
A Graduate Course in Applied Cryptography - spking
https://toc.cryptobook.us/
======
qzw
Looks like a solid survey of the state of the art, as one would expect from
Boneh and Shoup. Given that this is about _applied_ crypto, I would like to
see a chapter or sub-chapter devoted to discussing the usability of some real
world cryptosystems and their implications. I think it’s something of a “black
art” in crypto, but often ends up with as large a practical impact in practice
as what crypto algorithms are being used. Would be nice to see it treated with
the same kind of rigor as the more technical aspects of cryptography.

~~~
cvwright
What do you have in mind for usability in this context? Things like robustness
against nonce reuse?

------
uep
For hands-on learning of applied cryptography, there is also the delightful
[https://cryptopals.com/](https://cryptopals.com/).

~~~
kitd
+1

When I'm learning a new language, I often use Cryptopals as a good source of
exercises.

------
Uptrenda
This is actually so cool. I find it amazing that such a high quality resource
is available for free. When you think about the potential the Internet has to
democratize knowledge books like this are really the perfect example of that.
I appreciate the authors for sharing their knowledge. Definitely going to take
the time to read this when I'm through some of the other books I'm reading

------
atilimcetin
Also I can highly recommend the lectures from Christof Paar
[https://www.youtube.com/channel/UC1usFRN4LCMcfIV7UjHNuQg](https://www.youtube.com/channel/UC1usFRN4LCMcfIV7UjHNuQg)
and his textbook [http://www.crypto-textbook.com/](http://www.crypto-
textbook.com/)

~~~
EFruit
NB: The textbook is currently free thanks to Springer releasing a selection of
their material as free in response to COVID.

[https://link.springer.com/book/10.1007/978-3-642-04101-3](https://link.springer.com/book/10.1007/978-3-642-04101-3)

------
cryptbe
This is hands down the best book on applied crypto, especially for people who
want to self-learn crypto. I started reading it since version 0.1, but every
time I pick it up I learn something new.The fun application section in each
chapter is pure gold. The exercises are challenging but super rewarding. I
can't do many of them, but reading the problem statements is usually enough to
make me realize I don't understand something.

When I started learning crypto, I spent a lot of time reading A Computational
Introduction to Number Theory and Algebra [1] another free, high-quality book
by Shoup. I did a lot of exercises, even corrected some results in the book,
and at one point thought that I wanted to publish a solution manual. I emailed
professor Shoup, but he said it may not be a good idea because people would
copy my solutions for their homework. It turns out he's right. The blog posts
that I published still get hit from time to time, and the search keyword is
always solutions for NTB [2] =).

Later on, I took CS255 [3] from Boneh. I had to pay for it myself. IIRC it was
$4,000 or something. It was a huge amount of money where I'm from. I took an
overdraft from my bank to pay for it, the best money I ever spent! I still
remember in one of the classes when Boneh was talking about the Diffie-Hellman
protocol he paused to ask us, "Do you know where this was invented?" Nobody
knows, then he pointed to his left and said, "In a room a few yards from
here". I felt like I was part of this amazing history. There's a stream of
knowledge flowing through me and maybe one day I'd discover something cool.

Boneh is simply the best teacher. He knows everything. I like it when he poses
an open problem, and ends with "if you can solve this, I'll be a friend
forever". He doesn't just love teaching, but also knows how to inspire and
apparently can't stop explaining things.

[1] [https://www.shoup.net/ntb/](https://www.shoup.net/ntb/)

[2]
[https://www.google.com/search?rlz=1C5CHFA_enUS851US851&ei=z0...](https://www.google.com/search?rlz=1C5CHFA_enUS851US851&ei=z0OlXr3iMrLA0PEPv4mGOA&q=solutions+for+A+Computational+Introduction+to+Number+Theory+and+Algebra&oq=solutions+for+A+Computational+Introduction+to+Number+Theory+and+Algebra&gs_lcp=CgZwc3ktYWIQAzoECAAQR1ClB1iXCWCDDGgAcAJ4AIABO4gBdpIBATKYAQCgAQGqAQdnd3Mtd2l6&sclient=psy-
ab&ved=0ahUKEwj9hejv04XpAhUyIDQIHb-EAQcQ4dUDCAw&uact=5)

[3]
[https://crypto.stanford.edu/~dabo/cs255/](https://crypto.stanford.edu/~dabo/cs255/)

~~~
jsmith99
> I still remember in one of the classes when Boneh was talking about the
> Diffie-Hellman protocol he paused to ask us, "Do you know where this was
> invented?" Nobody knows, then he pointed to his left and said, "In a room a
> few yards from here".

Boneh works at GCHQ?

~~~
cryptbe
DH was invented at Stanford.

RSA was allegedly invented at GCHQ.

~~~
jsmith99
Both were allegedly discovered at GCHQ:

[https://en.m.wikipedia.org/wiki/Malcolm_J._Williamson](https://en.m.wikipedia.org/wiki/Malcolm_J._Williamson)

------
BossingAround
This looks really advanced. When I looked at the TOC, I thought "Oh that looks
great, I can spend a weekend or two on this." Little did I know the book has
900 pages. Wow.

Anything you'd recommend as a practical introduction? Materials that are
useful for an every-day software engineer?

------
ezVoodoo
Thank you very much for the open book. It is very helpful!

But I cannot find Chapter 1 in the pdf downloaded. So Historic
ciphers/Terminology used throughout the book are missing. Can you please check
it out?

~~~
mcpherrinm
This book isn't finished yet; there are still pieces missing. The authors have
been publishing updated versions occasionally over the last decade as more of
it is written.

------
jshier
Oddly, it doesn't look like Chapter 1 exists in the book, despite its mention
in the index. Even the 2017 version is missing it.

~~~
0xff00ffee
That confused me as well. Did you find it?

(And the chapter number ordering doesn't reset with sections, not a big deal,
just odd)

------
dblank9
That math looks indecipherable. Recommended prerequisites? I'm mostly self
taught with minimal academic background

~~~
ColinWright
If you're serious, pick something you don't understand and send me an email.
I'll want to know:

* What you don't understand;

* What you've looked up;

* What your thoughts are about it.

It depends on what you're asking, and there's a good chance I won't actually
be able to help, but I might be able to suggest some self-study to get you
started on specific issues.

~~~
0xff00ffee
For me the weird parts jump out in the very first definitions. I'm not used to
thinking of M, C, and K as "all possible messages, ciphertexts, and keys". It
never occurred to me to work from those assumptions because that's a crazy
huge space in my mind.

Plus the set notation threw me a little, e.g.: the cardinality of the set of
all ciphertexts for key k in K is ... a number Nc. oookkaaayy.... pause ...
...60 minutes later .... OOOHHH got it!!! ... Same goes for the additive
theorem, where suddenly the bit strings M and C become numbers that are added
with k mod n --> First it's a message and now ... SHAZAM ... its big integer!

I know as an embedded analyst that RSA and ECC crypto spends a lot of time in
bigint routines, but it is becoming clear WHY that is the case.

I realize this is all 101 stuff for people who know crypto, but I really want
to learn it for real-reals, so I'm creeping through this book a little bit
every day until my brain shuts down. It took me 30 minutes to convince myself
of Example 2.6 wasn't perfect crypto: I know intuitively why, but applying the
definition mathematically made me feel all of the rust in my brain from 30
years out of college.

I"m sure I'll hit more confusing set theory math, fortunately I have the
internet.

Such a fun book!

------
lesny_ludek
Is there epub or mobi version?

~~~
cheez
[https://toc.cryptobook.us/book.pdf](https://toc.cryptobook.us/book.pdf)

~~~
aleksaxyz
I guess the answer is no then?

~~~
cheez
[https://toepub.com/](https://toepub.com/)

------
mirekrusin
Chapter on secure multi-party computation is still in progress/not available,
does anybody know of good resources on current state in this area?

------
jcul
Is the material here different to the Crypto 1 Coursera course offered by Dan
Boneh?

------
person_of_color
Exactly what I'm looking for! Now we just need a solution manual

------
xuesj
Thanks a lot!

