Maybe I am being too harsh, but it is clear the author does not have a formal education in the subject [0] nor any track in breaking non-toy crypto implementations [1]. This alone makes me a bit wary of any recommendation one may read in the material.
There seems to be more attention to listing all the beasts in the cryptographic zoo than to the few fundamental tools required to really understand the mechanics (e.g. birthday paradox, PRFs, some prime number theory).
Sure, I can't spot anything fundamentally wrong and it all reads pretty smoothly, but calling this a "course" is highly misleading. If the intention is to guide people in selecting good crypto primitives, then maybe "guide" is a more honest word?
For those interested, I would strongly recommend to bite the bullet and dedicate time to Boneh's course on Coursera.
Hi! I'm the author. You're mistaken about [0] and [1]. I'd like to address your specific point about being a guide rather than a course. I agree that a crypto zoo would be a guide and not a course; although I disagree that either the book or the talk are a zoo. It's possible that that hasn't come through effectively enough. I could understand why someone might think that from looking at the table of contents for example; it's certainly a lot clearer in the talk. The approach is instead to walk someone through the kinds of primitives that exist, but more importantly, why they exist. In that context, when I say "primitive", I mean "block cipher" or "MAC"; not something like "AES". That includes incidentally talking about PRFs, although I dance around that term and use terminology they're going to find in their crypto libraries. Similarly, there's an appendix on modular arithmetic; but I try not to get too lost in proofs about group theory.
I could say "IND-CCA2" with a formal description, but in my experience that makes people's eyes glaze over. It's a lot easier to show them a bunch of reasonably-looking-yet-fatally-broken unauthenticated encryption to drive the point home. My target audience is curious programmers, not new academic cryptographers. If that's your criticism, that's absolutely valid. If you want to be the person to design SHA-4; this book isn't for you.
It's true that I take a different approach than Dan Boneh does. That's not a criticism: Boneh's course is great, it's just different. I think showing people how to break stuff is a useful educational tool. If your threat model is random web apps that have the letters "AES" or "MD5" in their code, I think it's a more effective one than a rigorous mathematical approach that will quickly dissuade the curious programmer.
There seems to be more attention to listing all the beasts in the cryptographic zoo than to the few fundamental tools required to really understand the mechanics (e.g. birthday paradox, PRFs, some prime number theory).
Sure, I can't spot anything fundamentally wrong and it all reads pretty smoothly, but calling this a "course" is highly misleading. If the intention is to guide people in selecting good crypto primitives, then maybe "guide" is a more honest word?
For those interested, I would strongly recommend to bite the bullet and dedicate time to Boneh's course on Coursera.
[0] I don't have any either [1] Ditto