July 29, 2013 - 12:28 — Anonymous

Publisher:

Oxford University Press

Year:

2012

ISBN:

978-0199695591

Price (tentative):

39 euros

Short description:

This book presents a basic and extensive introductory course on cryptography and information security. The level of the book corresponds to a first course in a BSc degree. It is a very leisurely reading, well-structured and very detailed. It does not assume any mathematical knowledge, making it suitable for being used as a manual for a course on introduction to cryptography.

MSC main category:

94 Information and communication, circuits

Review:

This book presents a basic and extensive introductory course on cryptography and information security. The level of the book corresponds to a first course in a BSc degree. It is a very leisurely reading, well-structured and very detailed. It does not assume any mathematical knowledge, making it suitable for using it as a manual for a course on introduction to cryptography.

The book starts by introducing the basic concepts and nomenclatures in the field, and then explaining the first historical uses of cryptographic systems, like the Caesar and the Vignere cyphers. Then it moves to modern cryptographic techniques used commonly in internet. The first case addressed is that of symmetric encryption, where the sender and the receiver of a message share a common encryption key, not known to a possible attacker. Here the DES and AES are the prominent encryption algorithms. Note however that the reader may get a bit disappointed if he was expecting all mathematical details to be provided. The book continues with public-key encryption, in which the receiver of a message has a private decryption key, and there is a public encryption key available to anyone who wants to communicate with him. Here the RSA is the most prominent example.

It continues with the analysis of other important aspects of cryptography, like data integrity, which tries to assure that the message that is received has not been modified. The Hash functions and MACs are the typical examples which are explained here. It follows the issue of digital signatures, which serves as non-repudiation cryptographic protocols, that is, a way to be able to certify that the sender has actually sent the message in front of third parties. Entity authentication is also discussed, prominently the use and storage of passwords.

The book ends with a collection of applications of cryptography to the real life: the SSL/TLS protocol for internet communication, the WEP and WPA protocols for wireless local area networks, the GSM and UMTS for mobile telecommunications, cryptography for video broadcasting, security in payment card transactions, etc. All the cryptographic protocols are explained at length, analyzing their strengths and weaknesses. Different instances of cryptographic attacks are shown alongside with sophisticated ways to defend against them. Design errors in cryptographic protocols are also discussed. This is very enlightening for the interested reader.

Reviewer:

Vicente Muñoz

Affiliation:

UCM

## Comments

## Post new comment