What do you think?
Rate this book
Practical Cryptography
Security is the number one concern for businesses worldwide. The gold standard for attaining security is cryptography because it provides the most reliable tools for storing or transmitting digital information. Written by Niels Ferguson, lead cryptographer for Counterpane, Bruce Schneier's security company, and Bruce Schneier himself, this is the much anticipated follow-up book to Schneier's seminal encyclopedic reference, Applied Cryptography, Second Edition (0-471-11709-9), which has sold more than 150,000 copies.
Niels Ferguson (Amsterdam, Netherlands) is a cryptographic engineer and consultant at Counterpane Internet Security. He has extensive experience in the creation and design of security algorithms, protocols, and multinational security infrastructures. Previously, Ferguson was a cryptographer for DigiCash and CWI. At CWI he developed the first generation of off-line payment protocols. He has published numerous scientific papers.
Bruce Schneier (Minneapolis, MN) is Founder and Chief Technical Officer at Counterpane Internet Security, a managed-security monitoring company. He is also the author of Secrets and Lies: Digital Security in a Networked World (0-471-25311-1).
Niels Ferguson (Amsterdam, Netherlands) is a cryptographic engineer and consultant at Counterpane Internet Security. He has extensive experience in the creation and design of security algorithms, protocols, and multinational security infrastructures. Previously, Ferguson was a cryptographer for DigiCash and CWI. At CWI he developed the first generation of off-line payment protocols. He has published numerous scientific papers.
Bruce Schneier (Minneapolis, MN) is Founder and Chief Technical Officer at Counterpane Internet Security, a managed-security monitoring company. He is also the author of Secrets and Lies: Digital Security in a Networked World (0-471-25311-1).
385 pages, Paperback
First published January 1, 2003
29 people are currently reading
1115 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 15 of 15 reviews
February 3, 2013
(4.0) Learned some, well explained for the most part, probably will never need to use any of it though
Enjoyable, educational read. Main takeaways: don't even think of 'innovating' crypto. Follow well researched (and attacked) algorithms, protocols. If you really care about security, then think twice about even considering performance when making design decisions. I like their framework: force attacker to sift through 128 bits of entropy at each step, to keep the weakest link as strong as necessary. It helps to set parameters for minimum security (and could also help you avoid going overboard in one particular area if there are far weaker links in the chain elsewhere). (Heh, also be sure to update 128 bits as computing power increases ;) )
On p221-222 they indicate it's worth your while checking the primes suggested by NIST for DSA (don't know it), as it's conceivable that there are other parts of the US government who would have an interest in publishing substandard primes. It was fun to read between the lines here, though I probably won't take the time to follow their suggestion to use NIST's own checks to verify whether the primes are suitable or not (but then of course can you blindly trust their verification algorithm? ;) ).
p249 actually has a really good summary of causes of financial crises: inappropriate incentive structures. Many have also observed this, but often take many more words to lay it out. However, when they claim, "Fixing the incentive structure is often relatively easy...," I think they've stepped a little outside their domain and reality.
For the most part the book is quite precise and well-explained. One minor flaw (in my understanding, mostly) was how the nonce, Na, is used in the subsequent steps of the key negotiation algorithm on p270. In the text we see that it gets returned to Alice authenticated (so she can be sure it was Bob sending it back), but this is omitted from the diagram, nor do I see how Bob convinces himself that the first request came from Alice (as the first message is plaintext and how do we know it came from the same Alice sending the third message?).
A couple of other improvements they could make: a required reading list, more case studies in disastrous crypto (I'm sure there are plenty of public examples (they do cover WEP a bit) outside their own professional work--clearly they don't want to risk law suits ;) ).
Enjoyable, educational read. Main takeaways: don't even think of 'innovating' crypto. Follow well researched (and attacked) algorithms, protocols. If you really care about security, then think twice about even considering performance when making design decisions. I like their framework: force attacker to sift through 128 bits of entropy at each step, to keep the weakest link as strong as necessary. It helps to set parameters for minimum security (and could also help you avoid going overboard in one particular area if there are far weaker links in the chain elsewhere). (Heh, also be sure to update 128 bits as computing power increases ;) )
On p221-222 they indicate it's worth your while checking the primes suggested by NIST for DSA (don't know it), as it's conceivable that there are other parts of the US government who would have an interest in publishing substandard primes. It was fun to read between the lines here, though I probably won't take the time to follow their suggestion to use NIST's own checks to verify whether the primes are suitable or not (but then of course can you blindly trust their verification algorithm? ;) ).
p249 actually has a really good summary of causes of financial crises: inappropriate incentive structures. Many have also observed this, but often take many more words to lay it out. However, when they claim, "Fixing the incentive structure is often relatively easy...," I think they've stepped a little outside their domain and reality.
For the most part the book is quite precise and well-explained. One minor flaw (in my understanding, mostly) was how the nonce, Na, is used in the subsequent steps of the key negotiation algorithm on p270. In the text we see that it gets returned to Alice authenticated (so she can be sure it was Bob sending it back), but this is omitted from the diagram, nor do I see how Bob convinces himself that the first request came from Alice (as the first message is plaintext and how do we know it came from the same Alice sending the third message?).
A couple of other improvements they could make: a required reading list, more case studies in disastrous crypto (I'm sure there are plenty of public examples (they do cover WEP a bit) outside their own professional work--clearly they don't want to risk law suits ;) ).
Read
October 24, 2017While I actually understood perhaps a quarter of what I read, this book is so elegantly written that I could not put it down. Clear, concise, and to the point - good prose is a marvel to behold in this age of crappy writing!
December 11, 2016
Among other things, this book has an authoritative description of Fortuna CSPRNG, and Fortuna is still the best one out there...
August 13, 2016
Practical Cryptography is a sequel to
Applied Cryptography
, but not in the sense that it's more of the same, just updated to 2003. Where Applied dealt with cryptographic algorithms and fundamental concepts, Practical focuses on bringing those together to build larger systems, and some the pitfalls involved.
It's not strictly aimed at teaching readers to build such systems, though; more than anything, it tries to discourage them from doing so in the first place by demonstrating that there are more things that can go wrong than people realise. Actual cryptanalytical attacks are barely discussed, because the cipher is almost never going to be the weak point of a cryptosystem.
If you're part of the exact target audience—people who just read Applied Cryptography and are now eager to build their own cryptosystem, but aren't part of the security community that has gotten tremendously more accessible since 2003 thanks to the Internet—you'll find most things discussed in this book fascinating and new, but most people who would pick it up nowadays will probably be aware of most concepts being discussed, as the Internet has not only made concepts like PKIs and Diffie-Hellman and the various caveats surrounding hashing common knowledge, but also had well-publicised issues over the past few years with exploits of exactly the kind being discussed here, in software everyone uses.
My main problem with Practical Cryptography isn't the material covered, though, but the language used in covering it. I'm assuming Niels Ferguson did the actual writing—it's written at a third-grade level, with unnaturally short sentences and too much deliberation. On paper this may seem like a good thing—the material is meant to be as accessible as possible, after all—but in practice it leads to a stuttering flow that just makes you want to punch things. I don't know if it's a deliberate stylistic choice or a consequence of Ferguson's mother tongue being Dutch, but it gets annoying quickly.
Still, even for people who are already familiar with the concepts, the book is interesting enough that it's a tolerable distraction, and it's not a bad thing it was written at all even if it isn't nearly as interesting as Applied Cryptography was. It's certainly true that there are still a lot of people around who need something like it.
It's not strictly aimed at teaching readers to build such systems, though; more than anything, it tries to discourage them from doing so in the first place by demonstrating that there are more things that can go wrong than people realise. Actual cryptanalytical attacks are barely discussed, because the cipher is almost never going to be the weak point of a cryptosystem.
If you're part of the exact target audience—people who just read Applied Cryptography and are now eager to build their own cryptosystem, but aren't part of the security community that has gotten tremendously more accessible since 2003 thanks to the Internet—you'll find most things discussed in this book fascinating and new, but most people who would pick it up nowadays will probably be aware of most concepts being discussed, as the Internet has not only made concepts like PKIs and Diffie-Hellman and the various caveats surrounding hashing common knowledge, but also had well-publicised issues over the past few years with exploits of exactly the kind being discussed here, in software everyone uses.
My main problem with Practical Cryptography isn't the material covered, though, but the language used in covering it. I'm assuming Niels Ferguson did the actual writing—it's written at a third-grade level, with unnaturally short sentences and too much deliberation. On paper this may seem like a good thing—the material is meant to be as accessible as possible, after all—but in practice it leads to a stuttering flow that just makes you want to punch things. I don't know if it's a deliberate stylistic choice or a consequence of Ferguson's mother tongue being Dutch, but it gets annoying quickly.
Still, even for people who are already familiar with the concepts, the book is interesting enough that it's a tolerable distraction, and it's not a bad thing it was written at all even if it isn't nearly as interesting as Applied Cryptography was. It's certainly true that there are still a lot of people around who need something like it.
December 28, 2011
This book is somewhat of a sequel to Applied Cryptography. Where that book is a long list of lots of different neat cryptographic algorithms, this is a much more practical book which gives solid advice on what algorithms, etc. to use.
It also hammers again and again that security is only as valuable as its weakest link, and often that won't been the cryptography. As such, it covers a ton of different ways security can be compromised, including using cryptographic functions in the wrong mode, not verifying every protocol message back and forth, bad pseudorandom number generators, side-channel attacks, attacks on the clock, etc. It was kind of depressing, honestly :-) The first sentence of the preface is "In the past decade, cryptography has done more to damage the security of digital systems than it has to enhance it." Later section titles include "Cryptography Is Very Difficult", followed by "Cryptography Is the Easy Part".
It talks about Diffie-Hellman and RSA in some depth (which means a bit of math), and works through designing a secure protocol. But, its practical advice is to use ones that exist already, and be very very careful. As the authors note repeatedly, "there are already enough insecure fast systems; we don't need another one."
Anyway, this is an invaluable book if you're working on security in any shape or form, and I found it quite interesting regardless.
(paper book, available for borrowing)
It also hammers again and again that security is only as valuable as its weakest link, and often that won't been the cryptography. As such, it covers a ton of different ways security can be compromised, including using cryptographic functions in the wrong mode, not verifying every protocol message back and forth, bad pseudorandom number generators, side-channel attacks, attacks on the clock, etc. It was kind of depressing, honestly :-) The first sentence of the preface is "In the past decade, cryptography has done more to damage the security of digital systems than it has to enhance it." Later section titles include "Cryptography Is Very Difficult", followed by "Cryptography Is the Easy Part".
It talks about Diffie-Hellman and RSA in some depth (which means a bit of math), and works through designing a secure protocol. But, its practical advice is to use ones that exist already, and be very very careful. As the authors note repeatedly, "there are already enough insecure fast systems; we don't need another one."
Anyway, this is an invaluable book if you're working on security in any shape or form, and I found it quite interesting regardless.
(paper book, available for borrowing)
October 19, 2015
A good first read for security and cryptography if you have any math aptitude. Really well done - kind of makes you paranoid.
April 24, 2010
Good first read for cryptography...not as complete as some but better than most. While it won't take the place of 'Applied Cryptography' it will be a loaner to those interested in the subject.
December 21, 2011
Easy to read book on practical crypto. Doesn't get too deep into the mathematical and theoretical weeds, but it presents practice information for daily use.
July 2, 2012
One of the hardest books I've ever attempted to read. Very in-depth analysis of the inner-workings of modern crypto methods. Definitely worth reading if you're interested. Not for the faint of heart.
October 5, 2012
This book was awesome! Pleasurable cover to cover reading - unlike a normal "tech" book.
January 4, 2013
Great book on cryptographic concepts and the challenges cryptosystems try to solve.
September 11, 2013
Very practical, if outdated.
September 29, 2013
Strikes that balance of 'high level' with 'technical depth'.
December 14, 2016
Great book, scores high on storytelling, math parts are easy to follow.
November 23, 2012
Didn't know much about this before reading this book. It's daunting and dismaying.
Displaying 1 - 15 of 15 reviews