TELECOM Digest OnLine - Sorted: Book Review: Cryptography and Public Key Infrastructure on Internet


Book Review: Cryptography and Public Key Infrastructure on Internet


Rob Slade (rMslade@shaw.ca)
Thu, 23 Feb 2006 07:59:26 -0800

BKCPKIOI.RVW 20051201

"Cryptography and Public Key Infrastructure on the Internet", Klaus
Schmeh, 2003, 0-470-84745-X, U$50.00/UK#34.95
%A Klaus Schmeh
%C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
%D 2003
%G 0-470-84745-X
%I John Wiley & Sons, Inc.
%O U$50.00/UK#34.95 416-236-4433 fax: 416-236-4448
%O http://www.amazon.com/exec/obidos/ASIN/047084745X/robsladesinterne
http://www.amazon.co.uk/exec/obidos/ASIN/047084745X/robsladesinte-21
%O http://www.amazon.ca/exec/obidos/ASIN/047084745X/robsladesin03-20
%O Audience i- Tech 1 Writing 1 (see revfaq.htm for explanation)
%P 472 p.
%T "Cryptography and Public Key Infrastructure on the Internet"

Part one is supposed to address the question of why you would want to
use cryptography on the Internet. Chapter one is really a general
introduction or preface to the book. Chapter two tells us that
cryptography is important for security. The ability to sniff various
types of communications channels is mentioned in chapter three.

Part two introduces the basic principles of cryptography. Chapter
four outlines basic cryptographic operations, but only in the sense of
listing the basic terms: the explanations are very limited. Some
details of the internal operations of DES (Data Encryption Standard),
IDEA (International Data Encryption Algorithm), and AES (Advanced
Encryption Standard) are presented in chapter five, but not in a way
that provides a full understanding of the systems. Chapter six looks
at some of the math involved in asymmetric algorithms and describes
the Diffie-Hellman and RSA algorithms, but not how they work in
practice. Chapter seven says that digital signatures work, but not
how. Hash functions are reviewed in chapter eight. Pseudo-random
number generators and stream ciphers are the topic of chapter nine.

Part three ostensibly moves to advanced cryptography. But the topics
are ill-chosen and oddly grouped: chapter ten lists standards and
standards bodies, eleven looks at DES modes and RSA data transforms,
twelve outlines both communications protocols and attacks on
cryptography. Authentication is covered in a reasonable manner in
chapter thirteen, while a great deal of the math (and very little
explanation) of elliptic curve cryptography (ECC) is given in
fourteen, and fifteen deals with cryptographic hardware, software, and
interfaces.

Part four turns to public key infrastructures (PKI). Chapters sixteen
and seventeen outline the elements of a PKI. Certificates and
certificate servers are covered in eighteen and nineteen,
respectively. Chapter twenty reviews practical aspects.

Part five addresses cryptographic protocols for the Internet. Chapter
twenty-one looks at the OSI (Open Systems Interconnection) layered
model, with twenty-two examining protocols for layer 2, twenty-three
for 3 (limited to IPSec), twenty-four for 4, and twenty-five, -six, -
seven, and -eight for layer 7. (Only fair, since the TCP/IP
application layer subsumes the OSI session, presentation, and
application.)

Part six covers more about cryptography, and is probably the best
section of the book. Chapter twenty-nine deals with political aspects
of cryptography, such as export restrictions. People, companies, and
organizations are listed in chapter thirty. References and resources
are in chapter thirty-one, for those who want to study the topic
further. Chapter thirty-two finishes off with flops, myths, and snake
oil.

The writing is ragged, the structure often odd, and the technical
level very inconsistent. Material seems to have been added with no
particular purpose in mind. The chapter on random numbers starts out
with a mention of three movies, two of which have tenuous connections
to cryptography, none of which deals with the concept of randomness.
Technical details are thrown into the text without either fully
explaining the technology under discussion, or being necessary for
further topics. The result is a grab bag of indiscriminate facts that
do not furnish the reader with a full understanding of the topics.

copyright Robert M. Slade, 2005 BKCPKIOI.RVW 20051201

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@sun.soci.niu.edu
The young do not know enough to be prudent, and therefore they
attempt the impossible, and achieve it, generation after
generation. - Pearl Buck
http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade

Post Followup Article Use your browser's quoting feature to quote article into reply
Go to Next message: Lionel Garth Jones: "NSDI '06"
Go to Previous message: Patrick Townson: "Am I Calling it Quits? Well Some Day Soon, I Think."
TELECOM Digest: Home Page