Reference Books: Cryptography and {Network | Web | Computer} Security

    Applied cryptography and network security:

  1. Stallings, Cryptography and Network Security: Principles and Practice, 5/e (Prentice Hall, 2010). Relative to this book's 4th edition, the network security components and an extra chapter on SNMP are also packaged as Stallings' Network Security Essentials: Applications and Standards, 3/e (Prentice Hall, 2007).
  2. Kaufman, Perlman and Speciner, Network Security: Private Communications in a Public World, second edition (Prentice Hall, 2003).
  3. Menezes, Van Oorschot and Vanstone, Handbook of Applied Cryptography (CRC Press, 1996; 2001 with corrections), free online for personal use.

    Computer security, operating system security:

  4. Stallings and Brown, Computer Security: Principles and Practice, 2/e (Prentice Hall, 2011).
  5. Goodrich and Tamassia, Introduction to Computer Security (Addison-Wesley, 2010).
  6. Pfleeger and Pfleeger, Security in Computing, 4/e (Prentice Hall, 2007).
  7. Gollmann, Computer Security, 2/e (Wiley, 2006).
  8. Bishop, Computer Security: Art and Science (Addison-Wesley, 2002). Shorter version which "omits much of the mathematical formalism": Introduction to Computer Security (Addison-Wesley, 2005).

    Software security:

  9. Viega and McGraw, Building Secure Software (Addison-Wesley, 2001).
  10. Howard and LeBlanc, Writing Secure Code, second edition (Microsoft Press, 2002).

    Mobile code security, malicious code and web security:

  11. McGraw and Felton, Securing Java: Getting Down to Business with Mobile Code (Wiley, 1999; 1st edition: Java Security, 1997), free online web edition.
  12. Stein, Web Security: A Step-By-Step Reference Guide (Addison-Wesley, 1998).
  13. Rubin, Geer and Ranum, Web Security Sourcebook: A Complete Guide to Web Security Threats and Solutions (Wiley, 1997).
  14. Rubin, White-Hat Security Arsenal (Addison-Wesley, 2001).

    Firewalls and more:

  15. Cheswick and Bellovin, Firewalls and Internet Security, first edition (Addison-Wesley, 1994); free online for personal use. Second edition with Rubin (Feb. 2003).

    Security infrastructures and digital signatures:

  16. Adams and Lloyd, Understanding Public-Key Infrastructure, second edition (Macmillan Technical, 2002).
  17. Housley and Polk, Planning for PKI: Best Practices Guide for Deploying Public Key Infrastructures (Wiley, 2001).

    Security in the real-life systems (including anecdotes):

  18. Anderson, Security Engineering: A Guide to Building Dependable Distributed Systems, 2/e (Wiley, 2008). The first edition (2001) is available free online.
  19. Schneier, Secrets and Lies: Digital Security in a Networked World (Wiley, 2000).
Susan Landau's book review of 10 cryptography books (plus background introduction).
Bull. Amer. Math. Soc. 41 (2004), pp.357-367. Copyright 2004, American Mathematical Society.