AnyBook4Less.com	Find the Best Price on the Web Order from a Major Online Bookstore
Home  |  Store List  |  FAQ  |  Contact Us  |
Ultimate Book Price Comparison Engine Save Your Time And Money Keyword AuthorISBN

Title: Cryptography's Role in Securing the Information Society: Kenneth W. Dam and Herbert S. Lin, Editors by Kenneth W. Dam, Herbert S. Lin, National Research Council (U.S.) Committee to Study National Cryptogra, Natl Res Council, National Research Council ISBN: 0-309-05475-3 Publisher: National Academy Press Pub. Date: October, 1996 Format: Hardcover Volumes: 1 List Price(USD): $44.95

Your Country USA Canada United Kingdom Australia Austria Belgium France Germany Italy Netherlands Switzerland Currency AutoUSD CAD GBP EUR AUD CHF Delivery Only cheapest delivery All delivery options Include Used Books Are you a club member of: Barnes and Noble Books A Million Chapters.Indigo.ca

Average Customer Rating: 3.67 (3 reviews)

Rating: 4
Summary: Essential, but with two flaws
Comment: This book, prepared by the Committee to Study National Cryptography Policy of the Computer Science and Telecommunications Board of the National Research Council, is essential reading for anybody concerned with the role of crytography in information security. Written by experts, it surveys the topic dispassionately, and makes wise recommendations. No technical knowledge is required to read it, so it is suitable for everyone from policymakers to techies.

It has two flaws, one minor and inevitable, the other more serious. The first stems from the fact that the National Research Council undertakes studies like this only at the request of the US government. The federal government is notorious for its belief that anything worth saying should be said in the dullest possible bureaucratese. I know the staff members who produced the actual text of this book; they are excellent writers, and did their best to make the book readable within the constraints imposed by government mindset, but it's still dull and tedious to read. Compared to the Federal Register, however, it's a model of expository clarity.

The second flaw is the very cursory treatment given to one of the most serious problems in using cryptography for information security. The great majority of civilian computers, and even some military computers, are vulnerable to a wide variety of viruses, worms and trojan horses, and in most cases the users and system administrators are unaware of how vulnerable they are.

Cryptography is completely useless as a protective mechanism if cleartext or keys can be retrieved and transmitted from an originating or destination computer by a program inserted by an attacker. Equally serious, if the attacker substitutes trojan horse code for the encipherment/decipherment techniques employed, the whole system is wide open. I regard this as the current greatest weakness in the use of cryptography for information security, except within certain parts of the military. I dn't have any good ideas at all about how to plug this weakness, but it deserves much more careful attention than it gets in this book. If you are responsible for any aspect of computer or communications security, think hard about this problem.

Rating: 4
Summary: Not obsolete yet
Comment: Excellent overview of social & organizational issues that affect use of encryption. Some of the material is becoming quickly dated, but the chapters on "Roles, Market & Infrastructure," "Crypto Primer," "Public Key Infrastructure," and "[Applicability of Encryption by] Industry" will be useful for years.

Rating: 3
Summary: A valuable reference.
Comment: A thorough, and unbiased inquiry, commissioned by congress, of the importance of cryptography to the information economy. Still highly useful, despite being increasingly dated.