19 September 1997
Source: http://hypatia.dcs.qmw.ac.uk/authors/A/AndersonRJ/papers/ReadMe

This directory contains Ross Anderson's ftp space. There are lecture notes,
collections of abstracts on computer and communications security, and some 
of my recent research papers.

LECTURE NOTES:

seclec(x).ps.gz		Notes for the Computer Science Tripos part 2 course
			on security.

COLLECTIONS OF ABSTRACTS:

SRv(x)no(y).ps.Z: 	`Computer and Communications Security Reviews' 
			provides abstracts of all current research in the 
			field - or at least all that I manage to get hold of! 
			Coverage includes some 30-40 conferences a year and
			over 100 journals. These files contain the back 
			numbers of volumes 1 and 2, and volume 3 number 1. As 
			we now have no paper copies left of volume 1, and 
			relatively few of volume 2, the publisher has decided 
			to make the postscript available at no charge.

SRsubs.ps.Z:		Subscribers not only get paper copies of the journal, 
			but also latex source code for all copies up to the 
			current one. This is the subscription order form.

secrevtex.tar.pgp:	This file contains the latex source code of all issues
			of `Computer and Communications Security Reviews'. It
			is encrypted using pgp and the passphrase is made
			available to subscribers.

abs_(x)0s.tex.Z:	`Computer and Communications Security Reviews' only
			goes back to 1992. To search the research literature
			prior to this date, fetch these files, which contain 
			Sean Irvine's collection of abstracts sorted by decade.
			For example, abs_80s.tex.Z contains abstracts for the
			1980's.


RESEARCH PAPERS include:

tamper.ps.gz:		`Tamper Resistance - A Cautionary Note' (with Markus
			Kuhn) presents a number of ways of overcoming the
			tamper resistance of smartcards and other security
			processors.

euroclipper.ps.gz:	`The GCHQ protocol and its problems' points out a 
			number of design flaws in a GCHQ secure email protocol 
			that the British government wants us all to adopt.

policy.ps.Z:		`Security in Clinical Information Systems', which I
			developed for the British Medical Association, seeks
			to do for personal health information what the
			Bell-LaPadula model did for military systems, namely
			provide a security policy that can be expressed in a
			concise set of rules. This policy enforces patient
			consent to information sharing.

policy.txt:		An ascii version of the above.

satan.ps.Z:		This paper (with Roger Needham) contains a general 
			introduction to cryptographic protocols, and was 
			written for the 1000th volume of Springer Lecture 
			Notes in Computer Science.

robustness.ps.Z:	`Robustness principles for public key protocols' (with
			Roger Needham) presents a number of attacks on public 
			key protocols. It also advances a number of principles
			which may help designers avoid many of the pitfalls,
			and help attackers spot errors which can be exploited.
			It was published at Crypto 95.

wcf.ps.Z:		`Why Cryptosystems Fail' discusses a number of frauds 
			against	electronic payment systems, and the lessons for
			system designers. It first appeared in the proceedings 
			of the First ACM Conference on Computer and 
			Communications Security, Fairfax, VA (3-5/11/1993) pp 
			215-227. This is now out of print, so I have put it up 
			here; please see the ACM copyright notice on the first 
			page. A shortened version of this paper appeared in 
			Communications of the ACM, 11/94.

liability.ps.Z:		`Liability and Computer Security - Nine Principles' 
			describes recent court cases involving cryptographic
			evidence, and discusses what lessons can be learned. 
			It appeared in `Computer Security - ESORICS 94' 
			(Springer LNCS v 875 pp 231-245).

queensland.ps.Z:	`Crypto in Europe - Markets, Law and Policy' looks at
			crypto regulation in Europe and argues that the real 
			law enforcement problem is in the reliability of
			cryptographic evidence rather than in the threat
			allegedly posed to law enforcement by encryption. It
			appeared at the Cryptography - Policy and Algorithms
			Conference, Queensland University of Technology, 
			Brisbane, 1-3 July 95 (Springer LNCS v 1029 pp 75-89).

meters.ps.Z:		`Cryptographic Credit Control in Pre-payment Metering 
			Systems' describes a project to build a countrywide
			prepayment electricity meter system, and the security
			engineering problems we encountered. It appeared at
			Oakland 95, and a version in the May 96 IEEE 
			Transactions on Software Engineering.

smartcards.ps.Z:	This technical report contains two papers on designing
			a smartcard based electronic wallet system, which has
			now been fielded in a number of countries.

correlation.ps.Z:	`Searching for the Optimum Correlation Attack' presents
			a novel correlation attack on certain kinds of stream
			cipher. It will appear in `Fast Software Encryption', 
			proceedings of second workshop on Fast Software
			Encryption (Leuven, 14-16/12/94), Springer LNCS v 1008 
			pp 137-143.

fibonacci.ps.Z:		This contains my attack on the `FISH' stream cipher, 
			plus a proposal for an improved cipher. It also 
			appeared at the second Fast Software Encryption (pp
			346--352)

muxfsr.ps.Z:		`A Faster Attack on Certain Stream Ciphers' shows how
			to break the multiplexer generator, which is used in
			various pay-TV encryption systems. It appeared in
			`Electronics Letters' v 29 no 15 (22/7/93) pp 1322-3.

hash.ps.Z:		`The Classification of Hash Functions' proves Okamoto's
			conjecture that correlation freedom is strictly 
			stronger than collision freedom, and discusses other
			freedom properties. It appeared at the fourth IMA 
			conference on cryptography and coding (proceedings 
			page 83-93).

server.ps.Z:		`An Attack on Server Assisted Authentication Protocols'
			shows how to break a digital signature protocol
			proposed for use in msartcards. It appeared in 
			`Electronics Letters' v 29 no 15 (16/7/92) p 1473


Enjoy!

Ross Anderson