Customer Reviews

Cryptography and Network Security: Principles and Practice (5th Edition)

5 star:		(4)
4 star:		(1)
3 star:		(2)
2 star:		(2)
1 star:		(2)

 

 

OK, this book has received prizes and stellar reviews here and elsewhere but personally I didn't like it very much. First, the text and the exercises lack mathematical depth. There are entire chapters, such as the one on AES, which add hardly anything to the official standard, and the book explanation is often harder to understand, and especially more ambiguous than the official standard of the protocols it is supposed to explain.
On the other hand, it is a relatively "polished" book, without too many errors or typos. Most of the time, it gives gives enough information to implement the algorithms it talks about. But it certainly doesn't give you enough to become a cryptographer, or to evaluate the security of a new algorithm, or things like that.

An easy to read book on cryptography and security. Stallings illustrates concepts well, with lots of examples. If you're after mathematical depth, this book is not for you. This book is more about high level ideas and concepts.

Stallings presents an updated education on cryptography. With a secondary emphasis on network security. In the cryptographic sections, there is a strong mathematical flavour. The narrative is not a high level, management-type discussion. It favours the professional mathematician and programmer, and ideally the intersection of these two skill sets.

Unlike some other books on cryptography, here considerable space is also given to hash functions. These can sometimes be used as an alternative to a full encrypt/decrypt approach. If you are designing a system, you should ponder carefully whether a hashing approach might suffice. Usually if you only need to authenticate a message or item. Since, as the book relates, for all the complexity of the various hash algorithms, hashing is far simpler and faster than public key encryption. And there is no problem with key revocation. Another great simplification.

The book covers the latest work on hashing. It appears that the 160 bit hash methods, like SHA-1, can now have collisions induced, as found by researchers at Tsinghua University. (Though the text doesn't appear to credit them.) Suggesting a migration to longer bit methods or to a more intricate method.

One surprising feature of this 4th edition is that PKI is mentioned here, unlike earlier editions. PKI has been around long enough and is important enough that I would've thought the 3rd edition of the book would have covered it.

The last sections of the book, on network and system security, are less mathematical. But to offset this, as it were, they require somewhat of a background in understanding the Internet Protocol and in the systems administration of a subnet of computers. Maybe the simplest advice to understand and implement is for a sysadmin to install and regularly run a password checker against the users' passwords.

There has never been a more poorly written book, to my knowledge. The subject matter is fascinating and it is hard to imagine a less well-executed explanation of this material. It is difficult to count how many times that concepts are introduced and explained with statements that begin "It is obvious that..." - I've got news for the author, not much of those things are obvious, and smaller books explain the same material in much clearer and accessible language. I personally prefer the writings of Bruce Schneier on the subject. The rough thing is, the professor of the class I'm taking picked this for the textbook... I've had to download errata, search out information online, and buy other books to try to cover the material. One of the exercises is to brute-force attack a misprinted encrypted message, and one has to know to go to the author's website to download the corrected ciphertext. That totally sucks in an $80 book.

I have used this book twice and i simply love it. Easy to follow and the problems are quite challenging. I used as an Undergrad and now using it in my grad level course and it is really helpful. My advice- Go for it. If you like cryptography, you will fall in love with it!!

This is probably a nice book if you are all ready an expert in network security. But it is not a good book for people who are new to the subject. Though this book covers a lot of material, it is written in a disjointed, inconsistent manner. This text was used for a graduate class and our study group found this book unhelpful because of shifting notation and a lack of consistently building the models in a logical sequence. In one section one type of notation is used, then a section or two later, the same notation means something different, or the same concept is notated differently. There was also a lack of explanation in how the protocols fit together. The study group unanimously agreed that this book made the topics more confusing than they needed to be. Wasting time on sorting out notation rather than focusing on the protocols themselves was irritating. The next version of this book should edit the cohesion of the topics and the notation.

This book is terrible. I am forced to read it for class and it's simply awful. If you want to learn cryptography get 'Applied Cryptography' by Bruce Schneier.

Received the item in a timely manner and in good condition.

Received the item in a timely manner and in good condition.

I found the material mostly interesting if not occassionaly difficult to read. However, I found it infurating that the review questions and problems asked at the end of the chapters, could not be answered based on the materials in the chapters.

Nothing like setting you up for a fall. This isn't unique to this book, it seems a trend in most text books these days. It reflects poorly on the material, the publisher, and the author. You'd think an instructional book, would endeavor to provide its students with the tools necessary to answer the questions asked, instead of asking questions that the material doesn't cover.

Really piss poor.

I am using this book for a Graduate class. William Stallings always has been very thorough yet easy to read. You can see his dedication to any of his technical books by visiting his website. Very highly recommended.