Cryptography Engineering: Principles and Applications

Tuesday, December 21, 2010

Ben Rothke

3e35900ae6facc6c146a85c435c71d82

Cryptography Engineering: Design Principles and Practical Applications is a much needed update to Applied Cryptography: Protocols, Algorithms, and Source Code in C.

Good cryptography can ensure that your data is readable only to authorized parties. The danger of bad cryptography is a false sense of data security.

The line between the two is exceptionally thin, and the difference between the two is spelled out in great detail in this text.

The first edition of coauthor Bruce Schneier’s Applied Cryptography came out in 1994. What was revolutionary then, and launched a new generation of security mavens, is now obsolete in many parts.

Cryptography Engineering is a much-needed update.

While not as detailed as the former work, and with significantly fewer code examples, the new text is still a valuable resource for anyone who wants to come up to speed on the essentials of modern cryptography.

The book covers the major uses of cryptography today, namely messaging security and the other fundamental areas including key management, block ciph­ers, block modes, hash functions, encryption modes, message authentication codes, implementation issues, negotiation protocols, and much more.

The three authors bring many decades of unique experience on the topic to the book. Their goal is to get the reader to think like a cryptographer, and the book does a great job of that.

It is rich in real-world examples, and each chapter ends with a number of exercises to take the theoretical ideas and put them into practice.

While billed as an introductory text on the subject, Cryptography Engineering is not for the fainthearted.

Anyone intrigued by the topic and with the time to dedicate to the matter will find the book worth their while.

Cross-posted from RSA Conference

Possibly Related Articles:
14479
General
Encryption Authentication Hash Security Cryptography
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.