Book Review

A. S.alomaa: Public-Key Cryptography. Springer-Verlag, ISBN 3-540-52831-8, 1990, 245 pp., DM 64.00. The book's main intention is to clarify understanding of public-key cryptography. To this end the author starts with an introductory chapter on conventional symmetric cryptography. He first covers several pen-and-paper cryptosystems such as Caesar and Playfair ciphers. Secondly, he introduces mechanical rotor machines that were important during World War II, and finishes the chapter with the Data Encryption Standard, which has been in use since 1977. In the following chapter, Salomaa explains the basic ideas of public-key cryptography and examples of one-way and trapdoor functions. Mathematical examples are knapsacks, factorisation and the discrete logarithm, while the scandinavian fish trap is more vivid: The fish can easily enter, but hardly escape, whereas the fisherman knows how to open an additional door of the trap and take out the fish. About half of the book is dedicated to the details of several public-key cryptosystems. Knapsack based systems and the RSA system are described in great detail in this part. Furthermore, other approaches to the construction of publickey systems are included, such as the McEliece system that uses coding theoretic results. Unfortunately, the E1Gamal signature scheme is not described. This scheme became more important (after the book was published) because the proposed US Digital Signature Standard uses structures very similar to it. The final chapter presents a number of cryptographic protocols that are characterised by interaction of several parties and application of public-key transformations to the data exchanged. These protocols enable fair coin-flipping or poker via telephone, for example. Further applications include fair and secret voting systems. The book closes with short tutorials On the computational complexity and number theoretic foundations of public-key cryptography plus a set of 100 exercises. Unfortunately no example solutions for the exercises are given. While a future edition of the book could be enriched by a treatment of the above-mentioned E1Gamal and proposed Digital Signature Standard algorithms and by a section on message digest algorithms, the present volume offers a very good and detailed survey of the contemporary data security technologies. Vivid comparisons, many examples and exercises make it a good textbook for students' purposes. It would be appreciated if a cheaper paperback edition could be published for students of computer science and mathematics. Karlsruhe

P. Horster