Computer Security and
Cryptography Reading Group
March 2002 List
Date & Location |
Reading |
Mar. 1, 2002
1304 CS
1:30 - 2:30 PM
|
Jerome H. Saltzer
Massachusetts Institute of Technology
Protection and the Control of
Information Sharing in Multics
Revised version of a paper presented
at the Fourth ACM Symposium on
Operating Systems Principles (SOSP),
IBM Thomas J. Watson Research Center,
Yorktown Heights, New York, October
15-17, 1973.
URL: http://www.cs.utexas.edu/users/dahlin/Classes/GradOS/papers/p388-saltzer.pdf
The design of mechanisms to control
the sharing of information in the
Multics system is described. Five design
principles help provide insight into the
tradeoffs among different possible
designs. The key mechanisms described
include access control lists,
hierarchical control of access
specifications, identification and
authentication of users, and primary
memory protection. The paper ends with a
discussion of several known weaknesses
in the current protection mechanism
design.
|
Mar. 8, 2002
1304 CS
1:30 - 2:30 PM
|
Phil Zimmermann
Network Associates inc.
Phil Zimmermann on PGP
Chapter 2 of PGP 6.5.1 User's Guide
URL: http://www.pgpi.org/doc/guide/6.5/en/intro/
This chapter contains introductory
and background information about
cryptography and PGP as written by Phil
Zimmermann.
|
Mar. 15, 2002
1304 CS
1:30 - 2:30 PM
|
Arjen K. Lenstra, Eric R. Verheul
Arjen.Lenstra@citicorp.com /
Eric.Verheul@nl.pwcglobal.com
Selecting Cryptographic Key Sizes
1999
URL: http://citeseer.nj.nec.com/287428.html
In this article we offer guidelines
for the determination of key sizes for
symmetric cryptosystems, RSA, and
discrete logarithm based cryptosystems
both over finite fields and over groups
of elliptic curves over prime
fields. Our recommendations are based on
a set of explicitly formulated
hypotheses, combined with existing data
points about the cryptosystems.
|
Mar. 22, 2002
1304 CS
1:30 - 2:30 PM
|
Ronald L. Rivest, Butler Lampson
rivest@theory.lcs.mit.edu /
blampson@microsoft.com
SDSI - A Simple Distributed Security Infrastructure
1996
URL: http://citeseer.nj.nec.com/rivest96sdsi.html
We propose a new distributed security
infrastructure, called SDSI (pronounced
"Sudsy"). SDSI combines a simple
public-key infrastructure design with a
means of defining groups and issuing
group-membership certificates. SDSI's
groups provides simple, clear
terminology for defining access-control
lists and security policies. SDSI's
design emphasizes linked local name
spaces rather than a hierarchical global
name space.
|
|
< Back to the Sec & Crypto reading group page
|