Название: Serious Cryptography: A Practical Introduction to Modern Encryption (Corrections, 2-Jan-2020) Автор: Jean-Philippe Aumasson
Издательство: No Starch Press
Год: 2017/With some corrections, 2-Jan-2020
Страниц: 312
Язык: английский
Формат: epub, pdf (conv)
Размер: 10.1 MB
Serious Cryptography was written by one of the foremost experts in applied cryptography, but it’s not targeted at other experts. Nor, for that matter, is it intended as a superficial overview of the field. On the contrary, it contains a thorough and up-to-date discussion of cryptographic engineering, designed to help practitioners who plan to work in this field do better. In these pages, you’ll learn not only how cryptographic algorithms work, but how to use them in real systems.
The book begins with an exploration of many of the key cryptographic primitives, including basic algorithms like block ciphers, public encryption schemes, hash functions, and random number generators. Each chapter provides working examples of how the algorithms work and what you should or should not do. Final chapters cover advanced subjects such as TLS, as well as the future of cryptography—what to do after quantum computers arrive to complicate our lives.
While no single book can solve all our problems, a bit of knowledge can go a long way. This book contains plenty of knowledge. Perhaps enough to make real, deployed cryptography live up to the high expectations that so many have of it.
I’ve heard “crypto is hard” more than a dozen times since then. But is crypto really that hard? To play an instrument, master a programming language, or put the applications of any fascinating field into practice, you need to learn some concepts and symbols, but doing so doesn’t take a PhD. I think the same applies to becoming a competent cryptographer. I also believe that crypto is perceived as hard because cryptographers haven’t done a good job of teaching it.
Another reason why I felt the need for this book is that crypto is no longer just about crypto—it has expanded into a multidisciplinary field. To do anything useful and relevant in crypto, you’ll need some understanding of the concepts around crypto: how networks and computers work, what users and systems need, and how attackers can abuse algorithms and their implementations. In other words, you need a connection to reality.
The initial title of this book was Crypto for Real to stress the practice-oriented, real-world, no-nonsense approach I aimed to follow. I didn’t want to make cryptography approachable by dumbing it down, but instead tie it to real applications. I provide source code examples and describe real bugs and horror stories.
Along with a clear connection to reality, other cornerstones of this book are its simplicity and modernity. I focus on simplicity in form more than in substance: I present many non-trivial concepts, but without the dull mathematical formalism. Instead, I attempt to impart an understanding of cryptography’s core ideas, which are more important than remembering a bunch of equations. To ensure the book’s modernity, I cover the latest developments and applications of cryptography, such as TLS 1.3 and post-quantum cryptography. I don’t discuss the details of obsolete or insecure algorithms such as DES or MD5. An exception to this is RC4, but it’s only included to explain how weak it is and to show how a stream cipher of its kind works.
Скачать Serious Cryptography: A Practical Introduction to Modern Encryption (Corrections, 2-Jan-2020)