Recommend me a book on Cryptography/Cryptanalysis!
November 14, 2010 2:03 PM   Subscribe

I get to teach myself Cryptography for a class, please help me pick my book!

I attend a college that offers an "Independent Study" class for special topics that aren't already offered; it's basically a class where you teach yourself with the guidance of a professor. I'm a Math major (computational track) and a CS minor, so naturally cryptography peaks my interests. I get to pick my own book to learn from... Have any recommendations?
posted by zidane to Technology (12 answers total) 6 users marked this as a favorite
 
Best answer: Public-key and symmetric cryptography have fairly different mathematical bases, AIUI, so you might want to pick just one. Most of the interesting math in public-key crypto is number theory. Most of the interesting math in symmetric crypto is in the cryptanalysis. Your mileage will doubtless vary.

My ten-year-old recommendations are Schneier's Applied Cryptography and Menezes et al.'s Handbook of Applied Cryptography. The Schneier is very approachable; I recommend checking it out and at least skimming it. There are probably more modern books on the subject as well.
posted by hattifattener at 2:10 PM on November 14, 2010


Best answer: You might take a look at Douglas Stimson's cryptography: theory and practice.

I used it as a text for an independent study with a student a couple of years ago and thought it was decent.

I'd think Schneier's applied cryptography would be a bit much, at least to start with.
posted by leahwrenn at 2:35 PM on November 14, 2010


The Code Book is a great book on cryptography geared towards a general audience. It's obviously not going to go into a lot of the heavy theory (if I remember correctly, it skims over the group theoretics that make RSA work). The references might give you a good idea of where to look for particular ideas though.
posted by El_Marto at 2:36 PM on November 14, 2010 [4 favorites]


Absolutely no doubt, Schneier's Applied Cryptography. It's a little dated now (1996) but worth every penny. The "prequel" Practical Cryptography by Schneier and Niels Ferguson is also good.

El_Marto's suggestion of The Code Book is also good, but might not be what a Math/CS student is looking for.
posted by alby at 2:45 PM on November 14, 2010


What's your mathematical background like? Have you taken abstract algebra and discrete math courses?

I'm an engineering student, and I'd recommend Applied Cryptography to anyone who needs to implement cryptographic standards, but it's not really helpful in understanding how they're conceived and evaluated in the first place (which seems to me to be the natural interest of a mathematician/computer-scientist).
posted by phrontist at 3:00 PM on November 14, 2010


Honestly, I would find a professor in the math dept. whose research is crypography related and ask them. Stinson would also be good if you have the background.
posted by phrontist at 3:03 PM on November 14, 2010


Response by poster: I've taken discrete math courses in the past but not abstract algebra. The soonest the department has offered abstract algebra is this spring, so I will be taking it next semester. If this independent study course works out then I will be taking the two concurrently. Is that a bad idea? I could always wait until next fall to try this idea out.

My mathematics background isn't as strong as my CS background (I've been interested in CS for a while now), but I tend to to do well in more theoretical areas. I've done my best in courses on numerical analysis, stochastic methods, linear algebra, things of that sort. If it's based in proof, I'll probably get a good grasp on the material.

Our math department isn't the largest in the world, AFAIK we don't have anyone who has done research in cryptography. My professor and I will probably be learning the material together. I will definitely be looking through these books this week to see what might or might not work.
posted by zidane at 3:40 PM on November 14, 2010


You can't go wrong with Applied Cryptography for learning the principles of the systems and some of the algorithms. With that said, if this course of study goes beyond the math you should keep in mind what Schneier wrote later as quoted by Ted Neward:
In [Applied Cryptography], I described a mathematical Utopia: algorithms that would keep your deepest secrets safe for millennia, protocols that could perform the most fantastical electronic interactions—unregulated gambling, undetectable authentication, anonymous cash—safely and securely…. I went so far as to write, "It is insufficient to protect ourselves with laws; we need to protect ourselves with mathematics."


It's just not true. Cryptography can't do any of that.
The error of Applied Cryptography is that I didn't talk at all about the context. I talked about cryptography as if it were The Answer. I was pretty naive.
Neward goes on to quote a colleague who says the world was full of bad security software designed by people who had read these books. That's not to say the books are great it is more a realization that the practical implementations of the mathematic theory is riddled with non-obvious stumbling blocks.
posted by mmascolino at 3:53 PM on November 14, 2010


Neal Stephenson's Cryptonomicon is a novel whose plot turns on cryptography, set in World War II and the present day. He gets heavily into the art and science of crypto, and provides a pretty good explanation of what he's doing. It's a novel, not a math book, but worth the visit.

Oh, and a rip-roaring yarn, too.
posted by musofire at 4:04 PM on November 14, 2010 [1 favorite]


From your description of what kind of math you've done well in you might have the most fun learning about symmetric-key cryptanalysis (linear and differential cryptanalysis, power and fault analysis, that kind of thing). I think you have enough math background to read a book like Applied Cryptography, get a better idea of the lay of the land, and explore some specific topic in more depth.

Public-key crypto is "tidier", conceptually. In fact my undergrad CS-oriented discrete math class went into RSA and Diffie-Hellman a bit, since they're good examples of some of the concepts. (And possibly because my prof had a certain anti-authoritarian streak, and this was in the era in which it was unclear whether the government would continue to allow crypto to be taught openly…)
posted by hattifattener at 5:08 PM on November 14, 2010


Schneier previously put together a self study on block cipher cryptanalysis as a gateway to algorithm design. This, of course, hinges on you loving yourself some linear algebra and being interested more in algorithm design than implementation of vetted systems.
posted by bfranklin at 7:33 PM on November 14, 2010


FWIW I'd think number theory would be more relevant than abstract algebra, at least to start with.
posted by mail at 9:34 PM on November 14, 2010


« Older Live/Work Space in Brooklyn?   |   Songs that feature lyrics about dreaming of dying? Newer »
This thread is closed to new comments.