[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

0851244.shtml




   Advertisement Welcome to Slashdot Science News Technology Star Wars
   Prequels The Internet  faq
    code
    awards
    slashNET
    older stuff
    rob's page
    submit story
    book reviews
    user account
    ask slashdot
    advertising
    supporters
    past polls
    features
    about
    jobs
    BSI 
   
   
   Review:Handbook of Applied Cryptography Encryption Posted by Hemos on
   Wednesday November 04, @08:51AM
   from the just-the-facts-ma'am dept.
   Giving some actual theory to the whole cryptography discussion, Ian S.
   Nelson's review of Handbook of Applied Cryptography takes a look at
   this veritable tome of information. This isn't a book for those of you
   trying to figure out exactly what the NSA actually does; this is for
   the real meat and numbers behind it all. Click below for more info.
   
   REVIEW: Handbook of Applied Cryptography Alfred J. Menezes, Paul C.
   van Oorschot, Scott A. Vanstone CRC Press (ISBN 0-8493-8523-7)
   Nutshell
   Review: Required reading for any cryptography freak.
   Rating: 9/10
   
  The Scenario
  
   CRC Press has been building a series of books on discrete mathematics
   and its applications. Doug Stinson wrote the theory book on
   cryptography (Cryptography: Theory and Practice (ISBN: 0-8493-8521-0,
   if you don't like this book you'll vomit when you see the Stinson
   book) and this is the application book on cryptography. It's close to
   800 pages chocked full of information.
   
   I must confess that I'm a cryptography freak and I'm a little sick of
   the constant political discussions and lack of tech talk, this book is
   all tech and might even be a little much if you're not into math. It's
   a wonderful companion to the Schneier books (Applied Cryptography 1st
   or 2nd Edition A.K.A. "the crypto bible") if you're into the nitty
   gritty details of cryptography.
   
  What's Bad?
  
   I really like this book and I can't find a lot that I don't like about
   it... but I think in places the math gets a little thick. I have a
   degree in math and I find myself returning to the math overview
   section more often than I'd like to admit. If you're not familiar with
   discrete math and combinatorics then this book probably isn't for you.
   If you enjoy that stuff, then this will be a piece of cake. If you're
   looking to build your crypto book library up I'd highly recommend this
   book before you get some of the more hard-core books.
   
   Something else I feel is lacking is cryptanalysis on ciphers. They
   discuss attacks on various protocols and hashes but actual attacks on
   ciphers are glossed over. As a companion to Cryptography: Theory and
   Practice, which covers cryptanalysis in more detail, it is
   understandable to leave that material out of this book but I think
   they could discuss it a little more than they do without going into
   specifics.
   
   The no-nonsense style can be a little dry at times, there aren't a lot
   of jokes or anecdotes to lighten things up in this book.
   
  What's Good?
  
   Cipher isn't spelled with a 'y' anywhere in this book. It's not filled
   with a lot of opinion or rumor. It doesn't hardly bring up ITAR, key
   escrow, or the NSA's mystical superpowers. This book is about
   cryptographic techniques and a listing of patents is about as
   political or opinionated as it gets.
   
   It is kind of like a textbook without the problems at the end of each
   chapter. It is written in an outline format with subitems of
   "Definition", "Fact", "Notes", "Example", and "Algorithm." Each
   subitem is followed by a few short but concise paragraphs of
   explanation.
   
   Plenty of charts and figures fill the pages and everything is
   explained well. While it lacks source code, there is certainly enough
   information for you to implement any of the ciphers, hashes, or
   protocols covered. It even includes some test vectors for a lot of the
   algorithms.
   
  So What's In It For Me?
  
   If you want to learn about cryptography, not the politics but the
   actual technology, then this is a great book to get before you get
   over your head. It's very readable and while the math can be a little
   heavy in places it is accessible and useful. It gives you a good
   flavor of how more advanced papers and books on the subject are and it
   avoids the nonacademic discussions surrounding cryptography.
   
   To pick this book up, head over to Amazon and help Slashdot out.
   
    Table of Contents
    1. Overview of Cryptography
         1. Introduction
         2. Information Security and Cryptography
         3. Background on Functions
         4. Basic Terminology and Concepts
         5. Symmetric-key Encryption
         6. Digital Signatures
         7. Authentication and Identification
         8. Public-key Cryptography
         9. Hash Functions
        10. Protocols and mechanisms
        11. Key establishment, management, and certification
        12. Pseudorandom numbers and sequences
        13. Classes of attacks and security models
        14. Notes and further references
    2. Mathematical Background
         1. Probability theory
         2. Information theory
         3. Complexity theory
         4. Number theory
         5. Abstract algebra
         6. Finite fields
         7. Notes and further references
    3. Number-Theoretic Reference Problems
         1. Introduction and overview
         2. The integer factorization problem
         3. The RSA problem
         4. The quadratic residuosity problem
         5. Computing Square roots in Zn
         6. The Discrete logarithm problem
         7. The Diffie-Hellman problem
         8. Composite moduli
         9. Computing individual bits
        10. The subset sum problem
        11. Factoring polynomials over finite fields
        12. Notes and further references
    4. Public-Key Parameters
         1. Introduction
         2. Probabilistic primality tests
         3. (True)Primality tests
         4. Prime number generation
         5. Irreducible polynomials over Zp
         6. Generators and elements of high order
         7. Notes and further references
    5. Pseudorandom Bits and Sequences
         1. Introduction
         2. Random bit generation
         3. Pseudorandom bit generation
         4. Statistical tests
         5. Cryptographically secure pseudorandom bit generation
         6. Notes and further references
    6. Stream Ciphers
         1. Introduction
         2. Feedback shift registers
         3. Stream ciphers based on LFSRs
         4. Other stream ciphers
         5. Notes and further references
    7. Block Ciphers
         1. Introduction
         2. Background and general concepts
         3. Classical ciphers and historical development
         4. DES
         5. FEAL
         6. IDEA
         7. SAFER, RC5, and other block ciphers
         8. Notes and further references
    8. Public-Key Encryption
         1. Introduction
         2. RSA public-key encryption
         3. Rabin public-key encryption
         4. ElGamal public-key encryption
         5. McElliece public-key encryption
         6. Knapsack public-key encryption
         7. Probabilistic public-key encryption
         8. Notes and further references
    9. Hash Functions and Data Integrity
         1. Introduction
         2. Classification and framework
         3. Basic constructions and general results
         4. Unkeyed hash functions (MDCs)
         5. Keyed hash functions (MACs)
         6. Data integrity and message authentication
         7. Advanced attacks on hash functions
         8. Notes and further references
   10. Identification and Entity Authentication
         1. Introduction
         2. Passwords (weak authentication)
         3. Challenge-response identification (strong authentication)
         4. Customized zero-knowledge identification protocols
         5. Attacks on identification protocols
         6. Notes and further references
   11. Digital Signatures
         1. Introduction
         2. A framework for digital signature mechanisms
         3. RSA and related signature schemes
         4. Fiat-Shamir signature schemes
         5. The DSA and related signature schemes
         6. One-time digital signatures
         7. Other signatures schemes
         8. Signatures with additional functionality
         9. Notes and further references
   12. Key Establishment Protocols
         1. Introduction
         2. Classification and framework
         3. Key transport based on symmetric encryption
         4. Key agreement based on symmetric techniques
         5. Key transport based on public-key encryption
         6. Key agreement based on asymmetric techniques
         7. Secret Sharing
         8. Conference Keying
         9. Analysis of key establishment protocols
        10. Notes and further references
   13. Key Management Techniques
         1. Introduction
         2. Background and basic concepts
         3. Techniques for distributing confidential keys
         4. Techniques for distributing public keys
         5. Techniques for controlling key usage
         6. Key management involving multiple domains
         7. Key life cycle issues
         8. Advanced trusted third party services
         9. Notes and further references
   14. Efficient Implementation
         1. Introduction
         2. Multiple-precision integer arithmetic
         3. Multiple-precision modular arithmetic
         4. Greatest common divisor algorithms
         5. Chinese remainder theorem for integers
         6. Exponentiation
         7. Exponent recoding
         8. Notes and further references
   15. Patents and Standards
         1. Introduction
         2. Patents on cryptographic techniques
         3. Cryptographic standards
         4. Notes and further references
   16. Appendix A: Bibligraphy of Papers from Selected Cryptographic
       Forums
         1. Asiacrypt/Auscrypt Proceedings
         2. Crypto Proceedings
         3. Eurocrypt Proceedings
         4. Fast Software Encryption Proceedings
         5. Journal of Cryptology papers
            
   <  The demise of Crack.com | Reply | Flattened | 50 Gb drives from
   Seagate  >
   
     Related Links
   
   Slashdot
   
   Cryptography: Theory and Practice
   
   book
   
   Amazon
   
   Ian S. Nelson's
   
   NSA
   
   More on Encryption 
   
   Also by Hemos [INLINE]
   
   Amazon Info The books here are brought to us in Partnership with
   Amazon.com.
   
   If you follow the links around here, and eventually buy a book, we get
   a percentage of the cost!
   
   Want books about any of these things? Perl, Linux, Unix, Gardening,
   CGI, Java?
   
   Still not finding what you're looking for? Visit Amazon.com from this
   link, and we still get some credit. Or you could even Search Amazon
   using this convenient form:
   ____________________ ______
   [INLINE]
   
   The Fine Print: The following comments are owned by whoever posted
   them. Slashdot is not responsible for what they say.
   
   
   < Down One | This Page's Threshold: 0 | Up One >
   (Warning:this stuff is extremely beta right now)
   Amazon.com confuses "Applied Cryptography" with "H
   by Anonymous Coward on Wednesday November 04, @09:09AM
   For those of you who order the Handbook of Applied Cryptography, don't
   be suprised if amazon sends you Bruce Schneiers "Applied Cryptography"
   instead.....its happened to me and another person I know..
   
   
   [ Reply to this ] politics / history is relevant (Score:1)
   by harshaw on Wednesday November 04, @10:00AM
   (User Info)
   
   On of the great things about Schneier's Applied Cryptography was how
   he intertwined the mathematics with the political ramifications of the
   particular crypto algorithm. I think the study of Crypto needs to be
   tightly coupled with an understanding of the societal / political
   issues around it. For instance, you can't simply implement 128 bit RC5
   in your product and ship it of to Iraq without having RSA (for patent
   violations) and the NSA (for the obvious reasons) come down on your
   head.
   
   
   IMO, Crypto is a VERY tough subject and requires an intense amount of
   study to understand the math. If the text you are studying is dry and
   lacking wit or humor, it makes the job even harder :(
   [ Reply to this ]
     * politics / history is relevant by Anonymous Coward on Wednesday
       November 04, @11:57AM
       
   
   
   Loved it! I laughed! I cried! (Score:1)
   by bobse on Wednesday November 04, @11:14AM
   (User Info) What I liked was the way that each algorithm was reviewed
   in a very consistent manner. Most algorithms were described not just
   with words and mathematics (which is good), but also with pseudocode
   (which is great if you are actually trying to implement this stuff).
   The consistent, itemized format also allows you to compare the
   strengths/weaknesses of different algorithms yourself, instead of
   relying on someone else to do it for you. Very cool.
   
   9.5/10
   
   
   [ Reply to this ] Price Check (Score:1)
   by Ralph Bearpark on Wednesday November 04, @12:15PM
   (User Info) As an onging service to /. readers ...
   
   Amazon = $84.95
   BarnesAndNoble = $109.50 (HAHAHAHA!)
   Shopping books = $71.96
   Spree books = $67.99
   
   (Is it my imagination, or is /. reviewing increasingly expensive,
   non-Amazon-discounted books? Surely not. :-))
   
   Regards, Ralph.
   [ Reply to this ]
     * Price Check by Anonymous Coward on Wednesday November 04, @01:12PM
       
   
   
   The Fine Print: The following comments are owned by whoever posted
   them. Slashdot is not responsible for what they say.
   
   
   < Down One | This Page's Threshold: 0 | Up One >
   (Warning:this stuff is extremely beta right now)
     ____________________ ______
   
     All newspaper editorial writers ever do is come down from the hills
   after the battle is over and shoot the wounded. All trademarks and
   copyrights on this page are owned by their respective companies.
   Comments are owned by the Poster. The Rest &copy 1998 Rob Malda. [
   home | awards | supporters | rob's homepage | contribute story |
   older articles | advertising | past polls | about | faq | BSI ]