2WC13 - Cryptography 2 - Part 2 - Cryptographic Systems - 2010

Resources

Books

• Carlisle Adams and Steve Lloyd, Understanding PKI, Concepts, Standards and Deployment Considerations, Second Edition, Addison-Wesley / Pearson Education, Boston, 2003.
• Sattam S. Al-Riyami, Cryptographic Schemes based on Elliptic Curve Pairings, PhD Thesis, Royal Holloway University of London, 2004.
• Paul Ashley and Mark Vandenwauver, Practical Intranet Security, Overview of the State of the Art and Available Technologies, Kluwer, 1999.
• Eberhard Becker, Willms Buhse, Dirk Günnewig and Niels Rump (eds.), Digital Rights Management, Technological, Economic, Legal and Political Aspects, LNCS 2770, Springer Verlag, 2003.
• Steve Burnett and Stephen Paine, RSA Security's Official Guide to Cryptography, RSA Press, Osborne/McGraw-Hill, Berkeley, 2001.
• Russ Housley and Tim Polk, Planning for PKI, Best Practices Guide for Deploying Public Key Infrastructure, Wiley, New York, 2001.
• Weidong Kou (ed.), Payment Technologies for E-Commerce, Springer Verlag, Berlin, 2003.
• Larry Loeb, Secure Electronic Transactions, Introduction and Technical Reference, Artech House Publ., 1998.
• Eric Rescorla, SSL and TLS, Designing and Building Secure Systems, Addison-Wesley, 2001.
• Richard E. Smith, Authentication, From Passwords to Public Keys, Addison-Wesley, 2002.
• William Stallings, Cryptography and Network Security: Principles and Practice, 5th. Ed., Prentice Hall, 2010.
• Andrew S. Tanenbaum, Computer Networks, 4th Ed., Prentice Hall PTR, 2003.
• John R. Vacca, Public Key Infrastructure, Building Trusted Applications and Web Services, Auerbach CRC Press, 2004.
• John Viega, Matt Messier and Pravir Chandra, Network Security with OpenSSL, O’Reilly, 2002.

Papers on the Internet

• Mihir Bellare, Juan A. Garay, Ralf Hauser, Amir Herzberg, Hugo Krawczyk, Michael Steiner, Gene Tsudik, Els Van Herreweghen, Michael Waidner, Design, Implementation and Deployment of the iKP Secure Electronic Payment System, IEEE Journal of Selected Areas in Communications 18 [2000], 611--627.
• Dan Boneh and Matthew Franklin, Identity-Based Encryption from the Weil Pairing, SIAM Jnl. of Computing 32 [2003], 586-615.
• Stefan Brands, Untraceable Off-line Cash in Wallet with Observers, in Advances in Cryptology - Crypto '93, LNCS 773, Springer Verlag, 1994, pp. 302--318.
• David Chaum, Blind Signatures for Untraceable Payments, in: Advances in Cryptology - CRYPTO '82, Plenum Press, New York, 1983, pp. 199-203.
• Joris Claessens, Bart Preneel and Joos Vandewalle, (How) can mobile agents do secure electronic transactions on untrusted hosts? - A survey of the security issues and the current solutions, ACM Transactions on Internet Technology (TOIT) 3 [2003], 28-48.
• Benjamin Cox, J.D. Tygar and Marvin Sirbu, NetBill Security and Transaction Protocol, in Proceedings of the First USENIX Workshop on Electronic Commerce, 1995.
• Ronald Cramer, Rosario Gennaro and Berry Schoenmakers, A Secure and Optimally Efficient Multi-Authority Election Scheme, in Advances in Cryptology - EUROCRYPT'97, LNCS 1233, Springer-Verlag, 1997, pp. 103-118.
• Don Davis, Defective Sign & Encrypt in S/MIME, PKCS#7, MOSS, PEM, PGP and XML, in Proc. Usenix Tech. Conf. 2001, pp. 65-78.
• EMV 4.2 Specifications, v4.2, 2008.
• Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community Framework for Electronic Signatures (english).
• Richtlijn 1999/93/EG van het Europees Parlement en de Raad van 13 december 1999 betreffende een gemeenschappelijk kader voor elektronische handtekeningen (nederlands).
• Craig Gentry, Certificate-Based Encryption and the Certificate Revocation Problem, in: Advances in Cryptology - EuroCrypt 2003, LNCS 2656, Springer Verlag, 2003, pp. 272-293.
• Steve Glassman, Mark Manasse, Martín Abadi, Paul Gauthier and Patrick Sobalvarro, The Millicent Protocol for Inexpensive Electronic Commerce, in 4th WWW Conference Proceedings, O'Reilly, New York, 1995, pp. 603-618.
• Peter Gutmann, X.509 Style Guide, October 2000.
• Ralf Hauser, Michael Steiner and Michael Waidner, Micro-payments based on iKP, in: 14th Worldwide Congress on Computer and Communications Security Protection, C.N.I.T. Paris-La Defense, France, June 1996, pp. 67-82.
• G. Karjoth, N. Asokan and C. Gülcü, Protecting the Computation Results of Free-Roaming Agents, in K. Rothermel and F. Hohl (eds.), Proceedings of the Second International Workshop on Mobile Agents (MA ’98), LNCS 1477, Springer Verlag, 1998, pp. 195-207.
• J. Kohl and C. Neuman, The Kerberos Network Authentication Service (V5), RFC 1510.
• John T. Kohl, B. Clifford Neuman and Theodore Y. Ts'o, The Evolution of the Kerberos Authentication Service.
• Gennady Medvinsky and B. Clifford Neuman, NetCash: A design for practical electronic currency on the Internet, in Proceedings of the 1st ACM Conference on Computer and Communication Security, November 1993.
• Silvio Micali, NOVOMODO, Scalable Certificate Validation and Simple PKI Management, in 1st PKI Workshop Proceedings, 2002.
• Silvio Micali, Efficient Certificate Revocation, 1996.
• Steven J. Murdoch, Saar Drimer, Ross Anderson, Mike Bond, Chip and PIN is Broken, IEEE Symposium on Security and Privacy, 2010, p. 433-446.
• Satoshi Nakamoto, Bitcoin: A Peer-to-Peer Electronic Cash System, www.bitcoin.org, 2009.
• Roger M. Needham and Michael D. Schroeder, Using Encryption for Authentication in Large Networks of Computers, Comm. ACM 21 [1978], 993--999.
• Netscape, The SSL Protocol version 2.0.
• Netscape, The SSL Protocol version 3.0.
• National Institute of Standards and Technology, FIPS PUB 112: Password Usage, 1985.
• Tomi Poutanen, Heather Hinton and Michael Stumm, NetCents: A Lightweight Protocol for Secure Micropayments, in Proceedings of the 3rd USENIX Workshop on Electronic Commerce, Boston, Massachusetts, 1998.
• Volker Roth, Programming Satan’s Agents, in Klaus Fischer and Dieter Hutter (eds), Proc. 1st International Workshop on Secure Mobile Multi-Agent Systems (SEMAS 2001), Elsevier, 2002.
• Volker Roth, On the robustness of some cryptographic protocols for mobile agent protection, in Proc. Mobile Agents 2001, LNCS 2240, Springer Verlag, 2001.
• Berry Schoenmakers, Basic Security of the ecash^TM Payment System, in B. Preneel and V. Rijmen, State of the Art in Applied Cryptography: Course on Computer Security and Industrial Cryptography, Leuven, Belgium, June 1997. Revised Lectures, LNCS 1528, Springer Verlag, 1998, pp. 338-352.
• Berry Schoenmakers, Cryptographic Protocols, (2WC01) Lecture Notes, version 0.999, TU Eindhoven, 2011.
• SET Secure Electronic Transaction Specification, Visa and Mastercard, Version 1.0, 1997.
  • All three books in zipped .doc format
  • the books in .pdf format have disappeared from the web, they can be obtained from me.
• Adi Shamir, Identity-Based Cryptosystems and Signature Schemes, in: Advances in Cryptology - Crypto'84, LNCS 196, Springer Verlag, 1984, pp. 47-53.
• Marvin Sirbu and J.D. Tygar, NetBill: An Internet Commerce System Optimized for Network Delivered Services, in IEEE Personal Communications, 2:4, August 1995, pp. 34-39.
• J. Steiner, C. Neuman and J. Schiller, Kerberos: An Authentication Service for Open Network Systems, in Usenix Conference Proceedings, Dallas, Texas, February, 1988, pp. 191-202.

PKIX RFC's and Internet Drafts

Other RFC's

• RFC 2104 HMAC: Keyed-Hashing for Message Authentication
• RFC 2246 TLS - Transport Layer Security version 1.0
• RFC 2403 The Use of HMAC-MD5-96 within ESP and AH
• RFC 2404 The Use of HMAC-SHA-1-96 within ESP and AH
• RFC 2405 The ESP DES-CBC Cipher Algorithm With Explicit IV
• RFC 2410 The NULL Encryption Algorithm and Its Use With IPsec
• RFC 2411 IP Security Document Roadmap
• RFC 2412 The OAKLEY Key Determination Protocol
• RFC 2440 OpenPGP Message Format
• RFC 2451 The ESP CBC-Mode Cipher Algorithms
• RFC 2634 Enhanced Security Services for S/MIME
• RFC 2692 SPKI Requirements
• RFC 2693 SPKI Certificate Theory
• RFC 2865 Remote Authentication Dial In User Service (RADIUS)
• RFC 3370 Cryptographic Message Syntax (CMS) Algorithms
• RFC 3494 Lightweight Directory Access Protocol version 2 (LDAPv2) to Historic Status
• RFC 3850 Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1, Certificate Handling
• RFC 3851 Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1, Message Specification
• RFC 3852 Cryptographic Message Syntax (CMS)
• RFC 4120 The Kerberos Network Authentication Service (V5)
• RFC 4301 Security Architecture for the Internet Protocol
• RFC 4302 IP Authentication Header
• RFC 4303 IP Encapsulating Security Payload (ESP)
• RFC 4306 Internet Key Exchange (IKEv2) Protocol
• RFC 4346 Transport Layer Security (TLS) v1.1
• RFC 4366 Transport Layer Security (TLS) Extensions
• RFC 4510 Lightweight Directory Access Protocol (LDAP): Technical Specification Road Map
• RFC 4523 Lightweight Directory Access Protocol (LDAP) Schema Definitions for X.509 Certificates
• RFC 4835 Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH)
• RFC 4880 OpenPGP Message Format
• RFC 5246 The Transport Layer Security (TLS) Protocol Version 1.2

SPKI Internet Drafts

• Simple Public Key Certificate, draft-ietf-spki-cert-structure-06.txt
• SPKI Examples, draft-ietf-spki-cert-examples-01.txt

Extended Validation Certificates

• Guidelines for the issuance and management of extended validation certificates
• Webtrust for certification authorities - extended validation audit criteria

• PKCS #1: RSA Cryptography Standard, version 2.1, June 2002.
• PKCS #3: Diffie-Hellman Key Agreement Standard, version 1.4, November 1993.
• PKCS #5: Password-Based Cryptography Standard, version 2.1 (draft), October, 2006.
• PKCS #6: Extended-certificate Syntax Standard, version 1.5, November 1993.
• PKCS #7: Cryptographic Message Syntax Standard, version 1.5, November 1993.
• PKCS #8: Private-Key Information Syntax Standard, version 1.2, November 1993.
• PKCS #9: Selected Object Classes and Attribute Types, version 2.0, February 2000.
• PKCS #10: Certification Request Syntax Standard, version 1.7, May 2000.
• PKCS #11: Cryptographic Token Interface Standard, version 2.30, July 2009.
• PKCS #12: Personal Information Exchange Syntax, version 1.0, June 1999.
• PKCS #13: Elliptic Curve Cryptography Standard, not yet released.
• PKCS #15: Cryptographic Token Information Format Standard, version 1.1, June 2000.