From: Jim Choate <ravage@EINSTEIN.ssz.com>
To: cypherpunks@EINSTEIN.ssz.com
Message Hash: e945d1a16f73a0007a4cea41509ba39646d25b3bb6d27e678ada323f02902590
Message ID: <199811041847.MAA08231@einstein.ssz.com>
Reply To: N/A
UTC Datetime: 1998-11-04 19:50:37 UTC
Raw Date: Thu, 5 Nov 1998 03:50:37 +0800
From: Jim Choate <ravage@EINSTEIN.ssz.com>
Date: Thu, 5 Nov 1998 03:50:37 +0800
To: cypherpunks@EINSTEIN.ssz.com
Subject: 0851244.shtml
Message-ID: <199811041847.MAA08231@einstein.ssz.com>
MIME-Version: 1.0
Content-Type: text/plain
Advertisement Welcome to Slashdot Science News Technology Star Wars
Prequels The Internet faq
code
awards
slashNET
older stuff
rob's page
submit story
book reviews
user account
ask slashdot
advertising
supporters
past polls
features
about
jobs
BSI
Review:Handbook of Applied Cryptography Encryption Posted by Hemos on
Wednesday November 04, @08:51AM
from the just-the-facts-ma'am dept.
Giving some actual theory to the whole cryptography discussion, Ian S.
Nelson's review of Handbook of Applied Cryptography takes a look at
this veritable tome of information. This isn't a book for those of you
trying to figure out exactly what the NSA actually does; this is for
the real meat and numbers behind it all. Click below for more info.
REVIEW: Handbook of Applied Cryptography Alfred J. Menezes, Paul C.
van Oorschot, Scott A. Vanstone CRC Press (ISBN 0-8493-8523-7)
Nutshell
Review: Required reading for any cryptography freak.
Rating: 9/10
The Scenario
CRC Press has been building a series of books on discrete mathematics
and its applications. Doug Stinson wrote the theory book on
cryptography (Cryptography: Theory and Practice (ISBN: 0-8493-8521-0,
if you don't like this book you'll vomit when you see the Stinson
book) and this is the application book on cryptography. It's close to
800 pages chocked full of information.
I must confess that I'm a cryptography freak and I'm a little sick of
the constant political discussions and lack of tech talk, this book is
all tech and might even be a little much if you're not into math. It's
a wonderful companion to the Schneier books (Applied Cryptography 1st
or 2nd Edition A.K.A. "the crypto bible") if you're into the nitty
gritty details of cryptography.
What's Bad?
I really like this book and I can't find a lot that I don't like about
it... but I think in places the math gets a little thick. I have a
degree in math and I find myself returning to the math overview
section more often than I'd like to admit. If you're not familiar with
discrete math and combinatorics then this book probably isn't for you.
If you enjoy that stuff, then this will be a piece of cake. If you're
looking to build your crypto book library up I'd highly recommend this
book before you get some of the more hard-core books.
Something else I feel is lacking is cryptanalysis on ciphers. They
discuss attacks on various protocols and hashes but actual attacks on
ciphers are glossed over. As a companion to Cryptography: Theory and
Practice, which covers cryptanalysis in more detail, it is
understandable to leave that material out of this book but I think
they could discuss it a little more than they do without going into
specifics.
The no-nonsense style can be a little dry at times, there aren't a lot
of jokes or anecdotes to lighten things up in this book.
What's Good?
Cipher isn't spelled with a 'y' anywhere in this book. It's not filled
with a lot of opinion or rumor. It doesn't hardly bring up ITAR, key
escrow, or the NSA's mystical superpowers. This book is about
cryptographic techniques and a listing of patents is about as
political or opinionated as it gets.
It is kind of like a textbook without the problems at the end of each
chapter. It is written in an outline format with subitems of
"Definition", "Fact", "Notes", "Example", and "Algorithm." Each
subitem is followed by a few short but concise paragraphs of
explanation.
Plenty of charts and figures fill the pages and everything is
explained well. While it lacks source code, there is certainly enough
information for you to implement any of the ciphers, hashes, or
protocols covered. It even includes some test vectors for a lot of the
algorithms.
So What's In It For Me?
If you want to learn about cryptography, not the politics but the
actual technology, then this is a great book to get before you get
over your head. It's very readable and while the math can be a little
heavy in places it is accessible and useful. It gives you a good
flavor of how more advanced papers and books on the subject are and it
avoids the nonacademic discussions surrounding cryptography.
To pick this book up, head over to Amazon and help Slashdot out.
Table of Contents
1. Overview of Cryptography
1. Introduction
2. Information Security and Cryptography
3. Background on Functions
4. Basic Terminology and Concepts
5. Symmetric-key Encryption
6. Digital Signatures
7. Authentication and Identification
8. Public-key Cryptography
9. Hash Functions
10. Protocols and mechanisms
11. Key establishment, management, and certification
12. Pseudorandom numbers and sequences
13. Classes of attacks and security models
14. Notes and further references
2. Mathematical Background
1. Probability theory
2. Information theory
3. Complexity theory
4. Number theory
5. Abstract algebra
6. Finite fields
7. Notes and further references
3. Number-Theoretic Reference Problems
1. Introduction and overview
2. The integer factorization problem
3. The RSA problem
4. The quadratic residuosity problem
5. Computing Square roots in Zn
6. The Discrete logarithm problem
7. The Diffie-Hellman problem
8. Composite moduli
9. Computing individual bits
10. The subset sum problem
11. Factoring polynomials over finite fields
12. Notes and further references
4. Public-Key Parameters
1. Introduction
2. Probabilistic primality tests
3. (True)Primality tests
4. Prime number generation
5. Irreducible polynomials over Zp
6. Generators and elements of high order
7. Notes and further references
5. Pseudorandom Bits and Sequences
1. Introduction
2. Random bit generation
3. Pseudorandom bit generation
4. Statistical tests
5. Cryptographically secure pseudorandom bit generation
6. Notes and further references
6. Stream Ciphers
1. Introduction
2. Feedback shift registers
3. Stream ciphers based on LFSRs
4. Other stream ciphers
5. Notes and further references
7. Block Ciphers
1. Introduction
2. Background and general concepts
3. Classical ciphers and historical development
4. DES
5. FEAL
6. IDEA
7. SAFER, RC5, and other block ciphers
8. Notes and further references
8. Public-Key Encryption
1. Introduction
2. RSA public-key encryption
3. Rabin public-key encryption
4. ElGamal public-key encryption
5. McElliece public-key encryption
6. Knapsack public-key encryption
7. Probabilistic public-key encryption
8. Notes and further references
9. Hash Functions and Data Integrity
1. Introduction
2. Classification and framework
3. Basic constructions and general results
4. Unkeyed hash functions (MDCs)
5. Keyed hash functions (MACs)
6. Data integrity and message authentication
7. Advanced attacks on hash functions
8. Notes and further references
10. Identification and Entity Authentication
1. Introduction
2. Passwords (weak authentication)
3. Challenge-response identification (strong authentication)
4. Customized zero-knowledge identification protocols
5. Attacks on identification protocols
6. Notes and further references
11. Digital Signatures
1. Introduction
2. A framework for digital signature mechanisms
3. RSA and related signature schemes
4. Fiat-Shamir signature schemes
5. The DSA and related signature schemes
6. One-time digital signatures
7. Other signatures schemes
8. Signatures with additional functionality
9. Notes and further references
12. Key Establishment Protocols
1. Introduction
2. Classification and framework
3. Key transport based on symmetric encryption
4. Key agreement based on symmetric techniques
5. Key transport based on public-key encryption
6. Key agreement based on asymmetric techniques
7. Secret Sharing
8. Conference Keying
9. Analysis of key establishment protocols
10. Notes and further references
13. Key Management Techniques
1. Introduction
2. Background and basic concepts
3. Techniques for distributing confidential keys
4. Techniques for distributing public keys
5. Techniques for controlling key usage
6. Key management involving multiple domains
7. Key life cycle issues
8. Advanced trusted third party services
9. Notes and further references
14. Efficient Implementation
1. Introduction
2. Multiple-precision integer arithmetic
3. Multiple-precision modular arithmetic
4. Greatest common divisor algorithms
5. Chinese remainder theorem for integers
6. Exponentiation
7. Exponent recoding
8. Notes and further references
15. Patents and Standards
1. Introduction
2. Patents on cryptographic techniques
3. Cryptographic standards
4. Notes and further references
16. Appendix A: Bibligraphy of Papers from Selected Cryptographic
Forums
1. Asiacrypt/Auscrypt Proceedings
2. Crypto Proceedings
3. Eurocrypt Proceedings
4. Fast Software Encryption Proceedings
5. Journal of Cryptology papers
< The demise of Crack.com | Reply | Flattened | 50 Gb drives from
Seagate >
Related Links
Slashdot
Cryptography: Theory and Practice
book
Amazon
Ian S. Nelson's
NSA
More on Encryption
Also by Hemos [INLINE]
Amazon Info The books here are brought to us in Partnership with
Amazon.com.
If you follow the links around here, and eventually buy a book, we get
a percentage of the cost!
Want books about any of these things? Perl, Linux, Unix, Gardening,
CGI, Java?
Still not finding what you're looking for? Visit Amazon.com from this
link, and we still get some credit. Or you could even Search Amazon
using this convenient form:
____________________ ______
[INLINE]
The Fine Print: The following comments are owned by whoever posted
them. Slashdot is not responsible for what they say.
< Down One | This Page's Threshold: 0 | Up One >
(Warning:this stuff is extremely beta right now)
Amazon.com confuses "Applied Cryptography" with "H
by Anonymous Coward on Wednesday November 04, @09:09AM
For those of you who order the Handbook of Applied Cryptography, don't
be suprised if amazon sends you Bruce Schneiers "Applied Cryptography"
instead.....its happened to me and another person I know..
[ Reply to this ] politics / history is relevant (Score:1)
by harshaw on Wednesday November 04, @10:00AM
(User Info)
On of the great things about Schneier's Applied Cryptography was how
he intertwined the mathematics with the political ramifications of the
particular crypto algorithm. I think the study of Crypto needs to be
tightly coupled with an understanding of the societal / political
issues around it. For instance, you can't simply implement 128 bit RC5
in your product and ship it of to Iraq without having RSA (for patent
violations) and the NSA (for the obvious reasons) come down on your
head.
IMO, Crypto is a VERY tough subject and requires an intense amount of
study to understand the math. If the text you are studying is dry and
lacking wit or humor, it makes the job even harder :(
[ Reply to this ]
* politics / history is relevant by Anonymous Coward on Wednesday
November 04, @11:57AM
Loved it! I laughed! I cried! (Score:1)
by bobse on Wednesday November 04, @11:14AM
(User Info) What I liked was the way that each algorithm was reviewed
in a very consistent manner. Most algorithms were described not just
with words and mathematics (which is good), but also with pseudocode
(which is great if you are actually trying to implement this stuff).
The consistent, itemized format also allows you to compare the
strengths/weaknesses of different algorithms yourself, instead of
relying on someone else to do it for you. Very cool.
9.5/10
[ Reply to this ] Price Check (Score:1)
by Ralph Bearpark on Wednesday November 04, @12:15PM
(User Info) As an onging service to /. readers ...
Amazon = $84.95
BarnesAndNoble = $109.50 (HAHAHAHA!)
Shopping books = $71.96
Spree books = $67.99
(Is it my imagination, or is /. reviewing increasingly expensive,
non-Amazon-discounted books? Surely not. :-))
Regards, Ralph.
[ Reply to this ]
* Price Check by Anonymous Coward on Wednesday November 04, @01:12PM
The Fine Print: The following comments are owned by whoever posted
them. Slashdot is not responsible for what they say.
< Down One | This Page's Threshold: 0 | Up One >
(Warning:this stuff is extremely beta right now)
____________________ ______
All newspaper editorial writers ever do is come down from the hills
after the battle is over and shoot the wounded. All trademarks and
copyrights on this page are owned by their respective companies.
Comments are owned by the Poster. The Rest © 1998 Rob Malda. [
home | awards | supporters | rob's homepage | contribute story |
older articles | advertising | past polls | about | faq | BSI ]
Return to November 1998
Return to “Jim Choate <ravage@EINSTEIN.ssz.com>”
1998-11-04 (Thu, 5 Nov 1998 03:50:37 +0800) - 0851244.shtml - Jim Choate <ravage@EINSTEIN.ssz.com>