Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition

First of all this requires min. knowledge of common algebra ( I believe this is good).... secondly it does not go into full detail.

Well, the book covers all the cryptographic algos/ protocols possible......in that sense its good.........Secondly.....the language and the explanation is very easy to follow.....

I gave this book 4 stars because I feel it does not cover the mathematical aspect of cryp. in right amount of depth and essence.

Definately a must read....

Rating:
Summary: Excellent reference book
Review: This book is not just about encryption, it covers a wide range of protocols including key exchange, secret splitting, anonymous broadcasting, oblivious transfer, elections, etc. It discusses fundamental problems like key management as well as a wide range of encryption protocols. It focuses on computer based encryption and you will find several source listings in C. Not mathematically rigorous but is excellent reference book. There is a lengthy list of references at the end. Get the hardcover edition because you will probably be using it often. I recommend it highly.

Rating:
Summary: A must have for anyone involved with encryption & security
Review: Applied Cryptography is quite simply the quintessential guidebook for information about cryptography. It also is one of the finest computer security books ever written. Bruce Schneier is a cryptologist who has a passion for cryptography, and it shows in his masterpiece. Instant classic is an often used oxymoron, yet that term is most appropriate to describe Applied Cryptography. If you have any interest with security and encryption, Applied Cryptography is clearly the definitive publication to reference and the most comprehensive text available about security and encryption. It might sound as if via my high praise for this book that I am getting some type of endorsement, that is not the case. It is just that Applied Cryptography is quite simply the most comprehensive, up-to-date work about cryptography.

The vast array of topics covered by the book is truly astounding in is depth and breadth. There is hardly a single cryptological concept, either minor or major, that the book does not cover. It is not possible to detail everything Applied Cryptography covers. But a few of the topics are: Foundations of cryptography, Protocols, Protocol Building Blocks, Key Lengths, key exchange, key management, Algorithms, the mathematical of cryptography, DES, RSA, One-Way Hash Functions, Symmetric vs. Public-Key cryptography, Public-Key Digital Signature Algorithms, Substitution Ciphers and Transposition Ciphers, Digital Signatures, Random and Pseudo-Random Sequence Generation, PGP, Authentication, Advanced security Protocols, Cryptographic Techniques, Identification Schemes, the politics of cryptography and much (much!) more.

Applied Cryptography also includes the source code for DES, IDEA, BLOWFISH, RC5 and other algorithms. It even covers encryption algorithms from the former Soviet Union, including GOST.

The magnificence of Applied Cryptography is that Schneier is able to take very complex, abstract ideas and express them in an extremely comprehensible manner. Applied Cryptography therefore lacks the dryness that plagues a lot of textbooks. Schneier is able to take both theoretical and academic ideas, and mold them into practical real-world intelligible book. All in all, Applied Cryptography makes for some very enjoyable and occasionally humorous reading.

One thing I really liked about Applied Cryptography is its index. Rather than using the traditional cumbersome citations such as RIV92b or GOL88 that often take a while to locate, Schneier simply uses numbers. In light that he references over 1600 sources, it makes looking up the sources an incredible time saver. What is extremely impressive about Applied Cryptography is that Schneier quotes from every imaginable source. From general security periodicals, scholarly academic journals, conference proceedings, government publications and official standards, Schneier has been there.

Schneier writes at length about whether a crypto customer should choose an algorithm for that is publicly published algorithm (i.e., DES, RSA, Blowfish) or to use a proprietary algorithm that belongs to a specific manufacturer. With a proprietary algorithm, Schneier writes that it is impossible to determine how truly secure the algorithm is, given that the owners do not generally make their code available for open inspection. There is even the possibility that the manufacturer (or government, if under federal contract) has put in a back door into the algorithm. Schneier states that: "Putting your trust in a single manufacturer, consultant, or government is asking for trouble. The NSA has some of the world's best cryptographers working for it, but it is hard to know if they're telling you all you know."

This idea then segues into the (in)famous Clipper chip and concept of key escrow. As a world class cryptographer, Schneier has major issues with the concept of Clipper, calling it "Orwellian" Schneier feels that encryption is too important to be left to the government and Clipper advances the power of the government over the right of the people.

In conclusion, Applied Cryptography is a must have book for anyone involved with encryption and security.

Rating:
Summary: Comprehensive and gentle
Review: Depending on what level of rigor one wishes, this is either an excellent book or an adequate book.

First, the negatives -- this book is several years old, and the cryptography community moves as rapidly as most other computer industries. So, it feels dated, and completely misses out on the AES candidates and the AES winner, Rijndael.

The positives -- this book is comprehensive. It covers practically all topics of modern cryptography in some detail, and -- the real gem of the book -- contains a bibliography with over 1500 entries. This book also provides for a wonderfully gentle introduction to cryptography; it doesn't assume the reader already knows the subject.

Where this book is likely to falter is in the rigorousness category -- this book was not intended for a mathematical or theoretical work. This book was intended to convey the ideas of cryptography to people who would be asked to implement cryptographic protocols or schemes designed by others. As such, I feel it does a good job.

Those that are more experienced may find the book useful for its comprehensive bibliography: check the table of contents for subjects, read the passages, and track down the references. Very easy, and very fast. (... has links to many of the references, though without the topical index afforded by the text.)

Rating:
Summary: The Tomb of Knowledge
Review: I read this book 2 years ago. I find myself still using it as my main reference to this date. Bruce Schneier covers all types of algorithms and related topics in depth; very nice additions are the risks and known attacks against mentioned algorithms as well as well explained counter-measures. With a good knowledge of C this book is sufficient to write a well thought-out and theoreticaly secure encryption product. This is a "must-read" for anyone interested in the field.

Rating:
Summary: Great Introduction to Cryptography
Review: I was introduced to this book through a school course that I attended, and I've been hooked ever since. Bruce Schneier explains everything critical to applying cryptography to computers (minus any serious mathematical proods) using C++ as a basis. But dont worry if you don't understand programming, theres many other brilliant parts of the book. But the best thing is the clear humorous cynicism of the author as he quietly slides his political propaganda (of the anti-NSA variety) whichs keeps the book fascinating. Ive read the book cover to cover twice, and as soon as my memory fades of the book again, I'll read it again.