On Tue, Apr 26, 2011 at 5:49 AM, Michel (PAYBOX) <msa...@paybox.com> wrote: > Hi, > I am no expert on the matter, but on my humble opinion, > I think you can rely on this book because most of its content is about > fundamental concepts, > not implementation details ( padding, message encoding, ... ) for which you > can find updates on RSA Labs PKCS > http://www.rsa.com/rsalabs/node.asp?id=2124 > or other web sites. > The HAC is a bit dated. If I recall correctly, 9.6.5 (Integrity Codes) is no longer applicable - use an authenticated encryption mode instead.
Also, be careful of RSA Data Securities reading. For example, the output of RC4/ARC4 is biased, but the topic does not warn a user who might be trying to generate a pseudo random stream (http://www.rsa.com/rsalabs/node.asp?id=2250). RSA does discuss the key scheduling weaknesses, though (http://www.rsa.com/rsalabs/node.asp?id=2009). > > Le 21/04/2011 16:09, Patrick Rutkowski a écrit : >> >> Wow, awesome. I just read the foreword and the preface before getting to >> work. They're very well written, and now I'm excited for the coming chapters >> for sure :-) >> >> I'll probably read it over the coming week or two. But I'm mildly worried >> about the date the book was written, which was 1996; and though it was >> updated in 2001, that was still a long time ago now. I wonder to what degree >> the material will be outdated, or to what degree modern day material will be >> completely missing. >> >> -Patrick >> >> On Apr 21, 2011, at 8:55 AM, Michel (PAYBOX) wrote: >> >>> >>> I believe this [freely available] book should interest you : >>> >>> Handbook of Applied Cryptography >>> http://www.cacr.math.uwaterloo.ca/hac/ >>> >>> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
