Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Cryptography and E-Commerce", Jon C. Graff

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKCRECOM.RVW 20031019 Cryptography and E-Commerce , Jon C. Graff, 2001, 0-471-40574-4, U$29.99/C$46.50 %A Jon C. Graff %C 5353 Dundas Street West, 4th
    Message 1 of 1 , Nov 28, 2003
    • 0 Attachment
      BKCRECOM.RVW 20031019

      "Cryptography and E-Commerce", Jon C. Graff, 2001, 0-471-40574-4,
      %A Jon C. Graff
      %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
      %D 2001
      %G 0-471-40574-4
      %I John Wiley & Sons, Inc.
      %O U$29.99/C$46.50 416-236-4433 fax: 416-236-4448
      %O http://www.amazon.com/exec/obidos/ASIN/0471405744/robsladesinterne
      %O http://www.amazon.ca/exec/obidos/ASIN/0471405744/robsladesin03-20
      %P 222 p.
      %T "Cryptography and E-Commerce"

      The introduction states that the author has set out to write an
      "accessible, easily understood, and entertaining" guide to modern

      Part one is a presentation of current cryptography. Chapter one opens
      with symmetric key concepts, but states that DES (Data Encryption
      Standard) is safe for the present (DES had been broken at least twice
      by the time the book was written). The basic ideas are presented, but
      the metaphors and illustrations used may confuse, rather than explain,
      the issues. The same is true for integrity protection (hashes and
      digests) in chapter two, and with key management, Kerberos, asymmetric
      (public key) cryptography, certificates (using only a hierarchical
      structure), certificate extensions and attributes, and US export
      restrictions, in the succeeding chapters. The section finishes with a
      one page "chapter" of concluding remarks.

      Part two, consisting of chapter ten, is a tutorial on the underlying
      mathematics of asymmetric cryptography. As with the basics of
      cryptography presented earlier, using pictures and stories does not
      seem to help matters, particularly since the math is not correct. (In
      explaining RSA on page 127, 3 x 11 does *not* equal 44, and a
      previously undefined function appears partway through the process.)

      Part three contains case studies of architectures proposed by the
      author. Chapter eleven utilizes Kerberos, but the most interesting
      parts involve the use of hardware cards. Chapter twelve is an outline
      of a fairly generic PKI (Public Key Infrastructure).

      Overall, the explanations of cryptographic concepts are not bad, but
      they are not particularly accessible or easily understood, and there
      are certainly clearer and more complete books that make fewer
      mistakes, even the simpler ones, such as "Cryptography Decrypted" by
      H. X. Mel and Doris Baker (cf. BKCRPDEC.RVW), or "Internet
      Cryptography" by Richard E. Smith (cf. BKINTCRP.RVW). The
      entertainment value of the pictures and stories is minimal, and, as
      noted, the graphics and personal names are unlikely to assist the
      reader in understanding the fundamental theory.

      copyright Robert M. Slade, 2003 BKCRECOM.RVW 20031019

      rslade@... slade@... rslade@...
      Computer Security Day, November 30 http://www.computersecurityday.com/
      victoria.tc.ca/techrev/mnbksc.htm sun.soci.niu.edu/~rslade/secgloss.htm
    Your message has been successfully submitted and would be delivered to recipients shortly.