From: Howard C. Berkowitz (hcb@gettcomm.com)
Date: Fri Apr 30 2004 - 18:18:31 GMT-3
At 9:45 PM +0100 4/30/04, Richard Dumoulin wrote:
>Howard, do you have more specific reading recommendations for
>security ? Thanks --Richard(
It depends on how deeply you want to get into theory, or also
specific applications of security (e.g., for medical networks).
How much mathematical background do you have? For some materials,
you need some exposure to middling-level security, and if you are
getting into algorithms, some abstract algebra (particularly group
theory).
[url eater food]
Lots of stuff at the NIST resource center,
http://csrc.nist.gov/
The NSA Rainbow books may be getting dated, but they are freely
downloadable (I've not heard of any .us restrictions).
http://www.radium.ncsc.mil/tpep/library/rainbow/index.html
As far as books, I highly recommend, as enjoyable reading if nothing
else, David Kahn's _The Codebreakers_. Get the 1st edition used if
you can; the 2nd edition really doesn't add anything. Stephen
Levy's _Hackers_ made the New York Times best seller list, and, if
you hunt around, it's freely downloadable. I personally find the
history of cryptography to be very interesting and give lots of
background. I can give more recommendations there if that's of
interest.
I'll recommend, for a broad view, Annlee Hines' _Building Survivable Networks_.
Bruce Scheier's _Applied Cryptography_ is one of the best books, but
I'll warn the math can get heavy.
For the IETF, start with the Security Area at
http://web.mit.edu/network/ietf/sa/ .Then go to the Working Groups
directory at
http://www.ietf.org/html.charters/wg-dir.html#Security%20Area
Get the latest IPSec overview, which, offhand, is RFC2401, and read
supporting RFCs as they seem appropriate. Some are readable,
some...well, I said to one of the RFCs on partial elliptical function
encryption, "If I leave you alone will you leave me alone?"
Definitely RFC 2196, the Site Security Handbook.
This archive was generated by hypermail 2.1.4 : Mon May 03 2004 - 19:48:58 GMT-3