A classic still useful to master the foundations of the discipline
Few books can boast of having opened a new branch in the computer science literature. Initially published in 1995, Applied Cryptography was a masterpiece. This book presented the state of the art in Cryptography, what was dispersed in publication papers, into an accessible single volume, to the dismay of the NSA.
This 20th anniversary edition is nothing more than the second edition (published in 1998) with an additional preface. But two decades later, Applied Cryptography remains one of the best introduction (Part I and II) to the field and a comprehensive reference (Part III), except for newer protocols that are obviously missing (AES).
With almost a thousand pages, the book was aimed to be a reference on protocols and algorithms, privileging exhaustivity to readability (I’ve rarely seen a the table of contents and a bibliography so huge, proof of a daunting work). It was also the first book to present the subject to non-mathematicians.
Chapters are organised along the protocols, the techniques, and the algorithms. Algorithms does not mean source code. Algorithms are presented using historical fact, description, figures, examples, and an analysis of variants and their security strength.
Developers will find the first two parts particularly valuable, especially the chapters about keys (answer questions such as how long a key should be, how to store keys, how to exchange keys). The book perfectly introduces the terminology, the concepts, the type of attacks and so much more. The third part is by far the largest and could be skimmed, while the last part presenting real-world applications gives move context but is slightly outdated. For a most recent (and more compact) publication co-authored by Bruce Schneier, check Cryptography Engineering: Design Principles and Practical Applications.