Jean-Philippe Aumasson’s book Serious Cryptography goes into detail explaining how certain aspects of cryptography works. His chapters allowed the readers to figure out how an aspect of cryptography works and then showed how it could be broken. Allowing the reader to see how quickly something could go wrong with cryptography. Serious Cryptography showed that even if cryptography was designed well, a particular implementation of the design could have security implications. I found the most interesting chapter to be Quantum and Post-Quantum because it enables the reader to realize the effect of quantum computing on cryptology. That is if human can break the barrier of being able to produce quantum computers. This chapter explains how quantum computing could potentially break current forms of cryptography without much effort. Jean-Philippe added that there are ways to protect current crypto from the quantum computer. However, Jean-Philippe mentions that some experts argue that quantum computers can happen in about 10 years, while some experts argue that humans may never see a quantum computer.
– Andrew Swoboda, Security Researcher, Tripwire
Serious Cryptography is a great introduction to the challenges cryptographers face and how these challenges are overcome. For everything from S-Boxes and elliptic curves to padding oracles and nonce reuse, this book demystifies crypto in mostly plain and easy-to-understand language. Aumasson follows a logical progression through the concepts, allowing readers to gradually build a more comprehensive understanding of the technologies at play. The notable exception to this is the final chapter, dealing with post-quantum crypto, which absolutely left me scratching my head but in a good way. In general, the book strikes a good balance between having too few or too many technical details and is structured in a way that the reader can to some extent pick and choose topics of interest without being entirely lost. My main criticism of the book is that I feel some very interesting topics pertaining to RSA encryption were only mentioned in passing or omitted entirely. Due to the unfortunate prevalence RSA encryption still has on the Internet, I feel that this is an area of extreme importance for anyone studying modern cryptography. I would hope that the next revision of this book will go into more detail on Coppersmith and Bleichenbacher’s attacks on RSA, both of which returned to modern implementations since Serious Cryptography was published (e.g. ROCA and my personal contribution to RSA security, ROBOT). Overall, I would definitely recommend this book to anyone looking to expand their grasp on how crypto works. This book is appropriate for a wide range of audiences. People with little to no background in crypto can drink from the fire hose with this book while those readers with years of practical experience will likely still find that this book fills some gaps in their knowledge base.
– Craig Young, Principal Security Researcher, Tripwire
Cryptography is one of those subjects that you either like a lot or hate a lot. Now, don’t get me wrong, I love the benefits provided by cryptographic technology. But, I just cannot seem to like the technical details underlying crypto---it is just not a topic that I have every enjoyed studying. However, I have to say that of all the documents and books that I have read related to crypto, Serious Cryptography by Jean-Philippe Aumasson is one of the better reads I have come across. Jean-Philippe does a great job introducing the reader to virtually every aspect of modern cryptographic technology. The book does have a good bit of detailed technical information, which is useful for technologists working with crypto, but non-technical readers can skim right over the technical details and still walk away with a good understanding of the why’s and how’s of modern cryptography.
– Lane Thames, Senior Security Researcher, Tripwire
At this point, hopefully you’ve made an informed decision surrounding the book and you’re thinking about picking up a copy to give it a read. There’s a lot of good to be said for the book, which is why I would lean toward giving the book at 4.0/5.
Overall Rating: 4.5/5