Sven Dietrich's review of <i>Serious Cryptography</i>, by Jean-Philippe (JP) Aumasson, IEEE Cipher E182, Nov 23, 2024

Serious Cryptography,
by Jean-Philippe (JP) Aumasson
Reviewed by Sven Dietrich
November 23, 2024

No Starch Press, 2025.
ISBN ISBN-13: 978-1-7185-0384-7 (print), ISBN-13: 978-1-7185-0385-4 (ebook)
No Starch Press
345 pages + xxiv
Second edition, 2025

Crypto means business, but what does "crypto" mean to you? The short term "crypto" nowadays has taken another meaning aside from classical cryptography, namely referring to cryptocurrencies, a major player in business these days. We find the business of "crypto" in the world of spies, electronic commerce, banks, secure transactions, and digital assets. Cryptography was mostly in the world of governments before scientific exploration dared to venture there, with many (now classic) books covering seemingly forbidden knowledge at the time. In the last few decades, access to such knowledge has become much easier, but it doesn't necessarily make the subject matter itself easier. The feared quantum cryptoapocalypse is something many expect to happen with the advent of quantum computer capable of solving the "difficult math problems" at the basis of a few cryptosystems commonly in use today; this possibility challenges the status quo.

Jean-Philippe Aumasson has written "Serious Cryptography," a roughly 350-page book in its second edition now, with the intent of explaining cryptography, or at least generating enough interest with a mix of general and highly technical terms to enable the reader investigate the topic further. 350 pages would normally not be enough to accommodate the wide spectrum of topics he covers in four parts and fifteen chapters total, but he presents the topics in quasi "Cliff Notes" style, with opportunities to delve deeper by either following links to eprint papers or by getting a more specialized book on that topic. While there is an index at the end of the book, there are no consolidated references, as they are sprinkled throughout the book, including the 'Further Reading' section at the end of the chapters. He shows the reader the overall concepts, mathematical formulas and equations, sample real-world configurations or code, all in good cryptographic engineering fashion. That's serious cryptography.

Part I on "Fundamentals" contains three chapters. The first one, "Encryption", talks about the early ciphers such as the Caesar cipher, the Vigenère cipher, the One-Time Pad, and permutations. There are reflections on the security of these early schemes and how to break them. The second chapter adds another element to the mix, namely "Randomness," which is a important for making cryptographic operations secure. The focus here is on Pseudo-Random Number Generators (PRNGs). In particular, the reader learns how faulty PRNGs have caused headaches in some operating systems over time. In the third chapter, the author touches upon "Cryptographic Security." Here the reader learns about what it would mean to quantify and evaluate the security of a particular cryptographic scheme, in theory and in practice. There is talk about security levels, security proofs, and achieving security. Some examples illustrate some glaring mistakes of the past.

Part II on "Symmetric Crypto" contains five chapters. Chapter 4 on "Block Ciphers" discusses ciphers that transform plaintext input one block of data at a time (e.g. 16, 32, 128 bits) into ciphertext. While the author mentions the classic US-originated Data Encryption Standard (DES) and the Russian standard GOST, the current US-based (read: NIST-issued) Advanced Encryption Standard (AES) is the center of attention in this chapter, with all its components explained. Chapter 5 covers "Stream Ciphers," where a stream of data is processed, typically one bit at a time, by performing an exclusive OR operation (XOR). Linear Feedback Shift Registers are described in the context of stream ciphers, even with some of the modern algebra behind it. The reader learns about the cipher RC4, among others, and all its security problems, including implementation ones. Chapter 6 on "Hash Functions" explains an essential cipher building block, but one that does not require a secret key. The latest secure hash standard, SHA-3 aka Keccak, is described. The book's author is a co-author of the BLAKE hash function, which was a finalist in the NIST SHA-3 competition. Chapter 7 adds a twist with "Keyed Hashing" where keys are used as additional material to perturb the output of the hash function, namely to achieve constructions such as message authentication codes (MACs). Chapter 8 finally concludes Part III with "Authenticated Encryption," where the reader learns about algorithms that do both encryption and authentication. One such example is AES in Galois Counter Mode, aka AES-GCM.

Part III on "Asymmetric Crypto" touches on a field that only appeared in the "open" in the 1970s with advances by Whitfield Diffie and Martin Hellman and the RSA trio Ron Rivest, Adi Shamir, and Len Adleman. There are four chapters. Chapter 9 elaborates on the "Hard Problems" that gave rise to the discovery of (academic-originated) public key encryption, namely the hardness of Discrete Log problem and Factoring. Chapter 10 is entirely dedicated to RSA, published in 1977 as a way to perform public-key crypto, discussing inception and some of the flaws that arose as the algorithm was put into practice. Chapter 11, on the other hand, talks about "Diffie-Hellman," meaning the 1976 paper on "New Directions in Cryptography" as well as some of the extensions to it, and some vulnerabilities that came up over the years. Chapter 12 is on the more recent topic of "Elliptic Curves." One of the motivations of this approach was to create shorter keys than DH or RSA, while maintaining the same security levels. Here the reader will find more modern approaches in use in systems today (in addition to the two previous ones): Elliptic Curve Discrete Logarithm Problem and Elliptic Curve Digital Signature Algorithm. Those readers toying around with blockchain will recognize those approaches.

Part IV on "Applications" covers three chapters, spread across three topics: TLS, Quantum and Post-Quantum, and last but not least Cryptocurrency Cryptography. Chapter 13 engages in the topic of Transport Layer Security (TLS), the successor to what some may know as simply SSL. TLS is the main protocol that makes browsing more secure (the 's' in https://...), but has had its flaws (Heartbleed, CRIME, BEAST, POODLE) in implementations over the years that get their fair share of mentions in this chapter. Chapter 14 "Quantum and Post-Quantum" talks about the cause of headaches for many, especially those who are worried about the "Hard Problems" in Chapter 9, e.g. what is a quantum computer and how does it affect the cryptography we are doing in practice today? Researchers and practitioners alike have been working on getting ready for the "post-quantum world," i.e. one where a tangible quantum computer has been realized that can break today's hard problems, say with Shor's or Grover's algorithms. The reader learns about the NIST Post-Quantum Cryptography standards, with appropriate ciphers that are usable today, that aim to thwart these challenges. Lastly, Chapter 15 rounds up this part with "Cryptocurrency Cryptography," a topic that many refer to as "crypto." Key phrases such as "Merkle Trees," "Multisignature protocols," "Proof of Work," "Zero Knowledge," and "zkSNARKs" find their proper place in this chapter, in the context of Bitcoin and other cryptocurrencies. It opens the world of "crypto" a bit further for those who may already have a vested interest in "crypto."

This book is aimed at researchers, industry practitioners dealing with "crypto," and graduate students seeking to explore this exciting field with many entry points along the way. The author has made it easy to find that suitable entry point and guide the reader towards more in-depth material once the reader has swallowed the crypto bait. The book is a fine collection of ideas from theory to practice, and all the cryptographic engineering in between.

I very much enjoyed reading this book. The book will find its place on my bookshelf for any needed reference on this fascinating topic or the random student that seeks help or inspiration on the topic of cryptographic engineering, err, I mean, "Serious Cryptography."

Sven Dietrich reviews technology and security books for IEEE Cipher. He welcomes your thoughts at spock at ieee dot org