Real-World Cryptography, video edition

Real-World Cryptography, video edition

by David Wong
Released September 2021
Publisher(s): Manning Publications
ISBN: None

Watch it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Video description

In Video Editions the narrator reads the book while the content, figures, code listings, diagrams, and text appear on the screen. Like an audiobook that you can also watch as a video.

A staggeringly comprehensive review of the state of modern cryptography. Essential for anyone getting up to speed in information security.
Thomas Doylend, Green Rocket Security

An all-practical guide to the cryptography behind common tools and protocols that will help you make excellent security choices for your systems and applications.

In Real-World Cryptography you will find:
  • Best practices for using cryptography
  • Diagrams and explanations of cryptographic algorithms
  • Implementing digital signatures and zero-knowledge proofs
  • Specialized hardware for attacks and highly adversarial environments
  • Identifying and fixing bad practices
  • Choosing the right cryptographic tool for any problem

Real-World Cryptography reveals the cryptographic techniques that drive the security of web APIs, registering and logging in users, and even the blockchain. You’ll learn how these techniques power modern security, and how to apply them to your own projects. Alongside modern methods, the book also anticipates the future of cryptography, diving into emerging and cutting-edge advances such as cryptocurrencies, and post-quantum cryptography. All techniques are fully illustrated with diagrams and examples so you can easily see how to put them into practice.

about the technology

Cryptography is the essential foundation of IT security. To stay ahead of the bad actors attacking your systems, you need to understand the tools, frameworks, and protocols that protect your networks and applications. This book introduces authentication, encryption, signatures, secret-keeping, and other cryptography concepts in plain language and beautiful illustrations.

about the book

Real-World Cryptography teaches practical techniques for day-to-day work as a developer, sysadmin, or security practitioner. There’s no complex math or jargon: Modern cryptography methods are explored through clever graphics and real-world use cases. You’ll learn building blocks like hash functions and signatures; cryptographic protocols like HTTPS and secure messaging; and cutting-edge advances like post-quantum cryptography and cryptocurrencies. This book is a joy to listen to—and it might just save your bacon the next time you’re targeted by an adversary after your data.

about the audience

For cryptography beginners with no previous experience in the field.

about the author

David Wong is a cryptography engineer. He is an active contributor to internet standards including Transport Layer Security.

Covers all the important parts of applied cryptography. A must-read for every Java developer.
Harald Kuhn, TurnFriendly

An in-depth introduction to cryptography, covering hot topics like blockchain and quantum computing.
Gábor László Hajba, ProLion

A best-in-category book that takes you all the way from curious novice to confident practitioner.
William Rudenmalm, Creandum

NARRATED BY DEREK DYSART

Table of contents

  1. Part 1. Primitives: The ingredients of cryptography
  2. Chapter 1. Introduction
  3. Chapter 1. Kerckhoff’s principle: Only the key is kept secret
  4. Chapter 1. Key exchanges or how to get a shared secret
  5. Chapter 1. Classifying and abstracting cryptography
  6. Chapter 1. From theoretical to practical: Choose your own adventure - Part 1
  7. Chapter 1. From theoretical to practical: Choose your own adventure - Part 2
  8. Chapter 2. Hash functions
  9. Chapter 2. Security considerations for hash functions
  10. Chapter 2. Standardized hash functions
  11. Chapter 2. The SHA-3 hash function
  12. Chapter 2. Avoid ambiguous hashing with TupleHash
  13. Chapter 3. Message authentication codes
  14. Chapter 3. Security properties of a MAC
  15. Chapter 3. Integrity of cookies
  16. Chapter 4. Authenticated encryption
  17. Chapter 4. The interface of AES
  18. Chapter 4. A lack of authenticity, hence AES-CBC-HMAC
  19. Chapter 4. The AES-GCM AEAD
  20. Chapter 4. ChaCha20-Poly1305
  21. Chapter 4. Other kinds of symmetric encryption
  22. Chapter 5. Key exchanges
  23. Chapter 5. Group theory
  24. Chapter 5. The discrete logarithm problem: The basis of Diffie-Hellman
  25. Chapter 5. The Elliptic Curve Diffie-Hellman (ECDH) key exchange
  26. Chapter 5. How does the Elliptic Curve Diffie-Hellman (ECDH) key exchange work?
  27. Chapter 5. Small subgroup attacks and other security considerations
  28. Chapter 6. Asymmetric encryption and hybrid encryption
  29. Chapter 6. Hybrid encryption
  30. Chapter 6. Textbook RSA
  31. Chapter 6. Asymmetric encryption with RSA-OAEP
  32. Chapter 7. Signatures and zero-knowledge proofs
  33. Chapter 7. Zero-knowledge proofs (ZKPs): The origin of signatures
  34. Chapter 7. The signature algorithms you should use (or not)
  35. Chapter 7. RSA-PSS: A better standard
  36. Chapter 7. The Edwards-curve Digital Signature Algorithm (EdDSA)
  37. Chapter 7. Subtle behaviors of signature schemes
  38. Chapter 8. Randomness and secrets
  39. Chapter 8. Slow randomness? Use a pseudorandom number generator (PRNG)
  40. Chapter 8. Obtaining randomness in practice
  41. Chapter 8. Public randomness
  42. Chapter 8. Managing keys and secrets
  43. Part 2. Protocols: The recipes of cryptography
  44. Chapter 9. Secure transport
  45. Chapter 9. How does the TLS protocol work?
  46. Chapter 9. The TLS handshake - Part 1
  47. Chapter 9. The TLS handshake - Part 2
  48. Chapter 9. How TLS 1.3 encrypts application data
  49. Chapter 9. The Noise protocol framework: A modern alternative to TLS
  50. Chapter 10. End-to-end encryption
  51. Chapter 10. The failure of encrypted email
  52. Chapter 10. Key discovery is a real issue
  53. Chapter 10. More user-friendly than the WOT: Trust but verify
  54. Chapter 10. Double Ratchet: Signal’s post-handshake protocol
  55. Chapter 11. User authentication
  56. Chapter 11. One password to rule them all: Single sign-on (SSO) and password managers
  57. Chapter 11. Don’t want to see their passwords? Use an asymmetric password-authenticated key exchange
  58. Chapter 11. One-time passwords aren’t really passwords: Going passwordless with symmetric keys
  59. Chapter 11. User-aided authentication: Pairing devices using some human help
  60. Chapter 11. Was my key exchange MITM’d? Just check a short authenticated string (SAS)
  61. Chapter 12. Crypto as in cryptocurrency?
  62. Chapter 12. A problem of trust? Decentralization helps
  63. Chapter 12. How does Bitcoin work?
  64. Chapter 12. Forking hell! Solving conflicts in mining
  65. Chapter 12. A tour of cryptocurrencies
  66. Chapter 12. A round in the DiemBFT protocol
  67. Chapter 13. Hardware cryptography
  68. Chapter 13. They’re in your wallet: Smart cards and secure elements
  69. Chapter 13. Banks love them: Hardware security modules (HSMs)
  70. Chapter 13. Trusted Platform Modules (TPMs): A useful standardization of secure elements
  71. Chapter 13. Confidential computing with a trusted execution environment (TEE)
  72. Chapter 13. What solution is good for me?
  73. Chapter 13. Constant-time programming
  74. Chapter 14. Post-quantum cryptography
  75. Chapter 14. From the birth of quantum computers to quantum supremacy
  76. Chapter 14. Hash-based signatures: Don’t need anything but a hash function
  77. Chapter 14. Many-times signatures with XMSS and SPHINCS+
  78. Chapter 14. Shorter keys and signatures with lattice-based cryptography
  79. Chapter 14. Kyber, a lattice-based key exchange
  80. Chapter 14. Do I need to panic?
  81. Chapter 15. Is this it? Next-generation cryptography
  82. Chapter 15. Fully homomorphic encryption (FHE) and the promises of an encrypted cloud
  83. Chapter 15 Where is it used?.
  84. Chapter 15. Homomorphic commitments to hide parts of the proof
  85. Chapter 15. An arithmetic circuit to a rank-1 constraint system (R1CS)
  86. Chapter 16. When and where cryptography fails
  87. Chapter 16. Where are the good libraries?
  88. Chapter 16. Cryptography is not an island
  89. Appendix. Answers to exercises

Product information

  • Title: Real-World Cryptography, video edition
  • Author(s): David Wong
  • Release date: September 2021
  • Publisher(s): Manning Publications
  • ISBN: None