Security Resources

See also the Manifests for topic-specific links.

CS588 Recommended Books

• Bruce Schneier, Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd Edition.

  A comprehensive guide to security; describes protocols and algorithms in detail. Describes relevant theory clearly and straightforwardly.

• William Stallings, Cryptography and Network Security, Prentice Hall, 1998.

  This book was used in last year's course.

• Charles Pfleeger, Security in Computing, 1996.

  Textbook covers many of the same topics as Stallings, but organized and presented quite differently.

• For voracious readers: David Kahn, The Codebreakers; The Comprehensive History of Secret Communication from Ancient Times to the Internet, 1967 (slightly updated in 1996). (1181 pages)

  The most comprehensive history of cryptography, but somewhat outdated (the 1996 edition adds one chapter on the past 30 years, but doesn't update the rest of the text). Lots of details and great stories about World War II.

References

• Handbook of Applied Cryptography, by Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone.
• Self-Study Course in Block-Cipher Cryptanalysis, by Bruce Schneier
• Cryptographic Algorithms

AES Finalists

• NIST's AES Site
• RC6
• Serpent
• Twofish
• Block Cipher Lounge

Link Collections

• Ron Rivest's Cryptography and Security Links
• Cryptology pointers (Helger Lipmaa)
• Tom Dunigan's Security Page
• Bruce Scheier's Publications
• Yahoo! Security and Encryption
• FIRST Security Papers
• Security User-Interface References (Rachna Dhamija's annotated bibliography)

Courses

• UVA: CS551 Software Security - Anita Jones, Spring 2000
• UVA: CS551 Security and Privacy - David Evans, Fall 2000
• Johns Hopkins: Cryptography and Network Security, Giuseppe Ateniese
• Georgia Tech: Computer Systems Security - Mustaque Ahamad
• UC Berkeley: Computer Security - Eric Brewer, David Wagner, Ian Goldberg
• Oregon Graduate Institute: Principles and Practices of System Security - Crispin Cowan
• Princeton: Information Security - Ed Felten
• Rice: Computer Systems Security - Dan Wallach
• University of Tennessee: Computer and Network Security - Tom Dunigan
• Weizmann Institute: Methods of Cryptanalysis - Alex Biryukov
• Austrailian Defence Force Academy: Cryptography and Computer Security - Lawrie Brown
• Helsinki University of Technology: Seminar on Network Security
• George Mason - list of courses

Organizations

• CERT Coordination Center
• The Honeynet Project
• National Infrastructure Protection Center

Law

• FedLaw: Computers and Information Technology

Electronic Cash

• CyberCash
• DigiCash
• MilliCent
• NetBill

General Interest

• Byte Magazine's 20th Anniversary article on hacking
• The Hacker Crackdown: Law and Disorder on the Electronic Frontier, by Bruce Sterling (entire book available free on-line; well worth reading)
• New York Times Internet Privacy Archive
• Time Magazine, 25 August 1997 - special cover issue
• American Association for the Advancement of Science: Anonymous Communications on the Internet project
• Alice & Bob
• SGI's Lava Lamp random number generator
• RSA on Passwords
• James Gleick on ILoveYou Virus
• MSNBC's Goofs and Glitches
• Weak SSL Keys
• Moni Naor's Puzzlers
• Edgar Allan Poe's The Gold Bug
• Should you trust TRUSTe?
• An Investigation of a New Algorithm vs. the RSA, Sarah Flannery
• Too Late for Pearl Harbor, Stephen Budiansky - US Codebreaking in WWII
• Terms used in the disciplines of Cryptography, IT Security and Risk Analysis (humorous)

History

• Colossus - The Worlds First Electronic Computer
• Bletchley Park
• Turing's Treatise on Enigma
• Frode's Cryptology Page

University of Virginia Department of Computer Science CS 588: Cryptology - Principles and Applications

David Evans evans@virginia.edu