Title: Book review - Serious cryptography
Date: 2018-05-01 23:30

![book's cover]({static}/images/serious_cryptography.jpg)

There are some well-known good books about introduction to cryptography, like
the [Handbook of applied cryptography]( http://cacr.uwaterloo.ca/hac/ ),
[Cryptography Engineering: Design Principles and Practical
Applications](https://www.schneier.com/books/cryptography_engineering/),
[Applied Cryptography: Protocols, Algorithms, and Source Code in C](
https://www.schneier.com/books/applied_cryptography/), … but they are all
pretty old.

This is why I was curious about the latest book from [JP
Aumasson](https://131002.net/), principal research engineer at [Kudelski
Security](https://research.kudelskisecurity.com/), author of several
hash-related functions, … entitled "Serious cryptography",
with a foreword from [Matthew D. Green](http://spar.isi.jhu.edu/~mgreen/).

> This practical guide to modern encryption breaks down the fundamental
> mathematical concepts at the heart of cryptography without shying away from
> meaty discussions of how they work. You’ll learn about authenticated
> encryption, secure randomness, hash functions, block ciphers, and public-key
> techniques such as RSA and elliptic curve cryptography.

The books goes through basic cryptography topics: randomness, block and
stream ciphers, hashes and keyed hashes, authentication, RSA, Diffie-Hellman
exchanges, elliptic curves, TLS and even some post-quantum schemes.
I wouldn't recommend it to people without some math/CS background, but if you
already played a bit with computers, go buy it: everything is crystal-clear
and well led, even the quantum bits!

Each chapter is not only explaining concepts and key implementation details,
but also highlights possible pitfalls, common mistakes, and finishes with
a list of recommended materials. I really liked how the books is 
using maths and diagrams to increase clarity or to illustrate something
abstract; instead of going the (usual) other way around: obscure mathematics/figures
with a vague textual explanation. Don't forget to check the
[erratum](https://nostarch.com/seriouscrypto#updates), otherwise you might
waste quite some time re-reading the pages on and on, wondering what you're
missing, thinking that obviously, you're the one who's wrong, not the book.

I passed it around amongst colleagues who weren't big fans of cryptography nor
known for their *enthusiasm towards mathematics*: they enjoyed it very much,
and it even sparked some interesting discussions at work.

If you're curious about how modern cryptography is working,
I wholeheartedly recommend to read this book ♥