CMSC-691g Internet Security: Readings (Spring 1996)

Course material will be drawn primarily from recent research papers distributed in class. Although the course will not closely follow any text, students may find it helpful to read selected passages from the required and recommended texts. Students are expected on their own to read and understand as much as they can about topics discussed in class.

Texts

  1. Stinson, Douglas R., Cryptography: Theory and Practice, CRC Press (1995). ISBN 0-8493-8521-0. Required.

  2. Schneier, Bruce, Applied Cryptography, 2nd Edition, John Wiley (1995). ISBN 0-471-59756-2. Suggested, not required. Errata.

  3. Cheswick, William R., and Steven M. Bellovin,

  4. Firewalls and Internet Security: Repelling the Wily Hacker, Addison-Wesley (1994). ISBN 0-201-63357-4. Suggested, not required.

Required Readings (updated incrementally)

  1. Rivest, R. L.; A. Shamir; and L. Adleman, ``A method for obtaining digital signatures and public-key cryptosystems,'' CACM, 21 (February 1978), 120--126.

  2. Chaum, David, ``Achieving electronic privacy,'' Scientific American (August 1992), 96-101.

  3. Chaum, David, ``Security without indentification: Transaction systems to make big brother obsolete,'' CACM, 28:10 (October 1985), 1030-1044.

  4. Needham, Roger; and Michael D. Schroeder, ``Using encryption for authentication in large networks of computers,'' CACM, 21 (December 1978), 993--999.

  5. Shamir, Adi, Ronald L. Rivest, and Leonard Adleman, ``Mental Poker'' in The Mathematical Gardner, edited by David A. Klarner, Wadsworth (Belmont, CA, 1981), 37--43.

  6. Neuman, Clifford B., ``Security, payment, and privacy,'' IEEE Journal on Selected Areas in Communications, 13:8 (October 1995), 1523-1531.

  7. Brands, Stefan, ``Untraceable off-line cash in wallet with observers'' in Advances in Cryptology: Crypto 93, edited by Douglas R. Stinson, Lecture Notes in Computer Science 773 (Springer-Verlag), 302-318.

  8. Odlyzko, Andrew M, ``The future of integer factorization,'' The Technical Newsletter of RSA Laboratories (Summer 1995), 5-12.

  9. Pollard, J. M., ``A Monte Carlo method for factorization,'' BIT, 15 (1975), 331-334.

  10. Medvinsky, Gennady; and B. Clifford Neuman, ``Netcash: A design for practical electronic currency on the internet,'' Proceedings of the 1st ACM Conference on Computer and Communications Security, ACM Press (held November 3-5, 1993), 102-106.

  11. Okamoto, Tatsuaki; and Kazuo Ohta, ``Universal electronic cash'' in Processings of Crypto 91, Spring-Verlag, 227-339.

  12. Ferguson, Niels, ``Single term off-line coins'' in Advances in Cryptology: Eurocrypto 93, edited by Tor Helleseth, Springer-Verlag, 318-328.

  13. Cramer, R. J. F.; and T. P. Pedersen, ``Improved privacy in wallets with obervers'' in Advances in Cryptology: Eurocrypto 93, edited by Tor Helleseth, Springer-Verlag, 318-328.

  14. Okamoto, Tatsuaki, ``An efficient dividible electronic cash scheme'' in Proceedings of Crypto 95, edited by Don Coppersmith, Lecture Notes in Computer Science No. 963, Springer-Verlag (1995), 138-451.

  15. Chaum, David; Amos Fiat; and Nomi Naor, ``Untraceable electronic cash'' in Advances in Cryptology: Proceedings of Crypto 88, Lecture Notes in Computer Sceince, No. 403, Springer-Verlag (1989), 319-327.

  16. Ganesan, Ravi, editor, Special section on key escrow, Communications of the ACM, 39:3 (March 1996), 32-60.

  17. Blaze, Matt, ``Protocol failure in the escrowed encryption standard,'' 2nd ACM Conference on Computer and Communications Security, ACM Press (November 2-4, 1994), 59-67.

  18. Kocher, Paul C., ``Cryptanalysis of Diffie-Hellman, RSA, DSS, and other systems using timing attacks'' (December 7, 1995), unpublished extended abstract.

  19. English, Erin, and Scott Hamilton, ``Network security under siege: The timing attack,'' IEEE Computer (MArch 1996), 95-97.

  20. Rabi Muhammad; and Alan T. Sherman, ``Associative one-way functions: A new paradigm for secret-key agreement and digital signatures'' Technical Report CS-TR-3183/UMIACS-TR-93-124, University of Maryland College Park (July 1993), and Technical Report TR CS-93-18, Computer Science Department, University of Maryland Baltimore County (November 15, 1993), 13 pages.

  21. Ranum, Marcus, ``Thinking about firewalls,'' undated unpublished manuscript. 10 pages.

  22. Kent, Stephen T., ``Internet privacy enhanced mail,'' Communications of the ACM, 36:8 (August 1993), 48-59.

  23. Cain, Thomas; and Alan T. Sherman, ``How to break Gifford's Cipher (extended abstract),'' Second Annual ACM Conference on Computer and Communications Security, ACM Press (November 2-4, 1994), 198-209.

Supplemental Readings

  1. Communications of the ACM, (June 1996), special issue on electronic commerce.

  2. Front matter from four major recent cryptology conferences (Crypto, ACM, IEEE Security and Privacy, IEEE Computer Security Applications).

  3. Contents, and instructions to authors from The Journal of Cryptology.

  4. Faison, Seth, ``Chinese tiptoe into internet, wary of watchdogs,'' New York Times (February 5, 1996).

  5. Rodriguez, Karen; and Martin Marshall, ``On-line payment schemes arrives,'' Communications Week, No. 598 (February 26, 1996).

  6. Birgit, Pfitzmann; and Michael Waidner, ``How to Break and repair a `provably secure' untraceable payment system'' in Proceedings of Crypto 91, Springer-Verlag, 239-250.

  7. Lewis, Peter H., ``Computer security concern agrees to be sold for stock,'' New York Times (April 16, 1996).