Published on Security Management (http://www.securitymanagement.com)
Cryptography Engineering: Design Principles and Practical Applications
By Niels Ferguson et al; Reviewed by Ben Rothke, CISSP, CISA



    
Print Edition Only: 
No
Beyond Print?: 
No
Weight: 
-100
Teaser: 
Cryptography Engineering spells out the difference between good and bad cryptography in great detail.


***** Cryptography Engineering: Design Principles and Practical Applications. By Niels Ferguson et al; published by John Wiley & Sons, Inc., www.wiley.com; [1] 384 pages; $55.


 


Good cryptography can ensure that your data is readable only to authorized parties. The danger of bad cryptography is a false sense of data security. The line between the two is exceptionally thin, and the difference between the two is spelled out in great detail in this text.


 


The first edition of coauthor Bruce Schneier’s Applied Cryptography came out in 1994. What was revolutionary then, and launched a new generation of security mavens, is now obsolete in many parts. Cryptography Engineering is a much-needed update. While not as detailed as the former work, and with significantly fewer code examples, the new text is still a valuable resource for anyone who wants to come up to speed on the essentials of modern cryptography.


 


The book covers the major uses of cryptography today, namely messaging security and the other fundamental areas including key management, block ciph­ers, block modes, hash functions, encryption modes, message authentication codes, implementation issues, negotiation protocols, and much more.


 


The three authors bring many decades of unique experience on the topic to the book. Their goal is to get the reader to think like a cryptographer, and the book does a great job of that. It is rich in real-world examples, and each chapter ends with a number of exercises to take the theoretical ideas and put them into practice.


 


While billed as an introductory text on the subject, Cryptography Engineering is not for the fainthearted. Anyone intrigued by the topic and with the time to dedicate to the matter will find the book worth their while.


 




Reviewer: Ben Rothke, CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), is a senior security consultant with BT Global Services.


 


Author: 
Niels Ferguson et al; Reviewed by Ben Rothke, CISSP, CISA
Related Resources: 
Detail Image: 
Ferguson copy.gif
Thumbnail: 
Comments


    

    




  
Security Management is the award-winning publication of ASIS International, the preeminent international

organization for security professionals, with more than 38,000 members worldwide.


ASIS International, Inc. Worldwide Headquarters, 1625 Prince Street, Alexandria, Virginia 22314-2818 U.S.A.

703.519.6200 | fax 703.519.6299 | www.asisonline.org


ASIS


© 2013 Security Management

This site is protected by copyright and trade mark laws under U.S. and International law.

No part of this work may be reproduced without the written permission of Security Management.








    

    
Source URL: http://www.securitymanagement.com/article/cryptography-engineering-design-principles-and-practical-applications-007900

    
Links:
[1] http://www.wiley.com;