Review of Cryptography: Theory and Practice by D. R. Stinson

Stinson, D. R. Cryptography: Theory Practice. 3rd edition. Chapman & Hall=CRC, Taylor & Francis Group, 6000 Broken Sound Parkway NW, Suite 300, Boca Raton, FL 33487–2742, USA. 2006. 593 pages. The first edition of the text under review appeared in 1995. As it so happened, the reviewer took a course in cryptography not long afterward, with Stinson’s book serving as the course’s primary text. Thus, the reviewer regards the opportunity to review an updated version of the book as serendipitous. The initial edition contained thirteen chapters, and covered the core topics of cryptography, with some attention given to advanced topics. The second edition, by contrast, was a seven-chapter volume more focused in scope, as Stinson decided it was best to concentrate more heavily on areas most likely to be studied in a cryptography course. With the current version, however, Stinson deemed it best to mimic, albeit in a more expanded way, the first edition in style and scope. The third edition contains the seven chapters from the second volume, along with seven new chapters. Chapters 1 and 2 of the third edition are largely unchanged from the first version. Chapter 1 gives an introduction to cryptography that includes descriptions and cryptanalyses of some simple cryptosystems. Chapter 2, meanwhile, presents Shannon’s approach to cryptography. Topics discussed in this chapter include perfect secrecy, entropy, and the role of information theory in cryptography. Chapter 3 deals with block ciphers. General principles are addressed, and both the Data Encryption Standard (DES) and the Advanced Encryption Standard (AES), the latter of which was not available at the time of Stinson’s first edition, are considered in detail. Chapter 4, which deals with hash functions and their applications, is an updated version of Chapter 7 in the first edition. The chapter includes a description of the Secure Hash Algorithm (SHA-1) and the use of keyed hash functions as message authentication codes (MACs). Stinson’s treatment of this material is both thorough and engaging. The RSA Cryptosystem and its uses constitute the focus of Chapter 5. Stinson’s presentation is, as with prior chapters, detailed and well-written, and includes a welcome discussion of the notion of semantic security, a form of security in which an adversary cannot, in polynomial time, distinguish ciphertexts, subject to certain computational considerations. Chapter 6 discusses various public-key cryptosystems based upon the Discrete Logarithm problem. The chapter also contains material on computing discrete