[Cryptography] Crypto Books, 2017

Ray Dillinger bear at sonic.net
Sun Jun 11 15:39:12 EDT 2017 


On 06/11/2017 04:05 AM, Alfie John wrote:
>> On 9 Jun 2017, at 6:07 am, Perry E. Metzger <perry at piermont.com> wrote:
>>
>> A quick question to all: if you were teaching beginners cryptography
>> twenty years ago, Schneier's "Applied Cryptography" would have been
>> the obvious choice.
>>
>> Is there an obvious choice in 2017?
> 
> Beginning protocol implementers? I’d still stick with Schneier. There is so
> much gained within Part I “Cryptographic Protocols”.

Yes.  Applied Cryptography, 1996, is probably still the best for
protocol design.  The later books, Practical Cryptography,2003,
and Cryptography Engineering, 2010, are less about protocol
design and the primitives available, and more about specific
implementations of protocols that answer specific requirements.

It seems sort of like the difference between a book on architecture
and a book that gives the architectural details and some design
insights of a dozen buildings already constructed.

That said, I can think of eight or nine cryptographic techniques with
particular properties (like Bloom Filters, digital timelocks, properties
of ring signatures, delegated signatures, construction
of cryptographic palimpsets, derived keys, homomorphic encryption, etc)
that ought to get exposed in a modern book on protocol design, and were
not treated there.  Along with a strong dose of what a post-quantum
universe looks like, where we have theories but still don't really know
if there are any really good public-key systems whose keys are shorter
than several megabytes.  I was honestly waiting to hear some answers to
your question in hopes of learning about more resources.

> Beginning cypher implementers? I’d start with a strong dose of Algebra first,
> and only then move to a book on cypher design. I’ve been told Modern
> Cryptography by Katz and Lindell is good.

I hadn't thought of it that way, but this is true.  A background in
digital logic is enough to understand most modern cipher algorithms,
but if someone wants to design and/or break ciphers, a general
background in Discrete Mathematics and Statistics is probably more
use than anything written specifically about cipher implementation.

That said, it's still important IMO to study classical cryptography (up
through at least rotor machines and the VIC/Nihilist hand Ciphers) as
well - all those old codes and ciphers and the ways in which they get
broken are very instructive in terms of how the mathematical tools are
applied by cryptanalysts, and the sequence in which various ciphers
appeared is very much in the spirit of a lesson sequence increasing in
sophistication by decade and century of history.

				Bear

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170611/4d1a4e9b/attachment.sig>

More information about the cryptography mailing list