Computer Science / ~tpc / CompSec / Coursematerials

• School of Computer Science
  Personal Web Page
• Home
• Lectures
• Course Materials
• Tutorial Groups
• Exercises
• Marks

This page contains links to useful material for the Computer Security Module. If will be continually updated through out the module, so check back.

Recommended Papers

Stalking the Wily Hacker by Clifford Stoll.

This famous paper from 1988 gives a detailed account of one of the very first hackers to be caught. The APRAnet mentioned in the paper is the forerunner of the Internet.

Ethier

• Advanced: Making a Faster Cryptanalytic Time-Memory Trade-Off by Philippe Oechslin.
  or
• Easy, but more basic: A Cryptanalytic Time - Memory Trade-Off by Martin Hellman

Supplementary Material

The main source of information for the module is the lecture slides, which you can find here. Also useful are some of Mark Ryan's lecture notes:

• Symmetric Key Crypto
• Public Key Crypto.
• Hashes.
• Certificates.
• Access Control.

Tools

Tools referred to in lectures include:

• Truecrypt
• GPG, a public key encryption suite.
• John The Ripper password cracker (Brute Force)
• Ophcrack, password cracker (Rainbow Tables)
• Nmap
• Metasploit
• Tor

N.B. some of these tools can be run against systems that you do not own. DO NOT TARGET THESE TOOLS AT SYSTEMS YOU DO NOT OWN. This will probably be illegal, and you could be expelled from the University.

Recommended Text Books

• Computer Security, Gollmann
• Security Engineering, Anderson

You can find these books in the Central and the computer security libraries. The first edition of Ross Anderson's book can be found here for free download.

Futher Reading

These will give you a deeper understanding of the issues presented in Lectures. The material in them will not be examined, but reading them is highly recommended.

• The Code Book, by Simon Singh. A good pop science history of encryption.
• Applied Cryptography, Bruce Schneier.
• Why Johnny Can't Encrypt This paper gives some of the reasons why PGP never really became popular.
• The research paper: A Cryptanalytic Time - Memory Trade-Off by Martin Hellman,
• The research paper: Making a Faster Cryptanalytic Time-Memory Trade-Off by Philippe Oechslin.
• Further reading: Hacking Exposed 6, by McClure, Scambray and Kurtz. Most of the attacks in this book are out of date, but it's still an interesting read.