Review: Handbook of Applied Cryptography


by Alfred J. Menezes, Paul C. van Oorschot, Scott A. Vanstone. CRC Press


The Scenario

CRC Press has been building a series of books on discrete mathematics and its applications. Doug Stinson wrote the theory book on cryptography (Cryptography: Theory and Practice (ISBN: 0-8493-8521-0, if you don't like this book you'll vomit when you see the Stinson book) and this is the application book on cryptography. It's close to 800 pages chocked full of information.

I must confess that I'm a cryptography freak and I'm a little sick of the constant political discussions and lack of tech talk, this book is all tech and might even be a little much if you're not into math. It's a wonderful companion to the Schneier books (Applied Cryptography 1st or 2nd Edition A.K.A. "the crypto bible") if you're into the nitty gritty details of cryptography.

What's Bad?

I really like this book and I can't find a lot that I don't like about it… but I think in places the math gets a little thick. I have a degree in math and I find myself returning to the math overview section more often than I'd like to admit. If you're not familiar with discrete math and combinatorics then this book probably isn't for you. If you enjoy that stuff, then this will be a piece of cake. If you're looking to build your crypto book library up I'd highly recommend this book before you get some of the more hard-core books.

Something else I feel is lacking is cryptanalysis on ciphers. They discuss attacks on various protocols and hashes but actual attacks on ciphers are glossed over. As a companion to Cryptography: Theory and Practice, which covers cryptanalysis in more detail, it is understandable to leave that material out of this book but I think they could discuss it a little more than they do without going into specifics.

The no-nonsense style can be a little dry at times, there aren't a lot of jokes or anecdotes to lighten things up in this book.

What's Good?

Cipher isn't spelled with a 'y' anywhere in this book. It's not filled with a lot of opinion or rumor. It doesn't hardly bring up ITAR, key escrow, or the NSA's mystical superpowers. This book is about cryptographic techniques and a listing of patents is about as political or opinionated as it gets.

It is kind of like a textbook without the problems at the end of each chapter. It is written in an outline format..

Read more: