The
preface points out that cryptography has done more
harm than good
in terms of securing information systems, not because
cryptography
fails in and of itself, but, rather, due to the improper
use or
implementation of the technology. This book is intended
to provide
concrete advice to those designing and implementing cryptographic
systems. As such, it is not the usual introduction to
cryptography,
and is aimed at a fairly limited group.
Chapter
one asserts that we should be engineering for security,
rather
than speed or bells and whistles. Security is only as
strong as the
weakest link, we are told in chapter two, and (following
from the idea
of defence in depth) we need to have engineering in depth
(and
probably breadth, as well). The issues are important,
but there is
some lack of clarity to the organization and flow of
the text and
arguments: the reader may start to wonder what the essence
of the
message is. (I see that I should have trademarked "professional
paranoia" when I started using it years ago, but
it is nice to note
that the point is being taken.) Chapter three is a rather
unusual"
Introduction to Cryptography" (and the mathematical
format of the
text doesn't make it easier for the math-phobic to concentrate
on the
meaning), but focussing on the applications and problems,
the
cryptanalytic attacks, and repeating the injunctions
against
complexity and the sacrifice of security for performance
is a
reasonable position.
Having
come this far, it is interesting to note that we are
only
starting part one, reviewing message security. Chapter
four compares
and reviews various existing block ciphers. The modes,
and attacks
against specific modes, of block algorithms are described
in chapter
five. (This material appears to be what would, in a more
traditional
book, be the introduction to cryptography.) Hash functions
are
explained, compared, and assessed in chapter six, while
seven extends
the concept to message authentication codes, which ensure
not only
detection of accidental alteration, but are also resistant
to outsider
modification attacks on the data or transmission. We
therefore have
the basic tools that we need to consider a channel that
is secure from
eavesdropping and manipulation by anyone not party to
the
communications, in chapter eight. Implementation, and
the engineering
or software development considerations, are examined
in chapter nine.
Part
two deals with key negotiation, partly by introducing
the concept
of asymmetric (more commonly, if less accurately, referred
to as"
public key") cryptography, the major strength of
which involves the
handling of keys. Chapter ten raises the issue of randomness,
which
is vital in the choice of keys, and also talks about
the components of
the Fortuna system for generating pseudo-random numbers.
Prime
numbers are explained in chapter eleven, due to their
importance in
asymmetric cryptography. The venerable Diffie-Hellman
algorithm is
reviewed, along with the math that makes it work, in
chapter twelve.
(If you want to follow the material all the way, you'll
have to be
good at mathematics, but the discussion, while interesting,
is not
vital to the use of the system.) A similar job is done
on RSA in
chapter thirteen. Chapter fourteen is entitled an "Introduction
to
Cryptographic Protocols" but really talks about
trust, risk, and more
requirements for the secure channel. The high level design
of a key
negotiation protocol is incrementally developed in chapter
fifteen.
Implementation issues specific to asymmetric systems
are reviewed in
chapter sixteen.
Part
three looks at key management, and various approaches
to the
problem. Chapter seventeen discusses the use, and risks
of using,
clocks and time in cryptosystems. The idea of the key
server is
illustrated by Kerberos in chapter eighteen, but almost
no detail is
included. A quick introduction to PKI (Public Key Infrastructure)
is
given in chapter nineteen, followed by a philosophical
review of other
considerations in twenty, and additional practical concerns
in twenty
one. (While the division is not unreasonable, these three
could,
without seriously distorting the book, have been one
big chapter.)
Storing secrets, important for key and password reliability,
is
contemplated in chapter twenty two.
Part
four contains miscellaneous topics, including the futility
of
standards (twenty three), the questionable utility of
patents (twenty
four), and the need for involving real experts (twenty
five).
As
noted, this book is not simply another introduction
to
cryptography. The content is for those involved in the
guts of a
cryptosystem, and the material provides significant guidance
for the
concerns of people in that position.
copyright Robert M. Slade, 2003 BKPRCCRP.RVW 20030918
|
