Security through barriers.
Yale University Department of Computer Science
CS 467: Cryptography and Computer Security
Michael J. Fischer

Resources, Spring 2010
CS Department CS Courses M. Fischer Home M. Fischer Email
Course Home Page
Lecture Notes
Old Announcements

<< Back
Gloves from a space suit.
Butterflys grow safely inside.
The Jefferson wheel.
An early encoding device.
Entrance to a Ming Dynasty tomb, north of Beijing, China
A securable approach to an underground tomb.

Recommended supplementary reading (not required)

Cryptography and Security

  • Bruce Schneier, Applied Cryptography, Second Edition, John Wiley & Sons, Inc., 1996, ISBN 0-471-11709-9 (paperback). Contains a wealth of timely information and gives broad coverage of the field. Often glosses over details in favor of readability, and sometimes gets the details wrong. There are also many errors, particularly before the 5th printing. An errata sheet is available at

  • Charlie Kaufman, Radia Perlman, and Mike Speciner, Network Security: Private Communication in a Public World, Prentice-Hall PTR, 2002, ISBN 0-13-046019-2. Gives a nice account of practical security issues and motivates much of the material that we will be studying.

  • Douglas R. Stinson, Cryptography: Theory and Practice, Third Edition, Chapman & Hall/CRC, 2006, ISBN-10: 1-58488-508-4; ISBN-13: 978-58488-508-5. Gives a nice treatment of some of the more mathematical and lower-level aspects of cryptography. The opening chapters give a particularly nice account of classical cryptography and cryptanalysis.

  • Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone, Handbook of Applied Cryptography, CRC Press, 1997, pp. 816, ISBN 0849385237. This tome has similar coverage to Schneier but is much more rigorous (at the cost of readability). It is an invaluable reference book if you want to actually implement any of these methods.

  • Wenbo Mao, Modern Cryptography: Theory & Practice}, Prentice-Hall, 2004, ISBN 0--13--066943--1. This book is a must for anyone wanting to implement cryptographic algorithms for use in the real world. As well as presenting the principles of cryptography, it also points out many of the subtle real-world issues that can lead to problems with implementations of otherwise-sound algorithms.
  • Privacy and Social Issues

    While this is not a social sciences course, the subject matter of this course has major policy implications, particularly with respect to privacy on the internet. The books listed below give some background and insight into social issues that are currently the subject of wide debate.


    A very good starting place for general cryptography information is the Crypto Mini-FAQ. It contains links to many other resources, including the now out-of-date (but still useful) 10-part Cryptography FAQ's (Frequently Asked Questions). Another good but by now rather out-of-date on-line FAQ is maintained at the RSA Labs website.

    Gnu Multiprecision Arithmetic Package (GMP)

    This package contains efficient routines for performing arbitrary-precision arithmetic. The functions most relevant for this course are the mpz functions, which operate on large signed integers.

    Relevant Newsgroups

    The unmoderated newsgroup sci.crypt contains mixture of postings on a wide variety of crypto-related topics.

    Other Resources on the Web

    Ron Rivest (the "R" of RSA) maintains an index of links to a wealth of information on cryptography and security.

    The USACM Encryption Policy Library contains pointers to policy debates, position papers, and pending legislation concerning encryption and computer security.

    Bruce Schneier publishes a monthly cryptograpy newsletter, Crypto-gram. This is a good source of news on the current state of computer security and cryptography policy.

    The DES Standard at the NIST web site.

Comments about this website should be directed to M. Fischer