Abstract | With the growing interest in cryptography --- from students andresearchers as well as from the general public --- there has been a
corresponding increase in the number of cryptography textbooks
available. Many of these, however, remain somewhat mired in the
past, and present cryptography from a pre-1980s point of view.
Indeed, there are very few published books which even make an
attempt (let alone a successful one) at covering modern
cryptography. This unfortunate state of affairs results in a
serious lack of books describing the fundamental advances in the
field that have taken place since the mid-1980's; this is
especially true at the undergraduate and beginning graduate levels,
where there is a severe need for suitable texts in this area.
The central contributions of modern (i.e., post-1980)
cryptography include an emphasis on precise definitions,
formalizations of cryptographic goals, and provably-secure
constructions of higherlevel tasks (e.g., signatures) from
lower-level primitives (e.g., one-way functions). Without precise
definitions and rigorous proofs of security, cryptography is
reduced to a "game" in which the goal is merely to design a scheme
that one's friend or colleague cannot "break". Any exposition of
cryptography failing to recognize and emphasize the diffierence
between the former and the latter approaches misses a substantial
fraction of what current cryptographic research is about, and is a
disservice to the field. Sadly, however, almost all cryptography
textbooks of which I am aware fall into this category.
A classic example of the problems with an "ad-hoc" approach to
cryptography is the following simple test I often use to
discriminate "good" cryptography books from "poor" ones: flip to
the section on digital signatures and see whether it is stated
anywhere that "textbook RSA" signatures are completely
insecure. It is a simple exercise to show that this is the case
(the same holds for "textbook RSA" encryption, but it is somewhat
more difficult to demonstrate), yet most books make no mention of
this (central!) fact, and instead leave the reader with the
impression that secure signature schemes based on the RSA problem
are easy to design.
Some might argue that there is no place for rigorous definitions
and proofs in a book directed toward undergraduates, but I take
this misconception as a thinly-guised insult to undergraduate
computer science majors. Undergraduates in other majors are taught
quantum mechanics, thermodynamics, analysis, and abstract algebra,
to name a few, all difficult subjects that are taught rigorously
(to varying degrees, perhaps). Why should an undergraduate course
on cryptography be expected to be any less rigorous than
these?
Continuing the disappointing trend discussed above, neither of
the first three books reviewed here qualify as (what I would
consider) appropriate for introducing the interested reader to the
field of cryptography. Cryptography: An Introduction gets a
number of things right, but overall is a muddled, poorly written,
and disorganized text whose intended audience is unclear.
Cryptanalysis. . . is a useful book which I am glad to have
on my shelf, but it fails at its stated goal of serving as a
suitable text for an introductory cryptography course. It would
serve better as a book on elementary number theory (with
applications to cryptography, perhaps), and I wish it had been
advertised and organized as such. A somewhat similar book, RSA
and Public-Key Cryptography suffers from the same criticisms;
furthermore, I found its treatment of number theory to be not quite
on par with that in Wagstaff's book.
In contrast to these, Foundations of Cryptography
presents a clear and accurate picture of the foundations underlying
modern cryptography; in fact, it is currently the only
published book I am aware of which does so. Its primary drawback is
that it is likely to be inaccessible to the beginning student; it
is more appropriate for a researcher or an advanced graduate
student who has previously been exposed to the basics of
cryptography, either of whom would benefit from a careful reading
of this book cover-to-cover.
|