Cryptography for Developers

Jose Maria Estevez is a software architect for Amazon Instant Video and the co-founder and CTO of Quoriam Ingenieros, a software engineering firm. He was formerly a solutions architect for Oxford University Press, responsible for encryption projects in support of e-commerce, mobile distribution, and DRM protection. He has worked extensively on the cryptographic aspects of RFID/NFC and M2M and has developed production software in Ruby, Java, C, C++, Python, PHP, JavaScript, LAMP, AJAX, SQL, and Perl for many different types of business. He took his BS in computer science from the Universidad Politecnica de Madrid and is an alumnus of the Tetuan Valley Startup School.

Chapter 1. Cryptography, Cryptosystems, and Security Metrics * Cryptography Defined* How to Secure a Cryptosystem* How to Break a Cryptosystem* How to Measure Security Chapter 2. Classic Cryptosystems * Preindustrial Cryptography* Types* Substitution* Transposition* Modular arithmetic* Addition* Early cryptography* Atbash* Scytale* Caesar* Alberti* Vigenere* Bifid* Book Cypher* One Time Pad* Adfgvx* Industrial Cryptography* Mechanized and Automated Methods* Mathematical Generation* Vernan (XOR)* Lorentz* Enigma Chapter 3. Modern Cryptosystems * Computerized Mathematical Algorithms* Properties and Classification * Privacy* Non-Repudiation* Integrity* Confidentiality* Families* Symmetric* Asymmetric* Hash functions / hmac* Symmetric Algorithms* Modes* Algorithms*3DES* AES* Twofish* Serpent* Asymmetric* Usages* Algorithms* RSA* Elliptic Curves* ECDH* DH Key Exchange* ElGamal* Hash Functions* Usages* Integrity* Digital signature* Key search* Salt* Key stretching* HMAC* Algorithms* MD5* SHA-2* SHA-3 (Keccak)* Scrypt* Pbkdf2 Chapter 4. Protocols for Combining Algorithms * How to Combine Different Algorithms to Create Complex Cryptosystems* Examples* Key Exchange* Man in the Middle* Digital Signature* SSL* Current Problems and Certificates.* Certificate Transparency* WEP* WPA* Bitcoin Chapter 5. Caveats and Pitfalls * Random Number Generation* Keep the Secret* Combine the Algorithms* Don't Reduce the Security* Weakest Link* Secure Coding: Sometimes Implementation Leads to a Security Break* Example: Heartbleed* Don't Design Your Own Algorithm* Side Channels Leakage* Security through Obscurity* Special Mention: Steganography Chapter 6. Future Cryptosystems * The Quantum Threat to Current Cryptography (Shor's Algorithm)* Algorithms* Pure Quantic* Quantic Resistant* How Robust Algorithms and Key Size Are Impacted by Quantum Computing Appendix A. Algorithms Tabulated by Properties, Strengths, and Key Length Appendix B. Libraries Linked with Algorithms Treated in the Book