READINGS

The readings that I did in order to complete my thesis are listed below. Do note that not all of these made it into the final literature review or thesis.

article(1044735)

Abadi, M. & Blanchet, B.

Analyzing security protocols with secrecy types and logic programs

J. ACM, ACM, 2005, Vol. 52(1), pp. 102-146

article(checklistSoftare)

Abrams., R.

A Checklist For Developing Software Quality Metrics

ACM 82: Proceedings of the ACM '82 conference

Proceedings of the ACM '82 conference, ACM, 1982, pp. 5-6

electronic(bruceHarderThanItLooks)

B.Schneier

Why Cryptography Is Harder Than It Looks

Online : http://www.schneier.com/essay-037.html, [Last accessed 15/04/2009],

inproceedings(1370910)

Bauer, A. & Juerjens, J.

Security protocols, properties, and their monitoring

SESS '08: Proceedings of the fourth international workshop on Software engineering for secure systems

ACM, 2008, pp. 33-40

article(996945)

Bellare, M., Kohno, T. & Namprempre, C.

Breaking and provably repairing the SSH authenticated encryption scheme: A case study of the Encode-then-Encrypt-and-MAC paradigm

ACM Trans. Inf. Syst. Secur., ACM, 2004, Vol. 7(2), pp. 206-241

inproceedings(586112)

Bellare, M., Kohno, T. & Namprempre, C.

Authenticated encryption in SSH: provably fixing the SSH binary packet protocol

CCS '02: Proceedings of the 9th ACM conference on Computer and communications security

ACM, 2002, pp. 1-11

incollection(citeulike:2309626)

Bernaille, L. & Teixeira, R.

Early Recognition of Encrypted Applications

Passive and Active Network Measurement, Pierre and Marie Curie University, 2007, pp. 165-175

inproceedings(786915)

Brackin, S.H.

Implementing Effective Automatic Cryptographic Protocol Analysis

ASE '99: Proceedings of the 14th IEEE international conference on Automated software engineering

IEEE Computer Society, 1999, pp. 319

electronic(polarSSLRef)

Brainspark

Polar SSL

Online : http://www.polarssl.org/, [Last accessed 19/10/2009],

misc(anlaysisofssl3bruce)

Bruce Schneier, D.W.

Analysis of SSL3.0

electronic(WinPCAPref)

Bruno, J.

WinPCAP, The Packet Capture and Network Monitoring Library for Windows

Online : http://www.winpcap.org/, [Last accessed 07/11/2009],

article(CompoCrypto2006)

Canetti, R.

Security and Composition of Cryptographic Protocols: A tutorial

2006

electronic(IANARef)

Cherenson, A.

IANA Ether Types

Online : http://www.iana.org/assignments/ethernet-numbers, [Last accessed : 01/09/2009,

inproceedings(relativeStrength)

Chung, H. & Neuman, C.

Modelling the relative strength of security protocols

QoP '06: Proceedings of the 2nd ACM workshop on Quality of protection

ACM, 2006, pp. 45-48

electronic(TsharkRef)

Combs, G.

Tshark

Online : url http://www.wireshark.org/docs/man-pages/tshark.html, [Last accessed 05/11/2009],

electronic(WiresharkRef)

Combs, G.

Wireshark

Online : http://www.wireshark.org/, [Last accessed 05/11/2009],

article(1013952)

Dandalis, A. & Prasanna, V.K.

An adaptive cryptographic engine for internet protocol security architectures

ACM Trans. Des. Autom. Electron. Syst., ACM, 2004, Vol. 9(3), pp. 333-353

book(Ipsecbook)

Davis, C.

IPSec, Securing VPNs.

McGraw Hill Publishers, 2001, pages 150-160

article(hybridCryptoRef)

Dent, A.

Hybrid Cryptography

Information Security: 8th International Conference -- ISC 2005, volume 3650 of Lecture Notes in Computer Science, University of London, 2007, pp. 203-217

electronic(tlsrfc)

Dierks, T. & Allen, C.

RFC 2246 : The TLS Protocol Version 1.1

Online : http://www.ietf.org/rfc/rfc2246.txt, [Last accessed 14/10/2009],

article(363532)

Durante, A., Focardi, R. & Gorrieri, R.

A compiler for analyzing cryptographic protocols using noninterference

ACM Trans. Softw. Eng. Methodol., ACM, 2000, Vol. 9(4), pp. 488-528

electronic(OpenSSLRef)

Engelschall, R.

OpenSSL

Online : http://www.openssl.org/, [Last accessed : 01/11/2009],

electronic(apache2ref)

Foundation, A.

Apache - HTTP Server Project

Online : http://www.apache.org, [Last accessed : 10/10/2009],

electronic(RRef)

Foundation, T.R.

The R Project for Statistical Computing

Online : http://www.r-project.org/, [Last accessed : 07/11/09],

electronic(sslsniffer)

Goh, E.-J.

SSLsniffer

Online: http://crypto.stanford.edu/~eujin/sslsniffer/index.html,

article(989780)

Gorrieri, R. & Martinelli, F.

A simple framework for real-time cryptographic protocol analysis with compositional proof rules

Sci. Comput. Program., Elsevier North-Holland, Inc., 2004, Vol. 50(1-3), pp. 23-49

article(1391951)

Gupta, M., Banerjee, S., Agrawal, M. & Rao, H.R.

Security analysis of Internet technology components enabling globally distributed workplaces---a framework

ACM Trans. Interet Technol., ACM, 2008, Vol. 8(4), pp. 1-38

article(1391950)

Herzberg, A. & Jbara, A.

Security and identification indicators for browsers against spoofing and phishing attacks

ACM Trans. Interet Technol., ACM, 2008, Vol. 8(4), pp. 1-36

article(1298318)

Homin, L. & Malkin, T.

Cryptographic strength of SSLl/TLS servers: current and recent practices

IMC '07: Proceedings of the 7th ACM SIGCOMM conference on Internet measurement

ACM, 2007, pp. 83-92

inproceedings(1062519)

Jürjens, J.

Sound methods and effective tools for model-based security engineering with UML

ICSE '05: Proceedings of the 27th international conference on Software engineering

ACM, 2005, pp. 322-331

electronic(EVPref)

Jansen, J.

OpenSSL and EVP

Online : http://www.nlnetlabs.nl/downloads/publications/hsm/hsm_node17.html, [Last accessed : 12/08/2009],

book(CodeBreakersRef)

Kahn, D.

The Codebreakers

Scribner, 1967, page 138-139

electronic(cryptoOldRef)

Kessler, G.

An Overview of Cryptography

Online : http://www.garykessler.net/library/crypto.html, [Last accesed : 01/10/09],

electronic(LibPcapRef)

Leres, C.

TCPDump/LibPCAP

Online : url http://www.tcpdump.org/, [Last accessed 26/06/2009],

electronic(CIARef)

Longstaff, T.

Security of the internet

Online : http://www.cert.org/encyc_article/tocencyc.html. [Online : 06/09/2009],

electronic(introductionToCrypto)

Mactaggart, M.

Introduction to cryptography

Online : http://www.ibm.com/developerworks/library/s-crypt02.html, [Last accessed 02/06/2009],

electronic(MarlinSpikeSSLStripper)

Marlinkspike, M.

New Tricks For Defeating SSL In Practice

Online : http://www.thoughtcrime.org/software/sslstrip/, [Last accessed : 21/05/2009],

electronic(HistoryRef)

Mathai, J.

History of Cryptography and Secrecy Systems

Online : http://www.dsm.fordham.edu/~mathai/crypto.html, [Last accessed : 07/10/2009],

article(bpfref)

McCanne, S. & Jacobson, V.

The BSD Packet Filter: A New Architecture for User-level Packet Capture

Proceedings of the USENIX Winter 1993, 1992, pp. 1-2

inproceedings(1242665)

McCarthy, J.A., Krishnamurthi, S., Guttman, J.D. & Ramsdell, J.D.

Compiling cryptographic protocols for deployment on the web

WWW '07: Proceedings of the 16th international conference on World Wide Web

ACM, 2007, pp. 687-696

article(1055630)

McGregor, J.P. & Lee, R.B.

Protecting cryptographic keys and computations via virtual secure coprocessing

SIGARCH Comput. Archit. News, ACM, 2005, Vol. 33(1), pp. 16-26

article(CathMedows2003)

Meadows, C.

Formal Methods for Cryptographic Protocol Analysis : Emerging Issues and Trends

2003

electronic(PublicKeyCryptoACM)

Mohapatra, P.

Public Key Cryptography

Online : http://www.acm.org/crossroads/xrds7-1/crypto.html, [Last accessed 16/10/2009],

electronic(edgarAlanPoe)

Morelli, R.

Edgar Poe and Cryptography

Online : http://starbase.trincoll.edu/~crypto/historical/poe.html, [Last accessed : 06/08/2009],

inproceedings(1185594)

Muhammad, S., Furqan, Z. & Guha, R.K.

Understanding the intruder through attacks on cryptographic protocols

ACM-SE 44: Proceedings of the 44th annual Southeast regional conference

ACM, 2006, pp. 667-672

article(schrdref2)

Needham, R. & Schroeder, M.

Using encryption for authentication in large networks of computers

Commun. ACM, ACM, 1978, Vol. 21(12), pp. 993-999

electronic(nistdatabase)

NIST

National Vunerability Database

NIST, NIST, Online : http://nvd.nist.gov/, [Last accessed : 24/05/2009],

article(Menaces2008)

Paller, A.

Top Ten Cyber Security Menaces for 2008

2008

misc(RFC0826)

Plummer, D.C.

RFC 826 : An Ethernet Address Resolution Protocol

Online : http://www.faqs.org/rfcs/rfc826.html, [Last accessed : 14/10/2009],

misc(RFC0791)

Postel, J.

RFC 791: Internet Protocol

Online : http://www.faqs.org/rfcs/rfc791.html, [Last accessed : 20/10/2009],

misc(RFC0793)

Postel, J.

RFC 793 : Transmission Control Protocol

Online : http://www.faqs.org/rfcs/rfc793.html, [Last accessed : 14/10/2009],

electronic(RFC2631)

Rescorla, E.

Diffie-Hellman Key Agreement Method

Online : http://www.ietf.org/rfc/rfc2631.txt, [Last accessed : 21/05/2009],

electronic(SSLDumpRef)

Rescorla, E.

SSLdump

Online : url http://www.rtfm.com/ssldump/, [Last accessed : 05/05/2009],

electronic(httpsRef)

Rescorla, E.

HTTP Over TLS

2000

book(SSHRef)

Richard E. Silverman Daniel J. Barrett, R.G.B.

SSH, the secure shell, 2nd Edition.

O'Reilly, 2005, 39-47

electronic(frameworkRef)

Riehle, D.

Framework design - a role modeling approach

electronic(GroupsMathworlds)

Rowland, T. & Weisstein, E.

Groups, mathsworld

Online : http://mathworld.wolfram.com/Group.html, [Last accessed 11/06/2009],

book(AppliedCrypto96)

Schneier, B.

Applied Cryptography

P., S. (ed.)

Wiley and Sons, 1996, pages 234-237

article(BrucesecurityInTheRealWorld)

Schneier, B.

Security in the Real World: How to Evaluate Security

Computer Security Journal, v 15, 1999, pp. 1-14

book(PracCrypto)

Schneier, B. & Ferguson, N.

Practical Cryptography

C., L. (ed.)

Wiley Publishing, 2003, pages 30-35, pp. 245

article(506121)

Sun, Y. & Wang, X.

An approach to finding the attacks on the cryptographic protocols

SIGOPS Oper. Syst. Rev., ACM, 2000, Vol. 34(3), pp. 19-28

electronic(AncientTimesRef)

Taylor, K.

Cryptography of Ancient Times

Online : http://math.usask.ca/encryption/lessons/lesson00/page1.html, [Online : 11/10/2009],

misc(debianOpenSSL)

Team, D.S.

Debian Security Advisory:DSA-1571-1 openssl -- predictable random number generator

Online: http://www.debian.org/security/2008/dsa-1571,

electronic(OSIRef)

Teare, D.

OSI Reference Model

Online : http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/introint.htm, [Last accessed : 11/09/2009],

electronic(shroedRef1)

Treinen, R.

Needham-Schroeder Public Key

Online : http://www.lsv.ens-cachan.fr/Software/spore/nspk.html, [Last accessed : 27/10/2009],

article(taxonmy)

Wang, H.

Taxonomy of security considerations and software quality

Commun. ACM, ACM, 2003, Vol. 46(6), pp. 75-78

electronic(StenographyRef)

Webopedia

Steganography

Online : http://www.webopedia.com/TERM/S/steganography.html, [Last accessed : 21/09/2009],

electronic(Congurence)

Weisstein, E.

Congruence, Mathsworld

Online : http://mathworld.wolfram.com/Congruence.html, [Last accessed : 06/07/2009],

electronic(GDCMathWorld)

Weisstein, E.

Greatest Common Divsor, Mathsworld

Online : http://mathworld.wolfram.com/RelativelyPrime.html, [Last accessed : 09/07/2009],

electronic(RelativePrime)

Weisstein, E.

Relatively prime, Mathsworld

Online : http://mathworld.wolfram.com/RelativelyPrime.html, [Last accessed : 08/07/2009],

article(weaknessOfBan)

Xu, S., Zhang, G. & Zhu, H.

On the properties of cryptographic protocols and the weaknesses of the BAN-like logics

SIGOPS Oper. Syst. Rev., ACM, 1997, Vol. 31(4), pp. 12-23

article(DynamicAnalysis2001)

Yasinsac, A.

Dynamic Analysis of Security Protocols

2001

inproceedings(545592)

Zhang, Y.

A logic for modeling the dynamics of beliefs in cryptographic protocols

ACSC '01: Proceedings of the 24th Australasian conference on Computer science

IEEE Computer Society, December 5, 2001, pp. 215-222

article(runningMode1)

Zhang, Y. & Xiuying, L.

Running-mode analysis of the Security Socket Layer protocol

SIGOPS Oper. Syst. Rev., ACM, 2004, Vol. 38(2), pp. 34-40