I'm skimming this, but why does a developer need to know about contest also-rans like Skein, or stuff like Whirlpool? Contra the book text, Whirlpool is not popular, and it is probably not a good idea to use it in new designs, if only because modern protocols are built in SHA2, SHA3, and Blake2.
The MAC/HASH stuff seems a bit fuzzy, too; for instance, part of the idea behind SHA-3 is not needing the HMAC construction anymore. Also, a bit strange to have MACs and KDFs in the same section. Are they closely related?
The bcrypt vs. scrypt vs. Argon2 stuff, also, is pretty unclear.
I think the randomness coverage is actually pretty bad. For instance, it walks programmers through building their own userland CSPRNG, which is a terrible idea --- most Linux randomness flaws have stemmed from userland CSPRNGs. It also doesn't understand the difference between /dev/random and /dev/urandom.
There's also a sort of inexplicable walkthrough of bare Diffie-Hellman (ECDH is deferred), and not much coverage of authenticated key exchange, which is what in practice what systems using DH-style key exchange need.
Just a shotgun blast of random thoughts. I know it's early days for the book.
Other books in this space that I like: Aumasson's "Serious Cryptography" and David Wong's "Real World Cryptography".
> Other books in this space that I like: Aumasson's "Serious Cryptography" and David Wong's "Real World Cryptography".
The latter not being published until July 27. :-)
(I know this book is also not published yet, so I guess it's totally fair to suggest a not-yet-published book as an alternative to a not-yet-published book!)
The MAC/HASH stuff seems a bit fuzzy, too; for instance, part of the idea behind SHA-3 is not needing the HMAC construction anymore. Also, a bit strange to have MACs and KDFs in the same section. Are they closely related?
The bcrypt vs. scrypt vs. Argon2 stuff, also, is pretty unclear.
I think the randomness coverage is actually pretty bad. For instance, it walks programmers through building their own userland CSPRNG, which is a terrible idea --- most Linux randomness flaws have stemmed from userland CSPRNGs. It also doesn't understand the difference between /dev/random and /dev/urandom.
There's also a sort of inexplicable walkthrough of bare Diffie-Hellman (ECDH is deferred), and not much coverage of authenticated key exchange, which is what in practice what systems using DH-style key exchange need.
Just a shotgun blast of random thoughts. I know it's early days for the book.
Other books in this space that I like: Aumasson's "Serious Cryptography" and David Wong's "Real World Cryptography".