The Joy of Cryptography is an undergraduate textbook in cryptography. This book grew out of lecture notes I developed for the cs427 course at Oregon State University (and before that, cs473 at the University of Montana).

I am well aware that the title is ridiculous, but all of the serious titles were already taken. At this point I’m committed to the gag, for better or worse. Anyway, actual joy not guaranteed.

Information for Students

What Will You Learn In This Book?

I’m not going to lie. This book has a theoretical flavor, that reflects my personal bias as a theoretician.

I understand that theory-for-theory’s-sake doesn’t motivate everyone in the same way that it motivates me. If I can’t get everyone to fall in love with the theory, my instructional goal is to ensure that everyone can at least appreciate it. In the book I try to keep the realworld implications of the theory in view.

The book does cover:

• How it is possible to formally define security properties and reason about them mathematically.
• How the most common cryptographic constructions work: what makes them secure, while similar constructions are insecure?
• The difference between different kinds of cryptographic primitives (PRFs, block ciphers, encryption, MACs, hash functions, etc). This includes differences in their interfaces, differences in their security properties, and most importantly, how to think about which primitive is best suited for a particular security goal.

The book does not cover:

• How to use encryption/privacy software like PGP, TrueCrypt, Signal, etc.
• Cryptocurrencies like Bitcoin.
• How to safely implement production-ready cryptographic algorithms. At times the book hints at some implementation issues, mostly to show how incredibly difficult it is to get things right.
• What goes inside low-level primitives like block ciphers and hash functions. I think readers of this book are much more likely to build systems out of these primitives, rather than design their own primitives. Thus, the focus is on understanding what these different primitives provide, and how to combine them in sound ways.

Background Knowledge

You will get the most out of this book if you have a solid foundation in standard undergraduate computer science material:

• Discrete mathematics (of the kind you typically find in year 2 or 3 of an undergraduate CS program) is required background. The book assumes familiarity with basic modular arithmetic, discrete probabilities, simple combinatorics, and especially proof techniques.
• Algorithms & data structures background is highly recommended, and theory of computation (automata, formal languages & computability) is also recommended. We deal with computations and algorithms at a high level of abstraction, and with mathematical rigor. This can be a significant challenge if you haven’t had prior experience from these courses.

The current edition of the book, along with supplementary materials, may be found at the Joy of Cryptography site.