100 books like The Code Book

Perhaps the best book on the epic World War II Battle of Midway, Craig Symonds brings together all the pieces that became the turning point in the Pacific War. Looking at the leadup to the battle from both the Japanese and American perspectives, Symonds shows how the Japanese, in their typical style, created a battle plan that was overly complicated for its objective. Symonds explains how American Joe Rochefort and his eclectic band (he even had commissioned naval musicians) worked to bend (but not entirely break) the Japanese naval code. This allowed the Allies to surmise Midway as the Japanese target and set in place their own battle plan. Symonds clearly explains how the codebreaking efforts played a huge role in this battle of battles.

It is hard to underestimate the significance of code breaking during World War II. Without the work of dedicated mathematicians, linguists, and others the great conflicts such as the Battle of Midway and the German U-boat "wolfpacks" that sank over 13 million tons of Allied supplies could have easily been up for grabs. But due to the codebreakers the balance shifted to the Allies. And what is even equally impressive is that the Axis powers never knew that their encoded messages were being read. Stephen Budiansky traces how the codebreakers pulled off this feat while at the same time often battling within their own ranks about who should decode the message, how the messages should be used, and who should get the credit.

Passwords: everybody has them and everybody abuses them. Passwords can provide good security, but very few users use passwords correctly in order to take advantage of the protections they provide. The key to our poor implementation of passwords is a complete misunderstanding of how attackers break our passwords. Without this understanding users create weak passwords that are easy to break. Joshua Picolet's book is a reference guide for cracking passwords, but by explaining how to break passwords it also provides valuable information about how to make them strong to protect passwords from attacks. This book provides the proof of why we should treat passwords like our underwear: don't let people see it, change it often, and don't share it with strangers.

David Kahn explains the most widely-known effort (widely-known today but in complete secrecy then) to decipher messages sent by the Germans using their Enigma machines during World War II. This book looks at the groundbreaking work done by Polish mathematicians in the 1930s, how Enigma machines were rescued from sinking German U-boats, and how Bletchley Park in Britain became the focal point of breaking these transmissions. Much of the book focuses on how Enigma machines, rotors, and codebooks were confiscated from German submarines and surface vessels, and how these were then used to allow the Allies, by the war's end, to read German messages almost as quickly as the Germans could send them.

I always knew cryptography was political, but I had no idea how political until I read this book. Seeing the subject I am so fascinated by through the words of a political journalist was truly eye-opening. Steven Levy navigates a deeply fascinating period in modern technological history – the late twentieth-century battles between governments trying to maintain power and control over communications, and technologists who saw the fledgling internet as an opportunity to build a new world. Cryptography, which protects digital communications, sat plum on the frontline between these two communities, hence battles over cryptography turned into so-called 'crypto wars’ (although nobody died). Nobody who read this book was surprised with much that Edward Snowden had to say to the world in 2013 – Snowden was just reportage of the latest chapter in the same ongoing conflict.

This is a very short (of course!) introduction to cryptography, but it is masterful in its concise conveyance of all that really matters on this topic. I have no hesitation in admitting a close relationship with both authors, but most particularly Fred Piper, who was my doctoral supervisor. Fred has been a mentor throughout my professional life, and this book presents his take on the crucial components of modern cryptography, written for a general audience. I’ve seen this book in airport bookshops and thought `how cool – you can buy a book on cryptography that is written so well you could read it on a plane!’ I have now written two books about cryptography that are less short, and might need longer plane journeys, but Cryptography: A Very Short Introduction remains an inspiration to me.

A nonfiction book about an actual nerd who stubbornly investigated a 75 cent accounting error and ended up uncovering an international espionage ring during the Cold War. As nerds do. Along the way, he invented many techniques still used in cybersecurity. It ought to be dry, but it’s funny and charming and it perfectly evokes Berkeley in the 1980s. I was a computer operator at Carnegie Mellon and my workday was very similar to Stoll’s. For me this book was a time machine to my early 20s. I could see, hear, and feel every scene. If you ever think that your nerdy obsessions don’t matter—this shows that they do.

Most digital technologies crucially rely on cryptography for their security, but few are entirely built from cryptography. Bitcoin is – simply – cryptography. The idea that money can be created from cryptography is a little bit mind-blowing, even for a cryptographer like myself. Dominic Frisby wrote one of the first, and finest, books about the leading cryptocurrency Bitcoin. He explores not just the incredible story of the founding of Bitcoin, but also gives an accessible explanation of how it works and what role it might play in our wider financial system. If you have let the term 'cryptocurrency’ wash over you but remain just a tiny bit curious, this book is your best route towards enlightenment. Whether you then decide to invest in any cryptocurrency is another matter altogether!

If you want to compose or play music, you need to know some basic music theory: notes, scales, chords, and so on. Likewise, solid cryptography knowledge requires understanding its foundations: concepts such as one-way function, pseudorandom generators, computational hardness, secure encryption, and zero-knowledge proofs. Goldreich’s books are the best starting point for those who want to delve into cryptography theory.  

One of the books that I open at least once a year, and which I always recommend to students and mentees. Security Engineering isn’t a book (only) about cryptography, yet one about a topic that a cryptographer should know well: security engineering, or the design, implementation, and testing of systems that must be reliable in hostile and adversarial environments. Cryptography is indeed often just a small, yet critical, component of larger security systems. A good cryptographer must therefore not limit themselves to their field, but understand the risks, practical constraints, and functional needs of the environment where cryptography is integrated. Anderson’s book is the undisputed reference in that space.