in reply to Best way to learn about security?
As I study for CISSP certification, the things I need to know get deeper and more involved, but I can always count on those titles to clear the air for me. I reccomend all of these (plus a couple others), found on my list at Amazon.com to start.
Look at Schneier's books (both of them), as well as Menezes (You can get Menezes book in PDF on-line Here, but a shelf copy is always nice to have around).
Also, to tune up your brain, and get ready for computer based crypto, I HIGHLY reccomend you read:
Cryptanalysis, by Helen Fouche Gaines
- The Classical Cryptography CourseVolume One and Volume Two. by Randall K. Nichols
All three of these books will give you the strong basics. From there, read Schneier (with a little Neal Stephenson thrown in for crypto-entertainment. The book has an algorithm for encryption written in perl within it's immesnity, so it HAS to be good), and from there...Play, try, suffer, scream, experiment and learn.
If you have any questions, we're all here to help...
Update:Since you used exclamation points in your follow-up, I'll pipe up with more info.
You'll also want to brush up your statistical Analysis muscles with resources from sites like:
And you'll probably want to check out Security/crypto websites like:
- Counterpane, Bruce Schneier's Company. Also, join his mailing list, The Crypto-gram. If you do spend the cash for his book, get a subscription to his disks as well, the code varies in usefulness, but it is all good study material.
- Security Focus, as mentioned before. This is more of a News and Views site, but very informative, and a good place to subscribe to mailing lists like Buqtraq and CISSPSTUDY, both useful.
- eEye Security A news and forum site dedicated to security. Tidbit: This is the group that worked with M$ to help solve their Code Red "incident".
One final thought. We should all know our history, lest we repeat it. Read: The Code Breakers by David Kahn. It is truly a great historical and informational book.
More Food for thought.