## Errors:

In Section 1.3, on page 13, the second example should be:

26 = 6 × 4 + 2

6 = 2 × 3 + 0

Also, just under that example it should say “We see that 6 is a bad key, since 2 divides 6 and 2 divides 26.”

In Section 1.7, on page 26, we find that the example does not work as stated because (5 × 24 − 22 × 5) does not have an inverse modulo 26. If Eve was in this position she would have to try again with a different pair of plaintext blocks. For example, if she used the first and last block she would find (10 × 24 − 1 × 5) does have an inverse, so she could finish the attack.

In Section 2.1, on page 30, in the first paragraph the four symbols described should each occur with just over 3% frequency, not 4%.

In Section 2.5, on pages 44, 45, and 47, the numbers .038 and .066 are consistently switched. The probability that two letters enciphered the same way are the same is .066, and so is the index of coincidence if ℓ=1. The probability that two letters enciphered with different keys are the same is .038, and so is the index of coincidence if ℓ=*n*. For *n* = 25 and ℓ = 4, we would expect the index to be about (5.25/24) × .066 + (18.75/24) × .038, which is about .044. The first equation on page 47 has the numbers switched but the second equation is correct.

In Section 2.5, on page 50, the second line marked “keyword 2” should end in “E E E”.

In Section 2.5, in the middle of page 51, it should say “So going back to our mystery ciphertext from page 46”.

Figure 2.3 on page 59 was created by Wikipedia user “Matt Crypto”.

Figure 2.5 on page 60 was created by Eric Pierce, Wikipedia user name “Wapcaplet”.

Figure 2.6 on page 65 was created by Wikipedia user “RadioFan”.

In Section 2.8, in the example on page 65, the second-last line should be:

minus 1: 5 8 11 14 17 20 23 26 3 · · · 22 25 2

Figure 3.1 should be:

Figure 3.1. A scytale.

In Section 3.3, at the bottom of page 84, there are two ! symbols missing. It should say:

Mathematicians use the symbol* n*! to represent this number and call it the factorial of *n*, or just *n* factorial. Factorials get pretty big pretty fast; for example 12! = 479,001,600, so there are 479,001,600 different permutation ciphers using 12-letter groups.

At the beginning of Sidebar 5.1, on page 150, it should say “When you got to the part of this book about the contact method, in Section 3.7”.

In Sidebar 5.1, in the second paragraph on page 151, it should say “The chance of picking the letter a (for instance) out of the suspected plaintext is *n _{a }*/

*n*“.

In the first paragraph of Section 5.3, on page 157, it should say “His idea was to use the plaintext itself as a “key” to construct the ciphertext”.

In Figure 5.2, the picture for “ECB encryption” should be:

(*&&&!(*&&&!( *&&&&&&&&&&&! (*&&&&&&&&&!( (((*&&&&&!((( (((((*&!(((((

Figure 5.15 should be:

Figure 5.15. The Trivium cipher.

In Sidebar 6.1, near the bottom of page 198, it should say “If n = p^{a}q^{b}r^{c} is a product containing three different primes”.

In Section 7.4, at the top of page 217, the first sentence of the paragraph should say “What the factoring problem was missing was a trap door”, and the end of the paragraph should say “the one-way function of multiplication would be the trap door in the one-way function of exponentiation.”

In Section 7.7, on pages 229 and 230, “Zanzibar” is unfortunately misspelled in the example. (“Zanzibari” is also misspelled on page 230.) The second line of each part of the example should be:

plaintext: za nz ib ar zo os numbers: 0, 1 14, 0 9, 2 1, 18 0, 15 15, 19 together: 001 1400 902 118 015 1519 to the 3rd power: 1 1585 3022 2364 3375 581 ciphertext: 1 1585 3022 2364 3375 581 to the 13 power: 1.00 11.66 14.46 13.32 15.00 8.34 plaintext numbers: 001 ?? ?? ?? 015 ?? plaintext: za ?? ?? ?? zo ??

Also in Section 7.7, the chosen-ciphertext attack example on page 230 is incorrect. The modulus *n* should be 4069, the encryption exponent *e* should be 749, and Eve’s “ciphertext” should be:

“ciphertext”: 3029 1064 1402 3 5 1172 3917 1483 to the dth power: 1612 501 1905 243 3125 2008 114 1119 “plaintext”: pl ea se b? ?y th an ks

Also in Section 7.7, at the bottom of page 231, it should say:

2214 ≡ *P *^{3} modulo 3763 and 2019 ≡ *P *^{17} modulo 3763.

In Appendix A, on page 239 (and also in the Index), Malcolm Williamson’s name is misspelled.

In Section 8.3, at the bottom of page 256, the last equation should be:

Also in Section 8.3, the second set of equations on page 257 should be:

Still in Section 8.3, on page 259, the second and third equations should be:

3^{2} = 5^{3} + 17

and

3^{2} ≡ 5^{3} + 17 modulo 7

In Section 8.5, on page 274, in the middle of the second paragraph, it should say: “As the name suggests, Dual EC DRBG uses two elliptic curve discrete logarithm problems.”

The caption for Figure 9.13 should read: “A good set of generators (top) and a bad set of generators (bottom) for the same lattice.”

In Section 9.2, on page 289, the letter t should correspond to the number 20 in four places.

In Section 9.3, near the bottom of page 293, it should say “Such a filter is designed to let photons through only if they are vibrating in the same direction as the filter.”

Figure 9.17 should be:

Figure 9.17. Polarized photons after passing through a filter.

## Typos:

In Section 1.3, in the middle of page 7, it should say “Well, we should translate our letters into numbers, of course.”

In Section 2.7, near the bottom of page 57, it should say “tabula recta encryption”.

In Sidebar 3.1, the ratio of the perimeter of a circle to its diameter should be 3.14159….

The caption for Table 5.1 should read “A series of ciphertexts encrypted with the same running key.”

In Section 9.2, on page 287, the first sentence of the first full paragraph should say “How do we make that into an asymmetric-key cryptographic system?”

In the List of Symbols, page 303, the third entry should be:

*C *A number representing ciphertext. 16

In the Notes, on page 310, it should say:

(Page 66) **once every 26 letters**: Note that in most versions of the famous German Enigma rotor machine, the motion is more complicated than this.

In the Notes, on page 336, it should say:

(Page 268) **Alice signs and then encrypts**

Thanks to John Fuqua, Tom Jerardi, Steve Greenfield, Karst Koymans, David Miller, and Mason, my Chinese translator. (So far.) My apologies to anyone I’ve forgotten.