Hacker News new | past | comments | ask | show | jobs | submit login
Practical Cryptography for Developers (nakov.com)
153 points by r_singh on March 23, 2021 | hide | past | favorite | 18 comments



I'm skimming this, but why does a developer need to know about contest also-rans like Skein, or stuff like Whirlpool? Contra the book text, Whirlpool is not popular, and it is probably not a good idea to use it in new designs, if only because modern protocols are built in SHA2, SHA3, and Blake2.

The MAC/HASH stuff seems a bit fuzzy, too; for instance, part of the idea behind SHA-3 is not needing the HMAC construction anymore. Also, a bit strange to have MACs and KDFs in the same section. Are they closely related?

The bcrypt vs. scrypt vs. Argon2 stuff, also, is pretty unclear.

I think the randomness coverage is actually pretty bad. For instance, it walks programmers through building their own userland CSPRNG, which is a terrible idea --- most Linux randomness flaws have stemmed from userland CSPRNGs. It also doesn't understand the difference between /dev/random and /dev/urandom.

There's also a sort of inexplicable walkthrough of bare Diffie-Hellman (ECDH is deferred), and not much coverage of authenticated key exchange, which is what in practice what systems using DH-style key exchange need.

Just a shotgun blast of random thoughts. I know it's early days for the book.

Other books in this space that I like: Aumasson's "Serious Cryptography" and David Wong's "Real World Cryptography".


> Other books in this space that I like: Aumasson's "Serious Cryptography" and David Wong's "Real World Cryptography".

The latter not being published until July 27. :-)

(I know this book is also not published yet, so I guess it's totally fair to suggest a not-yet-published book as an alternative to a not-yet-published book!)


I've just been seeing what David has been showing off. :)


Related to this subject, I spent some time going through the the cryptopals crypto challenges[0], which gave me the solid hands-on knowledge of crypto data structures and algorithms. If you're the type who learns by doing, this set of challenges is worth the time invested.

[0]: https://cryptopals.com/


This book is mostly minimal examples in whatever Python library the author decided to use. There are some major gaps.

For example, the section on Python libraries doesn't even mention the most commonly used Python crypto library (cryptography): https://github.com/nakov/Practical-Cryptography-for-Develope...

Similarly, the Java section essentially mentions a single, obscure library besides the JCE and Bouncy Castle: https://github.com/nakov/Practical-Cryptography-for-Develope...

There's also no mention of libsodium besides a bullet list item.


Oh dang, I might need to rename the course I published a few months ago... https://qvault.io/practical-cryptography-course/

At first glance, looks like a solid book. I'll be going through it in more detail later.


Does anyone have experience with how this compares to https://www.manning.com/books/real-world-cryptography ? I've read Real World Cryptography and greatly enjoyed it. Flipping through this real quick, it looks like there is a good deal of overlap, though this content appears more technical and focused around sharing code snippets over higher level concepts.

Fun pop question for the audience - what protocols use AES-CFB mode? I see this mode come up every once in a while but outside of standards stating "This is how it works", what protocols and products is it useful in?


It's not useful, and you shouldn't use it. PGP uses a variant of CFB (and is dunked on regularly for it).

Modern systems all tend to use CTR-derived AEAD modes; if I wasn't doing a sealed AEAD, I'd probably do CTR+HMAC.


OpenPGP uses CFB mode. It has the very useful attribute of being self synchronizing. If you have an encrypted file with bad sections you can recover the data past those sections. That is the behaviour you want if you are encrypting backups which is the sort of thing GnuPG is routinely used for.

I give an example of this vs what age does in this article:

* https://articles.59.ca/doku.php?id=pgpfan:agevspgp


Thanks, this is very interesting!


Since the above isn't finished I'll toss out a recommendation. I snagged this a book[0] on a whim from a university library. I'm usually more of a skimmer when it comes to textbooks but I accidentally read it cover to cover. Really helped me wrap my mind around the basic math behind modern cryptography.

[0]: https://www.amazon.com/Mathematical-Cryptology-Computer-Scie...


For once a site that I wish was asking for my email. I'd love to be notified when this book is finished.


Thanks for sharing. For people other there, are there any good books for beginners to pick up the theory behind cryptography?


The repo of the book hasn't been updated for more than an year though it is stated that the book is not finished.


The book, when including quantum-safe cryptograpgy, should include quantum-resistant, such as algorithms currently in-use but with higher security strength due to configurations, curves, or key-sizes.

This is important, since this book is intended for developers to use cryptography today.


No configuration, curve or key-size would protect any of the asymmetric crypto mentioned in the book from quantum computing. You really have to switch to something mentioned in the post-quantum chapter.


Ultimately, that's true, but I am clearly referencing the interim transition. After all, that's what the book is about - developers today who use cryptography. That "ultimate" timeframe won't happen today or tomorrow. Look at CNSA for examples.


I really wish the sections on password hashing included info on what parameters should be considered secure. Recommending Argon without explaining how to configure it properly is not great.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: