96.981104082622.14318jat_private>
    Review: Handbook of Applied Cryptography
    Posted by Hemos on Wednesday November 04, @08:51AM
    Giving some actual theory to the whole cryptography discussion, Ian S. 
    Nelson's review of Handbook of Applied Cryptography takes a look at this
    veritable tome of information.  This isn't a book for those of you trying
    to figure out exactly what the NSA actually does; this is for the real
    meat and numbers behind it all.  Click below for more info. 
    REVIEW:    Handbook of Applied
                Alfred J. Menezes,
              Paul C. van Oorschot,
                Scott A. Vanstone
                 CRC Press (ISBN
    Required reading for any cryptography freak.
    ReviewRating: 9/10
    The Scenario
    CRC Press has been building a series of books on discrete mathematics and
    its applications. Doug Stinson wrote the theory book on cryptography
    (Cryptography: Theory and Practice (ISBN: 0-8493-8521-0, if you don't like
    this book you'll vomit when you see the Stinson book) and this is the
    application book on cryptography.  It's close to 800 pages chocked full of
    I must confess that I'm a cryptography freak and I'm a little sick of the
    constant political discussions and lack of tech talk, this book is all
    tech and might even be a little much if you're not into math. It's a
    wonderful companion to the Schneier books (Applied Cryptography 1st or 2nd
    Edition A.K.A. "the crypto bible") if you're into the nitty gritty details
    of cryptography. 
    What's Bad? 
    I really like this book and I can't find a lot that I don't like about
    it... but I think in places the math gets a little thick. I have a degree
    in math and I find myself returning to the math overview section more
    often than I'd like to admit. If you're not familiar with discrete math
    and combinatorics then this book probably isn't for you. If you enjoy that
    stuff, then this will be a piece of cake. If you're looking to build your
    crypto book library up I'd highly recommend this book before you get some
    of the more hard-core books. 
    Something else I feel is lacking is cryptanalysis on ciphers. They discuss
    attacks on various protocols and hashes but actual attacks on ciphers are
    glossed over. As a companion to Cryptography: Theory and Practice, which
    covers cryptanalysis in more detail, it is understandable to leave that
    material out of this book but I think they could discuss it a little more
    than they do without going into specifics. 
    The no-nonsense style can be a little dry at times, there aren't a lot of
    jokes or anecdotes to lighten things up in this book. 
    What's Good? 
    Cipher isn't spelled with a 'y' anywhere in this book. It's not filled
    with a lot of opinion or rumor. It doesn't hardly bring up ITAR, key
    escrow, or the NSA's mystical superpowers. This book is about
    cryptographic techniques and a listing of patents is about as political or
    opinionated as it gets. 
    It is kind of like a textbook without the problems at the end of each
    chapter. It is written in an outline format with subitems of "Definition",
    "Fact", "Notes", "Example", and "Algorithm." Each subitem is followed by a
    few short but concise paragraphs of explanation. 
    Plenty of charts and figures fill the pages and everything is explained
    well. While it lacks source code, there is certainly enough information
    for you to implement any of the ciphers, hashes, or protocols covered. It
    even includes some test vectors for a lot of the algorithms. 
    So What's In It For Me? 
    If you want to learn about cryptography, not the politics but the actual
    technology, then this is a great book to get before you get over your
    head. It's very readable and while the math can be a little heavy in
    places it is accessible and useful. It gives you a good flavor of how more
    advanced papers and books on the subject are and it avoids the nonacademic
    discussions surrounding cryptography. 
    To pick this book up, head over to Amazon and help Slashdot out. 
    Table of Contents
      1. Overview of Cryptography
           1. Introduction
           2. Information Security and
           3. Background on Functions
           4. Basic Terminology and
           5. Symmetric-key Encryption
           6. Digital Signatures
           7. Authentication and
           8. Public-key Cryptography
           9. Hash Functions
          10. Protocols and mechanisms
          11. Key establishment,
              management, and
          12. Pseudorandom numbers and
          13. Classes of attacks and
              security models
          14. Notes and further
      2. Mathematical Background
           1. Probability theory
           2. Information theory
           3. Complexity theory
           4. Number theory
           5. Abstract algebra
           6. Finite fields
           7. Notes and further
      3. Number-Theoretic Reference
           1. Introduction and overview
           2. The integer factorization
           3. The RSA problem
           4. The quadratic residuosity
           5. Computing Square roots in
           6. The Discrete logarithm
           7. The Diffie-Hellman problem
           8. Composite moduli
           9. Computing individual bits
          10. The subset sum problem
          11. Factoring polynomials over
              finite fields
          12. Notes and further
      4. Public-Key Parameters
           1. Introduction
           2. Probabilistic primality
           3. (True)Primality tests
           4. Prime number generation
           5. Irreducible polynomials
              over Zp
           6. Generators and elements of
              high order
           7. Notes and further
      5. Pseudorandom Bits and Sequences
           1. Introduction
           2. Random bit generation
           3. Pseudorandom bit generation
           4. Statistical tests
           5. Cryptographically secure
              pseudorandom bit generation
           6. Notes and further
      6. Stream Ciphers
           1. Introduction
           2. Feedback shift registers
           3. Stream ciphers based on
           4. Other stream ciphers
           5. Notes and further
      7. Block Ciphers
           1. Introduction
           2. Background and general
           3. Classical ciphers and
              historical development
           4. DES
           5. FEAL
           6. IDEA
           7. SAFER, RC5, and other block
           8. Notes and further
      8. Public-Key Encryption
           1. Introduction
           2. RSA public-key encryption
           3. Rabin public-key encryption
           4. ElGamal public-key
           5. McElliece public-key
           6. Knapsack public-key
           7. Probabilistic public-key
           8. Notes and further
      9. Hash Functions and Data
           1. Introduction
           2. Classification and
           3. Basic constructions and
              general results
           4. Unkeyed hash functions
           5. Keyed hash functions (MACs)
           6. Data integrity and message
           7. Advanced attacks on hash
           8. Notes and further
     10. Identification and Entity
           1. Introduction
           2. Passwords (weak
           3. Challenge-response
              identification (strong
           4. Customized zero-knowledge
              identification protocols
           5. Attacks on identification
           6. Notes and further
     11. Digital Signatures
           1. Introduction
           2. A framework for digital
              signature mechanisms
           3. RSA and related signature
           4. Fiat-Shamir signature
           5. The DSA and related
              signature schemes
           6. One-time digital signatures
           7. Other signatures schemes
           8. Signatures with additional
           9. Notes and further
     12. Key Establishment Protocols
           1. Introduction
           2. Classification and
           3. Key transport based on
              symmetric encryption
           4. Key agreement based on
              symmetric techniques
           5. Key transport based on
              public-key encryption
           6. Key agreement based on
              asymmetric techniques
           7. Secret Sharing
           8. Conference Keying
           9. Analysis of key
              establishment protocols
          10. Notes and further
     13. Key Management Techniques
           1. Introduction
           2. Background and basic
           3. Techniques for distributing
              confidential keys
           4. Techniques for distributing
              public keys
           5. Techniques for controlling
              key usage
           6. Key management involving
              multiple domains
           7. Key life cycle issues
           8. Advanced trusted third
              party services
           9. Notes and further
     14. Efficient Implementation
           1. Introduction
           2. Multiple-precision integer
           3. Multiple-precision modular
           4. Greatest common divisor
           5. Chinese remainder theorem
              for integers
           6. Exponentiation
           7. Exponent recoding
           8. Notes and further
     15. Patents and Standards
           1. Introduction
           2. Patents on cryptographic
           3. Cryptographic standards
           4. Notes and further
     16. Appendix A: Bibligraphy of
         Papers from Selected
         Cryptographic Forums
           1. Asiacrypt/Auscrypt
           2. Crypto Proceedings
           3. Eurocrypt Proceedings
           4. Fast Software Encryption
           5. Journal of Cryptology
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:10:05 PDT