This page contains links to useful material for the Computer Security Module. If will be continually updated through out the module, so check back.

Recommended Reading

• The Code Book, by Simon Singh. A good pop science history of encryption.
• The research paper: A Cryptanalytic Time - Memory Trade-Off by Martin Hellman,
• The research paper: Making a Faster Cryptanalytic Time-Memory Trade-Off by Philippe Oechslin.
• The research paper: Prudent Engineering Practice for Cryptographic Protocols by Martin Abadi and Roger Needham.

Supplementary Material

The main source of information for the module is the lecture slides, which you can find here. Also useful are some of Mark Ryan's lecture notes:

• Symmetric Key Crypto
• Public Key Crypto.
• Hashes.
• Certificates.
• Access Control.

Tools

Tools referred to in lectures include:

• Truecrypt
• GPG, a public key encryption suite.
• John The Ripper password cracker (Brute Force)
• Ophcrack, password cracker (Rainbow Tables)
• Nmap
• The Burp Proxy
• Metasploit
• Tor
• Ollydbg
• JD-GUI

N.B. some of these tools can be run against systems that you do not own. DO NOT TARGET THESE TOOLS AT SYSTEMS YOU DO NOT OWN. This will probably be illegal, and you could be expelled from the University.

Recommended Text Books

• Computer Security, Gollmann
• Security Engineering, Anderson

You can find these books in the Central and the computer security libraries. The first edition of Ross Anderson's book can be found here for free download.

Futher Reading

These will give you a deeper understanding of the issues presented in Lectures. The material in them will not be examined, but reading them is highly recommended.

• Applied Cryptography, Bruce Schneier.
• Why Johnny Can't Encrypt This paper gives some of the reasons why PGP never really became popular.