You are here


Joachim von zur Gathen
Publication Date: 
Number of Pages: 
BLL Rating: 

The Basic Library List Committee suggests that undergraduate mathematics libraries consider this book for acquisition.

[Reviewed by
Darren Glass
, on

When different people hear the word “cryptography”, their mind goes to different places. Some people think of historical cryptosystems like Caesar shifts while other people think of more modern topics like elliptic curves and prime factorization. Some people’s minds take them to World War II and the Enigma machine, and other people will start imagining the future that quantum computers will bring. For an author to write a single book that will cover all of these topics seems difficult to imagine, but Joachim von zur Gathen has given it a noble try in his new book CryptoSchool.

To cover all of this material, von zur Gathen takes close to 900 pages, and even this will not satisfy all readers with its depth. The book follows an unconventional structure, as it more or less alternates chapters about historical topics (substitution ciphers, Vigenere ciphers, codebooks, steganography, the Zimmerman telegram, and Enigma machines) with chapters about the more mathematical aspects of cryptography. The latter list includes chapters about AES, RSA, discrete logs, elliptic curves, differential cryptanalysis, hash functions, random number generators, and more. Recent innovations such as lattice-based cryptography are also discussed in great detail. The author does not assume much in the way of prerequisites — the book is intended for advanced undergraduates or beginning graduate students, and the author mostly hits this mark — and he attempts to balance the need for rigorous mathematical proof with practical implementations in the way that the field of cryptography as a whole needs to do.

Unlike some other books of this type, CryptoSchool also dedicates significant space to discussing theoretical aspects of security, including rigorous descriptions of the difference between axiomatic and empirical security, as well as covering topics such as semantic insecurity, proof systems, and computational zero knowledge. There is also a whole chapter dedicated to using computer algebra systems in order to do relevant computations as well as the theoretical background needed to implement and analyze the various cryptographic protocols. The author has many exercises throughout the book, ranging from simple computations to quite advanced and theoretical.

On the historical side, von zur Gathen is a good storyteller, and additionally has done a very nice job in compiling images of primary source materials and using them to illustrate the topics at hand. These include reproductions of pages from books by Frederici, Bacon, Trithemius, and many more. He also sprinkles throughout the book many quotations about cryptography by people ranging from Confusius to Shakespeare to Alan Turing. I am a bit of a cryptography buff who regularly teaches the subject, and I consider myself someone who has read a lot of cryptography books, but many of the quotations and historical anecdotes, not to mention the ciphers that he describes, were new to me.

As you can tell from the above lists, the book covers quite a bit of ground and therefore it often goes through things quickly. The level of exposition is good, but at times while reading it I wondered if the reader would be better served by splitting the book up into several books and perhaps developing some of the ideas in a little more depth. However,one of the appeals of this book is that it can serve as a single resource that one can go to for a wide range of topics, even if that source is so heavy that it is difficult to carry around with you.

The natural question to ask is where this book fits in the landscape of cryptography textbooks, especially since as I have discussed before in this column there are many many books on cryptography with many many different takes on the subject). In some ways, the book is reminiscent of Craig Bauer’s Secret History, another book that interweaves mathematics with historical stories. However, the book under review is at a higher mathematical level, and its coverage is more comparable to An Introduction to Mathematical Cryptography by Jeffrey Hoffstein, Jill Pipher, and Joseph Silverman. Those are both excellent books (with starred ratings in the MAA’s Basic Library List, I might add), and I like both of them somewhat better than CryptoSchool. This is not a knock against von zur Gathen’s book, however, and if you want one book that combines all of these things then this book is a solid choice. CryptoSchool is very ambitious in its attempts to provide a self-contained overview of the past, present, and future of cryptography and largely succeeds at its goals.

Darren Glass is an Associate Professor of Mathematics at Gettysburg College. He teaches a First-Year Seminar on cryptography and has supervised a number of senior theses in the area. His other mathematical interests include algebraic geometry and graph theory. He can be reached at

see the table of contents in the publisher's webpage.