Looks like a solid survey of the state of the art, as one would expect from Boneh and Shoup. Given that this is about applied crypto, I would like to see a chapter or sub-chapter devoted to discussing the usability of some real world cryptosystems and their implications. I think it’s something of a “black art” in crypto, but often ends up with as large a practical impact in practice as what crypto algorithms are being used. Would be nice to see it treated with the same kind of rigor as the more technical aspects of cryptography.
This is actually so cool. I find it amazing that such a high quality resource is available for free. When you think about the potential the Internet has to democratize knowledge books like this are really the perfect example of that. I appreciate the authors for sharing their knowledge. Definitely going to take the time to read this when I'm through some of the other books I'm reading
I haven't read the book. But I have watched all of his videos. It's quite funny that he didn't mind that the students slept in his class. He only got irritated if the students were talking.
Anyway, yeah, I agree, his videos explained cryptography to me in a clear way.
This is hands down the best book on applied crypto, especially for people who want to self-learn crypto. I started reading it since version 0.1, but every time I pick it up I learn something new.The fun application section in each chapter is pure gold. The exercises are challenging but super rewarding. I can't do many of them, but reading the problem statements is usually enough to make me realize I don't understand something.
When I started learning crypto, I spent a lot of time reading A Computational Introduction to Number Theory and Algebra [1] another free, high-quality book by Shoup. I did a lot of exercises, even corrected some results in the book, and at one point thought that I wanted to publish a solution manual. I emailed professor Shoup, but he said it may not be a good idea because people would copy my solutions for their homework. It turns out he's right. The blog posts that I published still get hit from time to time, and the search keyword is always solutions for NTB [2] =).
Later on, I took CS255 [3] from Boneh. I had to pay for it myself. IIRC it was $4,000 or something. It was a huge amount of money where I'm from. I took an overdraft from my bank to pay for it, the best money I ever spent! I still remember in one of the classes when Boneh was talking about the Diffie-Hellman protocol he paused to ask us, "Do you know where this was invented?" Nobody knows, then he pointed to his left and said, "In a room a few yards from here". I felt like I was part of this amazing history. There's a stream of knowledge flowing through me and maybe one day I'd discover something cool.
Boneh is simply the best teacher. He knows everything. I like it when he poses an open problem, and ends with "if you can solve this, I'll be a friend forever". He doesn't just love teaching, but also knows how to inspire and apparently can't stop explaining things.
> I still remember in one of the classes when Boneh was talking about the Diffie-Hellman protocol he paused to ask us, "Do you know where this was invented?" Nobody knows, then he pointed to his left and said, "In a room a few yards from here".
This looks really advanced. When I looked at the TOC, I thought "Oh that looks great, I can spend a weekend or two on this." Little did I know the book has 900 pages. Wow.
Anything you'd recommend as a practical introduction? Materials that are useful for an every-day software engineer?
This book isn't finished yet; there are still pieces missing. The authors have been publishing updated versions occasionally over the last decade as more of it is written.
Yes there is some math experience assumed. I know your question was about recommended pre-requisites, not alternatives/supplements to this book, but let me just provide you with a few alternates that are a bit easier to step into.
1) Christof Paar's book, mentioned already by EFruit. It's currently available as a free download, but that will close up soon, so go download it now. https://link.springer.com/book/10.1007/978-3-642-04101-3 I bought the hardcopy ~8 years ago and still refer to it. (Note: also as mentioned, Prof. Paar has something like 20 one-hour lectures -- in English -- on Youtube.)
2) Jean-Philippe Aumasson's excellent book (2018) "Serious Cryptography". Very practical, very readable. JPA is the author of the Blake cryptographic hash functions.
3) David Wong's upcoming book "Real World Cryptography" (Manning, 2020). I've read parts of it via Manning's early access program, the book isn't released yet, but good stuff. David blogs regularly too.
That should give you enough to chew on for a while!
If you're serious, pick something you don't understand and send me an email. I'll want to know:
* What you don't understand;
* What you've looked up;
* What your thoughts are about it.
It depends on what you're asking, and there's a good chance I won't actually be able to help, but I might be able to suggest some self-study to get you started on specific issues.
For me the weird parts jump out in the very first definitions. I'm not used to thinking of M, C, and K as "all possible messages, ciphertexts, and keys". It never occurred to me to work from those assumptions because that's a crazy huge space in my mind.
Plus the set notation threw me a little, e.g.: the cardinality of the set of all ciphertexts for key k in K is ... a number Nc. oookkaaayy.... pause ... ...60 minutes later .... OOOHHH got it!!! ... Same goes for the additive theorem, where suddenly the bit strings M and C become numbers that are added with k mod n --> First it's a message and now ... SHAZAM ... its big integer!
I know as an embedded analyst that RSA and ECC crypto spends a lot of time in bigint routines, but it is becoming clear WHY that is the case.
I realize this is all 101 stuff for people who know crypto, but I really want to learn it for real-reals, so I'm creeping through this book a little bit every day until my brain shuts down. It took me 30 minutes to convince myself of Example 2.6 wasn't perfect crypto: I know intuitively why, but applying the definition mathematically made me feel all of the rust in my brain from 30 years out of college.
I"m sure I'll hit more confusing set theory math, fortunately I have the internet.
Prerequisites are pretty heavy. This is a graduate course aimed at students who have presumably completed a bachelor’s degree in mathematics. At a minimum, you’re going to need an undergrad-level understanding of abstract algebra, number theory, probability, and mathematical logic. What math courses did you take in high school?
