With the advent of the Internet and nearly ubiquitous computing and communication, issues of security, such as authentication and authorization, have made cryptography a pervasive discipline. Some knowledge of the field is required by designers, manufacturers, and end users alike. Writing a book that satisfies the needs of each of these constituencies is an ambitious task, but the authors succeed admirably in providing readers with an understanding of the overarching principles of modern cryptography and of the means of implementing those principles. The book serves well those who want a passive, conversant understanding of the field and those who want to actively develop cryptographic protocols. The book will be especially useful for upper-level undergraduates and graduate students in computer science, mathematics, and management information systems.
As the title indicates, the book concerns modern rather than classical cryptography, but the authors justifiably begin with a treatment of classical cryptography. They do so, however, with a modern concern for precise definitions and rigorous proofs that avoids any nostalgia for a time when the field was more art than science. The bridge between their treatment of classical and modern cryptography is that of perfect encryption, a classical topic treated with the mathematical instruments of modern cryptography. This combination of the classical and the modern, which requires a familiarity with probability, serves the reader well in preparation for the formalism and rigor to follow.
The rest of the narrative is divided into two parts--public key and private key cryptography--that mirror the major division in the field. The section on private key encryption describes computational security, pseudorandomness, stream ciphers, chosen plain-text attacks and defenses against those attacks, and message authentication codes. Conceptually and mathematically, this section builds upon the introduction by explaining notation, by presenting propositions, by formulating precise definitions, and by developing rigorous proofs, all of which serve to acclimate the reader to the essential elements of modern cryptography. An especially strong segment of this section is the discussion of computationally secure encryption, which stresses definitions and concepts rather than calculations and mathematical notation. The curve of the presentation provides a model of the kind of thinking that characterizes modern cryptography.
The section on public key cryptography begins with a chapter that treats the number theory concepts that are essential for an understanding of this form of cryptography. Although this segment is useful and aptly crafted for its context, readers new to these concepts will need more exposition to be fully comfortable. Topics covered include prime numbers, modular arithmetic, groups, and the Chinese remainder theorem. After covering these topics, the authors move to a discussion of RSA public key encryption, which entails such topics as generating random prime numbers, testing for primality, and factoring. In presenting RSA, the authors are especially careful to discuss its assumptions just as they do for Diffie-Hellman problems. The chapter on number theory concludes with its application to such cryptographic concerns as one-way functions, one-way permutations, and collision-resistant hash functions. This treatment serves as a model for the applications of number theory that dominate the remainder of the book. To deepen the discussion regarding factoring, the authors include a chapter on algorithms for factoring and for computing discrete logarithms.
A chapter on private key management and the impact of public key encryption, which includes a discussion of the Diffie-Hellman key exchange, precedes a broad chapter on public key encryption, which revisits RSA in more detail than an earlier chapter. To supplement the sections on RSA and Diffie-Hellman, the authors include a chapter on a variety of other public key encryption schemes--Goldwasser-Micali, Rabin, and Paillier. These are grouped together in a separate chapter because they require more number theory than do the schemes treated earlier. They are also not as historically seminal as RSA and Diffie-Hellman.
Chapters on digital signatures and the random oracle model round out the exposition of modern cryptography. The authors include the RSA signature scheme and its hashed modification, as well as the digital signal standard. Following this is a chapter devoted to the random oracle model, which strikes a balance between provable security and the absence of a proof altogether.
Aware of the demands that their text may place on readers, the authors provide aids for negotiating through their book. For example, supplementary material, such as the theoretical construction of pseudorandom objects and material concerning elliptic curves, is marked with asterisks. In addition, the book concludes with reference sections on notation, mathematics, and number theory, but these sections are too cursory to provide much assistance to those in need of help in these areas. They are more reminders than tutorials, and they demonstrate that the audience for this book needs some measure of mathematical maturity.
