
Recommended supplementary reading (not required)
Cryptography and Security
 Bruce Schneier,
Applied Cryptography, Second Edition, John
Wiley & Sons, Inc., 1996, ISBN 0471117099
(paperback). Contains a wealth of timely information
and gives broad coverage of the field. Often glosses
over details in favor of readability, and sometimes
gets the details wrong. There are also many errors,
particularly before the 5th printing. An errata
sheet is available at http://www.counterpane.com/ac2errv30.html.
 Charlie Kaufman, Radia Perlman, and Mike Speciner,
Network Security: Private Communication in a Public
World, PrenticeHall PTR, 2002, ISBN
0130460192. Gives a nice account of practical
security issues and motivates much of the material that
we will be studying.
 Douglas R. Stinson,
Cryptography: Theory and
Practice, Third Edition, Chapman &
Hall/CRC, 2006, ISBN10: 1584885084; ISBN13:
978584885085. Gives a nice treatment of some of the
more mathematical and lowerlevel aspects of
cryptography. The opening chapters give a particularly
nice account of classical cryptography and
cryptanalysis.
 Alfred J. Menezes, Paul C. van Oorschot, and Scott
A. Vanstone,
Handbook of Applied Cryptography, CRC Press,
1997, pp. 816, ISBN 0849385237. This tome has
similar coverage to Schneier but is much more rigorous
(at the cost of readability). It is an invaluable
reference book if you want to actually implement any of
these methods.
 Wenbo Mao,
Modern Cryptography: Theory &
Practice}, PrenticeHall, 2004, ISBN
0130669431. This book is a must for anyone
wanting to implement cryptographic algorithms for use
in the real world. As well as presenting the principles
of cryptography, it also points out many of the subtle
realworld issues that can lead to problems with
implementations of otherwisesound algorithms.

Privacy and Social IssuesWhile this is not a
social sciences course, the subject matter of this
course has major policy implications, particularly
with respect to privacy on the internet. The books
listed below give some background and insight into
social issues that are currently the subject of wide
debate.
 Fred H. Cate,
Privacy in the Information Age, Brookings
Institute, 1997, pp. 200, ISBN
0815713150.
 Whitfield Diffie and Susan Landau,
Privacy on the Line: The Politics of Wiretapping
and Encryption, the MIT Press, Cambridge,
Massachusetts, 1999, pp. 360, ISBN
0262541009.
 Lawrence Lessig,
Code and Other Laws of Cyberspace, Basic
Books, Perseus Books Groups, New York, 2000, ISBN
0465039138.
 Reg Whitaker, The
End of Privacy: How Total Surveillance Is Becoming
a Reality, New Press, 1999, pp. 208,
ISBN 1565845694.
FAQ'sA very good starting place for general
cryptography information is the Crypto
MiniFAQ. It contains links to many other
resources, including the now outofdate (but still
useful) 10part
Cryptography FAQ's (Frequently Asked
Questions). Another good but by now rather
outofdate online
FAQ is maintained at the RSA
Labs website.
Gnu Multiprecision Arithmetic Package
(GMP)This package contains efficient routines
for performing arbitraryprecision arithmetic. The
functions most relevant for this course are the
mpz functions, which operate on large signed
integers.
Relevant NewsgroupsThe unmoderated newsgroup
sci.crypt
contains mixture of postings on a wide variety of
cryptorelated topics.
Other Resources on the Web
Ron Rivest
(the "R" of RSA) maintains an
index of links to a wealth of information on
cryptography and security.
The USACM Encryption
Policy Library contains pointers to policy
debates, position papers, and pending legislation
concerning encryption and computer security.
Bruce Schneier
publishes a monthly cryptograpy newsletter, Cryptogram.
This is a good source of news on the current state of
computer security and cryptography policy.
The DES
Standard at the NIST web site.
