Need to read books for programming cryptographic applications C?

Which books REALLY SHOULD be read for a person who is trying to create a critical piece of security application (s), for example. a driver that deals with encoding / decoding, a firewall, a kernel subsystem that relies on rights / policy checking, a secure email client, etc.

Are there any specific books covering applied C programming topics in such areas? For example, how to create / write protected code, what are the common attacks that your program must be stable and the like?

+4
source share
1 answer

In my opinion, these are required readings:

Cryptography in C and C ++ - http://www.amazon.com/Cryptography-C-Michael-Welschenbach/dp/1590595025/

Protected program book for C and C ++: recipes for cryptography, authentication, input validation and much more - http://www.amazon.com/Secure-Programming -Cookbook-Cryptography-authentication / dp / 0596003943 /

Cryptographic Engineering: Design Principles and Practical Applications - http://www.amazon.com/Cryptography-Engineering-Principles-Practical-Applications/dp/0470474246/

Security Metrics: Replacing Fear, Uncertainty, and Doubt - http://www.amazon.com/Security-Metrics-Replacing-Uncertainty-Doubt/dp/0321349989/

Safety: A Guide to Building Reliable Distributed Systems - http://www.amazon.com/Security-Engineering-Building-Dependable-Distributed/dp/0470068523/ (High level, management issues, etc.)

The next book deserves an honorable mention, although many experts reject it today. However, some say that this is the best book on this subject, so judge for yourself:

Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition - http://www.amazon.com/Applied-Cryptography-Protocols- Algorithms-Source / dp / 0471117099 /

+4
source

All Articles