Cryptography Decrypted (Paperback)

~ (Author), Doris M. Baker (Author)

Editorial Reviews

Product Description

(Pearson Education) A tutorial in digital cryptography, for readers at any level of experience. Requires no technical or mathematical expertise, but does include appendices for those who have it. Topics covered include public and private keys, hashes and message digests, cryptographic attacks, and digital signatures. Softcover. DLC: Computer security.

From the Back Cover

Fundamental security concepts like cryptography and digital signatures are becoming as much a part of our everyday lives as megabytes and the Internet. Anyone working with computer security--security professionals, network administrators, IT managers, CEOs, and CIOs--need to have a comfortable understanding of the cryptographic concepts in this book.

Cryptography Decrypted shows you how to safeguard digital possessions. It is a clear, comprehensible, and practical guide to the essentials of computer cryptography, from Caesar's Cipher through modern-day public key. Cryptographic capabilities like detecting imposters and stopping eavesdropping are thoroughly illustrated with easy-to-understand analogies, visuals, and historical sidebars.

You need little or no background in cryptography to read Cryptography Decrypted. Nor does it require technical or mathematical expertise. But for those with some understanding of the subject, this book is comprehensive enough to solidify knowledge of computer cryptography and challenge those who wish to explore the high-level math appendix.

Divided into four parts, the book explains secret keys and secret key methods like DES, public and private keys, and public key methods like RSA; how keys are distributed through digital certificates; and three real-world systems. Numerous graphics illustrate and clarify common cryptographic terminology throughout.

You will find coverage of such specific topics as:

• Secret key and secret key exchanges
• Public and private keys
• Digital signatures
• Digital certificates, Public Key Infrastructure (PKI), and PGP
• Hashes and message digests
• Secure e-mail, secure socket layer (SSL), and Internet Protocol Security (IPsec)
• Protecting keys
• Cryptographic attacks
• Authentication, confidentiality, integrity, and nonrepudiation

"Even after ten years working in the field of information protection for a major electronics manufacturing company, I learned a lot from this book. I think you will too."

--From the Foreword by John Kinyon

0201616475B04062001

See all Editorial Reviews

Product Details

• Paperback: 384 pages
• Publisher: Addison-Wesley Professional; 1976. Corr. 5th edition (December 31, 2000)
• Language: English
• ISBN-10: 0201616475
• ISBN-13: 978-0201616477
• Product Dimensions: 9.1 x 7.3 x 0.7 inches
• Shipping Weight: 1.3 pounds (View shipping rates and policies)
• Average Customer Review: 4.8 out of 5 stars  See all reviews (37 customer reviews)
• Amazon.com Sales Rank: #246,648 in Books (See Bestsellers in Books)

  Popular in this category: (What's this?)

  #22 in

  Books > Computers & Internet > Programming > Algorithms > Cryptography

Customer Reviews

Most Helpful Customer Reviews

24 of 25 people found the following review helpful:

5.0 out of 5 stars The best introductory book bar none, December 17, 2001

By	Linda Zarate "IT Ops Consultant" (Azusa, CA United States) - See all my reviews (TOP 500 REVIEWER)

This book clearly explains the foundation of cryptography, numbers, and the techniques that have emerged to provide modern security technologies. The book starts with Part I, that sets the context by introducing terms and the basics, including ciphers, data encryption standard (DES) and secret keys. The authors did a remarkable job by making complex concepts easy to understand. The next two parts go into more detail about public keys and digital certificates. While these are relatively simple to learn on the surface, the details have always eluded me until I read this book because more papers and books on the subject get too deep into details too fast and assume knowledge of advanced math on the part of the reader. Not so this book - the authors make it easy through clear writing, illustrations that illuminate the textual descriptions and a knack for explaining the complex in simple and easily digestible chunks.

I especially liked Part IV, which covers secure electronic commerce because it covered the full spectrum of technologies and the information is immediately useful to all IT and security professionals. Like in the first three parts of this book I came away with a complete understanding of how everything works.

This book epitomizes clear writing. Moreover, it is simply amazing how much knowledge can be relatively painlessly gained from reading this book. Although I am sure the authors intended to make the inner workings of cryptography accessible to non-security professionals (which they unquestionably accomplished), they also set a standard of excellence in technical writing by producing a book that is, in my opinion, near perfect in its ability to seamlessly use lively prose and well thought out illustrations to convey highly technical information. If you need to learn cryptography but are challenged by the math and the impenetratable writing of other books on the subject, start with this one.

12 of 12 people found the following review helpful:

5.0 out of 5 stars Really good intro to cryptography, April 20, 2001

By	Ben Rothke "Author of 'Computer Security: 20 ... (USA) - See all my reviews (TOP 1000 REVIEWER)    (REAL NAME)

Technology is so full of acronyms and vernacular that many computer books have glossaries that are as thick as novellas. Fortunately, books such as Cryptography Decrypted: A Pictorial Introduction to Digital Security provide a good, largely jargon-free introduction to an often arcane subject.

Cryptography is one of the central components of information security. Without it, much that we take for granted, such as e-commerce and confidential e-mail, would be impossible. Cryptography has four main components: confidentiality (information can't be understood by anyone for whom it is not intended); integrity (information can't be altered in storage or transit without the alteration being detected); nonrepudiation (the sender can't later deny having created or sent a message); and authentication (the sender and receiver can confirm each other's identity and the origin and destination of the information). Each of these basics is discussed.

The meat of the book is divided into four parts: secret key cryptography, public key cryptography, key distribution, and real-world systems. Numerous illustrations clarify difficult concepts, such as hash functions.

This is one of the better introductions to contemporary cryptography, covering all the major topics in a user-friendly manner. While no mathematical background is required, readers will be surprised by how many mathematical concepts will become familiar by the end of the book.

While no novella, Cryptography Decrypted still captures the reader's attention. It is useful for any security professional needing to understand encryption, especially computer security specialists.

This review of mine originally appeared at...

11 of 11 people found the following review helpful:

5.0 out of 5 stars Excellent for HIPAA and e-commerce security - top writing, March 16, 2001

By	Mike Tarrani "www.tarrani.com" (Deltona, FL USA) - See all my reviews (TOP 500 REVIEWER)    (REAL NAME)    (COMMUNITY FORUM 04)

The primary audience for this book is anyone who has to quickly get up-to-speed in security infrastructure and cryptology. If you are working in health care and are overwhelmed with the technical requirements imposed by the Health Insurance Portability and Accountability Act (HIPAA), then you are going to love this book. If you are involved in e-commerce you will definitely find this book essential reading and the key to understanding the underpinnings of web and e-commerce security.

There is another audience for this book: technical writers. The authors set the highest standards in document design, clear writing and integration of prose and illustration. They have managed to explain a complex, difficult subject easy to understand.

Part I of the book lays the foundation by explaining the basics: defining terms, the evolution of ciphers and how they worked, and the fundamentals of the data encryption standard (DES) and secret keys. I found this part of the book to be fascinating because the authors used easy-to-follow examples that were augmented by visual depictions of how everything works. For example, a quick explanation of Polybius square numbers and how to transpose them to diffuse a cipher was not only something completely new to me, but was something I was able to thoroughly understand after reading less than three pages of this book! I am sure that a professional cryptographer would find this material basic. I found it empowering because I began to see a larger picture of this obscure science unfold while learning some interesting numerical manipulation techniques. For the first time I really understood this stuff to the degree that I could explain it to non-technical people. The authors also used historical anecdotes to make the subject interesting. Some of the highlights of this part of the book include transposition ciphers, diffusion and confusion strategies, and the frank discussion of DES in its various forms (double, triple), and its strengths and vulnerabilities.

In parts II and III the book thoroughly covers public keys and digital certificates - two topics that you cannot avoid if you are among the primary audience of this book. If you carefully read these sections you will come away with a good grasp of public keys and how they work, digital certificates and how they fit into the scheme of things and message digest mechanics. In fact, you will be able to hold your own in conversations with security experts when discussing these topics. If you are struggling with HIPAA requirements and the thousands of pages of associated documentation you will be armed to fully understand the issues and factors.

Part IV addresses technologies that support secure electronic commerce: secure e-mail, secure socket layer (SSL)/transport layer security (TLS) and IP security. Like sections II and III, these highly technical, complex technologies are explained in an incredibly clear manner. As in the previous sections I learned a lot and came away with a strong understanding. What I really liked about this section is the chapter on cryptographic gotchas - it covered some common attacks and how to safeguard against them. I also enjoyed the treatment of smart cards and their particular vulnerabilities.

I love this book for a number of reasons. First, the authors know their subject. More importantly they have produced a book that epitomizes how to communicate highly technical subjects to not-so-technical people. Finally, this book is remarkably error-free considering the copious use of numeric examples. The author's web site has a single entry for errata! If you need to quickly get up-to-speed on HIPAA or e-commerce security then this book is the best place to start. If you are a technical writer and want to see how it *should* be done get this book even if you do not care about cryptography or security.