THE Cryptography book

The book is divided into four major sections: Cryptographic Protocols, Cryptographic Techniques, Cryptographic Algorithms, and a section called "The Real World" that discusses examples of how cryptographic protocols and algorithms are actually used. It also discusses political issues.

The book contains the source code (in printed form) to many of the algorithms discussed in the book. The algorithms include: DES, IDEA, Blowfish, RC5, SEAL and others.

A practical cryptography reference for programmers.

     This is a good solid review of most current cryptography with source code available for software programmers. It does not go into mathematical proofs. I read the first version from cover to cover, however this edition, the second, is too large. It has become more of a reference book, although still very readable in parts. My only disappointment is the lack of good coverage of extremely high-speed cryptography like SEAL or MISTY or in depth explanations of secure computer network protocols like Novell's NetWare 4 RSA/GQ key exchange or Microsoft's NT hash-oriented key exchange. Also a more complete coverage of smart card technology would be nice. Basically this will get a competent engineer up to speed with 5 year old cryptography. This is still better than most alternatives like mathematics books or high-level overview books that are vague on details

A bit out of date, but highly worth reading

     Bruce Schneier's APPLIED CRYPTOGRAPHY is an excellent book for anyone interested in cryptology from an amateur level to actually being involved in the development of new encryption mechanisms. Schneier's book begins with a simple discussion of what is cryptography, and then he proceeds through the history of various encryption algorithms and their functioning. The last portion of the book contains C code for several public-domain encryption algorithms.

A caveat: this is not a textbook of cryptography in the sense that it teaches everything necessary to understand the mathematical basis of the science. Schneier does not discuss number theory because he expects those who use the relevant chapters of the book will already have training in higher maths. Nonetheless, the book does contain a wealth of information even for the layman.

One helpful part of Schneier's book is his opinion of which encryption algorithms are already broken by the National Security Agency, thus letting the reader know which encryption programs to avoid. There will always be people who encrypt to 40-bit DES even though it is flimsy and nearly instantly breakable, but the readers of APPLIED CRYPTOGRAPHY can greatly improve the confidentiality of their messages and data with this book. Discussion of public-key web-of-trust is essential reading for anyone confused by how public-key signatures work.

APPLIED CRYPTOGRAPHY was published in 1995 and some parts are already out of date. It is ironic that he hardly mentions PGP, when PGP went on to become the most renowned military-strength encryption program available to the public, although it is being superseded by GnuPG. Another anachronism is Schneier's assurance that quantum computing is decades away. In the years since publication of APPLIED CRYPTOGRAPHY we have seen some strides in quantum computer, even the creation of a quantum computer that can factor the number 15. While this publicly known quantum computer is not at all anything to get excited about, it is certain that more powerful quantum computers are in development and classified by NSA. Because a quantum computer can break virtually any traditional cipher, hiding the message (steganography) is becoming more important than ever. In the era of Schneier's book steganography was unnecessary because ciphertext could withstand brute-force attacks, but with advances in computing power steganography is becoming vital to secure communications. It would be nice to see the book updated with this topic, because cryptography and steganography can no longer be regarded as two distinct fields.

All in all, in spite of its age, APPLIED CRYPTOGRAPHY is recommended to anyone interested in cryptography. It ranks among the essential books on the field, although an updated version is certainly hoped for.