The mathematics of encryption. An elementary introduction (Q2850722)

I start this review with some general remarks before entering into the contents of the book in more detail. This book deals with mathematical aspects of information protection. It shows a variety of cryptosystems and ways to break them, considers techniques of steganography and deals with some aspects of coding theory. It is meant for students having no more background then high school mathematics, though it touches sometimes more or less deep mathematical concepts with which those students are not familiar. Furthermore at some points the book is a bit sloppy (I will point out a few places) and sometimes I wonder about choices the authors made about references and material for further reading. Nevertheless the book is a good introduction to several concepts in mathematics with applications to cryptography and coding theory. Moreover numerous exercises can be found to make students familiar with the introduced concepts.NEWLINENEWLINEI now go into details per Chapter.NEWLINENEWLINENEWLINEChapter 1 discusses the use of cryptography through history, especially in war times. I was surprised that the wonderful standard work written by David Kahn [The Codebreakers. New York: Scribner (1967, 1996)] was not included in the references. Furthermore I disagree with the explanation of the notion ``decryption''. It is stated that cryptanalysis is needed for decryption, however the intended receiver in possession of the right key can decrypt (or perform decryption) without cryptanalysis.NEWLINENEWLINEChapter 2 is concerned with classical cryptosystems like simple substitutions. Starting with the Caesar cipher concepts like factorials and modular arithmetic are introduced. Then affine ciphers are defined. The last table on page 31 contains an error the \((+5,F)\)-entry should be a \(D\) instead of a \(B\). Next the Vigenère cipher is discussed. Breaking methods under consideration put too much emphasis on frequency analysis and to little on the use of word patterns. Next the authors define permutation ciphers which in the common literature normally are called transposition ciphers. In this book transposition is defined in a bit strange way as interchanging just two numbers and leaving the rest invariant (see page 48). The chapter finishes with the Hill cipher.NEWLINENEWLINEChapter 3 deals with the Enigma cipher, used by the Germans in WW II and broken by the allies, using what is considered as one of the first computers (designed by Alan Turing). Treating this cipher several combinatorial concepts are introduced in order to calculate the size of the key space, indicating the complexity of breaking the system if exhaustive search would be the only attack.NEWLINENEWLINENEWLINEChapter 4 discusses breaking methods for some classical ciphers. It starts by breaking the Caesar ciphers using frequency analysis. Next the Affine cipher is tackled but before doing so the concept of ``function'' is introduced. Strange enough the authors do not find it necessary to elaborate on the concept of ``linearity'' but immediately start to use it. Also some more words could have been spend on the way to conclude that \(a= 1/3\) and \(b=-7/3\) on page 86 (i.e. first take \(x=0\) to find \(7a+b=0\) then take \(x=1\) to find \(3a-1=0\)). Next it is shown how to break a general simple substitution. Throughout the example on page 96 and 97 consequently the last Y in the third line of the cryptogram is wrongly translated into a t, where this t should be underneath the second last \(B\) of the third line of the cryptogram. On page 97 the \(Y\) of the last line in the cryptogram should be over an i in stead of a \(y\). The same error is also to be found on page 98. However the final solution is correct again. It is a bit sloppy. For breaking the Vigenère cipher a useful instrument to calculate the width (length of the keyword) is the so called index of coincidences. Unfortunately this technique is not discussed in the book. In stead of the statistical method, now finally word patterns and repetitions are used, which also works quite nice sometimes (i.e. if patterns or repetitions are present).NEWLINENEWLINENEWLINEIn Chapter 5 breaking methods for the permutation and the Hill cipher are discussed that use multigram statistics. Then running key ciphers and the one time pad are introduced. In the definition of one time pad a crucial element is missing namely that the key is used only once!NEWLINENEWLINENEWLINEChapter 6 is on modern symmetric ciphers and introduces stream ciphers based on linear feedback shift registers. In Section 6.2 the authors forget to mention that additions are considered to be mod 2. On page 137 the XOR is introduced in a sloppy way. First \(\oplus\) is introduced as bitwise modulo 2 addition, as such it is an operation on binary vectors. Then XOR is identified with \(\oplus\) though in the next line it is an operation on single bits instead of vectors. Section 6.7 peaks into the design of block ciphers (AES). As an easy example the authors introduce the so called Baby Block Cipher. In the security analysis following the description they show that considering only one round does not allow to determine the key using a known plain text attack. This may be so but considering the total baby block cipher some more detailed analysis shows that the key can be determined using a known plain text attack.NEWLINENEWLINENEWLINEChapter 7 is on public key cryptography and starts with a system based on graphs and so called perfect codes in the graph. Section 7.1 contains several errors. First of all the graph of Figure 7.1 has 14 edges in stead of 16. This can be easily seen by adding the valencies at the nodes and dividing by two: \(28/2 = 14\). Next the graph of Figure 7.1 clearly is not the same as the graph in Figure 7.2 but the text states that it is. In Figure 7.1. the edge BC is present whereas it lacks in Figure 7.2. The graph in Figure 7.3 is equal to the one in Figure 7.1. The explanation on page 175 of Figure 7.5 should read: The graph of Figure 7.4 with the perfect code shown. The system using the perfect codes in graphs turns out to be insecure, it is rather easy to reconstruct the secret. Next kid RSA is introduced as a preliminary for the real RSA. For fast modular exponentiation the use of addition chains could have been mentioned.NEWLINENEWLINENEWLINEIn Chapter 8 RSA encryption is introduced and discussed. Also digital signatures are considered and hash functions are introduced. Next Diffie-Hellman key exchange is introduced, however the description on page 227 is wrong in step 4. Alice does not (!) send \(g^{ab}\) to Bob since that would also reveal the secret to eavesdroppers. In Section 8.7 it is the inability to factor quickly that makes RSA secure and not the ability.NEWLINENEWLINENEWLINEChapter 9 is concerned with protection of information against transmission errors. It introduces the concepts of error correction and error detection. As a remark to the introduction of this Chapter: it would be more appropriate to use the terminology encryption/decryption when securing against eavesdropping and encoding/decoding when protecting against transmission errors. This would be more in line with the common terminology used in literature about coding theory and cryptography. So the use of encoding/decoding in the first paragraph of this Chapter is more or less incorrect. In Example 9.4.1 the second 0010 should have been a 0001 instead. The comparison of codes as mentioned on page 251 is not as easy as stated since code number 2 can detect some error patterns with 2 errors whereas the first code cannot. Observing this the comparison becomes a lot more difficult. On page 254 it is stated that a certain code is 3-error correcting. This is clearly incorrect, what is meant is that it is 3-error detecting. As references for further reading, books like ``An Introduction to Coding Theory'' [3rd ed. Berlin: Springer (1999; Zbl 0936.94014)] by \textit{J. H. van Lint} and ``The Theory of Error Correcting Codes'' [3rd repr. Amsterdam etc.: North- Holland (Elsevier) (1985; Zbl 0657.94010)] by \textit{F. J. MacWilliams} and \textit{N. J. A. Sloane} should not have been omitted.NEWLINENEWLINENEWLINEChapter 10 considers some other modern techniques in cryptography for instance steganography, quantum cryptography and visual cryptography.NEWLINENEWLINENEWLINEChapter 11 discusses some number theory on factoring and primality testing. It gives a fast (!) algorithm (i.e. polynomial time) to determine primality. The probabilistic methods are in practice much faster. The Miller-Rabin test as stated in the box on page 304 contains an error, in step 2: not \(a=b.2^k\) but \(n-1=b.2^k\). On page 307 the concept of Group is used but it has not been introduced properly. In step 5 in the box on page 308 \(\varphi (r)\) could be replaced by \(r-1\) since \(r\) is prime. On page 309 , 12th line from below \(n\) should be \(N\).