Rate this book

Clear rating

1 of 5 stars 2 of 5 stars 3 of 5 stars 4 of 5 stars 5 of 5 stars

Practical Cryptography

4.09 of 5 stars 4.09 · rating details · 105 ratings · 10 reviews

Security is the number one concern for businesses worldwide. The gold standard for attaining security is cryptography because it provides the most reliable tools for storing or transmitting digital information. Written by Niels Ferguson, lead cryptographer for Counterpane, Bruce Schneier's security company, and Bruce Schneier himself, this is the much anticipated follow-up...more

Paperback, 385 pages

Published April 17th 2003 by John Wiley & Sons (first published 2003)

more details... edit details

Get a copy:

More…

Friend Reviews

To see what your friends thought of this book, please sign up.

Lists with This Book

This book is not yet featured on Listopia. Add this book to your favorite list »

Community Reviews

(showing 1-30 of 317)

filter | sort: default (?) | rating details

Dec 28, 2011 Greg Stoll rated it 5 of 5 stars

This book is somewhat of a sequel to Applied Cryptography. Where that book is a long list of lots of different neat cryptographic algorithms, this is a much more practical book which gives solid advice on what algorithms, etc. to use.

It also hammers again and again that security is only as valuable as its weakest link, and often that won't been the cryptography. As such, it covers a ton of different ways security can be compromised, including using cryptographic functions in the wrong mode, not...more

like · see review

Feb 03, 2013 Brian rated it 4 of 5 stars

(4.0) Learned some, well explained for the most part, probably will never need to use any of it though

Enjoyable, educational read. Main takeaways: don't even think of 'innovating' crypto. Follow well researched (and attacked) algorithms, protocols. If you really care about security, then think twice about even considering performance when making design decisions. I like their framework: force attacker to sift through 128 bits of entropy at each step, to keep the weakest link as strong as necessa...more (4.0) Learned some, well explained for the most part, probably will never need to use any of it though

Enjoyable, educational read. Main takeaways: don't even think of 'innovating' crypto. Follow well researched (and attacked) algorithms, protocols. If you really care about security, then think twice about even considering performance when making design decisions. I like their framework: force attacker to sift through 128 bits of entropy at each step, to keep the weakest link as strong as necessary. It helps to set parameters for minimum security (and could also help you avoid going overboard in one particular area if there are far weaker links in the chain elsewhere). (Heh, also be sure to update 128 bits as computing power increases ;) )

On p221-222 they indicate it's worth your while checking the primes suggested by NIST for DSA (don't know it), as it's conceivable that there are other parts of the US government who would have an interest in publishing substandard primes. It was fun to read between the lines here, though I probably won't take the time to follow their suggestion to use NIST's own checks to verify whether the primes are suitable or not (but then of course can you blindly trust their verification algorithm? ;) ).

p249 actually has a really good summary of causes of financial crises: inappropriate incentive structures. Many have also observed this, but often take many more words to lay it out. However, when they claim, "Fixing the incentive structure is often relatively easy...," I think they've stepped a little outside their domain and reality.

For the most part the book is quite precise and well-explained. One minor flaw (in my understanding, mostly) was how the nonce, Na, is used in the subsequent steps of the key negotiation algorithm on p270. In the text we see that it gets returned to Alice authenticated (so she can be sure it was Bob sending it back), but this is omitted from the diagram, nor do I see how Bob convinces himself that the first request came from Alice (as the first message is plaintext and how do we know it came from the same Alice sending the third message?).

A couple of other improvements they could make: a required reading list, more case studies in disastrous crypto (I'm sure there are plenty of public examples (they do cover WEP a bit) outside their own professional work--clearly they don't want to risk law suits ;) ).(less)

like 4 likes · see review

Nov 17, 2009 kislam rated it 4 of 5 stars

Shelves: cryptography, non-fiction, technical

This book is an excellent introduction to the application of cryptography to information security, highlighting its proper role and usage as well as covering design notes for cryptographically secure systems.

like · see review

Jul 02, 2012 Cameron rated it 5 of 5 stars

One of the hardest books I've ever attempted to read. Very in-depth analysis of the inner-workings of modern crypto methods. Definitely worth reading if you're interested. Not for the faint of heart.

like · see review

Dec 21, 2011 Tyler rated it 4 of 5 stars

Easy to read book on practical crypto. Doesn't get too deep into the mathematical and theoretical weeds, but it presents practice information for daily use.

like · see review

Jan 03, 2013 Pete Morgan rated it 4 of 5 stars

Great book on cryptographic concepts and the challenges cryptosystems try to solve.

like · see review

Nov 23, 2012 Chaler rated it 5 of 5 stars

Didn't know much about this before reading this book. It's daunting and dismaying.

like · see review

Oct 04, 2012 Luc Taylor rated it 5 of 5 stars

This book was awesome! Pleasurable cover to cover reading - unlike a normal "tech" book.

like · see review

Apr 24, 2010 Robert rated it 4 of 5 stars

Shelves: computers

Good first read for cryptography...not as complete as some but better than most. While it won't take the place of 'Applied Cryptography' it will be a loaner to those interested in the subject.

like · see review

Sep 06, 2007 Joe rated it 5 of 5 stars

A good first read for security and cryptography if you have any math aptitude. Really well done - kind of makes you paranoid.

like · see review

May 16, 2013 Koen Rabaey added it

May 15, 2013 Mohammed marked it as to-read

May 10, 2013 David marked it as textbook · review of another edition

Shelves: math

May 09, 2013 M4dh4tt3r marked it as to-read

Shelves: crypto, mathematics, professional, security

May 07, 2013 Sameer Merchant marked it as to-read

May 05, 2013 Laura marked it as to-read

Apr 27, 2013 Marchdown marked it as to-read

Apr 26, 2013 Rachelren marked it as to-read

Shelves: cs

Apr 25, 2013 Anand Rajasekar added it

Apr 21, 2013 Amelia marked it as to-read

Apr 20, 2013 Andrzej Wysocki marked it as to-read

Apr 17, 2013 Allwin rated it 4 of 5 stars

Apr 17, 2013 Josh Brower marked it as to-read

Shelves: lendable-technology, scifi-fantasy

Apr 16, 2013 Zachary Pitts marked it as to-read

Apr 16, 2013 behemoth added it

Apr 11, 2013 K Smith marked it as to-read

Apr 02, 2013 Petrit Rama added it

Mar 31, 2013 Ammar marked it as to-read

Mar 29, 2013 snurp added it

Mar 29, 2013 Adam rated it 4 of 5 stars

« previous 1 2 3 4 5 6 7 8 9 10 11 next »

new topic
Discuss This Book

There are no discussion topics on this book yet. Be the first to start one »

Recommend it | Stats | Recent status updates

combine
Other Editions (2)

Goodreads is hiring!

If you like books and love to build cool products, we may be looking for you.
Learn more »

Genres

Computer Science > Programming

4 users

Non Fiction

4 users

Computer Science > Technical

4 users

Science > Mathematics

3 users

Science

2 users

See top shelves...

Books by Niels Ferguson

Cryptography Engineering: Design Principles and Practical Applications

More…

Share This Book

Facebook Twitter Your website

Trivia About Practical Cryptog...

No trivia or quizzes yet. Add some now »

title link	preview: Practical Cryptography
avg rating	preview: Practical Cryptography Goodreads rating: 4.09 (105 ratings)
small image	preview: click here [close]
med image	preview: click here [close]
BBCode	[url=http://www.goodreads.com/book/show/984566.Practical_Cryptography?utm_medium=api&utm_source=blog_book][img]http://d.gr-assets.com/books/1180009500l/984566.jpg[/img][/url] [url=http://www.goodreads.com/book/show/984566.Practical_Cryptography?utm_medium=api&utm_source=blog_book]Practical Cryptography by Niels Ferguson[/url]

Practical Cryptography

Friend Reviews

Lists with This Book

Community Reviews

new topicDiscuss This Book

combineOther Editions (2)

Goodreads is hiring!

Genres

Books by Niels Ferguson

Share This Book

Share This Book on Your Website

Trivia About Practical Cryptog...

new topic
Discuss This Book

combine
Other Editions (2)