Top page of CDROM on
cryptography and e-security

The links and images will work only from the CDROM.

e-security and cryptography -- A short course on e-security.

My e-mail address has changed to :
hyd1_algolog@sancharnet.in
(h-y-d-one underscore algolog AT sancharnet DOT in)
Please make note of this change, and use only my new address shown above.

(WARNING -- Some pages in this CDROM may still point to my old address. Please watch out !)

Cryptography & PGP
for e-security

Meet the author
Study material for e-security, cryptography and PGP
An important social message from Algologic
Send us your suggestions and comments
Administrivia

Alan Turing
(1912-1954)

This material is for personal, academic usage only.

This CDROM is a collection of tutorial material about cryptography, PGP and e-security. Although this document does not claim to be an exhaustive collection of all the material and resources available on the web, it is very rich in content. Read it at leisure, and keep it handy for future reference.
Some of the hyperlinks in this CDROM will need an on-line connection to the Internet.
This is a "platform independent" CDROM. You can read this CDROM using any web browser (HTML 4.0 and CSS-2 compatible), and under any operating system. You will also need a suitable software plug in for reading PDF files.
This CDROM does not install any software or modify any of your files or directories by itself. It does not contain any active material i.e. any program or script which get automatically executed on your computer.
It would be a good idea to download the latest version of the files, especially those which contain programs and important tutorials.
The web keeps changing all the time. Do not be disappointed if some of these links do not work any more, when you look for them in the web.
This CDROM has hyperlinks to a very large number of external sites. We have no control over the owners of these web sites. When we included these links, we visited every one of these sites. We also keep visiting these sites randomly. This CDROM is continuously updated on the basis of our experiences. Yet, some flaws may persist.If you find dead links, or inappropriate contents, please exhibit some social responsibility please inform the author immediately, so that the next version of this CDROM does not carry forward these flaws.
Please send your comments, suggestions and opinions about this page, to S. Parthasarathy
The date and important details about this CDROM are given in the Administrivia section.

Saluting the enigma ....

Let us all remember and salute Alan Turing -- the giant who contributed so much to computer science and cryptography. So great were his contributions to these sciences, that the world of computer science remembers him gratefully today :

The greatest prize in computer science is named after him: ACM Alan Turing Award
The fundamental model of computation, used to study the theoretical aspects of computing, is named after him : the Turing machine

To have a glimpse of this giant visit the web pages:

And, remember Claude Shannon another giant who walked this world with us. Shannon's legacy.

Go-to-top and start all over again

Study material

Are you seriously serious about security ? Take this simple test !

Avoid blackbox software if you are seriously serious about e-security.

Home alone ? Is your home computer safe ? What should you do, to ensure security in your home computer ?

Want to avoid security related misadventures ? See this rogues gallery of security blunders and Confession #1 and Confession #2 ... and draw your own conclusions ! In spite of all the wishful dreams and promises, here is what you get from this same vendor. How long more do you want to put up with this scandal ?
Not to worry, here is : Linux -- The ray of hope. Change your religion. It is still not too late !

How not to keep a secret ! It is important for you to create and then publicise your PGP public key. Here is one nice example of how to let the world know about your PGP public key.

Only a lucky few can learn from the guru. Attend this one day seminar on PGP and crypto. You can also choose from a whole lot of training services fromAlgologic .

Slides used in my lectures

Practice what you preach !

Make sure that the contents of this CDROM have not been tampered with ! Make sure that it is a dependable and authentic copy ! Here's how you can do that !

Go-to-top and start all over again

Learning resources and links

Cryptography deals with the science of keeping secrets. It is amazing to note the amount of information available for free from the web about cryptography, e-security and related matters. You just have to scan this sample collection, to realise how much information is available to you.

Go-to-top and start all over again

Elliptic curve cryptography

Elliptic curve cryptography (ECC) offers a powerful alternative to the RSA cryptographic technique. Start with a short and quick introduction to ECC. See some of your questions on ECC answered in this FAQ (slightly old, but still useful). And then take a longer introduction to ECC. And, then look out for further references.

Go-to-top and start all over again

Passwords

Password authentication over a hostile network has always been a challenging task. Learn about some of the issues involved. This page gives more pointers to the subject of password authentication.

EKE -- encrypted key exchange is a promising technique for resolving some of the hurdles in password authentication. Take a peek at SPEKE (an EKE tool), and read more details about SPEKE.

Go-to-top and start all over again

Some glimpses of history

A historical chronicle (old but good).
Claude Shannon's historical paper circa 1948 !
The unforgettable Alice and Bob.
Note : Dr. Partha, the author of this CDROM and practitioner of cryptography, uses the Hindu mythological characters: Sita and Rama. In this episode from the Ramayana, Sita (the sender) wants to send a message to Rama (the receiver). The episode has several surprising similarities to modern-day PKC. Now, let Alice and Bob go on a holiday !

Go-to-top and start all over again

The RSA algorithm

The RSA trio !

Meet the R of the RSA algorithm.
Meet the S of the RSA algorithm.
Meet the A of the RSA algorithm.

RSA -- How does it work ?

Three of a kind !
Here is another (and less formal) file photo of the RSA trio.

Go-to-top and start all over again

If you are serious about security,
do NOT buy black-box (i.e. proprietary) software

Beware of snake oil !
Support the Free Software Foundation . The GNU project is perhaps the greatest proof of the success of this foundation. Meet Richard M Stallman, the man behind this phenomenal movement.

Now there is a Free Software Foundation branch in India too. So, why hesitate ? Break your shackles today.
Why do we always buy "black box" software ? The Open Source Initiative foundation (OSF) can rid you of the perils of black box software. Meet Eric S Raymond, the pioneer who makes Open Source possible. It is fun and instructive to read his writings.
This is what you get for free, from black box software: Here is a rogues gallery of security blunders. Here are just two confessions: (Confession #1 and Confession #2).
In spite of all the wishful dreams and promises, here is what you get from this same vendor. How long more do you want to put up with this scandal ?
Just look at the numbers. You will know why Open Source/Free Software is a better bet.
These OSS references will give you the best alternative to black-box software.

Go-to-top and start all over again

Cryptography, e-security tools

Visit the National Cryptology Museum and see these exhibits: the Enigma machine and the Cipher wheel and many more interesting pieces.
Handbook of Applied Cryptography is an excellent and exhaustive e-book on cryptography. Browse this book, and learn all about cryptography. Notice that the References section has 1276 listed titles !
Smart cards, smarter crooks : No technology is fool-proof, they say. A better expression would be to say that "No security is crook- proof". One such sitting duck is the smart card technology which many organisations and agencies are promoting blindly, as the ultimate tool for security. Read these papers by Markus Kuhn, and you will change your opinion about smartness of smart cards.
Attention ! big brother is watching you: Here is one more blatant attempt by "big brother" to spy on every computer on this earth.
Read about the latest cryptographic challenge from an Indian company !
May be you never heard of PKI. It is never too late to get to know this tool.
Learn about the pitfalls of Public Key Infrastructure (PKI) from this article.
Steganography is the art of hiding a message within another message. Here is a simple example. And here is a more sophisticated example of steganography.
Samples of CERT publications : Recognise and avoid Trojan Horses.
You create and distribute your software over the web. You download software from the web. In both cases, you must ensure the integrity of the software you download.
You have excellent tools for doing all this.

Want to go shopping for some public domain security tools ?
Try this list :

Go-to-top and start all over again

Securing the web

Go-to-top and start all over again

Thank God, there is PGP !

Read all about the GNU- Privacy Guard (GPG) from the Free Software Foundation. GPG is a standard program in all Linux distributions. That's one more reason why people worship Linux !
Read the GNU-Privacy Guard Manual
Do not use PGP without reading this document.
PGP is the software which brings security to your desktop. The story of PGP is one of struggle, controversy and despair.
The PGP FAQ.
Here is one more PGP FAQ. This FAQ is slightly old, but very profound and extensive. Good for those who care to know more than just superficial details.
Learn all about PGP , a very useful tool for ensuring security. If you use MS platform, try to install PGP from this CDROM -- since MS does not give PGP as a standard program included with its operating systems. We now know why Linux is always a better, more robust, and more secure way to use computers.
If you want to try PGP, start by sending an encrypted message. You can use Dr. Partha's public key and send him an encrypted message NOW !
You will also need this key for verifying the authenticity of this CDROM as explained in the beginning of this document.
You must not believe this PGP public key unless you have confirmed that it has not been tampered by some crook. You can confirm the authenticity of the public key, by verifying its "fingerprint" either from the web site of Dr. Partha, or by contacting him personally. Remember the Golden Rule of Security: Never -- repeat NEVER -- take chances when you deal with security.

Go-to-top and start all over again

e-security, books and tutorials

Learn about the basics of cryptography from this e-book.
Unravel the mystery of digital signatures from this e-book.
Read this short e-book on network attacks and counter measures .
Books, books, books : Browse this list of recommended books on e-security
Handbook of Applied Cryptography is an excellent and exhaustive e-book on cryptography. Browse this book, and learn all about cryptography. Notice that the References section has 1276 listed titles !
Springer Verlag publishes excellent titles on computer science under the series called Lecture Notes in Computer Science. The title Advances in cryptology 1981-1997 (LNCS-1440) is an excellent compilation of 1275 articles on cryptography.

Go-to-top and start all over again

Digital signatures

Digital signatures
There could be a serious problem in ensuring perpetuity of digitally signed documents. This paper explains the problem and a possible solution.
This is a VERY EXHAUSTIVE literature survey of "digital signatures" This literature survey points to dozens of sources from where you can get information on digital signatures.

Go-to-top and start all over again

MD5

The MD5 algorithm is used for creating message digests which are used in "digital signatures". The MD5 home page explains the background and the implementation of MD5 algorithm.
A neat and simple (and free) md5 software for MS platform is here. You can also read a brief description of this software . Linux users need not worry -- md5sum is a standard program in all modern Linux distributions. In Linux you can do this with just a one line command ! That is why we respect Linux so much.
As an exercise: You must try to use this powerful tool for verifying the authenticity of this CDROM itself !

Go-to-top and start all over again

Prime space for prime numbers

Primes are now easier to recognise, courtesy this pioneering work from IIT, Kanpur, India.
Prime numbers have always had a close relationship to cryptography. Find out all about these fascinating class of numbers.
You too can be a winner : Find out how a 20 year old Canadian earned fame and fortune by participating in this world-wide search for prime numbers. It is easy. You can be the next to merit this glory.
I had some yellow apples occupying a crisper Find out how this sentence is related to the most famous number to be discovered recently.
What is pulchritude ? Heard of pulchritudinous primes ?

Go-to-top and start all over again

The legal angle

Security is a double-edged weapon. Learn how governments around the world are tackling this through their own cyberlaws. You can also peruse a country wise list. And, in particular, go to the section on INDIA.
Here is a very good survey of issues related to the legal aspects of cryptography and electronic communications
How should our lawyers and judges do it ?
India too can boast of its own cyberlaw. Read the official version of India's Information Technology Act 2000. In India, we are probably good at making laws. Enforcing the law is of course a totally different matter. And, presenting properly, an IT related law, on an IT based platform (the w-w-web) is of course nobody's concern.
Read about all the trouble which a technological giant has had to face .

This CDROM has hyperlinks to a very large number of external sites. We have no control over the owners of these web sites. When we included these links, we visited every one of these sites. We also keep visiting these sites randomly. This CDROM is continuously updated on the basis of our experiences. Yet, some flaws may persist. If you find dead links, factual errors, or inappropriate contents, please exhibit some social responsibility please inform the author immediately, so that the next version of this CDROM does not carry forward these flaws.
	ADMINISTRIVIA Page last modified on: 2004-01-21 URL : (localpath)/top-page.htm Send your comments, to: hyd1_algolog@sancharnet.in Page developed by: Algologic Research & Solutions Do not miss : Our Warning and Disclaimer page.
Simplicity is divine. E W Dijkstra (1930-2002)