Applied Cryptography

The explosive growth of public and private computer networks has resulted in a tremendous increase in the volume of sensitive and valuable data that is routinely stored and transmitted digitally. From computer messages speeding through global networks to vast sums of money transferred electronically, the greatest challenge in this new "digital world" is keeping this information out of the hands of unauthorized users who prey on vulnerable computer systems.

In Applied Cryptography, data security expert Bruce Schneier details how programmers can use cryptography — the technique of enciphering and deciphering messages — to maintain the privacy of computer data. Covering the latest developments in practical cryptographic techniques, the book shows programmers who design computer applications, networks, and storage systems how security can be built into the computer software and systems we use every day. Along with more than 100 pages of actual C source code of working cryptographic algorithms, this practical handbook:

• Explains data encryption protocols and techniques currently in use and likely to be used in the future
• Offers numerous present-day applications — from secure correspondence to anonymous messaging
• Includes numerous source code fragments and shows how to incorporate them into larger programs
• Discusses related issues like patents, export law, and legal rulings

1. Foundations
1. Terminology
2. Classical Cryptography
3. Large Numbers
• Part I: Cryptographic Protocols
2. Protocol Building Blocks
1. Introduction to Protocols
2. Communications Using Symmetric Cryptography
3. One-Way Functions
4. One-Way Hash Functions
5. Communications Using Public-Key Cryptography
6. Digital Signatures
7. Digital Signatures with Encryption
8. Random and Pseudo-Random Sequence Generation
3. Basic Protocols
1. Key Exchange
2. Authentication
3. Authentication and Key Exchange
4. Multiple-Key Public-Key Cryptography
5. Secret Splitting
6. Secret Sharing
7. Cryptographic Protection of Databases
8. Timestamping Services
4. Intermediate Protocols
1. Subliminal Channel
2. Undeniable Digital Signatures
3. Fail-Stop Digital Signatures
4. Group Signatures
5. Computing with Encrypted Data
6. Bit Commitment
7. Fair Coin Flips
8. Mental Poker
5. Advanced Protocols
1. Fair Cryptosystems
2. All-or-Nothing Disclosure of Secrets
3. Zero-Knowledge Proofs of Knowledge
4. Zero-Knowledge Proofs of Identity
5. Blind Signatures
6. Esoteric Protocols
1. Oblivious Transfer
2. Simultaneous Contract Signing
3. Digital Certified Mail
4. Simultaneous Exchange of Secrets
5. Secure Elections
6. Secure Multiparty Computation
7. Digital Cash
8. Anonymous Message Broadcast
• Part II: Cryptographic Techniques
7. Key Length
1. Key Length
2. Key Management
3. Public-Key Key Management
8. Using Algorithms
1. Block Cipher Modes
2. Multiple Encryption
3. Stream Ciphers
4. Stream Ciphers vs. Block Ciphers
5. Public-Key Cryptography vs. Symmetric Cryptography
6. Encrypting Communications Networks
7. Encrypting Data for Storage
8. Hardware Encryption versus Software Encryption
9. File Erasure
10. Choosing an Algorithm
• Part III: Cryptographic Algorithms
9. Mathematical Background
1. Information Theory
2. Complexity Theory
3. Number Theory
4. Factoring
5. Prime Number Generation
6. Discrete Logarithms in a Finite Field
10. Data Encryption Standard (DES)
1. Data Encryption Standards(DES)
2. DES Variants
11. Other Block Algorithms
1. Lucifer
2. Madryga
3. NewDES
4. FEAL-N
5. REDOC
6. LOKI
7. Khufu and Khafre
8. RC2 and RC4
9. IDEA
10. MMB
11. CA-1.1
12. Skipjack
13. Using One-Way Hash Functions
14. Other Block Algorithms
15. Which Black Algorithm Is Best?
12. Public-Key Algorithms
1. Background
2. Diffie-Hellman
3. Knapsack Algorithms
4. RSA
5. Pohlig-Hellman
6. Rabin
7. Fiege-Fiat-Shamir
13. More Public-Key Algorithms
1. Guillou-Quisquater
2. Ong-Schnorr-Shamir
3. ElGamal
4. Schnorr
5. Digital Signature Algorithm (DSA)
6. ESIGN
7. McEliece
8. Okamoto
9. Cellular Automata
10. Elliptic-Curve Cryptosystems
11. Other Public-Key Algorithms
12. Which Public-Key Algorithm Is Best?
14. One-Way Hash Functions
1. Background
2. Snefru
3. N-Hash
4. MD4
5. MD5
6. MD2
7. Secure Hash Algorithm (SHA))
8. RIPE-MD
9. HAVAL
10. Other One-Way Hash Functions
11. Using Symmetric Block Algorithms
12. Using Public-Key Algorithms
13. Which One-Way Hash Function Is Best?
14. Key-Dependent One-Way Hash Functions
15. Random Sequence Generators and Stream Ciphers
1. Pseudo-Random Sequence Generators
2. Stream Ciphers
3. Real Random Sequence Generators
4. Generating Numbers and Nonuniform Distributions
5. Generating Random Permutations
16. Special Algorithms for Protocols
1. Key Exchange
2. Encrypted Key Exchange
3. Multiple-Key Public-Key Cryptography
4. Secret Broadcasting
5. Secret Sharing Algorithms
6. Subliminal Channel
7. Undeniable Digital Signatures
8. Computing with Encrypted Data
9. Fair Coin Flips
10. Fair Cryptosystems
11. All-or-Nothing Disclosure of Secrets
12. Zero-Knowledge Proofs of Knowledge
13. Blind Signatures
14. Oblivious Transfer
15. Secure Multiparty Computation
16. Probabilistic Encryption
17. Quantum Cryptography
• Part IV: The Real World
17. Example Implementations
1. IBM Secret-Key Management Protocol
2. Mitrenet
3. ISDN
4. Kerberos
5. Kryptoknight
6. ISO Authentication Framework
7. Privacy-Enhanced Mail (PEM)
8. Message Security Protocol (MSP)
9. Pretty Good Privacy (PGP)
10. Clipper
11. CAPSTONE
18. Politics
1. National Security Agency (NSA)
2. National Computer Security Center (NCSC)
3. National Institute of Standards and Technology (NIST)
4. RSA Data Security, Inc.
5. International Association for Cryptologic Research (IACR)
6. Sci.crypt
7. Cypherpunks
8. Research and Development in Advanced Communication Technologies in Europe (RACE)
9. Electronic Frontier Foundation (EFF)
10. Computer Professionals for Social Responsibility (CPSR)
11. Patents
12. Export Rules
13. Legal Issues
• Part V: Source Code
• Source Code

First Edition. Skip it and buy the second edition instead (it is still a good and valid book).