Serious Cryptography

Serious Cryptography

by Jean-Philippe Aumasson
Released November 2017
Publisher(s): No Starch Press
ISBN: 9781593278267

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to live online training experiences, plus books, videos, and digital content from O’Reilly and nearly 200 trusted publishing partners.

Start your free trial

Book description

"This practical guide to modern encryption breaks down the fundamental mathematical concepts at the heart of cryptography without shying away from meaty discussions of how they work. You’ll learn about authenticated encryption, secure randomness, hash functions, block ciphers, and public-key techniques such as RSA and elliptic curve cryptography.

You'll also learn:

• Key concepts in cryptography, such as computational security, attacker models, and forward secrecy• The strengths and limitations of the TLS protocol behind HTTPS secure websites• Quantum computation and post-quantum cryptography• About various vulnerabilities by examining numerous code examples and use cases• How to choose the best algorithm or protocol and ask vendors the right questions

Each chapter includes a discussion of common implementation mistakes using real-world examples and details what could go wrong and how to avoid these pitfalls.

Whether you’re a seasoned practitioner or a beginner looking to dive into the field, Serious Cryptography will provide a complete survey of modern encryption and its applications."

Table of contents

  1. Cover Page
  2. Title Page
  3. Copyright Page
  4. Brief Contents
  5. Contents in Detail
  6. Foreword
  7. Preface
    1. This Book’s Approach
    2. Who This Book Is For
    3. How This Book Is Organized
    4. Acknowledgments
  8. Abbreviations
  9. Chapter 1: Encryption
    1. The Basics
    2. Classical Ciphers
    3. How Ciphers Work
    4. Perfect Encryption: The One-Time Pad
    5. Encryption Security
    6. Asymmetric Encryption
    7. When Ciphers Do More Than Encryption
    8. How Things Can Go Wrong
    9. Further Reading
  10. Chapter 2: Randomness
    1. Random or Non-Random?
    2. Randomness as a Probability Distribution
    3. Entropy: A Measure of Uncertainty
    4. Random Number Generators (RNGs) and Pseudorandom Number Generators (PRNGs)
    5. Real-World PRNGs
    6. How Things Can Go Wrong
    7. Further Reading
  11. Chapter 3: Cryptographic Security
    1. Defining the Impossible
    2. Quantifying Security
    3. Achieving Security
    4. Generating Keys
    5. How Things Can Go Wrong
    6. Further Reading
  12. Chapter 4: Block Ciphers
    1. What Is a Block Cipher?
    2. How to Construct Block Ciphers
    3. The Advanced Encryption Standard (AES)
    4. Implementing AES
    5. Modes of Operation
    6. How Things Can Go Wrong
    7. Further Reading
  13. Chapter 5: Stream Ciphers
    1. How Stream Ciphers Work
    2. Hardware-Oriented Stream Ciphers
    3. Software-Oriented Stream Ciphers
    4. How Things Can Go Wrong
    5. Further Reading
  14. Chapter 6: Hash Functions
    1. Secure Hash Functions
    2. Building Hash Functions
    3. The SHA Family of Hash Functions
    4. The BLAKE2 Hash Function
    5. How Things Can Go Wrong
    6. Further Reading
  15. Chapter 7: Keyed Hashing
    1. Message Authentication Codes (MACs)
    2. Pseudorandom Functions (PRFs)
    3. Creating Keyed Hashes from Unkeyed Hashes
    4. Creating Keyed Hashes from Block Ciphers: CMAC
    5. Dedicated MAC Designs
    6. How Things Can Go Wrong
    7. Further Reading
  16. Chapter 8: Authenticated Encryption
    1. Authenticated Encryption Using MACs
    2. Authenticated Ciphers
    3. AES-GCM: The Authenticated Cipher Standard
    4. OCB: An Authenticated Cipher Faster than GCM
    5. SIV: The Safest Authenticated Cipher?
    6. Permutation-Based AEAD
    7. How Things Can Go Wrong
    8. Further Reading
  17. Chapter 9: Hard Problems
    1. Computational Hardness
    2. Complexity Classes
    3. The Factoring Problem
    4. The Discrete Logarithm Problem
    5. How Things Can Go Wrong
    6. Further Reading
  18. Chapter 10: RSA
    1. The Math Behind RSA
    2. The RSA Trapdoor Permutation
    3. RSA Key Generation and Security
    4. Encrypting with RSA
    5. Signing with RSA
    6. RSA Implementations
    7. How Things Can Go Wrong
    8. Further Reading
  19. Chapter 11: Diffie–Hellman
    1. The Diffie–Hellman Function
    2. The Diffie–Hellman Problems
    3. Key Agreement Protocols
    4. Diffie–Hellman Protocols
    5. How Things Can Go Wrong
    6. Further Reading
  20. Chapter 12: Elliptic Curves
    1. What Is an Elliptic Curve?
    2. The ECDLP Problem
    3. Diffie–Hellman Key Agreement over Elliptic Curves
    4. Choosing a Curve
    5. How Things Can Go Wrong
    6. Further Reading
  21. Chapter 13: TLS
    1. Target Applications and Requirements
    2. The TLS Protocol Suite
    3. TLS 1.3 Improvements over TLS 1.2
    4. The Strengths of TLS Security
    5. How Things Can Go Wrong
    6. Further Reading
  22. Chapter 14: Quantum and Post-Quantum
    1. How Quantum Computers Work
    2. Quantum Speed-Up
    3. Why Is It So Hard to Build a Quantum Computer?
    4. Post-Quantum Cryptographic Algorithms
    5. How Things Can Go Wrong
    6. Further Reading
  23. Index
  24. Resources

Product information

  • Title: Serious Cryptography
  • Author(s): Jean-Philippe Aumasson
  • Release date: November 2017
  • Publisher(s): No Starch Press
  • ISBN: 9781593278267