Artificial truth

The more you see, the less you believe.

[archives] [latest] | [homepage] | [atom/rss]

Book review - Serious cryptography
Tue 01 May 2018 — download

book's cover

There are some well-known good books about introduction to cryptography, like the Handbook of applied cryptography, Cryptography Engineering: Design Principles and Practical Applications, Applied Cryptography: Protocols, Algorithms, and Source Code in C, … but they are all pretty old.

This is why I was curious about the latest book from JP Aumasson, principal research engineer at Kudelski Security, author of several hash-related functions, … entitled "Serious cryptography", with a foreword from Matthew D. Green.

This practical guide to modern encryption breaks down the fundamental mathematical concepts at the heart of cryptography without shying away from meaty discussions of how they work. You’ll learn about authenticated encryption, secure randomness, hash functions, block ciphers, and public-key techniques such as RSA and elliptic curve cryptography.

The books goes through basic cryptography topics: randomness, block and stream ciphers, hashes and keyed hashes, authentication, RSA, Diffie-Hellman exchanges, elliptic curves, TLS and even some post-quantum schemes. I wouldn't recommend it to people without some math/CS background, but if you already played a bit with computers, go buy it: everything is crystal-clear and well led, even the quantum bits!

Each chapter is not only explaining concepts and key implementation details, but also highlights possible pitfalls, common mistakes, and finishes with a list of recommended materials. I really liked how the books is using maths and diagrams to increase clarity or to illustrate something abstract; instead of going the (usual) other way around: obscure mathematics/figures with a vague textual explanation. Don't forget to check the erratum, otherwise you might waste quite some time re-reading the pages on and on, wondering what you're missing, thinking that obviously, you're the one who's wrong, not the book.

I passed it around amongst colleagues who weren't big fans of cryptography nor known for their enthusiasm towards mathematics: they enjoyed it very much, and it even sparked some interesting discussions at work.

If you're curious about how modern cryptography is working, I wholeheartedly recommend to read this book ♥