An all-practical guide to the cryptography behind common tools and protocols …
An all-practical guide to the cryptography behind common tools and protocols that will help you make excellent security choices for your systems and applications.
In Real-World Cryptography you will find:Real-World Cryptography reveals the cryptographic techniques that drive the security of web APIs, registering and logging in users, and even the blockchain. You’ll learn how these techniques power modern security, and how to apply them to your own projects. Alongside modern methods, the book also anticipates the future of cryptography, diving into emerging and cutting-edge advances such as cryptocurrencies, and post-quantum cryptography. All techniques are fully illustrated with diagrams and examples so you can easily see how to put them into practice.
Cryptography is the essential foundation of IT security. To stay ahead of the bad actors attacking your systems, you need to understand the tools, frameworks, and protocols that protect your networks and applications. This book introduces authentication, encryption, signatures, secret-keeping, and other cryptography concepts in plain language and beautiful illustrations.
Real-World Cryptography teaches practical techniques for day-to-day work as a developer, sysadmin, or security practitioner. There’s no complex math or jargon: Modern cryptography methods are explored through clever graphics and real-world use cases. You’ll learn building blocks like hash functions and signatures; cryptographic protocols like HTTPS and secure messaging; and cutting-edge advances like post-quantum cryptography and cryptocurrencies. This book is a joy to listen to—and it might just save your bacon the next time you’re targeted by an adversary after your data.
For cryptography beginners with no previous experience in the field.
David Wong is a cryptography engineer. He is an active contributor to internet standards including Transport Layer Security.
Covers all the important parts of applied cryptography. A must-read for every Java developer.Part 1. Primitives: The ingredients of cryptography
Chapter 1. Introduction
Chapter 1. Kerckhoff’s principle: Only the key is kept secret
Chapter 1. Key exchanges or how to get a shared secret
Chapter 1. Classifying and abstracting cryptography
Chapter 1. From theoretical to practical: Choose your own adventure - Part 1
Chapter 1. From theoretical to practical: Choose your own adventure - Part 2
Chapter 2. Hash functions
Chapter 2. Security considerations for hash functions
Chapter 2. Standardized hash functions
Chapter 2. The SHA-3 hash function
Chapter 2. Avoid ambiguous hashing with TupleHash
Chapter 3. Message authentication codes
Chapter 3. Security properties of a MAC
Chapter 3. Integrity of cookies
Chapter 4. Authenticated encryption
Chapter 4. The interface of AES
Chapter 4. A lack of authenticity, hence AES-CBC-HMAC
Chapter 4. The AES-GCM AEAD
Chapter 4. ChaCha20-Poly1305
Chapter 4. Other kinds of symmetric encryption
Chapter 5. Key exchanges
Chapter 5. Group theory
Chapter 5. The discrete logarithm problem: The basis of Diffie-Hellman
Chapter 5. The Elliptic Curve Diffie-Hellman (ECDH) key exchange
Chapter 5. How does the Elliptic Curve Diffie-Hellman (ECDH) key exchange work?
Chapter 5. Small subgroup attacks and other security considerations
Chapter 6. Asymmetric encryption and hybrid encryption
Chapter 6. Hybrid encryption
Chapter 6. Textbook RSA
Chapter 6. Asymmetric encryption with RSA-OAEP
Chapter 7. Signatures and zero-knowledge proofs
Chapter 7. Zero-knowledge proofs (ZKPs): The origin of signatures
Chapter 7. The signature algorithms you should use (or not)
Chapter 7. RSA-PSS: A better standard
Chapter 7. The Edwards-curve Digital Signature Algorithm (EdDSA)
Chapter 7. Subtle behaviors of signature schemes
Chapter 8. Randomness and secrets
Chapter 8. Slow randomness? Use a pseudorandom number generator (PRNG)
Chapter 8. Obtaining randomness in practice
Chapter 8. Public randomness
Chapter 8. Managing keys and secrets
Part 2. Protocols: The recipes of cryptography
Chapter 9. Secure transport
Chapter 9. How does the TLS protocol work?
Chapter 9. The TLS handshake - Part 1
Chapter 9. The TLS handshake - Part 2
Chapter 9. How TLS 1.3 encrypts application data
Chapter 9. The Noise protocol framework: A modern alternative to TLS
Chapter 10. End-to-end encryption
Chapter 10. The failure of encrypted email
Chapter 10. Key discovery is a real issue
Chapter 10. More user-friendly than the WOT: Trust but verify
Chapter 10. Double Ratchet: Signal’s post-handshake protocol
Chapter 11. User authentication
Chapter 11. One password to rule them all: Single sign-on (SSO) and password managers
Chapter 11. Don’t want to see their passwords? Use an asymmetric password-authenticated key exchange
Chapter 11. One-time passwords aren’t really passwords: Going passwordless with symmetric keys
Chapter 11. User-aided authentication: Pairing devices using some human help
Chapter 11. Was my key exchange MITM’d? Just check a short authenticated string (SAS)
Chapter 12. Crypto as in cryptocurrency?
Chapter 12. A problem of trust? Decentralization helps
Chapter 12. How does Bitcoin work?
Chapter 12. Forking hell! Solving conflicts in mining
Chapter 12. A tour of cryptocurrencies
Chapter 12. A round in the DiemBFT protocol
Chapter 13. Hardware cryptography
Chapter 13. They’re in your wallet: Smart cards and secure elements
Chapter 13. Banks love them: Hardware security modules (HSMs)
Chapter 13. Trusted Platform Modules (TPMs): A useful standardization of secure elements
Chapter 13. Confidential computing with a trusted execution environment (TEE)
Chapter 13. What solution is good for me?
Chapter 13. Constant-time programming
Chapter 14. Post-quantum cryptography
Chapter 14. From the birth of quantum computers to quantum supremacy
Chapter 14. Hash-based signatures: Don’t need anything but a hash function
Chapter 14. Many-times signatures with XMSS and SPHINCS+
Chapter 14. Shorter keys and signatures with lattice-based cryptography
Chapter 14. Kyber, a lattice-based key exchange
Chapter 14. Do I need to panic?
Chapter 15. Is this it? Next-generation cryptography
Chapter 15. Fully homomorphic encryption (FHE) and the promises of an encrypted cloud
Chapter 15 Where is it used?.
Chapter 15. Homomorphic commitments to hide parts of the proof
Chapter 15. An arithmetic circuit to a rank-1 constraint system (R1CS)
Chapter 16. When and where cryptography fails
Chapter 16. Where are the good libraries?
Chapter 16. Cryptography is not an island
Appendix. Answers to exercises