I just finished serious cryptography, and I'm looking for the next step forward. I have little to know real programming experience, and my math skills aren't the greatest, (only high school with basic understanding beyond that, I think I understand the math behind RSA, but not the implementation so much)
Would cryptography engineering be too advanced for me? I plan on developing my programming skills after I get a computer, but until then want to continue learning.
Cryptography Engineering is less advanced than Serious Cryptography (but it's "take-y-er"; there's a lot of opinion / best practices stuff in it, and a lot of that is good).
I'd say that if you've read and grokked Serious Cryptography, and you don't want to write code, something like _IMC_ (Silverman, above) is an interesting next step, in that you'll mostly be reasoning about math, and you'll be working at a much lower level than the basic RSA formulae.
It also depends on what aspects of cryptography are interesting to you. If you want, for instance, to get a much better grip on how bulk cryptography works, as opposed to signatures and key exchanges, your best next step might be papers. For instance, a good next step on block cipher cryptography would be the Heys tutorial: https://ioactive.com/wp-content/uploads/2015/07/ldc_tutorial...
Looks like I can't pick up IMC at my local library, so I'll have to wait a tad on that one, but I can start with papers right away. I can't quite say what my particular interests in cryptography are, but (I guess not too surprisingly) I have a desire to know more about Hash functions. Now I'm going to try to hunt down the papers for Skein. Thanks again!
You have to actually read all of _Applied Cryptography_ before it becomes obvious what the central theme is. Its a big book, but unlike other may big computer books over the years it isn't padded. It's literally a compendium of crypto.
Including all the failed crypto. By the end of it, you've got used to reading the (usually very impressive) credentials of the researchers, and through explanation of what they did, and then how it all fell apart after a few years of attacks. If read about how people far clever than you got it wrong over and over again, it is near impossible to come away without the impression "here be dragons - really big and mean ones", and the corollary "don't even think of trying to do this stuff yourself - just stuff on the shelf that has been proven over time".
It depends on whether descriptions of things you should never, ever do, without any explanation of whether or not you should do them, count for you as "padding".
Here are some books that I've read with some remarks which you may find useful.
- "Cryptography: A Very Short Introduction" by Piper and Murphy - This is a book in the Very Short Introduction series, so is a bit light on the math. If that's what you are looking for though, this is a good resource.
- "Cryptography Made Simple" by Nigel Smart - The choice of topics is quite eclectic (in the best way possible!). For ex. it is the first general crypto book I've read which talks about lattices (most post-quantum world crypto schemes are lattice based) and things like commitments and zero-knowledge proofs. Develops just the right amount of math to talk about a lot of different things.
- "Cryptography: Theory and Practice" by Stinson and Paterson - adequate, covers the usual topics (plus a chapter on post-quantum crypto).
- "Introduction to Modern Cryptography" by Katz and Lindell - basically a reference for the theory side of crypto. Quite math heavy (or to be more accurate, notation heavy, like theoretical crypto tends to be).
- "Real-World Cryptography" by David Wong - I have not read another crypto book which tackles as many topics, it has chapters on e2e encryption, cryptocurrency and hardware crypto. Is a bit too hand-wavey and doesn't properly explain the math sometimes, but it is great for self-learners and people who are looking for a book on topics not covered in other books.
- "Serious Cryptography" by Jean-Philippe Aumasson - from the No Starch Press stable. The exposition is quite good, and finds a decent balance between making it approachable and getting the details right.
- "Understanding Cryptography" by Paar and Pelzl - decent coverage of fundamental primitives (block/stream ciphers, public key encryption, hashes, signatures etc) but feels a bit outdated. For ex. there is a whole chapter on DES.
A fun book to read is "The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography" It's a fast read and it gives a brief history of cypher tech over time.
I read this in the 4th grade and it changed the course of my life. It explains everything up to RSA with math that a middle schooler can follow, with exciting stories of cryptography and linguistics across history. Lots of cool spy stories!
I read it in high school and would agree, it got me really excited about cryptography and espionage throughout history, no undoubtedly helped me discover infosec and cryptography. I saw Simon Singh present an another launch later, very inspiring author.
It's quite accessible for non-math majors and includes source code. It seems to have been written with software engineers in mind. The formatting of the source code in Kindle isn't great but otherwise the book is excellent and balances between "cookbook" and "graduate level textbook". The author is also quite reputable having designed BLAKE2.
I vouched for your comment, because it seems earnest but was marked dead. I don't see anything in your comment history to indicate that you are shadowbanned.
I have not read the book, except to verify that it was real and looked plausible. If your comment was downvoted for content, I hope people will comment instead.
They cover the fundamentals from a practical engineering perspective. After reading it you can then pop up a level and read specs to understand specific deployed protocols (e.g. TLS) or down a level and read the details of individual cryptographic primitives / constructions.
To piggy back on this thread, can anyone recommend a book on cryptography for mathematicians? I'm familiar with some of the more popular applied books, but I'm also interested in more rigorous texts that use careful proofs and state theorems etc.
As written below, "Introduction to Modern Cryptography" by Katz & Lindell. Another option would be "A Graduate Course in Applied Cryptography" by Boneh & Shoup. However, for starting out, I would definitely recommend the former as it's more polished and focuses on the essentials.
I took Boneh's graduate class a few years ago through SCPD. Recommended if you can justify it. He has a Coursera course that I assume is of similar high quality with less depth and rigor.
We used the above two books in addition to Handbook of Applied Cryptography by Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone. I notice Boneh no longer uses the latter for CS255; perhaps it is too out of date now? At any rate, it is also available free on the web:
https://cacr.uwaterloo.ca/hac/
It's a book co-authored by Dan Boneh, who's a professor from Stanfrod working on Crypto, and Blockchain. It's a huge book, but there's a lot of interesting stuff in there.
I still like Bellare and Rogaway's old lecture notes. They are mostly theoretical so you will have to read something else for implementation techniques. But implementation is just programming. I think it is important to understand some theory if you're going to implement anything cryptographic, since it will help you avoid a lot of dumb errors that get made all the time.
SUPER SECRETO - The Third Epoch of Cryptography: Multiple, exponential, quantum-secure and above all, simple and practical Encryption for Everyone https://www.amazon.com/dp/3755761173/
Jean-Philippe Aumasson's _Serious Cryptography_: https://nostarch.com/seriouscrypto
Ferguson and Schneier's _Cryptography Engineering_: https://www.amazon.com/Cryptography-Engineering-Principles-P... --- dated, a little wrong about some things, but not insane (like _Applied Cryptography_ is).
Hoffman, Pipher, and Silverman's _Introduction to Mathematical Cryptography_: https://www.amazon.com/Introduction-Mathematical-Cryptograph... --- a good first step into theoretical cryptography.