Practical Cryptography *
Ferguson, Niels
Schneier, Bruce
Wiley 2003
ISBN 0-471-22357-3
395pp
Date finished: 2003-04-29
[Buy this book] (why?)
Schneier's earlier book Applied Cryptography was a massive volume that covered a lot of ground, presenting dozens of protocols and algorithms with only a few comments on implementation. This book, on the other hand, is all about implementation, from designing the API to writing the code, and it's great. Basic principles of cryptography and number theory are given good informal explanations, often prefaced with an explanation of the motivation for the next round of explanations and making it a perfect tutorial. The whole book is written in a conversational tone that's easy to read and makes it quite addictive; I started reading and in a few hours found myself 100 pages deep.
Topics covered include cryptographic terminology, block ciphers, hash functions, public-key algorithms, generating random numbers, authentication, implementation pitfalls, standards, patents, and much more. A pseudocode implementation of a secure messaging channel is the most detailed example in the book. Implementing Diffie-Hellman and RSA are covered in slightly less detail.
The authors are conservative in their design, trying to ensure that attackers will need to do 2**128 units of work in order to break the system. Their APIs strike me as rather Pythonic in their simplicity and in their intent to protect the user as much as possible. For example, RSA signing and authentication use different exponents so that even if you get fooled into signing some ciphertext, an attacker doesn't get anything very useful. More remarkably, you can't RSA-encrypt an arbitrary chunk of data, so you can't be made to accidentally encrypt some magic value that might leak information about your private key. Instead, there's a method that returns a 2-tuple of a chunk of random data encrypted with the RSA key, and the session key resulting from hashing the random data. Very clever! The authors even discuss "wooping", a technique for checking that your large-integer library isn't malfunctioning due to a bug or malicious error.
Highly recommended; anyone with an implementor's turn of mind and an interest in cryptography will love this book.