Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Cryptography and Public Key Infrastructure on the Internet", Klaus Schmeh

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKCPKIOI.RVW 20051201 Cryptography and Public Key Infrastructure on the Internet , Klaus Schmeh, 2003, 0-470-84745-X, U$50.00/UK#34.95 %A Klaus Schmeh %C
    Message 1 of 1 , Feb 23, 2006
    • 0 Attachment
      BKCPKIOI.RVW 20051201

      "Cryptography and Public Key Infrastructure on the Internet", Klaus
      Schmeh, 2003, 0-470-84745-X, U$50.00/UK#34.95
      %A Klaus Schmeh
      %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
      %D 2003
      %G 0-470-84745-X
      %I John Wiley & Sons, Inc.
      %O U$50.00/UK#34.95 416-236-4433 fax: 416-236-4448
      %O http://www.amazon.com/exec/obidos/ASIN/047084745X/robsladesinterne
      %O http://www.amazon.ca/exec/obidos/ASIN/047084745X/robsladesin03-20
      %O Audience i- Tech 1 Writing 1 (see revfaq.htm for explanation)
      %P 472 p.
      %T "Cryptography and Public Key Infrastructure on the Internet"

      Part one is supposed to address the question of why you would want to
      use cryptography on the Internet. Chapter one is really a general
      introduction or preface to the book. Chapter two tells us that
      cryptography is important for security. The ability to sniff various
      types of communications channels is mentioned in chapter three.

      Part two introduces the basic principles of cryptography. Chapter
      four outlines basic cryptographic operations, but only in the sense of
      listing the basic terms: the explanations are very limited. Some
      details of the internal operations of DES (Data Encryption Standard),
      IDEA (International Data Encryption Algorithm), and AES (Advanced
      Encryption Standard) are presented in chapter five, but not in a way
      that provides a full understanding of the systems. Chapter six looks
      at some of the math involved in asymmetric algorithms and describes
      the Diffie-Hellman and RSA algorithms, but not how they work in
      practice. Chapter seven says that digital signatures work, but not
      how. Hash functions are reviewed in chapter eight. Pseudo-random
      number generators and stream ciphers are the topic of chapter nine.

      Part three ostensibly moves to advanced cryptography. But the topics
      are ill-chosen and oddly grouped: chapter ten lists standards and
      standards bodies, eleven looks at DES modes and RSA data transforms,
      twelve outlines both communications protocols and attacks on
      cryptography. Authentication is covered in a reasonable manner in
      chapter thirteen, while a great deal of the math (and very little
      explanation) of elliptic curve cryptography (ECC) is given in
      fourteen, and fifteen deals with cryptographic hardware, software, and

      Part four turns to public key infrastructures (PKI). Chapters sixteen
      and seventeen outline the elements of a PKI. Certificates and
      certificate servers are covered in eighteen and nineteen,
      respectively. Chapter twenty reviews practical aspects.

      Part five addresses cryptographic protocols for the Internet. Chapter
      twenty-one looks at the OSI (Open Systems Interconnection) layered
      model, with twenty-two examining protocols for layer 2, twenty-three
      for 3 (limited to IPSec), twenty-four for 4, and twenty-five, -six, -
      seven, and -eight for layer 7. (Only fair, since the TCP/IP
      application layer subsumes the OSI session, presentation, and

      Part six covers more about cryptography, and is probably the best
      section of the book. Chapter twenty-nine deals with political aspects
      of cryptography, such as export restrictions. People, companies, and
      organizations are listed in chapter thirty. References and resources
      are in chapter thirty-one, for those who want to study the topic
      further. Chapter thirty-two finishes off with flops, myths, and snake

      The writing is ragged, the structure often odd, and the technical
      level very inconsistent. Material seems to have been added with no
      particular purpose in mind. The chapter on random numbers starts out
      with a mention of three movies, two of which have tenuous connections
      to cryptography, none of which deals with the concept of randomness.
      Technical details are thrown into the text without either fully
      explaining the technology under discussion, or being necessary for
      further topics. The result is a grab bag of indiscriminate facts that
      do not furnish the reader with a full understanding of the topics.

      copyright Robert M. Slade, 2005 BKCPKIOI.RVW 20051201

      rslade@... slade@... rslade@...
      It is the test of a good religion whether you can joke about it.
      - G. K. Chesterton
      Where does the idea come from that if what we are doing is fun,
      it can't be God's will? The God who made giraffes has a sense of
      humor. Make no mistake about that. - Catherine Marshall
    Your message has been successfully submitted and would be delivered to recipients shortly.