BKIMPECC.RVW 990115 "Implementing Elliptic Curve Cryptography", Michael Rosing, 1999, 1-884777-69-4, U$47.95/C$67.95 %A Michael Rosing cryptech@mcs.com %C 32 Lafayette Place, Greenwich, CT 06830 %D 1999 %G 1-884777-69-4 %I Manning Publications Co. %O U$47.95/C$67.95 hetr@manning.com 516-887-9747 %P 313 p. %T "Implementing Elliptic Curve Cryptography" Modern asymmetric (or "public") key cryptography uses mathematical operations that are fairly easy to do in one direction, but extremely hard to do in reverse. The standard example used (indeed, the one that is almost synonymous with public key encryption) is that of factoring. Given two large prime numbers, it is a straightforward task to multiply them together and find the resulting multiplicand. However, given a large number that is a product of two large prime factors, it is extremely difficult to find those two primes. Elliptic curves have a similar property. A characteristic of an elliptic curve is that any two points on the curve can be "added," and the resulting point will also be on the curve. However, it is difficult, given only the final point, to find the original two that were added. Thus, this attribute can be used as the basis of an asymmetric encryption system. Rosing doesn't get around to explaining what an elliptic curve is until chapter five, so you have to take a fair amount on faith. In spite of the comments in the first few pages of the book promoting the advantages of understanding the fundamentals, it is quite easy to believe that the text was written to explain some sample code, since there is far more emphasis on dealing with carry bits than there is in the background explanations. He starts in chapter one by talking about exponential curves (as in, a good crypto system is one where the work done to encrypt a message grows more slowly than the work required to crack it) and the enormous magnitude of address spaces. Chapter two doesn't really deal with number theory until halfway through, concentrating on coding for arithmetic with large integers, and rushing through conceptual explanations in order to get into yet more programming. Polynomials are introduced in chapter three, but, again, I couldn't say that the subject is really covered. At one point a new term, undefined, is introduced. The comment, "If you don't know what that means, just remember that it works!" is not terribly helpful when we have no idea what it works for. Normal basis is given a mathematical definition, but almost no explanation, in chapter four. The explanation of elliptic curves, in chapter five, is much better, but, relying as it does on some understanding of polynomial and normal basis, still leaves a lot to be desired. It is interesting to note, in chapter six, that the basics of cryptology is treated every bit as cavalierly as the math. The explanation of public key cryptography is extremely terse, and, in fact, contains several minor errors. Chapter seven looks at some practical building blocks like random number generation and "handshaking" protocols. The elliptic curve encryption scheme and IEEE P1363 standard mask and hash functions are reviewed in chapter eight. Chapters nine and ten discuss advanced topics in key exchange and digital signatures respectively. Fine details for performance enhancement in specific sections of code are covered in chapter eleven. A sample analysis and design is given in chapter twelve. Now, granted, Rosing's purpose is engineering and implementation and not math tutorials. And, to be fair, he does provide information on a number of points of programming not often dealt with in the more academic texts. However, as he points out, you cannot simply use the sample code in the book and expect it to work in all cases and for all purposes. Therefore, if the programmer does not understand, to some extent, how the system works, the eventual system may have flaws and weaknesses. However helpful the programming pointers handed out in every chapter, design must be based on concepts, and these are very poorly provided. If, on the other hand, you learned UNIX by studying the source code, you might do reasonably well with this book. copyright Robert M. Slade, 1999 BKIMPECC.RVW 990115