Cryptography: A Primer

Topics in this book include cryptanalysis of substitution ciphers, polyalphabetic ciphers, playfair and rotor machines. It has a chapter on the design and analysis of the DES block cipher. The final part of the book concentrates on key management.

The approach is mainly from a statistical angle, as opposed to combinatorics or number theory (which is more common in crypto textbooks). There is not a lot on public key crypto (or even modern cryptanalysis methods) in here, but it is a nice introduction to cryptology from a well-respected cryptographer.

Rating:
Summary: Schneier gives you fish. Konheim gives you a fishing rod.
Review: It was back in early 1982, I believe, that I bought my first copy of Alan G. Konheim's _Cryptography:_A_Primer_. It proved to be addictive. The author taught me the basics of cryptanalysis, explaining means and ways with a clarity that seldom finds its equal.

If you buy one book on the subject, I implore you to let Bruce Schneier wait a while -- get the basics first.

Rating:
Summary: Excellent, but with a few minor gaps
Review: Konheim tried in 1981 to do what Helen Gaines tried to do in 1939; to provide a basic working knowledge of the state of the art in cryptology to people with little or no previous knowledge. By and large, Konheim succeeded admirably. He had to overcome two major hurdles. By 1981 the amount known in the public domain about cryptology was very large: too large for a modest-sized book like this. And the basis of the topic had become largely mathematical, which is a put-off for many readers. Konheim copes beautifully with both problems, selecting important material and skipping less important material, and limiting the mathematics to what can almost all be followed by a high-school science honors student (although it helps to have at least three years of college math.) I would love to use this book as the text for a one semester course.

Having said that, I'll offer a few minor criticisms. The whole art of cryptology (as distinct from the mathematics) lies in dealing with the fallibility of people who design and use (or don't use) crypto systems. Konheim doesn't emphasize this enough. For example, cypher-text-only cryptanalysis of a good modern cypher is apt to be extremely hard, but it is often unnecessary. Konheim does not discuss the enormous diversity of ways in which the cryptanalyst may hope to acquire plaintext or probable plaintext. Professional designers of ciphers and codes know all about this, and their choices are heavily influenced by the need to limit damage when, for example, a general sends a back-channel message in a weak cipher that has the same content as an official message in a strong cipher.

He also fails to discuss in detail just how hard it is for the designer of a cipher to create a cipher as strong as the designer believes it to be. This is unfortunate, but I can't lay the blame on Konheim. Most of the most interesting anecdotes to illustrate this point (such as the reasons why NSA rejected LUCIFER and instead worked with IBM to create NDES) are sort of known in the folklore, but not really in the public domain, so could not be included in a college textbook. This is also presumably why Konheim chose not to mention the earliest, original discussions about public key ciphers.

I'll also observe that Konheim's discussion of rotor ciphers is remarkably brief, in view of the importance and widespread use of various types of rotor ciphers in many countries for many years. I understand why Konheim decided not to delve into this topic in detail, but it leaves a serious gap in the student's knowledge. Similarly, Konheim's discussion of NDES pays little attention to chaining and related topics, although he surely had access to the NBS unclassified manual on this subject.

And finally, Konheim devotes less attention than I could wish to the problems of generating, distributing and safeguarding keys. There is a popular belief that RSA with a suitably long key is nearly impregnable, for example, and there is good reason for this belief, but only provided that nobody can steal keys or guess them. Stealing and guessing keys is a game not restricted to cryptology (or computing); it has occured to a huge number of people over the years that the easiest way to get at something you're not supposed to get at is to steal or make a copy of the key. How else could so much pilferage from locked storage rooms and "secure" file cabinets take place? The same problem arises in cryptology, and it's one of the most interesting aspects of the field.

All this being said, however, this is a wonderful book.

Rating:
Summary: Decrypting cryptography
Review: Prof. Konheim's book is, well, fun to read. While I took the class in UC Santa Barbara, he essentailly followed the book. It covers classical as well as part of modern cyrptography. Needless to say, we have a lot of programming and deciphering a lot of crypted text as homework.

The knowledge is basic and essential for crypto-analysis. You will find this book indispensible, even though it doesn't cover topics such as interactive proof system which is more theory than practice as you find very little real world implementation in action.

Read it, program it, decrypt it and enjoy yourself.

Rating:
Summary: The best introductory book to cryptography.
Review: This book is quite suitable for junior/senior or first year graduate school student interested in COmputer Information Security.