Introduction to Cryptography

I would like to thanks the people from NovaLUG (especially John and Peter) for organizing this month's meeting since I was invited as a speaker for an "Introduction to cryptography".

Thanks also to Ridgeline International for providing the space (and the last minute help for the setup) and to Suzie from SG2 Recruiting for the coffee and the snacks.

The presentation slides are available here, in the original LibreOffice format or in PDF format. The presentation was video-recorded and it is available on YouTube.

As mentioned during the meeting, here is a list of additional resources that could be of interest for some of you who want to learn more about cryptography.

Cryptography History

The Codebreakers by David Kahn is probably the best reference on the topic. All the details are just 1,000 pages away...

The Code Book by Simon Singh is an easier first step, and it covers all the most important subjects.

Secret Messages by W. S. Butler and L. D. Keeney is not really about cryptography history, it's more about techniques that have been used to conceal messages. A very easy read.

Mathematics and Cryptography

The Mathematics of Secrets by Joshua Holden presents all the various mathematical problems that are applied in cryptography, from historical ciphers to the new ideas in quantum cryptography and including of course chapters about public-key cryptography.

Practical Cryptography in Python by Seth Nielson and Christopher Monson is at the border between this category and the next. It includes a clear mathematical approach along with some Python code. That is probably the book that I would recommend first in this list.

The New York Times Book of Mathematics includes a chapter about cryptography. Do not expect any formula in there, as the articles are coming from the eponymous newspaper. Nevertheless, you will find information about breakthroughs in prime number factoring. Many articles are also reporting the legal issues between the academic community and the U.S. government.

Technical Books

Linux Hardening in Hostile Networks by Kyle Rankin is a good starting point if you are looking for using encryption (and other security measures) with your mail server, web server or other piece of Linux software.

PGP & GPG by M. W. Lucas is listed as "obsolete" by the author (and he's probably right about that). But you may want to get a copy to understand some of the principles (there is even an older O'Reilly book on that topic).

Videos

Information Security—Before & After Public-Key Cryptography is a video recording of Whitfield Diffie (one of the inventor of the public-key crypto-system) that I strongly recommend.

F5 DevCentral is the YouTube channel from F5 Networks, Inc. and there are doing a very good job at publishing short videos about various networking and security subjects, including few on cryptography, TLS/SSL and DNSSEC in particular (you may need to browse a little to find those).

The Spy Factory from PBS and Inside the NSA: America's Cyber Secrets from the National Geographic are two DVDs dedicated to the National Security Agency.

The Travelling Salesman is a good and original fiction movie about cryptography, exploring the subject of "crypto has been broken, and the government wants to keep the results".

Places

Because it is Washington DC, some of the organizations related to cryptography are just a few miles nearby. You will probably not get a chance to see the Kryptos sculpture on the CIA campus, but the Antipodes one, a pretty similar sculpture from the same artist is on the National Mall near the entrance of the Hirshhorn Museum.

The International Spy Museum is another place to visit downtown; I didn't get a chance to visit it at its new location (near L'Enfant Plaza) but the exhibits should probably be as good as the ones that were presented before.

And of course, the National Cryptologic Museum is the place that you want to go to learn about cryptography (mostly on the historical side). I strongly recommended a guided tour. And it's free.

There is more to list and to review about cryptography, I didn't even mention Bruce Schneier's books and blog. Some security vendors also have blogs with interesting content (Sophos has an old and a recent articles that you may want to have a look at).

Last but not the least; in the presentation slides 10 and 11 are about the "ANSSI Challenge". Since this is related to a French security agency, there is not resource that I know of about it in English. You should still be able to use Google Translate with the original article, this should at least give you some more details and context.

publié le 14 janvier 2020