Practical Cryptography | 
 enlarge | Authors: Niels Ferguson, Bruce Schneier
Publisher: Wiley
Category: Book
List Price: $50.00
Buy New: $23.00
You Save: $27.00 (54%)
New (24) Used (18) from $20.50
Rating:  16 reviews
Sales Rank: 120544
Media: Paperback
Edition: 1st
Pages: 432
Number Of Items: 1
Shipping Weight (lbs): 1.4
Dimensions (in): 9.4 x 7.6 x 1
ISBN: 0471223573
Dewey Decimal Number: 005.82
UPC: 723812112753
EAN: 9780471223573
Publication Date: March 28, 2003
Availability: Usually ships in 1-2 business days
Condition: Shipping from New Jersey. Pages and cover stay intact
| |
| Similar Items:
|
| Editorial Reviews:
Product Description
Security is the number one concern for businesses worldwide. The gold standard for attaining security is cryptography because it provides the most reliable tools for storing or transmitting digital information. Written by Niels Ferguson, lead cryptographer for Counterpane, Bruce Schneier's security company, and Bruce Schneier himself, this is the much anticipated follow-up book to Schneier's seminal encyclopedic reference, Applied Cryptography, Second Edition (0-471-11709-9), which has sold more than 150,000 copies.
Niels Ferguson (Amsterdam, Netherlands) is a cryptographic engineer and consultant at Counterpane Internet Security. He has extensive experience in the creation and design of security algorithms, protocols, and multinational security infrastructures. Previously, Ferguson was a cryptographer for DigiCash and CWI. At CWI he developed the first generation of off-line payment protocols. He has published numerous scientific papers.
Bruce Schneier (Minneapolis, MN) is Founder and Chief Technical Officer at Counterpane Internet Security, a managed-security monitoring company. He is also the author of Secrets and Lies: Digital Security in a Networked World (0-471-25311-1).
|
| Customer Reviews: Read 11 more reviews...
 Concrete presentation of a difficult subject December 11, 2003
Eric Hopper (Seattle, WA USA)
38 out of 42 found this review helpful
I've read a large number of cryptography books. Very few of them come down to brass tacks. They give you a description of a few algorithms, their strengths and weaknesses, and leave it at that. Either that, or they describe in lovingly complex detail the implementation of a particular protocol, one usually so fraught with options and details that you wonder how, at the end of it, that anybody writes a conforming implementation.
Practical Cryptography does neither of these things. It presents algorithm classes, why they exist, and what the best known algorithms are in each class. It explains how the various strengths and weaknesses of algorithms in each class combine to make a cryptosystem weaker or stronger. Then it goes on to show you how to use that information to build working cryptosystems.
This book is NOT a careful discussion of the implementation details or plusses and minuses of particular algorithms. They give detailed implementation instructions and advice for some algorithms (such as RSA or Diffie-Hellman) that tend to end up being misunderstood or implemented poorly, but the main focus of the book is about putting all the information together to build a real system. This is something that I feel is sorely lacking in the field of cryptography as it stands in 2005 (when I last updated this review).
The book does have a flaw. The authors present several algorithms and techniques that they recently invented and are not 'tried-and-true'. They present good arguments as to why they're secure. But the only real test of such things is lots of peer review and real-world testing. And, since they're new, they haven't been tested in that way.
People have complained about the book's seeming schizophrenia. On one hand, the authors are trying to show you how to build a secure cryptosystem. On the other, they're telling you how hopeless a task it is to build one that has no vulnerabilities, even if you're an expert in such things.
This can be annoying, but I more find it refreshing. Writing a secure cryptosystem is very hard. People should be aware that it is hard, and they are likely to make mistakes. It isn't something that should be attempted lightly. The current state of computer security is depressingly abysmal. People should be encouraged, as much as possible, to not contribute to the problem.
I'm not following my own advice, and I am building a new cryptosystem. I have found this book a more valuable resource than any other book on cryptography that I have yet read. Even if you aren't building your own cryptosystem, I think you will find the insights this book has into complexity and design to be useful tools in evaluating other cryptosystems.
Trust Schneier & Ferguson, they know their security June 1, 2003
B. Hodson (Cedar Hills, UT United States)
6 out of 9 found this review helpful
If you want an honest and extremely realistic analysis of security and encryption in general, this is the book for you. The authors are "dead-on" in their analysis of security as a process instead of just a system for cryptography. They especially "hit-the-mark" in their analysis of the sad state of affairs in Bio-Metrics and PKI (Public Key Infrastructure). This is not a balanced "middle-of-the-road" analysis. Instead, it is an opinionated view of security and cryptography solutions, implementations, and idealizations. The author's opinions are welcome and correct. They have the experience and they make more sense than most. (Not to mention that they take a very sensible approach the topics).
Outstanding in every way April 23, 2003
Jeremey L. Barrett (Houston, TX USA)
1 out of 5 found this review helpful
I preordered and my copied arrived end of last week... the first two chapters alone are worth the price of the book. They should be required reading for anyone involved with computer security in any way. This is a clear, enjoyable, practical book that should serve as the foundation for understanding how to design and implement security systems.This is not an overview of what's out there in the world of cryptography in general, this is a focused and clear description of how to really create security systems in the real world, and a concise explanation of what the dangers are. If you buy one book on cryptography, buy this one.
Simply excellent! August 1, 2003
0x070b (CALLAO, CALLAO Peru)
7 out of 15 found this review helpful
The combination Schneier - Ferguson invites to travel the basic aspects of the cryptography and inclusive it proposes the best queries of what one has learned and we should learn on this process.
In the personal thing the chapter 6: Work Hash; the chapter 7: MAC; the chapter 14 referred to the cryptographic protocols; the chapters 19 and 20 referred to PKI consider they are excellent. They have a quite practical point of view, realist, didactic and very realistic overalls.
I consider that the mathematical aspect has been covered with the space that deserves.
Very good decision of publishing a book more about applied cryptography and in that sense my recommendations to the book.
Congratulations.
If you write software this book will help you understand cryptography January 15, 2007
David Cullen (Southeast, USA)
3 out of 3 found this review helpful
This book really does explain the practical side of cryptography and writing cryptographic software.
The authors take the readers with them as they design a secure communication system using existing algorithms and standards. You look over the shoulders of two experts in the field as they make decisions (e.g. AES vs. Serpent vs. Twofish) and explain them (e.g. AES is the IBM of algorithms, Serpent is the most secure, and Twofish is fast like AES but without the vulnerabilities).
There is an entire chapter devoted to "Implementation Issues" which includes some of the best information on software design I have ever read. In addition to the cryptography related information, the authors point out some flaws in traditional software development methodology. In fact, this book should be required reading for every computer science student and every practicing software engineer.
If you have had trouble understanding cryptography and cryptographic algorithms in the past, this book will fill in the gaps. The book very well written, which is a rarity in the field of cryptography. If you are a crypto-phile, you can actually read this book for entertainment.
|
|
|
