[quotemstr]

There's nothing wrong with Applied Cryptography so long as you _understand_ it. If you blindly apply outdated algorithms, yes, you lose. Everyone should read both Applied Cryptography _and_ the other books you mentioned, and keep up on the literature besides.

[tptacek]

No, there's a lot wrong with _Applied Cryptography_, and those things have very little to do with the fact that AC writes about IDEA and not AES.

If you read _Practical Cryptography_, you don't need to read _Applied Cryptography_. AC is a book full of trivia, and of encyclopedia-style descriptions of random block ciphers with minimal attention given to the actual real-world attacks on implementations of those ciphers.

I strongly advise that you not waste time reading AC. If you're lucky, you can read it and just lose time; if you're unlucky --- and a lot of my clients have been --- you can find yourself having learned stuff you'll later need to unlearn.

[quotemstr]

Paging through my copy of AC, I think you're right. I'd been a while since I read it. PC is indeed the better book.

[tptacek]

Even Schneier has somewhat acknowledged how toxic AC turned out to be.