PREFACE

I wrote this book to be the one I wish I had when I started learning crypto. In 2005, I was studying for my masters degree near Paris, and I eagerly registered for the crypto class in the upcoming semester. Unfortunately, the class was canceled because too few students had registered. “Crypto is too hard,” the students argued, and instead, they enrolled en masse in the computer graphics and database classes.

I’ve heard “crypto is hard” more than a dozen times since then. But is crypto really that hard? To play an instrument, master a programming language, or put the applications of any fascinating field into practice, you need to learn some concepts and symbols, but doing so doesn’t take a PhD. I think the same applies to becoming a competent cryptographer. I also believe that crypto is perceived as hard because cryptographers haven’t done a good job of teaching it.

Another reason why I felt the need for this book is that crypto is no longer just about crypto—it has expanded into a multidisciplinary field. To do anything useful and relevant in crypto, you’ll need some understanding of the concepts around crypto: how networks and computers work, what users and systems need, and how attackers can abuse algorithms and their implementations. In other words, you need a connection to reality.

This Book’s Approach

The initial title of this book was Crypto for Real to stress the practice-oriented, real-world, no-nonsense approach I aimed to follow. I didn’t want to make cryptography approachable by dumbing it down, but instead tie it to real applications. I provide source code examples and describe real bugs and horror stories.

Along with a clear connection to reality, other cornerstones of this book are its simplicity and modernity. I focus on simplicity in form more than in substance: I present many non-trivial concepts, but without the dull mathematical formalism. Instead, I attempt to impart an understanding of cryptography’s core ideas, which are more important than remembering a bunch of equations. To ensure the book’s modernity, I cover the latest developments and applications of cryptography, such as TLS 1.3 and post-quantum cryptography. I don’t discuss the details of obsolete or insecure algorithms such as DES or MD5. An exception to this is RC4, but it’s only included to explain how weak it is and to show how a stream cipher of its kind works.

Serious Cryptography isn’t a guide for crypto software, nor is it a compendium of technical specifications—stuff that you’ll easily find online. Instead, the foremost goal of this book is to get you excited about crypto and to teach you its fundamental concepts along the way.

Who This Book Is For

While writing, I often imagined the reader as a developer who’d been exposed to crypto but still felt clueless and frustrated after attempting to read abstruse textbooks and research papers. Developers often need—and want—a better grasp of crypto to avoid unfortunate design choices, and I hope this book will help.

But if you aren’t a developer, don’t worry! The book doesn’t require any coding skills, and is accessible to anyone who understands the basics of computer science and college-level math (notions of probabilities, modular arithmetic, and so on).

This book can nonetheless be intimidating, and despite its relative accessibility, it requires some effort to get the most out of it. I like the mountaineering analogy: the author paves the way, providing you with ropes and ice axes to facilitate your work, but you make the ascent yourself. Learning the concepts in this book will take an effort, but there will be a reward at the end.

How This Book Is Organized

The book has fourteen chapters, loosely split into four parts. The chapters are mostly independent from one another, except for Chapter 9, which lays the foundations for the three subsequent chapters. I also recommend reading the first three chapters before anything else.

Fundamentals

• Chapter 1: Encryption introduces the notion of secure encryption, from weak pen-and-paper ciphers to strong, randomized encryption.
• Chapter 2: Randomness describes how a pseudorandom generator works, what it takes for one to be secure, and how to use one securely.
• Chapter 3: Cryptographic Security discusses theoretical and practical notions of security, and compares provable security with probable security.

Symmetric Crypto

• Chapter 4: Block Ciphers deals with ciphers that process messages block per block, focusing on the most famous one, the Advanced Encryption Standard (AES).
• Chapter 5: Stream Ciphers presents ciphers that produce a stream of random-looking bits that are XORed with messages to be encrypted.
• Chapter 6: Hash Functions is about the only algorithms that don’t work with a secret key, which turn out to be the most ubiquitous crypto building blocks.
• Chapter 7: Keyed Hashing explains what happens if you combine a hash function with a secret key, and how this serves to authenticate messages.
• Chapter 8: Authenticated Encryption shows how some algorithms can both encrypt and authenticate a message with examples, such as the standard AES-GCM.

Asymmetric Crypto

• Chapter 9: Hard Problems lays out the fundamental concepts behind public-key encryption, using notions from computational complexity.
• Chapter 10: RSA leverages the factoring problem in order to build secure encryption and signature schemes with a simple arithmetic operation.
• Chapter 11: Diffie–Hellman extends asymmetric cryptography to the notion of key agreement, wherein two parties establish a secret value using only non-secret values.
• Chapter 12: Elliptic Curves provides a gentle introduction to elliptic curve cryptography, which is the fastest kind of asymmetric cryptography.

Applications

• Chapter 13: TLS focuses on Transport Layer Security (TLS), arguably the most important protocol in network security.
• Chapter 14: Quantum and Post-Quantum concludes with a note of science fiction by covering the concepts of quantum computing and a new kind of cryptography.

Acknowledgments

I’d like to thank Jan, Annie, and the rest of the No Starch staff who contributed to this book, especially Bill for believing in this project from the get-go, for his patience digesting difficult topics, and for turning my clumsy drafts into readable pages. I am also thankful to Laurel for making the book look so nice and for handling my many correction requests.

On the technical side, the book would contain many more errors and inaccuracies without the help of the following people: Jon Callas, Bill Cox, Niels Ferguson, Philipp Jovanovic, Samuel Neves, David Reid, Phillip Rogaway, Erik Tews, as well as all readers of the early access version who reported errors. Finally, thanks to Matt Green for writing the foreword.

I’d also like to thank my employer, Kudelski Security, for allowing me time to work on this book. Finally, I offer my deepest thanks to Alexandra and Melina for their support and patience.

Lausanne, 05/17/2017 (three prime numbers)