Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Cryptography Decrypted", H. X. Mel/Doris Baker

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKCRPDEC.RVW 20021215 Cryptography Decrypted , H. X. Mel/Doris Baker, 2001, 0-201-61647-5, U$29.95/C$44.95 %A H. X. Mel www.hxmel.com %A Doris Baker %C
    Message 1 of 1 , Jan 22, 2003
    • 0 Attachment
      BKCRPDEC.RVW 20021215

      "Cryptography Decrypted", H. X. Mel/Doris Baker, 2001, 0-201-61647-5,
      %A H. X. Mel www.hxmel.com
      %A Doris Baker
      %C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
      %D 2001
      %G 0-201-61647-5
      %I Addison-Wesley Publishing Co.
      %O U$29.95/C$44.95 800-822-6339 fax 617-944-7273 bkexpress@...
      %O http://www.amazon.com/exec/obidos/ASIN/0201616475/robsladesinterne
      %P 352 p.
      %T "Cryptography Decrypted"

      The book seems to be rather ambitious, since the preface says that it
      is addressed to any (and therefore all) audience(s), without any
      limitation on the stated purpose. In general, it is an attempt to
      portray the basic concepts of cryptography, without getting too far
      into technical details. Many other books have tried to do the same
      thing, and signally failed. Mel and Baker by and large succeed.

      Part one addressed secret key (symmetric) cryptography. Chapter one
      tries to draw an analogy between locks and encryption, although the
      relation is strained at best. Substitution, frequency analysis, and
      polyalphabetic ciphers are covered in chapter two. Chapter three
      introduces transposition. The Polybius square is used, in chapter
      four, as an example of the combination of substitution and
      transposition. For those in the know, this leads nicely into the
      discussion of DES (Data Encryption Standard), in chapter five,
      although the neat segue would be lost on most readers, since the
      details of DES are not given. The history of cryptography appears
      rather abruptly in chapter six. Chapter seven covers the attempts to
      use cryptographic methods for confidentiality, integrity,
      authentication, and non-repudiation, and shows that the last point is
      not possible with purely symmetric cryptography. A simplistic
      examination of key exchange is given in chapter eight.

      Part two deals with public key (asymmetric) encryption. Chapter nine
      is a confusing introduction using the Merkle puzzle space (with some
      mention of Diffie-Hellman) as the example. A simplistic review of
      public key encryption is in chapter ten. Math tricks, in chapter
      eleven, seems pointless as it begins, but the development to the
      examples of modular inverses do provide both a basic form of
      asymmetric cryptography, and a demonstration of the mathematical
      concepts underlying more advanced cryptographic algorithms. Chapter
      twelve introduces authentication and digital signatures, with hashes
      and message digests in chapter thirteen, and a discussion of digest
      assurances (reviewing collisions and encrypted message authentication
      codes) in fourteen. A comparison of cryptographic strength and speed
      (between symmetric and asymmetric systems) is in chapter fifteen.

      Part three covers the distribution of public keys, and introduces some
      of the concepts of PKI (Public Key Infrastructure). Chapter sixteen
      deals with certificates. The title of chapter seventeen relates to
      the X.509 certificate structure, but the topics covered mostly concern
      hierarchical certificate authorities. PGP (Pretty Good Privacy) and
      the "Web of Trust" model are explained in chapter eighteen.

      Part four looks at real world systems and actual applications.
      Chapter nineteen explains email security, but in a generic fashion.
      SSL (Secure Sockets Layer) is clearly described in chapter twenty,
      but, given the lack of detail in the rest of the book, the technical
      material is rather odd. IPSec, in chapter twenty one, is presented in
      a confused manner. Various problems of, and attacks against,
      cryptography are outlined in chapter twenty two. The final chapter is
      a simplistic review of the storage of cryptographic keys on smart

      This book does present most of the core concepts in cryptography. The
      text is readable, and, within the limited scope of the material,
      generally accurate. For non-specialists, it is a reasonable
      introduction to the topic. This might even include security
      professionals who are not directly involved with cryptographic
      systems. However, the lack of detail in the explanations of the
      theory is a weakness, since the text would be more convincing with
      more background.

      copyright Robert M. Slade, 2002 BKCRPDEC.RVW 20021215

      rslade@... rslade@... slade@... p1@...
      Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/
      Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458):
      February 10, 2003 February 14, 2003 St. Louis, MO
      March 31, 2003 April 4, 2003 Indianapolis, IN
    Your message has been successfully submitted and would be delivered to recipients shortly.