Wednesday, 6 March 2013

Recommended Security Books

I've had a few people who have asked what books I'd recommend for those wishing to learn about cryptography, and security engineering in general. As it stands today, I can't think of a better list than those recommended as core texts on the 3rd Year undergraduate course at University of Surrey run by Prof Steve Schneider:
  • Cryptography and Network Security: Principles and Practice, by William Stallings. This book covers much of what is typically taught about general cryptography at undergraduate level . It goes into some detail on the mathematics underlying cryptography, and on many of the important cryptographic algorithms. The third edition has a new chapter on the AES.  
  • Applied Cryptography: Protocols, Algorithms and Source Code in C, by Bruce Schneier. It has less detail than Stallings’ book, but a broader scope. For a readable introduction to most cryptographic topics, this a good choice. 
  • The Handbook of Applied Cryptography, by Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone. A classic book but it is a little older so some of he latest developmens are not always included. However, it is a splendid reference text when you want to look up the detail behind cryptographic algorithms. The big advantage of this book is that it is available as a free download but try printing at your peril as it is many hundreds of pages long. 
For those who want more in-depth  reading, I suggest: 
  • Modelling and Analysis of Security Protocols, by Ryan, Schneider, Goldsmith, Lowe, and Roscoe. A formal approach to analysing security protocols. Prof Schneider has made the book available on the University of Surrey's Department of Computing website here  
  • Security Engineering, by Ross Anderson. A relatively broad text with good practical advice. Prof Anderson has also made his book available here.
  • Computer Security, by Dieter Gollmann. A rigorous textbook covering the fundamentals.  
  • Network Security: Private Communication in a Public World, by Radia Perlman, Charlie Kaufman, Mike Spenicer. Good on cryptography and its application.