Everyday Cryptography
The third edition of Everyday Cryptography is due to be published in July 2025.

 

In 2012 I completed a fairly long-running project to provide a book that supports the Royal Holloway MSc module Introduction to Cryptography and Security Mechanisms. The first edition of Everyday Cryptography was published by Oxford University Press in March 2012.

The second edition, published in 2017, features updates to key technologies and twenty percent new material on the likes of Tor, bitcoin, TLS 1.3, iPhone cryptography, WhatsApp cryptography, as well as a full chapter on the control of cryptography (following the Edward Snowden revelations).

The third edition, due to be published in July 2025, is a major rewrite designed to include significant new material without overly increasing the length of the book. The main new additions relate to:
  1. Technological evolution: Some technologies discussed in the book have evolved. There is new material on, for example, WPA3, 5G security and contactless payment security.
  2. Best practices: Several best practices are rising in importance. Material has been added on provable security (recognising the now default demand for formal evaluation of new cryptographic mechanisms), different uses of asymmetric cryptography for key exchange  (recognising the increased demand for perfect forward secrecy), Let's Encrypt (recognising new options for public-key certification) and an entirely new chapter has been added on implementation of cryptography (recognising an increase in awareness of the sensitivity and critical nature of cryptographic implementations).
  3. Quantum computing: While cryptographically relevant quantum computers remain far from development, new material has been added on post-quantum cryptography and possible implications of future developments.
  4. Emerging themes: An increased societal demand for privacy has motivated an entirely new chapter on cryptographic privacy-enhancing technologies. New material has also been added on ransomware.
Although there seem to be dozens (well, easily over 100) existing books on cryptography, most of these fall into several camps. Either they are:
  • Mathematical in their emphasis and designed to support courses aimed at mathematical science students, largely through details of algorithms and protocols. These books are often inaccessible for students from broader backgrounds.
  • Introductory books that lack perspective on the application of cryptography.
  • Specialist books aimed at narrow applications or aimed at research.
The main author who has targeted the wider information security professional audience is probably Bruce Schneier, but his books (such as Cryptography Engineering) are not really ideal support books for educational courses (they are good additional reading).

So, Everyday Cryptography is aimed to fill this "gap" in the market, and I hope it will be of interest to a range of audiences, from information security professionals who want an "entry" guide to cryptography through to the mathematical science students who want some more application perspectives on cryptography.

For more information about Everyday Cryptography:

Reviews of the first edition and related links:

Keith's Electronic Domicile