Applied Cryptography Protocols, Algorithms and Source Code in C, 20th Anniversary Edition

Review :

Getting hold of a copy of Applied Cryptography took some effort (maybe the crypto export controls it makes such a big deal about have something to do with it, but incompetence is more likely to blame), but it's everything I expected it to be: a rock-solid book about cryptography as she is practised, with enough theoretical background to be relevant and links to an endless amount more.

However, the first edition of this book came out in 1994, and this second edition in 1996, and that's a long time ago. How long The URL the book lists for the NIST is a gopher address: gopher://csrc.ncsl.nist.gov. Large swathes of it just don't apply anymore, and only serve as historical curiosity-and there's not always an easy way to tell which those are.
Much of the book focuses on DES, which is now well and truly buried as far as anyone except Hiroyuki Nishimura is concerned, and the expanding Internet has created whole new areas of consideration, including routine password storage (slow hashes aren't mentioned at all; crypt(3) is, but its deliberate slowness isn't even remarked upon).

Presumably one of Schneier's later books (like Practical Cryptography, though that's over a decade old now too) would be a better choice for people interested in the current situation, but Applied Cryptography is still more than excellent for historical context or for people who are interested in any of the specific algorithms or protocols discussed.


8 downloads 433 Views 21.6 MB Size