Trusted SF Member
Joined: 17 Apr 2003
Location: Asheville, NC, US / Uberlāndia, MG, Brazil
|Posted: Fri Dec 26, 2003 11:17 am Post subject: Cryptography Studies.
First, I'll start with your two primary interests, the two
being: PKI and Digital Signatures. Now, you'll want
to ask yourself two questions. First, and most relative
to a school course, "Do I want to the learn the
mathematical theory?" ... or, "Do I want to learn
the implementation theory?" Let's loosely define
"theory" as a conventional belief of semantics - the
accepted how-tos, rather.
If you chose mathematical theory, you'll find a much
larger, and definitive, array of options to choose from,
as this will dive into general mathematics, which most
any college or university will provide. In the case of PKI
and Digital Signatures, you will be working with many
asymmetric algorithms, including RSA, El Gamal, DSA,
et cetera. In fact, DSA (Digital Signature Algorithm),
which is the DSS (Digital Signature Standard), is a
derivative of the Schnorr and El Gamal structures, and
utilizes basic concepts such as prime numbers and
moduli[/i]. This algorithm was also originally specified
to use another familiar concept - hashing via SHA.
You must consider the other corresponding mathematical
problems associated with asymmetric algorithms, including:
- factorization or prime numbers
- calculation of discrete logarithms in a finite field
- calculation of square roots modulo a composite number
- et cetera
(Free tip: For an all-round good overview of the mathematics
you'll need, to understand a vast majority of cryptographic
theory, concentrate heavily on algebraic concepts and number
As you can see, this covers the mathematical properties in
which digital signatures and PKIs are constructed. If in the
event you are already well-versed in this area, or need only
the know-how to implement these areas properly, then you
may skip all but the basic mathematics.
Assuming you chose to skip all but the basics, this leaves you
with learning the implementation theory. This is for those who
need to program and implement the cryptography, without the
desire to take the cryptographer's route of pimping the entire
mathematical set of correlating gibberish. Trouble is, you will
not be able to find as many courses that cover this subject
indepth. If you do find a course, there is no guarantee of its
quality, or the quality of its instructor.
Perhaps one of the most important observations to make is
whether or not the instructor exhibits a sufficient display of
implementation-specific cryptographic knowledge.
Why? Because implementation is where the majority of
cryptosystems go wrong - good or bad.
Along the way, you'll likely find many institutes offering more
and more course material regarding cryptography, in terms
of implementation. This should also be covered in classes
devoted to general cryptography. You may also find that it
is elaborated upon in networking courses or general computer
security courses. I will make it a point to keep a lookout for
such relative courses in or close to your area. Keep in mind
the idea of it being covered in general security classes, so
search broadly, as not to miss anything.
In the meanwhile, feel free to drop me a line. Cryptography
is what I do, and I will certainly be glad to discuss with you
the requisites for establishing a solid, working knowledge of
both public key infrastructures and digital signatures.
Better yet, give me a bit of time and I'll post a nice list of
the different areas of mathematics in which you will be sure
to encounter, somewhere within the confinement of cryptography.