The
third edition of Everyday Cryptography is due to be published
in July 2025.
In 2012 I completed a
fairly long-running project to provide a book that supports
the Royal Holloway MSc module Introduction to Cryptography and
Security Mechanisms. The first edition of Everyday
Cryptography was published by Oxford University Press in March
2012.
The second edition, published in 2017, features
updates to key technologies and twenty percent new material on
the likes of Tor, bitcoin, TLS 1.3, iPhone cryptography,
WhatsApp cryptography, as well as a full chapter on the
control of cryptography (following the Edward Snowden
revelations).
The third edition, due to be published in July 2025,
is a major rewrite designed to include significant new
material without overly increasing the length of the book. The
main new additions relate to:
- Technological
evolution: Some technologies discussed in the book
have evolved. There is new material on, for example, WPA3,
5G security and contactless
payment security.
- Best practices:
Several best practices are rising in importance. Material
has been added on provable
security (recognising the now default demand for
formal evaluation of new cryptographic mechanisms),
different uses of asymmetric cryptography for key
exchange (recognising the increased demand for
perfect forward secrecy), Let's
Encrypt (recognising new options for public-key
certification) and an entirely new
chapter has been added on implementation of cryptography
(recognising an increase in awareness of the sensitivity
and critical nature of cryptographic implementations).
- Quantum
computing: While cryptographically relevant quantum
computers remain far from development, new material has
been added on post-quantum
cryptography and possible implications of future
developments.
- Emerging
themes: An increased societal demand for privacy has
motivated an entirely new
chapter on cryptographic privacy-enhancing technologies.
New material has also been added on ransomware.
Although there seem to
be dozens (well, easily over 100) existing books on
cryptography, most of these fall into several camps. Either
they are:
- Mathematical in their emphasis and designed to
support courses aimed at mathematical science students,
largely through details of algorithms and protocols. These
books are often inaccessible for students from broader
backgrounds.
- Introductory books that lack perspective on the
application of cryptography.
- Specialist books aimed at narrow applications or
aimed at research.
The main author who has
targeted the wider information security professional audience
is probably Bruce Schneier, but his books (such as
Cryptography Engineering) are not really ideal support books
for educational courses (they are good additional reading).
So, Everyday
Cryptography is aimed to fill this "gap" in the
market, and I hope it will be of interest to a range of
audiences, from information security professionals who want an
"entry" guide to cryptography through to the mathematical
science students who want some more application perspectives
on cryptography.
For more information about Everyday
Cryptography:
Reviews of the first
edition and related links:
|