Suggested Books About Cryptography

Suggested Further Reading

Here are some suggestions for further reading about cryptography. You can learn about the technology at an introductory or advanced level. You can also learn about its history.

Popular Introductions

The Gold-Bug by Edgar Allan Poe is probably the most readable explanation of how to break monoalphabetic substitution ciphers. But be warned: it's a good story with a useful illustration of early cryptanalysis, but it was written in 1843 and so it contains horribly racist language.

The Adventure of the Dancing Men by Arthur Conan Doyle is another late 1800s detective story in which a monoalphabetic substitution cipher is broken, although Poe's explanation is a more accurate and complete of fundamental cryptanalysis.

Amazon 0486268756

Amazon 0486295583

Fundamentals / Basics

Simon Singh's 1999 The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography, is a good overview of cryptography for a general audience. It covers the topic from ancient history to current research at the time of its writing. It has excellent descriptions of asymmetric algorithms, Diffie-Hellman key exchange, key management, etc.

Cryptanalysis, by Helen Gaines, is probably the best place to start if you're interested in how learning to break crypto systems. It's also an important thing to read if you actually think you can design a crypto system! It shows you how to break combined substitution and transposition ciphers using pencil and paper.

Amazon
ASIN: 0385495323

Amazon 0486200973

Basic Cryptanalysis, U.S. Department of the Army Field Manual FM 34-40-2, is available for downloading.

Beware — the files you get from the download site, either the individual files or the tar archive, all have 5 lines of HTML header inserted before the actual PDF data! It's no problem to fix this with the following trick in Linux/UNIX/macOS:

$ for F in *.pdf
> do 
>       tail -n +6 $F > tmp 
>       mv -f tmp $F 
> done 

History

The Codebreakers: The Comprehensive History of Secret Communication from Ancient Times to the Internet, by David Kahn, is enormous and fairly expensive, but it is the authoritative reference.

Applied Cryptography: Protocols, Algorithms, and Source Code in C, by Bruce Schneier, has been used as the text for a graduate-level cryptography course at many universities, but it is quite outdated. Matthew Green's essay points out how badly outdated it was in 2011.

Amazon 0684831309

Amazon
ASIN: 0471117099

Applied Cryptography has its uses, if you're very cautious. It's sort of like an ARRL amateur radio handbook from the 1960s. That would be today's best reference for practical designs covering HF through VHF to UHF using, for the most part, vacuum tubes. But you probably don't want to build a 1960s radio today.

Further Details / Advanced

Handbook of Applied Cryptography, by Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone, is more academic than Schneier's book. It's available for free download of PDF files.

Practical Cryptography is by Niels Ferguson and Bruce Schneier. I think that the greatest benefit of this book is that it should convince the reader that yes, this is extremely difficult to really get right, and you do have to be obsessively careful with the entire system design, and it would be easy to make some bold plans up front that are then difficult to fully carry through. Don't write your own code, get a good open-source system that has been checked out by many smart people. Read this book if you aren't convinced yet.

Some useful crypto tools are available from http://www.und.nodak.edu/org/crypto/crypto/resources.html