Practical Cryptography

Guru Bruce Schneier teams with fellow guru Niels Ferguson to explain the practical implementaion of cryptography. In his first book, Applied Cryptography, Schneier dissected how cryptography worked. But there was a lot of hand-waving, such as "Alice implements a secure RNG" which worked for theoretical knowledge of cryptography, but weren't of much use to a programmer who needs to design something. Practical Cryptography is the "in depth" sequel to Applied Cryptography, and explains in detail a lot of the nuts and bolts of actually implementing good cryptography.

This book really does explain the practical side of cryptography and writing cryptographic software. The authors take the readers with them as they design a secure communication system using existing algorithms and standards. You look over the shoulders of two experts in the field as they make decisions (e.g. AES vs. Serpent vs. Twofish) and explain them (e.g. AES is the IBM of algorithms, Serpent is the most secure, and Twofish is fast like AES but without the vulnerabilities). There is an entire chapter devoted to "Implementation Issues" which includes some of the best information on software design I have ever read. In addition to the cryptography related information, the authors point out some flaws in traditional software development methodology. In fact, this book should be required reading for every computer science student and every practicing software engineer. If you have had trouble understanding cryptography and cryptographic algorithms in the past, this book will fill in the gaps. The book very well written, which is a rarity in the field of cryptography. If you are a crypto-phile, you can actually read this book for entertainment.

I've read a large number of cryptography books. Very few of them come down to brass tacks. They give you a description of a few algorithms, their strengths and weaknesses, and leave it at that. Either that, or they describe in lovingly complex detail the implementation of a particular protocol, one usually so fraught with options and details that you wonder how, at the end of it, that anybody writes a conforming implementation. Practical Cryptography does neither of these things. It presents algorithm classes, why they exist, and what the best known algorithms are in each class. It explains how the various strengths and weaknesses of algorithms in each class combine to make a cryptosystem weaker or stronger. Then it goes on to show you how to use that information to build working cryptosystems. This book is NOT a careful discussion of the implementation details or plusses and minuses of particular algorithms. They give detailed implementation instructions and advice for some algorithms (such as RSA or Diffie-Hellman) that tend to end up being misunderstood or implemented poorly, but the main focus of the book is about putting all the information together to build a real system. This is something that I feel is sorely lacking in the field of cryptography as it stands in 2005 (when I last updated this review). The book does have a flaw. The authors present several algorithms and techniques that they recently invented and are not 'tried-and-true'. They present good arguments as to why they're secure. But the only real test of such things is lots of peer review and real-world testing. And, since they're new, they haven't been tested in that way. People have complained about the book's seeming schizophrenia. On one hand, the authors are trying to show you how to build a secure cryptosystem. On the other, they're telling you how hopeless a task it is to build one that has no vulnerabilities, even if you're an expert in such things. This can be annoying, but I more find it refreshing. Writing a secure cryptosystem is very hard. People should be aware that it is hard, and they are likely to make mistakes. It isn't something that should be attempted lightly. The current state of computer security is depressingly abysmal. People should be encouraged, as much as possible, to not contribute to the problem. I'm not following my own advice, and I am building a new cryptosystem. I have found this book a more valuable resource than any other book on cryptography that I have yet read. Even if you aren't building your own cryptosystem, I think you will find the insights this book has into complexity and design to be useful tools in evaluating other cryptosystems.

If you want an honest and extremely realistic analysis of security and encryption in general, this is the book for you. The authors are "dead-on" in their analysis of security as a process instead of just a system for cryptography. They especially "hit-the-mark" in their analysis of the sad state of affairs in Bio-Metrics and PKI (Public Key Infrastructure). This is not a balanced "middle-of-the-road" analysis. Instead, it is an opinionated view of security and cryptography solutions, implementations, and idealizations. The author's opinions are welcome and correct. They have the experience and they make more sense than most. (Not to mention that they take a very sensible approach the topics).

Two of the leading world cryptographers take their time to show engineers of all kinds, not just programmers, how the security is to be implemented.To quote: "one of the reasons for writing this book: to get other people to understand the insidious nature of security, and how important is to do it right."The whole point of the book is to show how would the authors have built an encryption system if everything's to be done right. This means secure communication channel, key negotiation, random number generation and public key encryption. Basically what you have in this book is a blueprint for the best possible crypto system. The authors describe a few cryptographic primitives, like block ciphers and hash functions, but not a whole lot and nothing in details. The authors just pick one of each (explaining exactly why the one they picked is the best) and stick with it throughout the book. The book has surprisingly little math, if any. No details of any existing protocol in particular. A lot of (literally dozens) attacks described, at any point, on any part, and for each a cure is proposed or "no cure possible" conclusion is made. Pretty informative.Lots of advises, some more technical, some more philosophical. Lots of auxiliary info, like patents on crypto, dancing pigs :), implementation notes etc. Some chapters are about a dozen pages long. A touch, but it makes you think.Oh, and it describes Mr. Schneier's new Yarrow random generator, and what's more - a shiny new extension to it called Fortuna. Fascinating stuff if you ask me.There are some minor downsides too.First, the pseudocode which is used for describing algorithms is strikingly bad. Dear authors of computer books, even if you don't want to take any language's side, please make your code readable for programmers.Second, a few times the book goes like this: "there is that thingy, it's green and it does things". What ? I think if you even mention things, making a consistent view of what it is at least would be nice. To be specific, the book mentions but never even tries to explain: UMAC, OCB, CCM. There is a few more but I wouldn't mind omitting details on those as they are specifically marked as "stay clear off". I could have googled for them for sure, but what is the point of the book then ?Third, some of the advises, especially on programming side don't stand. I found the most useful advises the ones that begin with "Niels once had..." and "We found useful...", i.e. the advises from the field. Some other advises are too general. In the very same time the authors say something like "we (the world) don't have a clue how to write secure software". I fully agree, but why trying to squeeze in a small book thus useless advises ? Like for instance, first they say "wipe any information as soon as you no longer need it" and then "assertion failures should always lead to an abort of a program". Cleanup, huh ? Shall we just say that writing quality software takes no less books than designing proper c