What do you think?
Rate this book
Practical Cryptography for Developers
A modern practical book about cryptography for developers with code examples, covering core concepts like: hashes (like SHA-3 and BLAKE2), MAC codes (like HMAC and GMAC), key derivation functions (like Scrypt, Argon2), key agreement protocols (like DHKE, ECDH), symmetric ciphers (like AES and ChaCha20, cipher block modes, authenticated encryption, AEAD, AES-GCM, ChaCha20-Poly1305), asymmetric ciphers and public-key cryptosystems (RSA, ECC, ECIES), elliptic curve cryptography (ECC, secp256k1, curve25519), digital signatures (ECDSA and EdDSA), secure random numbers (PRNG, CSRNG) and quantum-safe cryptography, along with crypto libraries and developer tools, with a lots of code examples in Python and other languages.
This book covers the most important modern cryptographic concepts, crypto algorithms and cryptographic constructions, used in the software industry:
- Cryptographic hash functions: concepts, SHA-2, SHA-3, BLAKE2, RIPEMD160, code examples, collisions
- MAC codes: concepts, HMAC, CMAK, UMAC, applications, MAC-based random generators, code examples
- Key derivation functions (KDF): concepts, from password to encryption key, PBKDF2, Scrypt, Bcrypt, Linux crypt(), Argon2, code examples
- Password encryption techniques: from clear text, through hashing, to modern secure KDFs like Argon2
- Random numbers and secure random generators: concepts, entropy, secure random numbers, CSPRNG, code examples
- Key exchange techniques: key establishment and key agreement, Diffie–Hellman Key Exchange (DHKE) and Elliptic Curve Diffie–Hellman (ECDH) with code examples
- Encryption concepts: symmetric and asymmetric ciphers, secret keys, symmetric encryption, encryption schemes, public-key cryptosystems, private and public keys, hybrid encryption, digital signatures
- Modern symmetric key ciphers: concepts, block ciphers and stream ciphers, cipher block modes (CBC, CTR, GCM), the AES (Rijndael) cipher, the Salsa20 / ChaCha20 ciphers, with code examples
- Symmetric encryption constructions: authenticated encryption, AES-256-GCM, ChaCha20-Poly1307, AES-256-CTR-HMAC, with code examples
- Asymmetric key ciphers and public-key cryptosystems: the RSA cryptosystem (RSA key pairs, encryption, decryption), ECC (elliptic curve cryptography, EC points and multiplication, named curves), ECDH (elliptic-curve Diffie–Hellman) key exchange, code examples
- Elliptic curves: widely used named curves like secp256k1, P-256, P-521, Curve25519, Curve448-Goldilocks, with code examples
Integrated encryption schemes: combining public-key cryptography with symmetric encryption algorithms, the ECIES hybrid encryption scheme, with code examples
- Digital signature algorithms: concepts, signing messages, verifying signatures, RSA signatures, ECDSA and EdDSA
- Quantum-safe cryptography: which classical cryptosystems are quantum-broken and which are quantum-safe, quantum-safe signatures and quantum-safe key exchange algorithms, SPHINCS+, NewHope and others, with code examples
- Other cryptographic concepts: digital certificates, TLS (Transport Layer Security), one-time passwords (OTP), external authentication and OAuth
- Crypto libraries and packages for developers: cryptography in JavaScript, C#, Java, Python, C and C++
- A lot of code examples and exercises, following each major section
The book is free, published under the MIT license. Read the book for free from its Web site: https://cryptobook.nakov.com.
This book covers the most important modern cryptographic concepts, crypto algorithms and cryptographic constructions, used in the software industry:
- Cryptographic hash functions: concepts, SHA-2, SHA-3, BLAKE2, RIPEMD160, code examples, collisions
- MAC codes: concepts, HMAC, CMAK, UMAC, applications, MAC-based random generators, code examples
- Key derivation functions (KDF): concepts, from password to encryption key, PBKDF2, Scrypt, Bcrypt, Linux crypt(), Argon2, code examples
- Password encryption techniques: from clear text, through hashing, to modern secure KDFs like Argon2
- Random numbers and secure random generators: concepts, entropy, secure random numbers, CSPRNG, code examples
- Key exchange techniques: key establishment and key agreement, Diffie–Hellman Key Exchange (DHKE) and Elliptic Curve Diffie–Hellman (ECDH) with code examples
- Encryption concepts: symmetric and asymmetric ciphers, secret keys, symmetric encryption, encryption schemes, public-key cryptosystems, private and public keys, hybrid encryption, digital signatures
- Modern symmetric key ciphers: concepts, block ciphers and stream ciphers, cipher block modes (CBC, CTR, GCM), the AES (Rijndael) cipher, the Salsa20 / ChaCha20 ciphers, with code examples
- Symmetric encryption constructions: authenticated encryption, AES-256-GCM, ChaCha20-Poly1307, AES-256-CTR-HMAC, with code examples
- Asymmetric key ciphers and public-key cryptosystems: the RSA cryptosystem (RSA key pairs, encryption, decryption), ECC (elliptic curve cryptography, EC points and multiplication, named curves), ECDH (elliptic-curve Diffie–Hellman) key exchange, code examples
- Elliptic curves: widely used named curves like secp256k1, P-256, P-521, Curve25519, Curve448-Goldilocks, with code examples
Integrated encryption schemes: combining public-key cryptography with symmetric encryption algorithms, the ECIES hybrid encryption scheme, with code examples
- Digital signature algorithms: concepts, signing messages, verifying signatures, RSA signatures, ECDSA and EdDSA
- Quantum-safe cryptography: which classical cryptosystems are quantum-broken and which are quantum-safe, quantum-safe signatures and quantum-safe key exchange algorithms, SPHINCS+, NewHope and others, with code examples
- Other cryptographic concepts: digital certificates, TLS (Transport Layer Security), one-time passwords (OTP), external authentication and OAuth
- Crypto libraries and packages for developers: cryptography in JavaScript, C#, Java, Python, C and C++
- A lot of code examples and exercises, following each major section
The book is free, published under the MIT license. Read the book for free from its Web site: https://cryptobook.nakov.com.
ebook
First published November 1, 2018
About the author
Svetlin Nakov
14 books37 followersSvetlin Nakov (https://nakov.com) has 20+ years of technical background as software engineer, software project manager, consultant, trainer and entrepreneur with rich experience with Web development, information systems, databases, blockchain, cryptography, .NET, Java EE, JavaScript, PHP, Python and software engineering. He is the leading author of 15 books on computer programming, software technologies, cryptography, C#, Java, JavaScript, Python, C++ and tens of technical and scientific publications. He is a big fan of knowledge sharing and is proud Wikipedia contributor, free books author and open-source supporter.
Svetlin has been a speaker at hundreds of conferences, seminars, meetups, courses and other trainings in the United States, Singapore, Germany, Egypt, Bulgaria and other locations. He holds a PhD degree in computer science (for his research on computational linguistics and machine learning), several medals from the International Informatics Olympiads (IOI) and the Bulgarian President’s award “John Atanasoff”. He has been a part-time assistant professor / visiting lecturer / technical trainer in Sofia University, New Bulgarian University, the Technical University of Sofia, Ngee Ann Polytechnic (Singapore) and few others.
Dr. Svetlin Nakov have spent his last 15 years in teaching software engineers: from basics of coding to advanced Web apps. He is proud to have tens of thousands graduates who got technical skills and joined the software industry.
In the last few years Svetlin Nakov together with his partners drive the global expansion of the largest training center for software engineers in Bulgaria and the region – the Software University (https://softuni.us), where he inspires and teaches hundred of thousands of young people in computer science, software development, information technologies and digital skills, and gives them a profession and a job.
Svetlin has been a speaker at hundreds of conferences, seminars, meetups, courses and other trainings in the United States, Singapore, Germany, Egypt, Bulgaria and other locations. He holds a PhD degree in computer science (for his research on computational linguistics and machine learning), several medals from the International Informatics Olympiads (IOI) and the Bulgarian President’s award “John Atanasoff”. He has been a part-time assistant professor / visiting lecturer / technical trainer in Sofia University, New Bulgarian University, the Technical University of Sofia, Ngee Ann Polytechnic (Singapore) and few others.
Dr. Svetlin Nakov have spent his last 15 years in teaching software engineers: from basics of coding to advanced Web apps. He is proud to have tens of thousands graduates who got technical skills and joined the software industry.
In the last few years Svetlin Nakov together with his partners drive the global expansion of the largest training center for software engineers in Bulgaria and the region – the Software University (https://softuni.us), where he inspires and teaches hundred of thousands of young people in computer science, software development, information technologies and digital skills, and gives them a profession and a job.
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 of 1 review
February 27, 2021
Cleared up a lot of things for me, and has decent introductions to symmetric key, asymmetric key, and hybrid encryption schemes. There are a number of repeated sections and omitted subjects-- clearly needs an editor.
Displaying 1 of 1 review