Browse Books

Reviewer: Yacov Yacobi

Security research and development is not a homogeneous area. In fact, it is composed of a few camps that are almost mutually exclusive. These camps are cryptography, and operating systems and networks security. The second group is further subdivided into government security and commercial security. Each of the groups has its own conferences and workshops, which are distinct in style and substance. Amoroso's textbook represents the government security camp. As such, it treats cryptography as the building material used, when necessary, in the construction of secure systems. The properties of the cryptographic building blocks are taken almost as axioms. The book is a fair representative of this camp (as manifested mainly by the annual IEEE symposium on Research in Security and Privacy in Oakland, California) at the undergraduate level. It covers all the subjects that are normally treated in this group, and the reader can get an idea of the kinds of questions asked and the kinds of solutions proposed. The author, though he is a researcher and a known contributor in the field, presents the material in a modest, almost objective way. Government security R&D emerged in the pre–personal computer age. It was cast at that time, when computation cost was relatively high and mutually suspicious parties had to share a single mainframe. These restrictions gave rise to many security problems that, although they still exist, are becoming less important. It is less well known that US government security is not the only branch in this field, and that at the same time the US government spent many millions of dollars annually on big research, the Royal Signals Corps (RSC) in Great Britain funded small-scale research that made a lot of sense and was cost effective and very usable. (I do not know how much impact US-funded research had on government systems; it was viewed as too expensive for commercial use.) Although some of the RSC work was published, it is not represented in this book. The biggest flaw of this book, as well as of every book in this field that I know of, is the lack of a big picture. It is a collection of problems and solutions, where each researcher tries to understand what the elephant looks like, based on what can be felt from a particular angle. (When I read the RSC-funded papers, I came closer to feeling that I could see the big picture.) The book does not assume a lot of mathematical knowledge, so some readers can skip the preparatory sections. This approach is fine, but the less-skilled person who invests effort in learning the background mathematical language may in some cases be disappointed. At the end of the learning process, she or he may find that the shorthand math notation did not express anything new, and in some cases it even made previously clear and simple ideas more obscure and cumbersome (though correct). The section on viruses correctly concentrates on compiler viruses, since excellent papers have been written on those by leading compiler scientists. Nonetheless, some bridging between compiler viruses and real viruses, such as the Morris virus, that are not compiler viruses would be useful. Another semantic problem that occurs here as well as in many other publications is the confusion among the terms “decrypt,” “decipher,” and “cryptanalyze.” According to the Oxford English Dictionary , the first two are synonyms (they are what the legitimate receiver of a cryptogram does, while the last is what the illegitimate eavesdropper tries to do). The summary on page 236 abuses the terminology, as well as doing injustice to Shannon's theory (secret keys are a must, not something that “assists in the practicality”). The chapter on RSA (the Rivest, Shamir, Adleman public key encryption standard used for authentication and data privacy) concludes with a statement that factoring a 200-digit integer that is the product of two 100-digit primes would take billions of years. According to A. K. Lenstra, a leading expert in the field, ten thousand Sun workstations would do it in at most a century, using today's algorithms. The index is incomplete. For example, an important subject, “firewall,” though mentioned on page 309, is missing from the index. The book is a fair representation of an important slice of the computer-security R&D in the US in the last two decades, including the strong as well as the weak points.