At 03:02 PM 8/11/00 -0400, John R Levine wrote:
>All of the discussion of algorithms is fine, but it seems to me that the most
>important topic in such a book is how to avoid building yet another crypto
>system with a ten-ton steel door and a cardboard back wall. I would include
>some horror stories of failed crypto, and perhaps a few pages on how crypto
>systems are broken or subverted.
A few pages? Chapters and chapters. You learn how to build stronger
bridges by studying how previous ones fell down.
You could write a good book without ever describing the insides
of a block/stream cipher or a PK system. (Despite the obligatory
and often cursory attempts in many treatises.)
All a modern programmer
needs to understand is what a library function does, the special properties
it has. No programmer (vs. mathematically inclined student) needs to
understand number theory to understand that the 'trick' or 'point' of PK
methods is sending asymetric keys through insecure channels. No programmer
needs to understand what a Feistel structure is, though they do
need to know general properties of block ciphers, e.g., change any input bit
and an unpredictable half of your output bits will change.
Similarly for protocols, although its more likely your programmer
will have to implement the protocols you describe, since (as was
brought up recently) there aren't any protocol libraries analogous
to the nicely packaged crypto-primitive libs out there.
IMHO.
(This is not to discourage including 'inner' details of primitives in crypto
courses, but to argue that they're not *necessary* in an applied book.)
