The magazine of the Melbourne PC User Group
Encryption Clearly Explained
 For the Bookshelf
Major Keary

The Clearly Explained series is published by Academic Press under its AP Professional imprint. Pete Loshin's Personal Encryption Clearly Explained shows how various systems work, from digital signatures through to full-blown public key encryption.

Commercial applications for the Web rely on secure transactions, which translates to authentication systems and encryption. The strength of those systems will depend on two factors: the nature of the transactions, and consumer demand. As consumers become more aware of the scope for fraud in e-commerce, so there will be an expectation that merchants will have armed themselves with the best possible security.

Anyone involved in the choice of an encryption or digital signature system should find this a useful guide. It doesn't cover every available system (that would require a very large book), but describes various cryptographic methods and issues relating to implementation. The well-known PGP system is described in some depth along with some other commercial products.

Chapter headings indicate the book's scope:

  • Modern cryptography primer (introduces the various systems and their uses);
  • Social and political issues (discusses the pros and cons of government attempts to restrict the use of crypto);
  • Implementing encryption (building systems, hardware, software, and networking);
  • Getting crypto-enabled (product categories, selecting products, secure Web clients, e-mail, e-commerce, and getting a digital ID);
  • Secure Web surfing (browsing security issues with special reference to Navigator and Internet Explorer);
  • Secure e-mail (using Eudora and PGP, MS Outlook Express, and Netscape Messenger):
  • Securing the desktop (locking up your files);
  • Digital commerce (protocols and products for e-commerce); and appendices:
  • Understanding and using PGP;
  • Theory of public key cryptography;
  • Guide to resources; and Selected RFCs on Internet security.
T he appendix on theory of public key encryption has a very good guide to modular arithmetic, a subject on which it is not easy to find information.

This text is not for professionals or programmers, and is not an introduction for raw beginners. It is designed to provide a base of information to those who are either interested in the field or who need to choose a product. There is no assumption of any particular knowledge of the subject, but readers with a capacity to grasp the mathematical descriptions will find good depth of information. That material is generally segregated from the main text and thus won't disturb readers who don't need the real technical stuff. Well written and well organised. Worth looking at by librarians who want to fill a gap in the range of available information on cryptography.

Pete Loshin: Personal Encryption Clearly Explained
ISBN 0-12-455837-2
Published by AP Professional, 545 pp.,
RRP $75.00 0

Reprinted from the March 2000 issue of PC Update, the magazine of Melbourne PC User Group, Australia