REVIEW: "Cryptography and E-Commerce", Jon C. Graff

Discussion in 'Computer Security' started by Rob Slade, doting grandpa of Ryan and Trevor, Nov 28, 2003.

  1. BKCRECOM.RVW 20031019

    "Cryptography and E-Commerce", Jon C. Graff, 2001, 0-471-40574-4,
    U$29.99/C$46.50
    %A Jon C. Graff
    %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
    %D 2001
    %G 0-471-40574-4
    %I John Wiley & Sons, Inc.
    %O U$29.99/C$46.50 416-236-4433 fax: 416-236-4448
    %O http://www.amazon.com/exec/obidos/ASIN/0471405744/robsladesinterne
    http://www.amazon.co.uk/exec/obidos/ASIN/0471405744/robsladesinte-21
    %O http://www.amazon.ca/exec/obidos/ASIN/0471405744/robsladesin03-20
    %P 222 p.
    %T "Cryptography and E-Commerce"

    The introduction states that the author has set out to write an
    "accessible, easily understood, and entertaining" guide to modern
    cryptography.

    Part one is a presentation of current cryptography. Chapter one opens
    with symmetric key concepts, but states that DES (Data Encryption
    Standard) is safe for the present (DES had been broken at least twice
    by the time the book was written). The basic ideas are presented, but
    the metaphors and illustrations used may confuse, rather than explain,
    the issues. The same is true for integrity protection (hashes and
    digests) in chapter two, and with key management, Kerberos, asymmetric
    (public key) cryptography, certificates (using only a hierarchical
    structure), certificate extensions and attributes, and US export
    restrictions, in the succeeding chapters. The section finishes with a
    one page "chapter" of concluding remarks.

    Part two, consisting of chapter ten, is a tutorial on the underlying
    mathematics of asymmetric cryptography. As with the basics of
    cryptography presented earlier, using pictures and stories does not
    seem to help matters, particularly since the math is not correct. (In
    explaining RSA on page 127, 3 x 11 does *not* equal 44, and a
    previously undefined function appears partway through the process.)

    Part three contains case studies of architectures proposed by the
    author. Chapter eleven utilizes Kerberos, but the most interesting
    parts involve the use of hardware cards. Chapter twelve is an outline
    of a fairly generic PKI (Public Key Infrastructure).

    Overall, the explanations of cryptographic concepts are not bad, but
    they are not particularly accessible or easily understood, and there
    are certainly clearer and more complete books that make fewer
    mistakes, even the simpler ones, such as "Cryptography Decrypted" by
    H. X. Mel and Doris Baker (cf. BKCRPDEC.RVW), or "Internet
    Cryptography" by Richard E. Smith (cf. BKINTCRP.RVW). The
    entertainment value of the pictures and stories is minimal, and, as
    noted, the graphics and personal names are unlikely to assist the
    reader in understanding the fundamental theory.

    copyright Robert M. Slade, 2003 BKCRECOM.RVW 20031019

    --
    ======================

    "If you do buy a computer, don't turn it on." - Richards' 2nd Law
    ============= for back issues:
    [Base URL] site http://victoria.tc.ca/techrev/
    or mirror http://sun.soci.niu.edu/~rslade/
    CISSP refs: [Base URL]mnbksccd.htm
    Security Dict.: [Base URL]secgloss.htm
    Security Educ.: [Base URL]comseced.htm
    Book reviews: [Base URL]mnbk.htm
    [Base URL]review.htm
    Partial/recent: http://groups.yahoo.com/group/techbooks/
    Security Educ.: http://groups.yahoo.com/group/comseced/
    Review mailing list: send mail to
     
    Rob Slade, doting grandpa of Ryan and Trevor, Nov 28, 2003
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Silverstrand
    Replies:
    4
    Views:
    803
    unholy
    Jun 27, 2005
  2. Covad Technical Support

    Testing for Jon

    Covad Technical Support, Nov 12, 2003, in forum: Computer Support
    Replies:
    3
    Views:
    470
  3. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Secure Coding", Mark G. Graff/Kenneth R. van Wyk

    Rob Slade, doting grandpa of Ryan and Trevor, Oct 16, 2003, in forum: Computer Security
    Replies:
    1
    Views:
    503
  4. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Disaster Recovery Planning", Jon William Toigo

    Rob Slade, doting grandpa of Ryan and Trevor, Jan 5, 2004, in forum: Computer Security
    Replies:
    0
    Views:
    588
    Rob Slade, doting grandpa of Ryan and Trevor
    Jan 5, 2004
  5. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Zero Day Threat", Byron Acohido/Jon Swartz

    Rob Slade, doting grandpa of Ryan and Trevor, Jun 8, 2009, in forum: Computer Security
    Replies:
    0
    Views:
    507
    Rob Slade, doting grandpa of Ryan and Trevor
    Jun 8, 2009
Loading...

Share This Page