I wrote Applied Cryptography to be both a lively introduction to the field of cryptography ,i da comprehensive reference. I have tried to keep the text readable with-out sacrii ing accuracy. This book is not intended to be a mathematical text. Although ; l have not deliberately given any false information, I do play fast and loóse with theo . For those interested in formalism, there are copious references to the academic terature. Chapter introduces cryptography, defines many terms, andbriefly discusses pre-computer ryptography. Chapter; 2 through 6 (Part I) describe cryptographic protocols: what people can do with cryp •. igraphy. The protocols range from the simple (sending encrypted mes-sages fron )ne person to another) to the complex (flipping a coin over the telephone) to the es( i •ric (secure and anonymous digital money exchange). Some of these protocols are bvious; others are almost amazing. Cryptography can solve a lot of prob-lems that lost people never realized it could. Chapters 7 through 1 (i \ Part II) discuss cryptographic techniques. All four chapters in this section are importa i u for even the most basic uses of cryptography. Chapters 7 and 8 are about keys: how long a key shouid be in order to be secure, how to genérate keys, how to store keys, how 10 dispose of keys, and so on. Key management is the hardest part of cryptography anii often the Achilles' heel of an otherwise secure system. Chap-ter 9 discusses different ways of using cryptographic algorithms, and Chapter 10 gives the odds and ends of al^i irithms: how to choose, implement, and use algorithms. Chapters 11 through 23 (Part III) list algorithms. Chapter 11 provides the mathe-matical background. Th is chapter is oniy required if you are interested in public-key algorithms. If you just \\ ant to implement DES (or something similar), you can skip ahead. Chapter 12 discusses DES: the algorithm, its history, its security, and some variants. Chapters 13, I i, and 15 discuss other block algorithms; if you want something more secure than I )ES, skip to the section on IDEA and triple-DES. If you want to read about a bunch oí algorithms, some of which may be more secure than DES, read the whole chapter Chapters 16 and 17 discuss stream algorithms. Chapter 18 focuses on one-way hash functions; MD5 and SHA are the most common, although I discuss many more. Chapter 19 discusses public-key encryption algorithms, Chapter 20 discusses public-key digital signature algorithms, Chapter 21 discusses public-key identification algorithms, and Chapter 22 discusses public-key key exchange algorithms. The impoitant algorithms are RSA, DSA, Fiat-Shamir, and Diffie-Hellman, respectively. i liapter 23 has more esoteric public-key algorithms and pro-tocols; the math in this chapter is quite complicated, so wear your seat belt. Chapters 24 and 25 |Part IV) turn to the real worid of cryptography. Chapter 24 discusses some of the n-irrent implementations of these algorithms and protocols, while Chapter 25 touchcs on some of the political issues surrounding cryptography. These chapters are by rui means intended to be comprehensive. Aiso included are son i ce code listings for 10 algorithms discussed in Part III. I was unable to include all the code I wanted to due to space limitations, and cryptographic source code cannot otherwise be exported. (Amazingly enough, the State Department allowed export of the first edition of this book with source code, but denied export for a computer disk with the exact same source code on it. Go figure.) An associated source coi-lc disk set includes much more source code than I couid fit in this book; it is prob;ilily the largest collection of cryptographic source code out-side a military instituticn. I can oniy send source code disks to U.S. and Canadian citizens living in the US. and Canadá, but hopefully that will change someday. If you are interested in implementing or playing with the cryptographic algorithms in this book, get the disk. Sce the last page of the book for details. One criticism of this book is that its encyclopedic nature takes away from its readability. This is truc but I wanted to provide a single reference for those who might come across an algorithm in the academic literature or in a product. For those who are more interestnl in a tutorial, I apologize. A lot is being done in the field; this is the first time so much of it has been gathered between two covers. Even so, space considerations torced me to leave many things out. I covered topics that I felt were important, practk,il, or interesting. If I couldn't cover a topic in depth, I gave references to arricies aru) papers that did.