Updates
Latest Tweet
What's New?
Check out for latest innovation, a computer based training video collection
Like this Page
Cryptography in C and C++ Review by anonymous
Good book -- Wrong title
If truth in titling were a crime, someone would be in leg-irons over this one. This book should be entitled, "A Detailed Account of the Construction of a Large-Precision Number Library of the Sort that can be Used for RSA and Similar Cryptographic Systems, with a few Examples." The book fulfills this latter title exceptionally well.
The great majority of this book is a detailed, step-by-step account of the how the author constructed a C-language big-number library. It treats wrapping the C-libraries with C++ classes as a separate chapter -- nice touch. This treatise is thorough, well-written, and engaging. Nicely done. It is written from a mathematicians perspective, and its mathematical underpinnings may repel some programmers, but they need not fear. In the end the C-code is well-explained.
The only "cryptography" of note is a chapter on implementing RSA with the library. Indeed, the great majority of implementing RSA and similar ciphers is creating the big-number libraries. The RSA chapter is, fortunately, much more than a simple example. It is an excellent treatise of the pitfalls in implementing RSA. That is, RSA is more than a "simple example." If you are implemeting RSA with any big-number library, this chapter alone is worth the cost of admission.
There is a chapter on AES (Rijndael) cipher, but it is out of place here and an obvious paste-on, probably a last minute, hot-button item required by the publisher. It really has nothing you can't get from the original NIST documents on AES.
I'm willing to believe that the title and AES paste-on are the fault of the publisher, because otherwise Welschenbach did an excellent job -- lots of hard and careful work, well documeted. With a title-change, I'd give it a 5-star.
The question in the end is: Why would you want this book? Apart from general interest, the audiences that come to my mind are those who are constructing such libraries on their own, and those who need to use the software included with the book (on a non-commercial basis -- the software license prohibits commercial use).