Jim Gillogly (jim@mentat.com)
Tue, 23 Jun 98 07:03:48 PDT
Nick Brawn says:
> What do people suggest would be the best way to learn more about
> cryptanalysis? I'm looking especially for papers that discuss how various
> algorithms and snake oil products have been successfully cryptanalysed in
> the past.
It really depends a lot on your background and how much time you're
willing to invest in it. For modern algorithms and modern methods
and assuming strong math, the proceedings of Crypto (the annual
Santa Barbara conference), Eurocrypt, and the like always have
recent cryptanalysis results. Schneier's "Applied Cryptography"
Menezes et al.'s "Handbook of Applied Cryptography" each have lots
of references to recent important cryptanalysis literature.
If you want to learn to do it yourself from ground zero, I'd recommend
starting with Kahn's "The Codebreakers" to get an idea of the general
landscape, then on to Gaines' "Elementary Cryptanalysis" (also published
as simply "Cryptanalysis") to start getting hands-on experience,
Sinkov's "Elementary Cryptanalysis" to start getting a feel for simple
mathematical methods, and then Friedman and Callimahos' "Military
Cryptanalytics" for some real (well, up to WW2) methods. At this point
you should be ready to tackle the Zendian Problem, after which you'll
be able better to appreciate some of the modern mathematical attacks
on systems.
A lot of people seem to skip directly to "let's build a system and
see if anybody can spot what's wrong with it." I don't think that
works. You learn cryptanalysis only by doing it.
Jim Gillogly
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:18:53 ADT