Computer Security Series. Boston, MA: Artech House (ISBN 978-1-60807-145-6/hbk; 978-1-60807-146-3/ebook). xxv, 571 p. £ 88.00 (2011).
The second edition of the book (for the first edition see [Zbl 1104.68044
]) gives a very well written and up-to-date introduction to the foundations of modern cryptography. The author dispenses with a treatment of classical cryptographic methods which can be found in many introductory books on cryptography. As modern cryptography has become such a broad and diversified subject this seems to be a reasonable choice.
The book is divided into four main parts, namely “Unkeyed cryptosystems”, “Secret key cryptosystems”, “Public key cryptosystems” and “Conclusions”.
A very valuable aspect of the organization of this book is that the author begins with an introductory chapter on the different aspects of security and related issues and countermeasures, followed by a comprised chapter on all cryptographic systems which are treated in detail in the later chapters. The author condenses some basic facts on discrete mathematics, probability theory, information theory and complexity theory in four appendices, thereby keeping these basics out of the main text on cryptography. This makes the text better readable for the reader already familiar with these basics and nevertheless provides a good reference to them.
The first main part of the book comprises three chapters. In the first of them the notion of one-way function is explained and the used mathematical functions are presented. The second chapter in this part explains the functioning of hash functions. It explains the general Merkle-Damgård construction and MD4, MD5 and SHA-1 in more detail. The NIST SHA-3 competition is shortly mentioned at the end of the chapter. The last chapter in this part gives a short overview over random bit generators.
The second part, on symmetric encryption, considers block-ciphers in general, DES and AES in detail and discusses different modes of operations such as EBC, CBC, OFB and CTR, also shortly mentioning others, e.g., GCM. There follows a short treatment of stream ciphers, the notion of perfect security and the RC4 in some detail. This part ends with a chapter on message authentication codes and on pseudorandom bit generators.
The first chapter of Part 3 is on asymmetric encryption systems. It gives an overview of the RSA, Rabin and ElGamal cryptosystems and discusses semantic security. The next chapter contains a detailed treatment of digital signature systems, followed by chapters on key establishment and entity authentication.
The last part of the book deals with the problem of key management and gives a summary and an outlook.
All in all it is a valuable introductory book on the fundamentals of contemporary cryptography. As Eugene H. Spafford writes in his foreword to the book: “Thus, this book is one that will occupy a spot on your bookshelf -- and ensure that it doesn’t collect dust while there, $\ldots$”