PRO+ Premium Content/Information Security

Thank you for joining!
Access your Pro+ Content below.
September 2003

Review: Practical Cryptography corrects Applied Cryptography's faults

Many consider Bruce Schneier's Applied Cryptography to be the quintessential crypto text, providing copious implementation details for an expansive list of protocols and algorithms. Yes, it's packed with exhaustive amounts of information, but little analysis or examples. This leads many of its readers to implement poorly constructed crypto-security systems, a classic example of too much information being a dangerous thing. Schneier and coauthor Niels Ferguson correct these shortcomings in Practical Cryptography. This isn't a book about programming; it's about giving readers the pieces of a good crypto-system and showing how to properly use them. Schneier and Ferguson approach cryptography from a down-and-dirty engineering level, working from the basic requirement that a good system should provide -- at a minimum -- a 128-bit security level. This means that an attacker would have to perform about 2128 steps to break the system. It turns out that a cipher with a 128-bit key will usually only yield about 264 bits of security. ...

Access this PRO+ Content for Free!

Features in this issue

Columns in this issue