Some thoughts, links and other trivia on Security and Cryptography
Stuff that I've found over time.


Cryptography is the science of converting easy to understand information (plaintext) into undecipherable junk (ciphertext). That may be an oversimplification, but hey, it helps. Here are some useful links to startup with:

I'm pretty sad at the number of times that poor cryptography (known as snake-oil) is passed off, esp in the name of "advanced" "proprietary" "patent pending" algorithms. Don't reinvent the wheel - stick to things well understood.


Security and Cryptography are often allied subjects, but that's all that can be said. Security is a complex and difficult mechanism to create, setup or maintain. It's been said before, and I'll say it again - "Security is a process, not a product!"

  • Security Focus
    The most comprehensive site, hosts BuqTraq.

  • Security Portal
    Another very useful site - loads fast as hell.

  • Linux Security
    A useful spot to look at Linux Security Issues.

  • The RISKS Digest
    A Moderated digest approx. equal to comp.risks.

  • Security Talks
    I've given some talks with my good friend Kalyan Verma Alluri for the Indian Linux Users Group Bangalore (ILUG - B) on Security.

  • Buffer Overflows
    This is a paper that I presented at the Computer Society of India's Karnataka State Convention. It won the best paper in the convention award.


Some of my projects (both active and dormant) are available here.