Liran Zvibel wrote: > > I would like to do some RTFMing about security, and would like to have > some pointers. > > Thanks, > Liran. > --- > http://www.math.tau.ac.il/~liranz/ >
Well, if you can understand everything the ssh man page has in it, then you'll have a much better understanding than most, I'm sure. I remember reading a very good paper on the design of kerberos. It is written as a dialog between two people discussing the creation of a secure network. I really enjoyed reading it as the characters incrementally "discover" the fundamental problems of computer security and then solve them (of course, as kerberos solves them). Even if kerberos is not the security system you plan on using (or are interested in) it is a good introduction to the topic as it very effectively lists the challenges all security systems must overcome. The paper is on the web at MIT: http://web.mit.edu/kerberos/www/dialogue.html A more mathematical coverage is in the text book most CS students will recognize: "Introduction to Algorithms" by Cormen, Leiserson and Rivest (big white book with a red mobile on the cover). It has a section (33.7) covering the RSA public-key cryptosystem which I believe ssh and pgp are fundamentally based on. (The "R" in RSA stands for Rivest, one of the authors of the text.) This section will require a little number theory but after reading it you'll understand why if anybody figures out how to factor large numbers quickly, the technological world as we know it will change. HTH, Keith
