Liran Zvibel wrote:
> I would like to do some RTFMing about security, and would like to have
> some pointers.
Well, if you can understand everything the ssh man page has in it,
then you'll have a much better understanding than most, I'm sure.
I remember reading a very good paper on the design of kerberos. It is
written as a dialog between two people discussing the creation of a
secure network. I really enjoyed reading it as the characters
incrementally "discover" the fundamental problems of computer security
and then solve them (of course, as kerberos solves them). Even if
kerberos is not the security system you plan on using (or are
interested in) it is a good introduction to the topic as it very
effectively lists the challenges all security systems must overcome.
The paper is on the web at MIT:
A more mathematical coverage is in the text book most CS students will
recognize: "Introduction to Algorithms" by Cormen, Leiserson and Rivest
(big white book with a red mobile on the cover). It has a section
(33.7) covering the RSA public-key cryptosystem which I believe ssh
and pgp are fundamentally based on. (The "R" in RSA stands for
Rivest, one of the authors of the text.) This section will require a
little number theory but after reading it you'll understand why if
anybody figures out how to factor large numbers quickly, the
technological world as we know it will change.
- From: Liran Zvibel <email@example.com>