Books by author: Bruce Schneier

The title of this book should be Why You Aren't Qualified To Do Cryptography and the final chapter should be made into a preface. As it stands, you read almost 400 pages of dense technical explanations describing how to make certain decisions while designing a cryptographic system, and then the authors say: "you really need to hire an expert to do it for you". Since this book is marketed as a practical guide to building cryptographic systems, that's a painful bait-and-switch.

Not only that, but they put the "Practical" part of the title on the wrong book. Schneier's book, Applied Cryptography, actually gives you diagrams showing how to implement the various ingredients that go into a cryptographic system; this book does not. This one describes a few protocols and basically says, use this one with these parameters. Which is fine for a manager who needs to make a decision about what product to purchase, but then why read 400 pages of dense technical jargon to reach that decision?

I haven't finished reading Applied Cryptography, but I'm willing to bet that my conclusion will be that that book is much more valuable, and that Practical Cryptography should have been condensed to a single chapter as part of Schneier's third edition.