WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

RE: key storage

From: "Brown, James F." <James.F.Brown () FMR com>
Date: Fri, 27 Aug 2004 08:33:26 -0400
Chapter 8 in Applied Cryptography only discussed key storage in areas
where users are involved. If you have an server application that uses
crypto with no users involved, it doesn't offer much help. I'll check
Bruce's newer book "Practical Cryptography" to see if he's addressed
that topic, but I won't be able to report on it until Monday.

================================
James F. Brown  CISM, CISA
Sr. Director, Information Security
Fidelity Investments
james.f.brown () fmr com
http://www.fidelity.com
 

-----Original Message-----
From: George Capehart [mailto:gwc () acm org] 
Sent: Thursday, August 26, 2004 1:41 PM
To: webappsec () securityfocus com
Subject: Re: key storage


On Wednesday 25 August 2004 21:12, Ajay allegedly wrote:

and also is there any significant paper on key storage - a journal or
conference paper?
its for my thesis and it would be nice if i could quote a the
findings of some paper


Ajay,

There has been *lots* written about key storage.  It's a pretty 
important topic . . . :>  Google is your friend.  A great place to 
start, though is Chapter 8 (Key Management) in _Applied_Cryptology 
(ISBN 0-471-11709-9) by Bruce Schneier.

Cheers,

George Capehart
-- 
George W. Capehart

Key fingerprint:  3145 104D 9579 26DA DBC7  CDD0 9AE1 8C9C DD70 34EA

"With sufficient thrust, pigs fly just fine."  -- RFC 1925
Previous By Date Next
Previous By Thread Next

Current thread: