Suggested Books for Learning Cryptography?

Kismet asks: "I see a lot of news and reviews about encryption on Slashdot regularly. The subject seems rather interesting. I suppose that cryptography is covered in CS classes, but for hobbyists, what is the best way to learn? What kind of math background does one need? Are there any good "beginning" books on the subject? What is the history of Cryptography? "

Applied Cryptography

[Prince+Caspian]

I'm sure almost everyone will agree with me that the first book to read on the subject is Applied Cryptography by Bruce Schneier. It does not contain much history, but it does cover many, many different cryptographic techniques and implementations. The math required isn't too bad, and is covered in part of the book.

Best of all, it is a real pleasure to read. Schneier really captures the interesting aspects of the field.

For more info, check out the Slashdot review.

"Bugs are harder to cope with than features, because they are less well defined and less well designed."

Re:Applied Cryptography

[deathcubek]

This one of my favorite books I have ever read. Schneier explains everything in detail so well.

If you are looking for history of crypto and live near Washington DC, there is a national cryptography museum that the NSA runs. It doesn't have much to do with the current cryptographic techniques, but it does have a lot of WWII history pertaining to cryptography.

There are also good websites that i can't think of the name of right now. Finally, sci.crypt and one of the many cypherpunks lists sometimes carry good discussions. (If you decide to join a cypherpunks list, prepare to recieve a LOT of junk mail.)
--
"New worlds are not born in the vacuum of abstract ideas, but in the fight for daily bread..."

Re:Applied Cryptography

I don't agree with the idea that Applied Cryptography is the greatest introduction book for understanding cryptography. It is an excellent "cookbook" which tells you what you need to know to use cryptography, but it lacks a though understanding.

Cryptography requires a solid mathematic background: number theory, statistics, abstract algebra, complexity thoery, and information theory. Two textbooks aimed at the 4th-year undergraduate/ 1st-year graduate that I would recommend are, Cryptography: Theory and Practise by D. Stinson, and the older, harder to find, Cryptography and Data Security by D. Denning. Another good textbook is A course in number theory and cryptography by N. Koblitz, although I don't like it as much as Stinson's book.

For historic reference, the magnum The Codebreakers, 2nd ed. by Daivd Kahn is the source professionals use. It requires no math knowledge beyond high school mathematics if you want to follow the algorithms explained in the text.

The two references I recommend are Applied Cryptography and Handbook of Applied Cryptography, as these are excellent references, not textbooks.

If you have no math background I would recommend:

• Cryptanalysis : a study of ciphers and their solution, by Helen Fouché Gaines, Dover Books. 237 p.
• The Codebreakers : The Comprehensive History of Secret Communication from Ancient Times to the Internet, 2nd ed. by David Kahn, 1181 pages

If you have an undergrad mathematics background I would recommend any one of the mentioned textbooks and either one of the mentioned references as a good starting point.

[SEWilco]

42838 98394 88789 87335 73364 71820 82371 13831 83134 11721 17306 68379

[SEWilco]

Gee, my comment was so secret that it has no Subject. :-)

Re: history of Cryptography

[braddles]

Look for 'The Code Book : The Evolution of Secrecy from Mary, Queen of Scots to Quantum Cryptography' from Simon Singh. I flicked through it last night and comments on Amazon.com suggest that it is a good historical look at codes. Simon wrote 'Fermat's Last Theorem'; a book that made the search for mathematical proof read like a detective novel! FLT comes Highly Recommended. Reviews suggest that the Code Book is in a similar narritive style and that it does contain some technical mathematics. It is a history not a textbook but it might have some methods in appendices, as FLT does.

Yep, Applied Cryptography is a great start

[tlovelace]

I definatly agree. Applied Cryptography is a great place to start. Another book that is very interesting is called Dissapearing Cryptography. It is about Stenography, which is a type of cryptography, but also covers general cryptography at the beginning. Both are excellent resources.

Applied Cryptography

[sumner]

Bruce Schneier's Applied Cryptography is the place to start. Mostly pre-calculus and some number theory, pretty straightforward stuff. Some abstract algebra is used on occasion. Sumner

Conference Papers and HAC

[randombit]

The best book for learning crypto is, IMHO, the Handbook of Applied Cryptography, by Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone. You can find more about it at http://www.cacr.math.uwaterloo.ca/hac/.

BTW, I didn't really feel AC was really that great... he ignores of a lot of important details, which is fine for a simple overview, but it makes it hard to do anything useful based soley on the information contained within AC.

Really, the best referece is the conference papers from the Fast Software Encryption, Crypto, EuroCrypt, AusCrypt (now defunct?), and AsiaCrypt conferences (also the AES conferences, but there will only be 3 of those). Most (probably all, actually) are published in the LCNS series by Springer (lots of good titles, check them out).

Also, a lot of good stuff is available on the web, since most of the academic people who write papers put them up on the web, and commercial companies often publish things in RFCs, etc. Here are a few to start you out:

Blowfish: http://www.counterpane.com/bfsverlag.html
CAST5: http://www.ietf.org/rfc/rfc2144.txt
Tiger: http://www.cs.technion.ac.il/~biham/Reports/Tiger/

MD2, MD4, MD5, RC5, and others are avaialable as RFCs as well (use the search, Luke!).

Ok, one more, all of the AES Canadates are
at http://www.nist.gov/aes/

Also, looking at crypto code often is helpful for understanding what's going on (since you can relate your programming knowledge to the crypto).

Good luck

HAC vs. AC

The Handbook of Applied Cryptography is a wonderful source for learning about crypto, but it is exactly that -- a handbook, a reference guide, not an easy read. For beginners, I'd suggest going with Schneier's book, as it's a lot easier to understand. Once the basics are learned, then the heavy reading can start... =)

Applied Cryptography, by Bruce Schneier

[The_Compact]

It is my book of reference... I must agree that it's the best. But there are other good reasons for you to choose this book. (I wouldn't write a useless nodding comment :P )

- It explains a lot of the maths required. However I'd still suggest you shell out your good ol' matrix & calculus books... You really _really_ need a good background in maths to be able to make proper use of crypto.
- Great examples... I fell in love with Eva. ;-) no seriously, a lot of the commonly used situations are explained with all their pitfalls.
- Not only that, but there's SOURCE CODE! Yeah! So if you're simply a copycat, you can grab the code at the end of the book and have fun with it.
- If you're a cypherphreak, you can always look at the massive bibliography at the end. So this book is a really good "starting point" book.


Have fun!
Mike

Re:oh no!!!!

[rpruiz]

Look for 'The Code Book : The Evolution of Secrecy from Mary, Queen of Scots to Quantum Cryptography' from Simon Singh. I flicked through it last night and comments on Amazon.com suggest that it is a good historical look at codes. Simon wrote 'Fermat's Last Theorem'; a book that made the search for mathematical proof read like a detective novel! FLT comes Highly Recommended. Reviews suggest that the Code Book is in a similar narritive style and that it does contain some technical mathematics. It is a history not a textbook but it might have some methods in appendices, as FLT does.

Less Technical, perhaps?

[Azdak]

Ok. I'm going to risk sounding like a goof by admitting what recently got me passionate about wanting to learn more about crypto: Cryptonomicon by Neal Stephenson. Yes, it's a novel, but Stephenson gives you just enough technical knowledge to make learning crypto (and ideas for it's application) less mind-bending for the uninitiated. Also, it's a GREAT read! THEN, get a big cup of coffee and dive into "Applied Cryptography". =>>=

More technical

[anticypher]

I was going to list all the crypto books on my bookshelf, but some self-styled cypherpunk has borrowed Schneier's Applied Crypto and Menezes' disjointed Handbook of Applied Crypto.

One good book for working your way up from easy intro to much tougher advanced material is William Stalling's Cryptography and Network Security. It also has a great reference section for finding other texts. The book is used in a lot of university intro to crypto courses.

For math, try Concrete Mathematics: A Foundation for Computer Science, by Donald Knuth, Oren Patashnik, and Ronald Graham.

Doug Stinson Cryptography: Theory and Practice (Discrete Mathematics and Its Applications), is also good.

There are a lot of very advanced technical papers available on the web. This stuff will make your head hurt if you don't already have a decent background to draw on. Search the web for postings of the Crypto consortiums, look especially for Proceedings, Crypto '9x, EuroCrypt 9x, AsiaCrypt, IEEE Transactions on Information Theory, Communications of the ACM, and Cryptobytes, or try the legendary names in your favorite search engine.

the AC