BKCODBOK.RVW 20080724 "The Code Book", Simon Singh, 2001, 0-385-72913-8, U$16.95/C$24.95 %A Simon Singh www.SimonSingh.com simon@simonsingh.net %C 1540 Broadway, New York, NY 10036 %D 2001 %G 0-385-72913-8 %I Random House %O U$16.95/C$24.95 http://www.bdd.com webmaster@bdd.com %O http://www.amazon.com/exec/obidos/ASIN/0385729138/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/0385729138/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/0385729138/robsladesin03-20 %O Audience n- Tech 1 Writing 2 (see revfaq.htm for explanation) %P 263 p. %T "The Code Book" The introduction states that the book is intended to outline the evolution of encryption, and to demonstrate that encryption is more important today than it has ever been. It's too bad that the text doesn't live up to that noble ambition. The work is readable and quite entertaining, and is even somewhat educational. The stories are interesting, and, being basically gossip level tales, reveal the character of some individuals who have worked on cryptography over the centuries. However, the text lacks structure in terms of the flow of the ideas and concepts of cryptology, and is certainly far from complete. The basic notions of cryptology; such as the operation of simple substitution and transposition ciphers, and the use of frequency analysis to break them; are explained. Many fundamental concepts (the importance of randomness, for example) are mentioned only tangentially. A significant number of foundational abstractions are presented in either a misleading fashion, or with very odd emphases. Singh asserts the idiosyncratic position that transposition and substitution form two classes of encryption into which all types of encryption can be grouped. (This was picked up and even fallaciously expanded by Eastton in "Computer Security Fundamentals" [cf. BKCMSCFN.RVW]. Most modern symmetric algorithms use combinations of transposition and substitution.) Information technology is significant in modern society, and encryption is vital to information technology: that much is obvious. Singh does not, though, provide any further evidence of this fact. The use of encryption is limited, in his writing, to the support of confidentiality, and the importance of the technology in regard to authentication, integrity, and even availability is noted only in passing in some of the anecdotes. The narratives are diverting, and some are even meaningful in the history of cryptology. Certain of the tales flesh out material that is glossed over in works such as Stamp's "Information Security: Principles and Practice" (cf. BKINSCPP.RVW). However, Stamp obviously knew his stuff in regard to encryption, and explained it clearly, which Singh does not. (And, in only 50% more pages, covered a good chunk of the rest of infosec, to boot.) copyright Robert M. Slade, 2008 BKCODBOK.RVW 20080724