The authors are the researchers who invented Rijndael, a cryptographic algorithm that was selected by the National Institute for Standards and Technology (NIST) to become the advanced encryption standard (AES).

On the book’s cover, the blurb promises the volume to be “the authoritative guide to the Rijndael algorithm and AES. Professionals, researchers and students active or interested in data encryption will find it a valuable source of information and reference.”

The book consists of 11 chapters and five appendices. The foreword, by Ronald L. Rivest, briefly summarizes how Rijndael became the AES. Chapter 1 gives more details on which criteria were important during the AES selection process.

Chapter 2 commences with the very fundamental mathematics required to understand how Rijndael works. Unlike many other books on cryptography, which are hard to read because their authors like to emphasize complicated formulas, the authors clearly explain the basics. Moreover, they also graphically highlight sections that are specifically related to Rijndael. Every student who passed one or two algebra classes should be able to follow the explanations. For example, although it is not a textbook for algebra, the first definition of the chapter is that of an Abelian group. The reader should have already heard of the concepts, nonetheless, the reminder will be helpful for many (applied) computer scientists who may have forgotten these definitions.

Chapter 3 explains in great detail how the algorithm works; by following the included pseudocode, the reader can easily understand which steps are executed, and how the state and keys are changed. A reference implementation of the whole algorithm is provided in an appendix. Efficient implementation is highly relevant for cryptographic algorithms. Chapter 4 shows how Rijndael can be implemented on 8-bit, 32-bit, and other platforms. Chapter 5 highlights the design goals and decisions in a more abstract way.

Obviously, cryptographic algorithms should not be easily compromised. From chapter 6 onwards, the basics in cryptanalysis are explained. Starting off with the weaknesses of the data encryption standard (DES), the authors show that one of their main goals was to render Rijndael secure against differential and linear cryptanalysis.

Chapter 9 explains the wide “trail strategy” [1]. Since the implementation cost of an S-box increases with its size, Rijndael’s inventors strived to provide strength through other means. That said, the steps of the cipher not offering nonlinearity should provide the best possible diffusion. The rationale is to create resistance against linear and differential cryptanalysis. The penultimate chapter discusses attacks other than linear and differential cryptanalysis, such as saturation attacks. The last chapter briefly highlights other ciphers on which Rijndael is based, or that are based on Rijndael.

The book is an excellent choice for people who are interested in how Rijndael really works and who need more explanations than research papers usually contain. It is a book that readers will regularly consult when they need to look up details about Rijndael. My recommendation: strong buy, even though Springer books are not really a bargain.