Cryptography and Network Security

"Human ingenuity cannot concoct a cipher which human ingenuity cannot resolve."

-- Edgar Allan Poe

(solve Poe's last cipher and win $2500.00)

"It used to be that giving export control advice consisted of helping clients to comprehend unbelievably ridiculous statements in the present tense. Giving such advice now largely consists of helping clients to comprehend unbelievably ridiculous statements in the future conditional subjunctive. That's some kind of progress."

-- Eben Moglen, General Counsel, Free Software Foundation, on the revised US crypto export regulations.

This page is unmaintained and full of many old, rotted links. Sorry.

Security sites and literature:

ISAAC group at Berkeley

Security and Encryption Links reference site

EECS UNIX Computer Security Primer

Eric Allman's 'Security Issues' page

RootShell lotsa good hacks

RSA's Intro to Cryptography FAQ (nice)

Security Tools and Techniques CD-ROM contents

International Association for Cryptologic Research

Bell Labs security FTP site

Cryptographic File System papers

IBM TJ Watson Mobile IP Security References

RSA Data Security

RSA Labs

CERT FTP site

LLNL Computer Incident Advisory Capability (great site)

Computer Professionals for Social Responsibility

Electronic Frontier Foundation

Index of firewalls

A very good Crypto page at UMBC

List of Good Security Books

RSA Factoring Challenge

National Security Agency

crypto stuff

some progs

Anonymity on IP networks:

Remailer list

The Blind Anonymous Server

Raph's "premail" remailer

Lance Cottrel -- Mixmaster remailer/attacking remailers

www.anonymizer.com

Cypherpunk Info:

Cypherpunks mailing list search interface

Cypherpunks mailing list Archive

Cypherpunks Home Page (at Berkeley)

Raph's homepage

Vince Cate's Cryptorebel/Cypherpunk Page

L.Detweiler

People:

L. Adleman

Bruce Schneier

PGP info: (thanks to Raph Levien for much of this)

War on the internet

great PGP index

draft of the PGP 3.0 API spec

security multipart draft MIME spec.

PGP 2.6 formats in internet draft form

PGP source

Software:

Security Tools

ssh

SATAN (Security Administrator Tool for Analyzing Networks)

SATAN docs

LBLL Unix tools

5-line RSA perl script

...and a more verbose description

NCSA httpd security patch and info

JCrypt alpha release 0.1

Ssh (Secure Shell) Home Page

Privtool Mailer

(some) Papers:

Reflections on Trusting Trust -- Ken Thompson -- a must-read if you haven't already.

Quantum Crypto

Basic Flaws in Internet Security and Commerce -- made it to pg. 1 of the NY Times!

Public-Key Timing Attacks

Minimal key lengths for ... adequate security

Politics:

Testimony of Philip R. Zimmermann to the Subcommittee on Science, Technology, and Space of the US Senate Committee on Commerce, Science, and Transportation

Unsorted Additions:

The Cyberporn Debate

Digital Signatures Secure in the Strongest Sense Known

CME's Cryptography Timeline

Cypherpunks Key Cracking Ring

Phrack Magazine

more to come...

Todd D. Hodes, <mylastname @ myfullname dot org>