Introduction

I first wrote Applied Cryptography in 1993. Two years later, I wrote the greatly expanded second edition. At this vantage point of two decades later, it can be hard to remember how heady cryptography's promise was back then. These were the early days of the Internet. Most of my friends had e-mail, but that was because most of my friends were techies. Few of us used the World Wide Web. There was nothing yet called electronic commerce.

Cryptography was being used by the few who cared. We could encrypt our e-mail with PGP, but mostly we didn't. We could encrypt sensitive files, but mostly we didn't. I don't remember having the option of a usable full-disk encryption product, at least one that I would trust to be reliable.

What we did have were ideas—research and engineering ideas—and that was the point of Applied Cryptography. My goal in writing the book was to collect all the good ideas of academic cryptography under one cover and in a form that non-mathematicians could read and use.

What we also had, more important than ideas, was the unshakable belief that technology trumped politics. You can see it in John Perry Barlow's 1996 “Declaration of the Independence of Cyberspace,” where he told governments, “You have no moral right to rule us, nor do you possess any methods of enforcement that we have reason to fear.” You can see it three years earlier in cypherpunk John Gilmore's famous quote: “The Net interprets censorship as damage and routes around it.” You can see it ...