REVIEW - Implementing Elliptic Curve Cryptography


Title:

Implementing Elliptic Curve Cryptography

Author:

Michael Rosing

ISBN:

Publisher:

Manning Publications (1999)

Pages:

313pp

Reviewer:

Francis Glassborow

Reviewed:

June 1999

Rating:

★★★☆☆


...if you are interested in providing strong cryptography in a product this would be an excellent book to study.

I know just about enough about the theory of elliptic curves (nothing to do with ellipses) to find the title of this book daunting. This area of mathematics is deep and challenges the minds of competent mathematicians. However it has one useful characteristic in that an aspect of it features a 'trap door.' By that I mean something that is relatively easy to do while being exceptionally difficult to undo. An example is taking two large (say about 100 digit) primes and multiplying them. Though tedious, most numerate people can do that. Now give the answer to someone and ask them to factorise it. You get the point.

Public key cryptography relies on trap door behaviour. Pretty Good Privacy is probably the best known. However elliptic curve cryptography offers a much higher ratio of encoding to code breaking potential. Of course new technology (such as a practical quantum computer) or mathematical discoveries may devalue the trap door characteristic.

This book provides excellent coverage of its topic. All the source code is available form a web site (despite the fact that you can use it to produce very strong, munitions grade, cryptography). The author covers enough theory to help you understand the mechanism and provides copious explanations of the actual cryptographic tools. He also has his feet firmly planted on the ground as relates to the difference between hard-to-break cryptography and security. (Anyone who watched the recent Station X programmes on UK Channel 4 TV will recognise the difference, the excellent Enigma coding machines were seriously compromised by the way the operators (ab)used them).

Now let me make my one criticism of this book, the C source code is all in K&R C despite the fact that most of it was written over the last six years. A careful rewrite of the code by a fluent C programmer would have changed a very good book into an outstanding one. Perhaps the best way to learn from this book is to read it cover to cover while rewriting the code in modern C. None-the-less, if you are interested in providing strong cryptography in a product this would be an excellent book to study.


Book cover image courtesy of Open Library.





Your Privacy

By clicking "Accept Non-Essential Cookies" you agree ACCU can store non-essential cookies on your device and disclose information in accordance with our Privacy Policy and Cookie Policy.

Current Setting: Non-Essential Cookies REJECTED


By clicking "Include Third Party Content" you agree ACCU can forward your IP address to third-party sites (such as YouTube) to enhance the information presented on this site, and that third-party sites may store cookies on your device.

Current Setting: Third Party Content EXCLUDED



Settings can be changed at any time from the Cookie Policy page.