Practical Cryptography

To quote: "one of the reasons for writing this book: to get other people to understand the insidious nature of security, and how important is to do it right."

The whole point of the book is to show how would the authors have built an encryption system if everything's to be done right. This means secure communication channel, key negotiation, random number generation and public key encryption. Basically what you have in this book is a blueprint for the best crypto system possible. Note - just blueprint. You as an engineer still can make it work or make it break.

The authors describe a few cryptographic primitives, like block ciphers and hash functions, but not a whole lot and nothing in details. They just pick one of each (explaining exactly why the one they picked is the best) and stick with it throughout the book.

The book has surprisingly little math, if any. No details of any existing protocol in particular. Quote: "...we will not spend our time explaining ... [hash functions] ... in great detail. Implementers can find the full specifications in the literature we cite, or on the Internet. For everybody else the full specifications ... only distract from the main line of the book". I couldn't agree with this approach more. This is a unique engineering book whereas there already is plenty of high math books.

A lot of (literally dozens) attacks described, at any point, on any part, and for each a cure is proposed or "no cure possible" conclusion is made. Highly informative.

Lots of advises, some more technical, some more philosophical. Some auxiliary info. like patents on crypto, implementation notes etc. Some chapters are about a dozen pages long. A mere touch, but it makes you think.

Oh, and it describes the Mr. Schneier's new Yarrow random generator (in simpler words than that formal document), and more - a shiny new extension to it called Fortuna. Fascinating stuff if you ask me.

There are some minor downsides too.

First, the pseudocode which is used for describing algorithms is strikingly bad. Dear authors of computer books, even if you don't want to take any language's side, please make your code readable for programmers.

Second, a few times the book goes like this: "there is that thingy, it's green and it does things". What ? I think if you even mention things, making a consistent view of what it is at least would be nice. To be specific, the book mentions but never even tries to explain: UMAC, OCB, CCM. There is a few more but I wouldn't mind omitting details on those as they are specifically marked as "stay clear off". I could have googled for them for sure, but what is the point of the book then ?

Third, some of the advises, especially on programming side don't stand. I found the most useful advises the ones that begin with "Niels once had..." or "We found useful...", i.e. the advises from the field. Some other advises are too general. In the very same time the authors say something like "we (the world) don't have a clue how to write secure software". I fully agree, but why trying to squeeze in a small book thus useless advises ? Like for instance, first they say (p.136) "wipe any information as soon as you no longer need it" and then (p.148) "assertion failures should always lead to an abort of a program". Cleanup, huh ? Shall we just say that writing quality software takes no less books than designing proper crypto ?

I have to admit, I used to think cryptography is simple. And I still do, it is simple when you are shown the resulting formula. But it turns out there are so many pecularities and little things, that it really takes an expert to say anything wise about crypto. On the other hand I found it relieveing that most of what this book says is coherent with the plain common sense.

So, the book gets 5 out of 5, because it (1) delivers exactly what it advertises (2) provides an extensive coverage on the topic and (3) the authors are but the best cryptographers there are.

Recommended for anyone interested in cryptography aspects.

Finally, a quote (p.152): "We'd love to work on this project, so contact us if you are willing to spend a few million dollars on a computer you can really trust". I'm wondering if they will be hiring software developers ? :)

Rating:
Summary: Beethoven and Schubert's "Learn to play piano already"
Review: Two of the leading world cryptographers take their time to show engineers of all kinds, not just programmers, how the security is to be implemented.

To quote: "one of the reasons for writing this book: to get other people to understand the insidious nature of security, and how important is to do it right."

The whole point of the book is to show how would the authors have built an encryption system if everything's to be done right. This means secure communication channel, key negotiation, random number generation and public key encryption. Basically what you have in this book is a blueprint for the best possible crypto system.

The authors describe a few cryptographic primitives, like block ciphers and hash functions, but not a whole lot and nothing in details. The authors just pick one of each (explaining exactly why the one they picked is the best) and stick with it throughout the book.

The book has surprisingly little math, if any. No details of any existing protocol in particular.

A lot of (literally dozens) attacks described, at any point, on any part, and for each a cure is proposed or "no cure possible" conclusion is made. Pretty informative.

Lots of advises, some more technical, some more philosophical. Lots of auxiliary info, like patents on crypto, dancing pigs :), implementation notes etc. Some chapters are about a dozen pages long. A touch, but it makes you think.

Oh, and it describes Mr. Schneier's new Yarrow random generator, and what's more - a shiny new extension to it called Fortuna. Fascinating stuff if you ask me.

There are some minor downsides too.

First, the pseudocode which is used for describing algorithms is strikingly bad. Dear authors of computer books, even if you don't want to take any language's side, please make your code readable for programmers.

Second, a few times the book goes like this: "there is that thingy, it's green and it does things". What ? I think if you even mention things, making a consistent view of what it is at least would be nice. To be specific, the book mentions but never even tries to explain: UMAC, OCB, CCM. There is a few more but I wouldn't mind omitting details on those as they are specifically marked as "stay clear off". I could have googled for them for sure, but what is the point of the book then ?

Third, some of the advises, especially on programming side don't stand. I found the most useful advises the ones that begin with "Niels once had..." and "We found useful...", i.e. the advises from the field. Some other advises are too general. In the very same time the authors say something like "we (the world) don't have a clue how to write secure software". I fully agree, but why trying to squeeze in a small book thus useless advises ? Like for instance, first they say "wipe any information as soon as you no longer need it" and then "assertion failures should always lead to an abort of a program". Cleanup, huh ? Shall we just say that writing quality software takes no less books than designing proper crypto ?

So, the book gets 5 out of 5, because it (1) delivers exactly what it advertises (2) provides an good coverage on the topic and (3) the authors are but the best cryptographers there are.

Recommended for anyone.

Rating:
Summary: Can't really recommend it
Review: Well, I can't really recommend the book. It's readable enough,
but I can't figure out their target audience. Only someone actually
implementing a cryptographic system would get anything out of
this book. At the end of the book, they warn you that a good
implementation is so hard that you really should hire an
expert to do it. They also say "The world is full of of bad
security systems designed by people who have read Applied
Cryptography. Practical Cryptography is likely to have the
same effect."

They say they wrote the book as an introduction to the state
of the art ("[people] .. must learn it somewhere, and we didn't
know of any other suitable books.") Given that no one but a
programmer or mathematician would get through half the book,
it's unlikely to reach a general audience, or even the managers
who really need their advice.

The content level of the book is very uneven as well, with
general, strategic advice mixed with algorithm discussions. Yet
there's almost no nuts and bolts programming advice. They just
point you off to other sources for all of that.

They have these little "So what should I do?" sections at the
end of most chapters, but they are pretty cynical. The most
common advice amounts to "there's no way to know without analyzing
your requirements." The other comments are along the lines of
"the software industry is a mess", "the standards process is a mess",
"the patent process is a mess", "(technique X) hasn't been around
long enough to be analyzed much, is a patent minefield, or has been
broken, or nearly broken. Don't use it." And finally, that security
depends on the weakest link, which generally won't be the
cryptography anyway. (Don't even try to do this at home!) This
may all be true, but it's not really helpful.

I don't know if you could implement a complete system from their
description of which techniques are reasonably good. If you
trusted their implementation advice, should you also trust their
overall advice, which is to leave this to the experts?

The whole thing leaves me with the impression that they are pretty
bitter about the whole field. They want people to do better on
security, but they have no expectation that they will. They want
to be listened to (and hired), but don't expect that either. The
book is mostly to say "see how complicated this is (you idiots!)?"

Rating:
Summary: Schneier has his cake and eats it.
Review: With its heritage in "Applied Cryptography", the world's most famous book on the subject, I had high hopes for "Practical Cryptography".

Until page 149, when I read the following: "We can give you advice on how to write good cryptographic code...specifically, don't use C or C++". I looked for emoticons or signs of a subtle humour, but couldn't find them. Better get Linus to dust off his JDK then. :-) They have a point, but the book's title is surely a misnomer. Unfortunately this style of advice is pretty symptomatic of much of the book.

Like Burnett's "Cryptography" in the RSA Security series, this book takes a comprehensive but high level approach. I think this is the wrong way to entice curious engineers. The authors lack Burnett's enthusiasm, setting a dismal backdrop in which good security is impossible, and at times appear very condescending.

The highlight of this book is the advice that the authors give on choosing symmetric algorithms - for example they like AES for its 256 bit key size, but don't like its 128 bit block size. Some of their thoughts place them in a cryptographic minority, but their rationale for these thoughts are well worth reading, almost enlightening.

They emphasize that cryptographic algorithms need close and lengthy scrutiny by their peers and warn the reader against new and untested designs. And then present in great length, without warnings about misuse, their new and unscrutinized PRNG Fortuna.

The final chapter of the book runs along the lines of "we've told you this stuff, but you're going to get it really wrong, so just use an expert". I agree that they are almost invariably right, but at a time when there is a glut of cryptographic literature, I'd love to know why they thought this book would contribute.

My final word: if you want technical cryptography, try Nigel Smart's excellent "Cryptography". If you want a high level view, try Burnett's competent "RSA's Official Guide to Cryptography".

Rating:
Summary: Schneier has his cake and eats it.
Review: With its heritage in "Applied Cryptography", the world's most famous book on the subject, I had high hopes for "Practical Cryptography".

Until page 149, when I read the following: "We can give you advice on how to write good cryptographic code...specifically, don't use C or C++". I looked for emoticons or signs of a subtle humour, but couldn't find them. Better get Linus to dust off his JDK then. :-) They have a point, but the book's title is surely a misnomer. Unfortunately this style of advice is pretty symptomatic of much of the book.

Like Burnett's "Cryptography" in the RSA Security series, this book takes a comprehensive but high level approach. I think this is the wrong way to entice curious engineers. The authors lack Burnett's enthusiasm, setting a dismal backdrop in which good security is impossible, and at times appear very condescending.

The highlight of this book is the advice that the authors give on choosing symmetric algorithms - for example they like AES for its 256 bit key size, but don't like its 128 bit block size. Some of their thoughts place them in a cryptographic minority, but their rationale for these thoughts are well worth reading, almost enlightening.

They emphasize that cryptographic algorithms need close and lengthy scrutiny by their peers and warn the reader against new and untested designs. And then present in great length, without warnings about misuse, their new and unscrutinized PRNG Fortuna.

The final chapter of the book runs along the lines of "we've told you this stuff, but you're going to get it really wrong, so just use an expert". I agree that they are almost invariably right, but at a time when there is a glut of cryptographic literature, I'd love to know why they thought this book would contribute.

My final word: if you want technical cryptography, try Nigel Smart's excellent "Cryptography". If you want a high level view, try Burnett's competent "RSA's Official Guide to Cryptography".