Handbook of
Applied Cryptography

Computer and Communications Security Reviews

Volume 6 Number 2 (June 1997)

AJ Menezes, PC van Oorschot, SA Vanstone
CRC Press Inc., 1997, ISBN 0-8493-8523-7

This book is a major contribution to the day-to-day resources of professionals in both research and industry. It explains a lot of technical matter clearly and in detail; chapters are properly introduced, with plenty of background information, and supplementary notes giving more details, references and pointers to relevant activities and research.

The authors start with an overview of cryptography, followed by sections on the mathematical foundations, public key foundations and relevant complexity issues. The next two chapters discuss public key parameters and pseudorandom bit generation. Unlike some other books on the subject, this one covers both block and stream ciphers with dedicated chapters. The next chapters deal with public key encryption, hash functions and data integrity, followed by identification and entity authentication. A chapter on digital signatures concludes the section covering cryptographic building blocks and functions.

The focus then moves to the practical and infrastructural aspects - key establishment protocols and key management, which are both covered well; a treatment of the efficient implementation of operations and algorithms gives details that are otherwise hard to find. (This section might also have got a follow-up dedicated to engineering aspects of cryptography and real world applications.) The book concludes with a well written chapter on cryptography standards and patents, which has enough detail to inform and provide references, yet without drowning the reader in standards committee jargon. The bibliography is quite extensive.

The book covers most of what one would expect a good crypto handbook to cover, along with almost all the supporting information the practitioner is likely to need. During the review (which included more than two months' use), the book turned out to be very accurate and to give an appropriate emphasis. However it is not a textbook for the instruction of beginners: readers should already be familiar with the basics of cryptography, or be technically sophisticated and with a strong urge to learn.

Return to Reviews