 Cryptography Made Simple. Springer International Publishing, 2015. ISBN: 978-3-319-04041-7.

We use LaTeX terminology when this makes things clearer

1. Page 5: Line 5.
Missing 2 in the denominaotor of the first term.
2. Page 10: Figure 1.1.
The number by the line connecting F_{p^2} and F_{p^4} should be 2 not 4.
3. Page 15: Algorithm 1.2.
The penultimate line should assign t' and s' to x and y, and not t and s.
4. Page 76: Line -12.
Should be a_2 \cdot X^2 not a_2 \cdot X in the equation.
5. Page 205: Line -1.
g:M->{0,1} should be g:P->{0,1}.
6. Page 218: Line 7.
Spelling mistake. Should be UnForgeable.
7. Page 245: Theorem 13.1.
264 should be 256 in both cases; but note the use of the word "about".
A corrected page is here.
9. Page 232: Figure 12.9.
States s_{12} and s_{14} are swapped around.
10. Page 234: Line -1.
"described" is spelt wrong.
11. Page 238: Lines 6,7, 8 and 12
Mistyping means the equations make Trivium linear! The correct equations are.
a_i = c_{i-111} + c_{i-110} \cdot c_{i-109} + c_{i-66} + a_{i-69}
b_i = a_{i-93} + a_{i-92} \cdot + a_{i-91} + a_{i-66} + b_{i-78}
c_i = b_{i-84} + b_{i-83} \cdot b_{i-82} + b_{i-69} + c_{i-87}
r_i = c_{i-111} + a_{i-93} + b_{i-84} + b_{i-69} + c_{i-66} + a_{i-66}
12. Page 264: Line -9.
Replace "a new nonce" with "another nonce".
13. Page 265: Theorem 13.11.
The theorem is stated for the Random-IV variant, which should go in the theorem statement. The sentance afterwards should say that the above advantage statement also applies in the nonce-based setting assuming the restriction of the nonce (on the previous page) is respected.
14. Page 271: Line 11 of first main paragraph.
Replace O(2^t) with \Omega(2^t).
15. Page 277: Line 15.
Padding method four could also be used here.
16. Page 281: Algorithm 14.3.
There is an unfortunate double use of the letter f to denote both the round function for SHA-1 and the bit-wise operations used to define the round function. Hopefully the usage of the letter f is clear from the context.
17. Page 285: Line 7.
Should be "we first pad m out to a multiple of b using zero's (i.e. we apply padding method zero)".
18. Page 315: Line 2 and 3.
Should be "If b=b'" then algorithm B returns that j is not a quadrative residue, otherwise it returns that it is".
19. Page 315: Line 8.
Swap the two probabilities on this line around to make it match in order with the line which follows.
20. Page 319: Line 3.
The group order should be \phi(N^2)=... not \phi(N)=....
21. Page 321: Line -5.
Should be \log_{256} not \log_{8}
22. Page 335: Line -12.
The public key h should be y.
23. Page 336: Lines 1,6,9.
The public key h should be y.
24. Page 337: Lines 10 and 19.
The public key h should be y.
25. Page 447: Multiples corrections and clarifications.
1. Line 11:
Change "each party obtains its row" to "each party obtains its column".
2. First table:
Swap the row/column labels i and j around.
3. First line after first table change to:
"As an exercise you should work out the associated polynomial corresponding to each row. For example the polynomial for the first row/variable is given by $68 \cdot X^2 + 58 \cdot x + 20$."
(Where all numbers are encoded in red)
4. Line 3 and 4 after first table change to:
"by each multiplying the first two elements in their column of the above table"
5. Before second table add the line:
"For example the value $33 = 44 \cdot 26 \pmod{101}$ obtained by party one, is shared by them using the polynomial $2 \cdot X^2 + 57 \cdot X + 33$, resulting in the six shares $(92,54,20,91,65,43)$."
(Where all numbers are encoded in red)
6. After the second table change the line to:
"Each party then takes the six values obtained (i.e. it's column) and recovers..."
Thanks to Joan Boyar, Bart Preneel, George Stephanides, Jose Vanterpool, and Tom Verhoeff for finding the above.
Nigel Smart