Review: Applied Cryptography: Protocols, Algorithms and Source Code in C

Review: Applied Cryptography: Protocols, Algorithms and Source Code in C

Applied Cryptography
Protocols, Algorithms and Source Code in C
Second Edition
Bruce Schneier
John Wiley & Sons
760 pages, USD $49.99
ISBN 0-471-11709-9

Today, more and more people are concerned about data security. They want to make sure their files are safe and that nobody reads their e-mail. Still they refuse to rememorize long, difficult passwords.

If you're a developer, you are in a difficult position. You need to have information to aid you in choosing the right cryptographic algorithm, how to create cryptographically strong keys, how to store those keys, and so on.

If you're looking for such information, Bruce Schneier's book Applied Cryptography is the right place to start. In about 650 pages, divided into five parts, you will learn almost everything you need to know about practical cryptography.

In the introductional parts you will learn what cryptography is all about. You will learn what public-key security is, and how a key is often much more important than the used algorithm. Also, you will learn what the Dining Cryptographer Problem is, among many other funny things. Plus, many crypthographical protocols of all sorts come clear along the way.

Many more things follow, including information about the subliminal channel, bit commitment, oblivious signatures, digital cash, nonlinear keyspaces to name a few. In total, just the first two parts of the book are worth the price.

In part three, you enter the world of algortihms in full detail. Algorithms including DES, RC2, IDEA, SEAL, Blowfish (the author's own design), RSA, MD5 and DSA come clear to the lowest level.

Although the subject matter, including sometimes heavy-duty mathematical background, is not lightweight reading, Schneier gives the human touch to the text. It is not cold facts, but often funny, and sometimes quite surprising text with help from the dramatic characters Alice, Bob, Carol and Dave. Sometimes Alice is a FBI agent, and sometimes a waitress in the local three-star restaurant. But don't think the text is only a joke, because it isn't. It is serious text, but why should it be boring?

If you think the book doesn't give you enough detail, read the over 1600 referenced texts. 1600 -- can you believe? But honestly speaking, you don't need to read those, as this book has more than you can internalize, at least if you read it only once. With a more referential approach in the parts three to five, this is a book you want to keep.

The only thing missing is a diskette including the C source code for the algorithms. Currently the code exists only on paper taking about 50 pages. Otherwise the book couldn't be exported from the USA. Armament or not, this book is highly recommended.

Points 4+/5