Modern Cryptography

I often teach number theory, but I do not know much about practical cryptography such as the Advanced Encryption Standard (Rijndael), so I looked forward to reviewing a text which might help me stay honest about that.  This book is aimed at students with limited backgrounds, which also seemed good for me.

 

Some parts of this book meet this need, at the right level.  There is a lot of good non-technical advice, repeated admonitions of things like Kerckhoff's Principle (assume your enemy knows the details of your system, but not the key), and an intriguing chapter on backdoors (spoiler: Snowden's revelations were not a surprise to the crypto community).  I learned about the Atbash cipher, much more information about the SSL/TLS protocol we use every day (including the famous Heartbleed bug), many details of Feistel cryptosystems and SHA hash systems, and more.

 

Unfortunately, the weaknesses of this book far outweigh the strengths.  The worst fault was extremely subpar editing, especially of mathematics notation; for example, the sections on RSA and elliptic curves have so few properly typeset exponents as to make them unusable.  The book is also of two minds regarding detail.  For instance, the laundry list of ciphers in Chapter 6 is impressive, but the paragraphs are so terse as to not be helpful.  As another example, there is ample discussion of s-boxes and their types in block ciphers.  However, we are told three times that s-boxes are the primary source of non-linearity without being told precisely what is non-linear about them, and the discussion of the s-box for AES includes a full table of multiplicative inverses in the Galois field of order 256 (given in hex form), without a single fully worked out example of how those bits actually multiply - a topic which experience teaches even math majors in an algebra course find unintuitive at first.

 

Finally, while one might forgive there being no proper mathematics exercises given the audience, there weren't really many cryptographic ones either, and with relatively few basic examples and no index, it's hard to imagine this being used for a course.  The back cover promises "a slide presentation", though I couldn't find it; it seems plausible that large portions of the text are just that, expanded slide presentations that showed examples of the mathematics without wanting to bother students with the details.  That may be useful for some contexts, but in that case maybe the book should have omitted the math altogether.

 

So while I cannot recommend the version I reviewed, the non-mathematical contents are certainly worth learning more about.  Maybe when I want to know even more about Feistel systems, I'll search MAA Reviews for my next reading adventure - maybe Introduction to Cryptography with Mathematical Foundations and Computer Implementations by Alexander Stanoyevitch?

---

 

Karl-Dieter Crisman is Professor of Mathematics at Gordon College.  When asked to come up with a course for majors as a new faculty member, he immediately jumped at the chance to teach number theory, which led to an abiding interest in using open-source software to explore this deep subject with students in class.