List of important publications in networks and security

Cryptography
The index of coincidence and its applications in cryptology
* William F. Friedman
* The index of coincidence and its applications in cryptology, Department of Ciphers. Publ 22. Geneva, Illinois, USA: Riverbank Laboratories, 1922.
Description: Presented the index of coincidence method for codebreaking.
Treatise on the Enigma
* Alan Turing
* Online version
Description: The breaking of the Enigma.
Communication Theory of Secrecy Systems
* C.E. Shannon
* Communication Theory of Secrecy Systems, Bell System Technical Journal, vol.28-4, page 656-715, 1949.
* Online copy (PDF)
Description: Information theory based analysis of cryptography. The original form of this paper was a confidential Bell Labs report from 1945, not the one published.
The Codebreakers, The Story of Secret Writing
* David Kahn
* New York: The Macmillan Company, 1967, (ISBN 0-684-83130-9).
Description: Almost nothing had been published in cryptography in several decades and very few non-government researchers were thinking about it. The Codebreakers, a popular and not academic book, made many more people aware and contains a lot of technical information, although it requires careful reading to extract it. Its 1967 appearance was followed by the appearance of many papers over the next few years.
Cryptographic Coding for Data-Bank Privacy
* Horst Feistel
* IBM Research Report 2827, March 18, 1970.
Description: Feistel ciphers are a form of cipher of which DES is the most important. It would be hard to overestimate the importance of either Feistel or DES. Feistel pushed a transition from stream ciphers to block ciphers. Although most ciphers operate on streams, most of the important ciphers today are block ciphers at their core.

Data Encryption Standard
* NBS Federal Standard FIPS PUB 46, 15 Jan 1977.
Description: DES is not only one of the most widely deployed ciphers in the world but has had a profound impact on the development of cryptography. Roughly a generation of cryptographers devoted much of their time to attacking and improving DES.
New directions in cryptography
* W.Diffie, M.E.Hellman
* IEEE Transactions on Information Theory, IT-22, 6, 1976, pp. 644-654
* Online copy (HTML)
Description: This paper suggested public key cryptography and presented Diffie-Hellman key exchange. For more information about this work see: W.Diffie, M.E.Hellman, [http://www-ee.stanford.edu/~hellman/publications/32.pdf "Privacy and Authentication: An Introduction to Cryptography"], in Proc. IEEE, Vol 67(3) Mar 1979, pp 397-427.
On the Signature Reblocking Problem in Public Key
* Loren M. Kohnfelder
* Commun. ACM, vol. 21, no. 2, p. 179, 1978.
Description: In this paper (along with Loren M. Kohnfelder,"Using Certificates for Key Distribution in a Public-Key Cryptosystem", MIT Technical report 19 May 1978), Kohnfelder introduced certificates (signed messages containing public keys) which are the heart of all modern key management systems.
Secure Communications Over Insecure Channels
* Ralph C. Merkle
* Commun. ACM, vol. 21, no. 4, pages. 294-299, April 1978.
Description: This paper introduced a branch public key cryptography, known as public key distribution systems. Merkle work predated "New directions in cryptography" though it was published after it. The Diffie-Hellman key exchange is an implementation of such a Merkle system. Hellman himself has argued that the more correct name would be Diffie-Hellman-Merkle key exchange.
A Method for Obtaining Digital Signatures and Public Key Cryptosystems
* R. Rivest, A. Shamir, L. Adleman
* Communications of the ACM, Vol. 21 (2), 1978, pages 120-126
* Online copy (HTML)
Description: The RSA encryption method. The first public key encryption method.
Using encryption for authentication in large networks of computers
* R M Needham, M D Schroeder
* Communications of the ACM, Vol 21, No 12 (1978)
* Online version(PDF)
Description: This paper introduced the basic ideas of cryptographic protocols and showed how both secret-key and public-key encryption could be used to achieve authentication.
How to Share a Secret
* Shamir, A.
* Communications of the ACM, vol. 22, no. 11, pp. 612-613 (November 1979)
* Online copy (HTML)
Description: A safe method for sharing a secret.
Data Security
* Dorothy E. Denning, Peter J. Denning
* ACM Computing Surveys, Vol. 11, No. 3, September 1979, pp. 227-249,
Description: A paper that surveys the problems in creating secure systems. The description of database inference is particularly chilling; after reading this you'll understand why it is very difficult to publish aggregated information such as census data without accidentally exposing the private information of individuals.
Security policies and security models
* J. Goguen, J. Meseguer
* IEEE symposium on security and privacy, 1982, pp11-20
* Online version(PDF)
Description: Noninterference is the study of when interaction by one user with a system can affect what a second user sees. It can be applied to trying to stop an attacker disrupting the second user's view of the system, or to analysing whether a high-security first user can pass information to a low-level second user via a covert channel. This paper was the first to give a useful characterisation of this property.
On the security of public key protocols
* D Dolev, A Yao
* IEEE transactions on Information Theory Vol 2 number 3, 1983
Description: Introduced the adversarial model against which almost all cryptographic protocols are judged.
Probabilistic Encryption
* Shafi Goldwasser, Silvio Micali
* Special issue of Journal of Computer and Systems Sciences, Vol. 28, No. 2, pages 270-299, April 1984.
* Online version (PDF)
Description: The paper provides a rigorous basis to encryption (e.g., partial information) and shows that it possible to equate the slightest cryptanalysis to solve a pure math problem.
Second, it introduces the notion of computational indistinguishability that has and will underpin our understanding of the world, since ultimately we all are bounded computational entities.
Fast, rigorous factorization and discrete logarithm algorithms
* Carl Pomerance
* D. S. Johnson, T. Nishizeki, A. Nozaki, H. S. Wilf, eds., Academic Press, Orlando, Florida, 1987, pp. 119-143.
Description: First published sub exponential algorithm to the Discrete logarithm problem. The Discrete logarithm problem is the base of many cryptographic systems. Pomerance algorithm is second chronologically to the work of Rich Schroeppel's work. Schroeppel rarely published and preferred to circulate his work to interested researchers. Schroeppel's work is referenced at Knuth, vol. 2, 2nd edition, pages 383-384.
How to Prove all NP-Statements in Zero-Knowledge, and a Methodology of Cryptographic Protocol Design
* Goldreich, O, Micali, S., Wigderson, A.
* CRYPTO, LNCS vol 263, pp. 171-185, 1987
* Online copy(HTML)
Description: This paper explains how to construct a zero-knowledge proof system for any language in NP.

How to Play any Mental Game or A Completeness Theorem for Protocols with Honest Majority
* Goldreich, O, Micali, S., Wigderson, A.
* ACM Symposium on Theory of Computing, pgs. 218-229, 1987
* Online copy(HTML)
Description: Seminal paper in secure function evaluation
The Digital distributed system security architecture
* M. Gasser, A. Goldstein, C. Kaufman, B. Lampson
* Proceedings of the 1989 National Computer Security Conference, pages 305-319, 1989.
* Online copy
Description: This paper discusses issues related to privileges and authentication of software and hardware components in distributed systems. It is interesting in that it formalizes the understanding of the rights used by programs and software running on behalf of users and other entities. The concepts from this paper provide an early glimpse at the issues of attestation addressed much later by trusted computing architectures.
Kerberos: An Authentication Service for Open Network Systems
* Jennifer G. Steiner, Clifford Neuman, Jeffrey I. Schiller
* B. Clifford Neuman and Theodore Ts'o IEEE Communications, 32(9) pp33-38, September 1994.
* See also Proc. USENIX Winter Conference, February 1988, pp. 191-202
* Online version (HTML)
Description: The Kerberos authentication protocol, which allows individuals communicating over an insecure network to prove their identity to one another in a secure and practical manner.
Differential Cryptanalysis of DES-like Cryptosystems
* Eli Biham, Adi Shamir
* Journal of Cryptology, Vol. 4 No. 1 1991
* Online version
Description: The method of Differential cryptanalysis.
A new method for known plaintext attack of FEAL cipher
* Matsui, M., Yamagishi, A
* EUROCRYPT Advances in Cryptology - 1992
* Online version
Description: The method of Linear cryptanalysis.
Breaking and Fixing the Needham-Schroeder Public-Key protocol using FDR
* Gavin Lowe
* Software - concepts and tools 1996
* Online version
Description: Used a standard model checker to analyse one of the original cryptographic protocols that had long been believed correct. By exposing what is now the most famous protocol attack using this method, this paper inspired an explosion of interest in the verification and analysis of such protocols that continues to this day.
Differential Collisions in SHA-0
* Florent Chabaud, Antoine Joux
* Advances in Cryptology — CRYPTO '98
Description: A method for finding collisions in SHA-0 hash function.
EFF DES cracker
* Paul Kocher
* 1998
Description: "the EFF DES cracker" (nicknamed "Deep Crack") is a machine built by the Electronic Frontier Foundation (EFF) to perform a brute force search of DES's keyspace—that is, to decrypt an encrypted message by trying every possible key. The aim in doing this was to prove that DES's key is not long enough to be secure.
Computer networks
A Protocol for Packet Network Interconnection
* Vint Cerf, Bob Kahn
* IEEE Transactions on Communication Technology, 1974
* Online copy (PDF)
Description: Packet Network Interconnection.
Ethernet: Distributed packet switching for local computer networks
* R.M. Metcalfe, D.R. Boggs
* Communications of the ACM 19, 7 (July 1976), 395-404
* Online copy (HTML)
Description: The Ethernet protocol.
End-To-End Arguments in System Design
* J.H. Saltzer, D.P. Reed, D.D. Clark
* Proceedings of the 2nd International Conference on Distributed Computing Systems, 509-512, April 1981.
* Online copy (PDF)
Description: Many of critical design problems in networking and systems focus on the right "layer" in which to provide particular functionality. The basic debate is whether the core system or network should provide the functionality, or whether it should be left to the end-system or application to implement using more basic primitives provided in the core network or base system. This paper highlights these issues and argues for one side. The argument has occurred over and over again in various aspects of system design and it is important to understand the basic philosophy of both sides of the debate.
Internet Protocol
* RFC 791, Information Sciences Institute, Marina Del Rey, California, September 1981
* Online copy (HTML)
Description: The Internet Protocol (IP).This paper describes the he Internet Protocol (IP), a fundamental protocol that drive the Internet. Required (but quite technical) reading for anyone who wants to understand networking.
Transmission Control Protocol
* RFC 793, Information Sciences Institute, Marina del Rey, California, September 1981.
* Online copy (HTML)
*
Description: The Transmission Control Protocol (TCP).
Implementing Remote Procedure Calls
* Andrew D. Birrell, Bruce Jay Nelson
* ACM Transactions on Computer Systems, Vol. 2, No. 1, February 1984, pp. 39-59.
* Online copy
Description: This is the seminal paper on Remote Procedure Call, which provides a higher-level mechanism for communicating between the components of a distributed system.
A Dynamic Network Architecture
* Sean W. O'Malley, Larry L. Peterson
* ACM Transactions on Computer Systems, 10(2), May 1992
* Online copy
Description: Network software in distributed systems.
Internet
As We May Think
* Vannevar Bush
* The Atlantic Monthly, July 1945
* As we may think from the Atlantic Monthly archives
Description: The paper argued that as humans turned from war, scientific efforts should shift from increasing physical abilities to making all previous collected human knowledge more accessible. As We May Think predicted many kinds of technology invented after its publication, including hypertext, personal computers, the Internet, the World Wide Web, speech recognition, and online encyclopedias such as .
Grapevine: An Exercise in Distributed Computing
* Andrew D. Birrell, Roy Levin, Roger M. Needham, Michael D. Schroeder
* Communications of the ACM\fR, Vol. 25, No. 4, April 1982, pp. 260-274.
* Online version(PDF)
Description: The Grapevine system. The paper describes one of the first attempts to build a large-scale distributed system (the Xerox mail system). Exposes many interesting problems related to distributed systems and describes how they were solved in this particular system.
The Design Philosophy of the DARPA Internet Protocols
* David D. Clark
* Proceedings of ACM SIGCOMM '88, August, 1988.
* Online version(PDF)
Description: The DARPA Internet Protocols (TCP/IP).
The Anatomy of a Large-Scale Hypertextual Web Search Engine
* Sergey Brin and Lawrence Page
* Computer Networks and ISDN Systems, volume 30,number 1-7,pages 107-117, 1998.
* Online version
Description: The Anatomy of a Search Engine, known today as Google.
 
< Prev   Next >