This book has really shed a lot of light on cryptography for me. I honestly can't put it down--I wish I had paid more attention in my statistics classes so I could be able to apply some of the stuff the author talks about better. I am about half way through the book, and I haven't gotten to the point where it's more of a chore than a pleasure to read it (something I can't about my other technical books).
Glancing through the C source code at the end of the book started me thinking on the code implementation in my efforts - although I used Java althrough my life. I am not much comfortable with the C code because I was hoping for more goodie examples. If you want some practical guidance..you may little bit uncomforatble as well. At the end of the day if you are serious about Cryptography then you really need to get a copy of this.

This book is really incredible. When it was first published in the mid-90's, there was almost no material available on the subject of cryptography. Now, ten years later, there are dozens, if not hundreds, of books riding on Schneier's coattails - but almost none have anything new or useful to say. Impeccably researched (with 1,653 references!) and unarguably complete, Schneier's expertise in theoretical mathematics, experience as a practitioner, and razor-sharp lucidity combine to make this the only book you'll ever need on the subject of cryptography.

AP was exactly what I needed for the practical background necessary to implement the cryptosystems used in a number of products we've built.

I found the book to be excellent, thorough, and well written - highly recommended (and hardly "shelf ware" as some of the other venom-filled reviewers have claimed).

I've never seen so many pages devoted to pure text. Man oh man, is there a lot of talk--yak yak yak. All technical issues are detoured, inviting the reader to check out the references listed at the end of the book (all I have to buy is 1,643 references--gee, thanks). I find it disheartening that a 700 page book on cryptography doesn't give out a lick of information on the actual subject. If you like a bunch of talk and some hand waving explanations, then this book is definitely for you. Engineers and computer programmers may not be satisfied.

For anyone working or studying the crypto-world (IT Security, Cryptographer, Cryptologists, PKI/PGP/SecureID Technologists, etc.) this is a must read.

For the fascinating world of Cryptography (the practical application of Cryptology) this is an essential textbook that any graduate course of digital security and cryptology should include. It is inteded as a reference book as well as a practical book to have handy for the working professional.

It's no wonder the NSA had asked the author not to publish this book. It leaves the Crypto-world naked to the average viewer/reader!

This book provides excellent coverage of the mayor cryptography algorithms. It is a must have (for academic study or implementation), if only for the completeness of coverage and the comprehensive references. The C code provided is adequate, but reasonable programming skills are assumed. The book is not overly mathematical (which many of the other cryptography texts are - this is great for me, as I am more intereseted in practice). There is also good information on assessing / comparing the merits of different algorithms. Great for the practictioner or student taking a first course (it's still not bedtime reading). Mathematicians will look for more ......

Over the long term, this is the applied math book that I come back to most often.

The first quarter of the book may come as a surprise. It's not about encryption, it's about secure protocols. This is great stuff. It includes secure key exchange, where you and I can agree on an encryption key in a public conversation, but none of the other listeners know what we agreed on. It includes zero-knowledge proofs, ways of establishing authorization without releasing your identity. It includes lots more, as well. The next brief section discusses different modes for using encryption algorithms, key management, and other logistics.

The third section is what you might have expected: detailed descriptions of many encryption schemes, taking up at least half the book. That includes public key schemes, private key codes, secure hashing algorithms, and all the other details needed for implementing the algorithms. One of the most useful subsections here is a set of pseudorandom number generators. It's not exhaustive, by any means - it omits the Mersenne Twister, for example. Still, it gives a fair set of algorithms, some of which are "cryptographically secure". That means the generator's output strongly resists attempts to find regularities, just the way a truly random sequence would.

The last two chapters give a brief summary of the practice, legalities, and even culture around cryptography.

This won't make you into a crypto professional. Despite its 600+ pages, it barely introduces the world of crypto and certainly doesn't release anything from the "closed" world of government agencies. It will, however, give you useful algorithms, a basic background, and an appreciation of just what real crypto is about. That last may be the most important part. Too many people think inventing a good code is like making love: anyone can do it, and they instinctively do it better than most people. Wrong! Real crypto is not for dabblers, and this book gives some sense of what is involved.

The first edition of "Applied Cryptography" was a landmark text, but the second edition is even better. It's so much better that, if you just have the first edition, you really should upgrade to the second, and I've never said that about any other book.

If you want to buy a book which is a wonderful introduction to cryptography, then you have just found it.
Many books suffer from excessive bloat where the author tries to be everything to everybody.
This book is not one of them.
It's lean and clean and it'll turn you into a mean cryptographic machine.

Some reviewrs seem to berate the author for:
a) losing his job
b) trying to make a buck by writing books
c) not writing a mathematical tome

Well, I have some news for you:
a) Anyone can get laid off from any job at any time - period.
b) All authors write books for money.
c) The author clearly states at the beginning of the book under the heading, How to read this book - 'I wrote Applied Cryptography to be both a lively introduction to the field of cryptography and a comprehensive reference...This book is not intended to be a mathematical text.'

Need I say more.

If you have no knowledge on cryptography and want to get some information, this book is suit for you. If you are doing some actual work, it's not a good one. The book does not cover sufficient mathematic knowledge, and contains errors. E.g., the proof of RSA decryption is absolately wrong! Can't beleive!

If Bruce Schneier has acquired a habit, it is the ability to take the same old material and rehash it into different books, year after year. My guess is that, next year, he'll use another slightly different angle and try to sell you the same basic information. What you need to do, as a consumer, is step back and see this book for what it is: supplemental income and marketing for Bruce Schneier.

Years ago, Bruce was laid off from AT&T Bell Labs. Since then, Bruce has been using rubes like you to augment his salary. Let's face it; if Bruce were a Ken Thompson or a Claude Shannon, he'd probably still have his job at Bell Labs. But he isn't and he doesn't. Instead he wrote Applied Cryptography and touted himself as an expert. The problem is that most people believed him. Not many people actually know an active cryptographer who can dispel fact from fiction.

Applied Cryptography is just a tourists look at algorithms whose mathematical foundations, and use, are explained more effectively by other authors. Applied Cryptography may have been there first, but the industry has moved forward. Better books currently exist that are more rigorous, not to mention more lucid. This is strictly a "shelfware" book that you'd keep at your desk to impress your coworker's with, nothing more.

Recently I spoke with a PhD, from Brown, who performed decades of research in number theory. He recommended "Cryptography in C and C++," by Michael Welschenbach. He also said "I don't know why people think Applied Cryptography is such a good book. He [Schneier] doesn't seem to understand the mathematics very well." Pick up Applied Cryptography sometime and compare it side-by-side with Welschenbach's book. You'll see what that PhD was talking about.

What I find truly onerous about his books is the condescending tone that Schneier adopts when addressing the reader. It's if he's saying "I am so much more elite than you, I can't even begin to tell you." The truth is that Bruce Schneier is a lot of style without much substance. What he lacks in ability he makes up for with moxie. Having lived in Minneapolis, I'm more than familiar with the type of yuppie pretenders that live on Hennepin Avenue with their nose piercings and their tattoos. Bruce, that ponytail doesn't fool anybody. You're just another suit from the midwest with something to sell. Freakin' cake eaters...

Excellent introduction and explanation for both novice and professional cryptographers. Easy read with very detailed explanation. I Highly Recommend both this and Handbook of Applied Cryptography (for some of the mathematical algorithms) if you are planning on implementing your own cryptographic library.

Bruce Scheier clear writing makes understandable the hard issues very well. If you want to know that what cryptography has been used and also can be used for real life. Like digital money, authentication systems , secret sharing etc...
This is not a theoric math book it explains the spirit of cryptography but and its usage.After reading it I recommend that get a mathematical oriented cryptography book like "Introduction to Cryptography with Coding Theory
"

You know that Applied Cryptography: Protocols, Algorithms, and Source Code in C is a classic, since anyone who write a book or article about crypto quotes and plagiarizes from Schneier.

But this is the text if you want to be a crypto guru.

Mr. Schneier does a beautiful job of making the most complex topics of cryptography easy to understand. His examples and explanations brilliantly explain the topics. This book is actually a very interesting approach to something that at first glance would appear dull and dry. There are plenty of charts and diagrams, as well as the source code for popular encryption algorithms. These visuals, and the accompanying text have really aided me in understanding cryptography. I would recommend this book to anyone wanting to have a better understanding of cryptography.

Great job Mr. Schneier.

It covers many theories. However, this book is boring and it is hard to transfer what you learned to real world application without other resources. You can not download the small C programs in book if you don't pay ($). Probably I should buy other books with free programs.

Security bible. Contains indepth technical details of security protocols and concepts.

Of course, one of the best book i've ever read about this field.
It's to be underlined the division of the book: in the first part you can find a very interesting summarize about cryptography and its algorithms.
In the second part there is a little introduction on maths field (it's better to have a base on this field to understand this part very well),
and then there are some chapters dedicated to implementations..

Well done

If you are interested in understanding cryptography, this book should be at your side. Mr. Schneier has produced a book that speaks to beginners as well as experts. This volume includes source code for popular algorithms and is highly recommended for those who wish to be informed on the most widely used algorithms.

Only gets 4 stars because much recent information is not in the book. Hopefully the author is working on an update that will include the latest advances.(I would have given it 4.5 stars if it was possible)

Schneier's book is a great primer for programmer's looking to expand into crypto. It gives a good overview of protocols and implementations, and goes the extra mile in telling budding cryptographers what has already been tried and proven to be weak.
My only detractions are the stunning amount of references embedded in each page (a testament to how well-versed Schneier is on the subject) and the lack of mathematical depth (which is the key to truly understanding cryptanalysis). Obviously, the copious amounts of references are where the mathematical depth can be found, but it would have been nice to extend the work another couple of chapters to cover more details on quadratic residues and NP-complete problems.
All in all, a must have for implementers of cryptographic algorithms. Maybe a third edition that covers the last few years will come out soon.

Schneier's book is a great primer for programmer's looking to expand into crypto. It gives a good overview of protocols and implementations, and goes the extra mile in telling budding cryptographers what has already been tried and proven to be weak.
My only detractions are the stunning amount of references embedded in each page (a testament to how well-versed Schneier is on the subject) and the lack of mathematical depth (which is the key to truly understanding cryptanalysis). Obviously, the copious amounts of references are where the mathematical depth can be found, but it would have been nice to extend the work another couple of chapters to cover more details on quadratic residues and NP-complete problems.
All in all, a must have for implementers of cryptographic algorithms. Maybe a third edition that covers the last few years will come out soon.

Although this is still considered the bible of cryptography, I read it like a novel and found it only ok, but it serves as an invaluable reference. I find that quoting pages out of this book stops people arguing with me when I talk about Crypto in my job.
Key thing about this book is that it describes many algorithms that you have never heard of and never need to. Having an understanding of what is mainstream and what are the basics will help you.
At the end of the day if you are serious about Cryptography then you really need to get a copy of this.

The foundations outlined in the first three parts of the book are strengthened with a practical language and I sum up. I received the book few days ago and it impressed me the form in which arrives to the reader, in the personal thing the knowledge of the book they will help me to strengthen my knowledge in cryptography. Maybe with images of digital certificates the book would have bigger back, although for the year of edition it is understandable.

This is a highly useful, very clearly and lucidly written, and quite comprehensive coverage of cryptography up through the mid-90s. Unfortunately, quite a few developments have occurred since it was written - for example, the new AES encryption standard is not covered. And some of the coverage of legal and political issues is now obsolete - a lot has happened in this area in the past few years. It's still a very good book, but it needs an update.

If there's one book I keep referring to again and again, it's this one. It is very well written and a joy to read. Schneier has given us an excellent blend of humour, crypto and great writing.

It's not very mathematical (there are other books like the handbook of applied crypto by Menezes et al. for that) and gets straight to the guts of the algorithms, and it's been very helpful when implementing algorithms.

Though it's slightly old, I'd recommend this book to anyone starting out on cryptography.

Pretty good source of information about cryptography. The way it is written guides you through this (sometimes - almost alltimes) difficult terrain.

Bruce is trying to bring this knowledge to the masses, and does a good job. It is up to you to continue to more specialized text books or stay at this level.

This is one of the few cryptograhpy book that can be fun to read. It is also a catalogue containing quite a number of algorithms along with readable explanations that make it easy to understand. However, if the reader doesn't understand what an XOR operation is, this book can be quite hard to finish. No in depth maths here. I bought this book in 99 and found it useful, because it helped me gain insight, into the practical application of crytograhpy in my programming endevours. Glancing through the C source code at the end of the book started me thinking on the code implementation in my efforts. A stimulating read. Fours stars because I was hoping for more goodies. Beware!!! Some people around you might think that this book is written in a language resembling english, all about Alice, Bob, Carol, Mallory and company.

Did anybody mention that you have to pay extra if you want to get the source code? There is no CD included. The author includes one of those "send check or money order to..." advertisements at the end of the book. ...

This is a comprehensive guide to both the protocols and the algorithms. The author supplies a lengthy list for furhter reading as well. The source code is shipped to North American readers at extra cost. Highly recommended.

This book has really shed a lot of light on cryptography for me. I honestly can't put it down--I wish I had paid more attention in my statistics classes so I could be able to apply some of the stuff the author talks about better. I am about half way through the book, and I haven't gotten to the point where it's more of a chore than a pleasure to read it (something I can't about my other technical books). Get it!

Sometimes you must choose either clarity (for the newbies) or in-depth obscure explanations (for the experts). Bruce Schneier has done the great job of joining the two aspects together. He explains things clearly and even playfully. He enjoys teaching, he enjoys cryptography and you can tell it from his style. But he does not stop there: he explains things in depth whenever possible and useful, and tries to explain how a cryptosystem is evaluated, how to choose between algorithms, and how to correctly implement cryptography in your works. This book is an absolute must have for everyone interested in cryptography, and can substitute very well even an academic course on the matter.

This book is a very strong introduction to computer-based cryptography, especially geared towards programmers who aren't solely interested in the mathematical theory behind cryptography, and refers the reader to a number of other good books on topics that it doesn't cover. My only complaint is that some of the material in it is a bit dated (notably the entire section on the Clipper chip). If a fourth edition came out today, I think it would be worthwile to buy.
However, for someone looking to learn about cryptology in general, this is not the book to buy. This focuses only on the needs of engineers who want/need to learn about cryptology, without forcing them to learn all of the theory.

This is not a simplified overview, be warned. Simon Singhs The Code Book is for armchair readers. This is a comprehensive and detailed examination of how real world cryptography is done. It's an excellent book for programmers seeking to implement security into their programs. It is also an eye-opening look at how even the cleverest security algorithms can be compromised. The emphasis is on illuminating just how difficult it can be to protect communications. The devil is in the details and Schneier gives you the details but in an understandable way.

Bruce Schneier's APPLIED CRYPTOGRAPHY is an excellent book for anyone interested in cryptology from an amateur level to actually being involved in the development of new encryption mechanisms. Schneier's book begins with a simple discussion of what is cryptography, and then he proceeds through the history of various encryption algorithms and their functioning. The last portion of the book contains C code for several public-domain encryption algorithms.

A caveat: this is not a textbook of cryptography in the sense that it teaches everything necessary to understand the mathematical basis of the science. Schneier does not discuss number theory because he expects those who use the relevant chapters of the book will already have training in higher maths. Nonetheless, the book does contain a wealth of information even for the layman.

One helpful part of Schneier's book is his opinion of which encryption algorithms are already broken by the National Security Agency, thus letting the reader know which encryption programs to avoid. There will always be people who encrypt to 40-bit DES even though it is flimsy and nearly instantly breakable, but the readers of APPLIED CRYPTOGRAPHY can greatly improve the confidentiality of their messages and data with this book. Discussion of public-key web-of-trust is essential reading for anyone confused by how public-key signatures work.

APPLIED CRYPTOGRAPHY was published in 1995 and some parts are already out of date. It is ironic that he hardly mentions PGP, when PGP went on to become the most renowned military-strength encryption program available to the public, although it is being superseded by GnuPG. Another anachronism is Schneier's assurance that quantum computing is decades away. In the years since publication of APPLIED CRYPTOGRAPHY we have seen some strides in quantum computer, even the creation of a quantum computer that can factor the number 15. While this publicly known quantum computer is not at all anything to get excited about, it is certain that more powerful quantum computers are in development and classified by NSA. Because a quantum computer can break virtually any traditional cipher, hiding the message (steganography) is becoming more important than ever. In the era of Schneier's book steganography was unnecessary because ciphertext could withstand brute-force attacks, but with advances in computing power steganography is becoming vital to secure communications. It would be nice to see the book updated with this topic, because cryptography and steganography can no longer be regarded as two distinct fields.

All in all, in spite of its age, APPLIED CRYPTOGRAPHY is recommended to anyone interested in cryptography. It ranks among the essential books on the field, although an updated version is certainly hoped for.

I will have to agree with some of the other reviewers that this book finesses a bit on number theory and some of the other mathematical fundamentals of cryptography. I am not dissapointed by this, however. After all the title of the book is "Applied Cryptography."

Schneier gives the reader a lot for his/her money. The books is well written and an easy (considering the subject matter) and interesting read as well. "Applied Cryptography" covers a lot of territory - you get the basics of cryptographic theory, detailed treatment of many of the most commonly implemented cryptographic algorithms and protocols (including their potential weaknesses), and lots of source code.

If you want to know the sordid details about number theory or pseudo random numbers, there are plenty of books in print that go into great (and often laborious) detail on these subjects. The title says it all -- this is an excellent book on applied cryptography!

Most books that focus on cryptography tend to be academic and very dry reading. Not this one; Schneier has crafted an easy to read book that covers cryptographic techniques and issues.

The book is divided into four major sections: Cryptographic Protocols, Cryptographic Techniques, Cryptographic Algorithms, and a section called "The Real World" that discusses examples of how cryptographic protocols and algorithms are actually used. It also discusses political issues.

The book contains the source code (in printed form) to many of the algorithms discussed in the book. The algorithms include: DES, IDEA, Blowfish, RC5, SEAL and others.