出版社: Wiley
副标题: Protocols, Algorithms, and Source Code in C
出版年: 18 October, 1995
页数: 758
定价: $60.00
装帧: Paperback
ISBN: 9780471117094
内容简介 · · · · · ·
. . .the best introduction to cryptography I've ever seen. . . . The book the National Security Agency wanted never to be published. . . . Wired Magazine
". . .monumental . . . fascinating . . . comprehensive . . . the definitive work on cryptography for computer programmers . . ." Dr. Dobb's Journal
". . .easily ranks as one of the most authoritative in its field." PC...
. . .the best introduction to cryptography I've ever seen. . . . The book the National Security Agency wanted never to be published. . . . Wired Magazine
". . .monumental . . . fascinating . . . comprehensive . . . the definitive work on cryptography for computer programmers . . ." Dr. Dobb's Journal
". . .easily ranks as one of the most authoritative in its field." PC Magazine
". . .the bible of code hackers." The Millennium Whole Earth Catalog
This new edition of the cryptography classic provides you with a comprehensive survey of modern cryptography. The book details how programmers and electronic communications professionals can use cryptographythe technique of enciphering and deciphering messagesto maintain the privacy of computer data. It describes dozens of cryptography algorithms, gives practical advice on how to implement them into cryptographic software, and shows how they can be used to solve security problems. Covering the latest developments in practical cryptographic techniques, this new edition shows programmers who design computer applications, networks, and storage systems how they can build security into their software and systems.
What's new in the Second Edition?
* New information on the Clipper Chip, including ways to defeat the key escrow mechanism
* New encryption algorithms, including algorithms from the former Soviet Union and South Africa, and the RC4 stream cipher
* The latest protocols for digital signatures, authentication, secure elections, digital cash, and more
* More detailed information on key management and cryptographic implementations
喜欢读"Applied Cryptography"的人也喜欢 · · · · · ·
书评 · · · · · ·
我来评论这本书
梦里醉逍遥 (愚者暗于成事，知者见于未萌。)
Factoring large numbers is hard. Unfortunately for algorithm designers, it is getting easier. Even worse, it is getting easier faster than mathematicians expected. In 1976 Richard Guy wrote: â€œI shall be surprised if anyone regularly factors numbers of size 10^80 without special form during the present centuryâ€?. In 1977 Ron Rivest said that factoring a 125digit number would take 40 quadrillio...20120905 16:55
Factoring large numbers is hard. Unfortunately for algorithm designers, it is getting easier. Even worse, it is getting easier faster than mathematicians expected. In 1976 Richard Guy wrote: “I shall be surprised if anyone regularly factors numbers of size 10^80 without special form during the present century”. In 1977 Ron Rivest said that factoring a 125digit number would take 40 quadrillion years. In 1994 a 129digit number was factored. If there is any lesson in all this, it is that making predictions is foolish.
回应 20120905 16:55 
梦里醉逍遥 (愚者暗于成事，知者见于未萌。)
Randomnumber generators are not random because they don't have to be. Most simple applications, like computer games, need so few random numbers that they hardly notice. However, cryptography is extremely sensitive to the properties of randomnumber generators. ... Of course, it is impossible to produce something truly random on a computer. Donald Knuth quotes John von Neumann as saying: &...20120901 23:09
Randomnumber generators are not random because they don't have to be. Most simple applications, like computer games, need so few random numbers that they hardly notice. However, cryptography is extremely sensitive to the properties of randomnumber generators. ... Of course, it is impossible to produce something truly random on a computer. Donald Knuth quotes John von Neumann as saying: "Anyone who considers arithmetical methods of producing random digits is, of course, in a state of sin". ... The best a computer can produce is a pseudorandomsequence generator. ... For our purposes, a sequence generator is pseudorandom if it has this property: 1. It looks random. This means that it passes all the statistical tests of randomness that we can find. ... For a sequence to be cryptographically secure pseudorandom, it must also have this property: 2. It is unpredictable. It must be computationally infeasible to predict what the next random bit will be, given complete knowledge of the algorithm or hardware generating the sequence and all of the previous bits in the stream. ... Philosophy aside, from our point of view a sequence generator is real random if it has this additional third property: 3. It cannot be reliably reproduced. If you run the sequence generator twice with the exact same input (as least as exact as humanly possible), you will get two completely unrelated random sequences.
回应 20120901 23:09 
梦里醉逍遥 (愚者暗于成事，知者见于未萌。)
There are many cryptographic algorithms. These are three of the most common:  DES (Data Encryption Standard) is the most popular computer encryption algorithm. DES is a U.S. and international standard. It is a symmetric algorithm; the same key is used for encryption and decryption.  RSA (named for its creators  Rivest, Shamir, and Adleman) is the most popular publickey algorithm. It ca... (1回应)20120901 22:00
不过好像DES现在已经被认为是不安全的了（DES is now considered to be insecure for many applications. This is chiefly due to the 56bit key size being too small; in January, 1999, distributed.net and the Electronic Frontier Foundation collaborated to publicly break a DES key in 22 hours and 15 minutes.  From Wiki），它的取代者为AES (Advanced Encryption Standard) 。There are many cryptographic algorithms. These are three of the most common:  DES (Data Encryption Standard) is the most popular computer encryption algorithm. DES is a U.S. and international standard. It is a symmetric algorithm; the same key is used for encryption and decryption.  RSA (named for its creators  Rivest, Shamir, and Adleman) is the most popular publickey algorithm. It can be used for both encryption and digital signatures.  DSA (Digital Signature Algorithm, used as part of the Digital Signature Standard) is another publickey algorithm. It cannot be used for encryption, but only for digital signatures.
1回应 20120901 22:00 
梦里醉逍遥 (愚者暗于成事，知者见于未萌。)
And don't forget Kerchhoffs' assumption: If the strength of your new cryptosystem relies on the fact that the attackers does not know the algorithm's inner workings, you're sunk. If you believe that keeping the algorithm's insides secret improves the security of your cryptosystem more than letting the academic community analyze it, you're wrong. And if you think someone won't disassemble your code...20120901 21:48
更进一步在Cryptanalysis的领域对之前Preface里关于security的那一段议论进行了说明。另外这似乎也可以说明开源的软件更可能是安全的？ = =And don't forget Kerchhoffs' assumption: If the strength of your new cryptosystem relies on the fact that the attackers does not know the algorithm's inner workings, you're sunk. If you believe that keeping the algorithm's insides secret improves the security of your cryptosystem more than letting the academic community analyze it, you're wrong. And if you think someone won't disassemble your code and reverseengineer your algorithm, you're naive. The best algorithms we have are the ones that have been made public, have been attacked by world's best cryptographers for years, and are still unbreakable.
回应 20120901 21:48

梦里醉逍遥 (愚者暗于成事，知者见于未萌。)
If I take a letter, lock it in a safe somewhere in New York, then tell you to read the letter, that's not security. That's obscurity. On the other hand, if I take a letter and lock it in a safe, and give you the safe along with the design specifications of the safe and a hundred identical safes with their combinations so that you and the world's best safecrackers can study the locking mechanism  ...20120901 21:34
这个例子看上去可能和你在日常生活中对安全的理解恰恰相反，而我相信这却是现代密码学中很重要的一个理念。在古代，或者现代的日常生活中，你认为你把一样东西藏起来，或者用一个刚想到的替换方法稍微加密一下，就已经足够，那是因为你相信别人没有足够的能力、或者足够的资源去解密它，或者认为花费那样多的资源去解密它并无价值。然而在近代，尤其是计算机问世以后，许多过去看来“不可能”的计算任务可以在数秒钟内被完成。不要以为没有人知道你加密的算法，或者你加密的东西暴力破解有点困难，你就安全了（更不要相信“最危险的地方就是最安全的地方”！）。反倒是那些其原理和机制在世界范围内已经被广泛讨论了的、所有从事密码学的学者都已经烂熟于心了的算法才是真正安全的。If I take a letter, lock it in a safe somewhere in New York, then tell you to read the letter, that's not security. That's obscurity. On the other hand, if I take a letter and lock it in a safe, and give you the safe along with the design specifications of the safe and a hundred identical safes with their combinations so that you and the world's best safecrackers can study the locking mechanism  and you still can't open the safe and read the letter  that's security.
回应 20120901 21:34 
梦里醉逍遥 (愚者暗于成事，知者见于未萌。)
And don't forget Kerchhoffs' assumption: If the strength of your new cryptosystem relies on the fact that the attackers does not know the algorithm's inner workings, you're sunk. If you believe that keeping the algorithm's insides secret improves the security of your cryptosystem more than letting the academic community analyze it, you're wrong. And if you think someone won't disassemble your code...20120901 21:48
更进一步在Cryptanalysis的领域对之前Preface里关于security的那一段议论进行了说明。另外这似乎也可以说明开源的软件更可能是安全的？ = =And don't forget Kerchhoffs' assumption: If the strength of your new cryptosystem relies on the fact that the attackers does not know the algorithm's inner workings, you're sunk. If you believe that keeping the algorithm's insides secret improves the security of your cryptosystem more than letting the academic community analyze it, you're wrong. And if you think someone won't disassemble your code and reverseengineer your algorithm, you're naive. The best algorithms we have are the ones that have been made public, have been attacked by world's best cryptographers for years, and are still unbreakable.
回应 20120901 21:48 
梦里醉逍遥 (愚者暗于成事，知者见于未萌。)
There are many cryptographic algorithms. These are three of the most common:  DES (Data Encryption Standard) is the most popular computer encryption algorithm. DES is a U.S. and international standard. It is a symmetric algorithm; the same key is used for encryption and decryption.  RSA (named for its creators  Rivest, Shamir, and Adleman) is the most popular publickey algorithm. It ca... (1回应)20120901 22:00
不过好像DES现在已经被认为是不安全的了（DES is now considered to be insecure for many applications. This is chiefly due to the 56bit key size being too small; in January, 1999, distributed.net and the Electronic Frontier Foundation collaborated to publicly break a DES key in 22 hours and 15 minutes.  From Wiki），它的取代者为AES (Advanced Encryption Standard) 。There are many cryptographic algorithms. These are three of the most common:  DES (Data Encryption Standard) is the most popular computer encryption algorithm. DES is a U.S. and international standard. It is a symmetric algorithm; the same key is used for encryption and decryption.  RSA (named for its creators  Rivest, Shamir, and Adleman) is the most popular publickey algorithm. It can be used for both encryption and digital signatures.  DSA (Digital Signature Algorithm, used as part of the Digital Signature Standard) is another publickey algorithm. It cannot be used for encryption, but only for digital signatures.
1回应 20120901 22:00 
梦里醉逍遥 (愚者暗于成事，知者见于未萌。)
Randomnumber generators are not random because they don't have to be. Most simple applications, like computer games, need so few random numbers that they hardly notice. However, cryptography is extremely sensitive to the properties of randomnumber generators. ... Of course, it is impossible to produce something truly random on a computer. Donald Knuth quotes John von Neumann as saying: &...20120901 23:09
Randomnumber generators are not random because they don't have to be. Most simple applications, like computer games, need so few random numbers that they hardly notice. However, cryptography is extremely sensitive to the properties of randomnumber generators. ... Of course, it is impossible to produce something truly random on a computer. Donald Knuth quotes John von Neumann as saying: "Anyone who considers arithmetical methods of producing random digits is, of course, in a state of sin". ... The best a computer can produce is a pseudorandomsequence generator. ... For our purposes, a sequence generator is pseudorandom if it has this property: 1. It looks random. This means that it passes all the statistical tests of randomness that we can find. ... For a sequence to be cryptographically secure pseudorandom, it must also have this property: 2. It is unpredictable. It must be computationally infeasible to predict what the next random bit will be, given complete knowledge of the algorithm or hardware generating the sequence and all of the previous bits in the stream. ... Philosophy aside, from our point of view a sequence generator is real random if it has this additional third property: 3. It cannot be reliably reproduced. If you run the sequence generator twice with the exact same input (as least as exact as humanly possible), you will get two completely unrelated random sequences.
回应 20120901 23:09

梦里醉逍遥 (愚者暗于成事，知者见于未萌。)
Factoring large numbers is hard. Unfortunately for algorithm designers, it is getting easier. Even worse, it is getting easier faster than mathematicians expected. In 1976 Richard Guy wrote: â€œI shall be surprised if anyone regularly factors numbers of size 10^80 without special form during the present centuryâ€?. In 1977 Ron Rivest said that factoring a 125digit number would take 40 quadrillio...20120905 16:55
Factoring large numbers is hard. Unfortunately for algorithm designers, it is getting easier. Even worse, it is getting easier faster than mathematicians expected. In 1976 Richard Guy wrote: “I shall be surprised if anyone regularly factors numbers of size 10^80 without special form during the present century”. In 1977 Ron Rivest said that factoring a 125digit number would take 40 quadrillion years. In 1994 a 129digit number was factored. If there is any lesson in all this, it is that making predictions is foolish.
回应 20120905 16:55 
梦里醉逍遥 (愚者暗于成事，知者见于未萌。)
Randomnumber generators are not random because they don't have to be. Most simple applications, like computer games, need so few random numbers that they hardly notice. However, cryptography is extremely sensitive to the properties of randomnumber generators. ... Of course, it is impossible to produce something truly random on a computer. Donald Knuth quotes John von Neumann as saying: &...20120901 23:09
Randomnumber generators are not random because they don't have to be. Most simple applications, like computer games, need so few random numbers that they hardly notice. However, cryptography is extremely sensitive to the properties of randomnumber generators. ... Of course, it is impossible to produce something truly random on a computer. Donald Knuth quotes John von Neumann as saying: "Anyone who considers arithmetical methods of producing random digits is, of course, in a state of sin". ... The best a computer can produce is a pseudorandomsequence generator. ... For our purposes, a sequence generator is pseudorandom if it has this property: 1. It looks random. This means that it passes all the statistical tests of randomness that we can find. ... For a sequence to be cryptographically secure pseudorandom, it must also have this property: 2. It is unpredictable. It must be computationally infeasible to predict what the next random bit will be, given complete knowledge of the algorithm or hardware generating the sequence and all of the previous bits in the stream. ... Philosophy aside, from our point of view a sequence generator is real random if it has this additional third property: 3. It cannot be reliably reproduced. If you run the sequence generator twice with the exact same input (as least as exact as humanly possible), you will get two completely unrelated random sequences.
回应 20120901 23:09 
梦里醉逍遥 (愚者暗于成事，知者见于未萌。)
There are many cryptographic algorithms. These are three of the most common:  DES (Data Encryption Standard) is the most popular computer encryption algorithm. DES is a U.S. and international standard. It is a symmetric algorithm; the same key is used for encryption and decryption.  RSA (named for its creators  Rivest, Shamir, and Adleman) is the most popular publickey algorithm. It ca... (1回应)20120901 22:00
不过好像DES现在已经被认为是不安全的了（DES is now considered to be insecure for many applications. This is chiefly due to the 56bit key size being too small; in January, 1999, distributed.net and the Electronic Frontier Foundation collaborated to publicly break a DES key in 22 hours and 15 minutes.  From Wiki），它的取代者为AES (Advanced Encryption Standard) 。There are many cryptographic algorithms. These are three of the most common:  DES (Data Encryption Standard) is the most popular computer encryption algorithm. DES is a U.S. and international standard. It is a symmetric algorithm; the same key is used for encryption and decryption.  RSA (named for its creators  Rivest, Shamir, and Adleman) is the most popular publickey algorithm. It can be used for both encryption and digital signatures.  DSA (Digital Signature Algorithm, used as part of the Digital Signature Standard) is another publickey algorithm. It cannot be used for encryption, but only for digital signatures.
1回应 20120901 22:00 
梦里醉逍遥 (愚者暗于成事，知者见于未萌。)
And don't forget Kerchhoffs' assumption: If the strength of your new cryptosystem relies on the fact that the attackers does not know the algorithm's inner workings, you're sunk. If you believe that keeping the algorithm's insides secret improves the security of your cryptosystem more than letting the academic community analyze it, you're wrong. And if you think someone won't disassemble your code...20120901 21:48
更进一步在Cryptanalysis的领域对之前Preface里关于security的那一段议论进行了说明。另外这似乎也可以说明开源的软件更可能是安全的？ = =And don't forget Kerchhoffs' assumption: If the strength of your new cryptosystem relies on the fact that the attackers does not know the algorithm's inner workings, you're sunk. If you believe that keeping the algorithm's insides secret improves the security of your cryptosystem more than letting the academic community analyze it, you're wrong. And if you think someone won't disassemble your code and reverseengineer your algorithm, you're naive. The best algorithms we have are the ones that have been made public, have been attacked by world's best cryptographers for years, and are still unbreakable.
回应 20120901 21:48
在豆瓣App讨论这本书 · · · · · ·
没有豆瓣App？ 去下载
这本书的其他版本 · · · · · · ( 全部4 )
 机械工业出版社版 200011 / 176人读过 / 有售
 机械工业出版社版 20141 / 13人读过 / 有售
 John Wiley & Sons Inc (Computers)版 199401
以下豆列推荐 · · · · · · ( 全部 )
 Hack的技术与艺术 (lyb)
 最佳软件工程图书Top100 (xyb)
 CSDN论坛频道和博客频道后面的那个频道 (架构师)
 Hacking (panco)
 安全 (lyb)
谁读这本书?
二手市场
订阅关于Applied Cryptography的评论:
feed: rss 2.0
1 有用 笨蛋.mk⑨ 20100830
密码学入门经典，对基本问题和逻辑讲述得非常清晰。 "The whole point of cryptography is to solve problems. You can learn all about cryptographic algorithms and techniques,but these are academic unless they can solve a problem." 大赞！
0 有用 么见过黑眼圈啊 20160804
Don't understand most of it and the book is as old as I am
0 有用 业火淬心 20150517
耐人寻味
0 有用 么见过黑眼圈啊 20160804
Don't understand most of it and the book is as old as I am
0 有用 业火淬心 20150517
耐人寻味
1 有用 笨蛋.mk⑨ 20100830
密码学入门经典，对基本问题和逻辑讲述得非常清晰。 "The whole point of cryptography is to solve problems. You can learn all about cryptographic algorithms and techniques,but these are academic unless they can solve a problem." 大赞！