SANS InfoSec Reading Room - Encryption & VPNs
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact
webmaster@sans.org.
Featuring 92 papers as of Nov 23, 2008
Data Leakage Landscape: Where Data Leaks and How Next Generation Tools Apply
Utimaco and Trend Micro - September 2008
- The challenge of securely storing and transporting large files across a corporate Wide Area Network
- Jeremy Gibb
- October 26, 2007
- - download paper

- OpenVPN and the SSL VPN Revolution
- Charlie Hosner
- August 25, 2004
- - download paper

- Securing Key Distribution with Quantum Cryptography
- Bradford Bartlett
- August 15, 2004
- - download paper

- Elliptic Curve Cryptography and Smart Cards
- Ahmad Kayali
- April 8, 2004
- - download paper

- Understanding and Configuring IPSec between Cisco Routers
- Ryan Ettl
- March 25, 2004
- - download paper

- SSL Remote Access VPNs: Is this the end of IPSec?
- Steven Ferrigni
- December 13, 2003
- - download paper

- Quantum Cryptography: Is Your Data Safe Even When Somebody Looks?
- Tom Klitsner
- October 31, 2003
- - download paper

- PGP: A Hybrid Solution
- Jessica J. Benz
- October 31, 2003
- - download paper

- What Is an MPLS VPN Anyway?
- Kelly DeGeest
- October 31, 2003
- - download paper

- Identification with Zero Knowledge Protocols
- Annarita Giani
- October 31, 2003
- - download paper

- Quantum Encryption vs Quantum Computing: Will the Defense or Offense Dominate?
- Bob Gourley
- October 31, 2003
- - download paper

- Virtual Network Computing and Secure Shell
- Damian Koziel
- October 31, 2003
- - download paper

- The Day DES Died
- Paul Van De Zande
- October 31, 2003
- - download paper

- Encryption Regulation: A First Amendment Perspective
- Linda K. Mickna
- October 31, 2003
- - download paper

- Interoperability in PKI
- Roger Pyon
- October 31, 2003
- - download paper

- An Overview of Computer Security as Told Through War Stories
- Ronald Seidl
- October 31, 2003
- - download paper

- One Fish, Two Fish, Red Fish, Blowfish A History of Cryptography and it's Application in Soci
- Joseph Kasten
- October 31, 2003
- - download paper

- Securing Remote Users VPN Access to Your Company LAN
- Klavs Klavsen
- October 31, 2003
- - download paper

- A Business Perspective on PKI: Why Many PKI Implementations Fail, and Success Factors To Consider
- Leslie Peckham
- October 31, 2003
- - download paper

- A Discussion of SSH Secure Shell
- Shawn Lewis
- October 31, 2003
- - download paper

- History of Encryption
- Melis Jackob
- October 31, 2003
- - download paper

- NAT Traversal: Peace Agreement Between NAT and IPSec
- Haluk Aydin
- October 31, 2003
- - download paper

- Who's Who in AES?
- Kyle Jones
- October 31, 2003
- - download paper

- Implementing NAT on Checkpoint Firewall-1
- Eugene Ng
- October 31, 2003
- - download paper

- Protecting Sensitive Data in Secure Domains
- Mikael Trosell
- October 31, 2003
- - download paper

- Key and Certificate Management in Public Key Infrastructure Technology
- Sriram Ranganathan
- October 31, 2003
- - download paper

- The Advanced Encryption System (AES) Development Effort: Overview and Update
- William M. Tatun
- October 31, 2003
- - download paper

- Implementing PKI in a Heterogeneous Environment A Primer on Digital Certificate And Key Formats
- Tim R. Sills
- October 31, 2003
- - download paper

- The Weakest Link: The Human Factor Lessons Learned from the German WWII Enigma Cryptosystem
- Bradley Fulton
- October 31, 2003
- - download paper

- E-Mail Security with S/MIME
- George Kuzmowycz
- October 31, 2003
- - download paper

- AES: The Making of a New Encryption Standard
- Mitch Richards
- October 31, 2003
- - download paper

- Public Key Infrastructure Issues in an Academic Healthcare Setting
- Liviu Groza
- October 31, 2003
- - download paper

- IPsec's Role in Network Security: Past, Present, Future
- Christopher Smith
- October 31, 2003
- - download paper

- Implementing "Dual-Sided" VPN's
- Kenneth Boudreaux
- October 31, 2003
- - download paper

- Integrate HMAC Capable Token into User Authentication Mechanism and Public Key Infrastructure
- Shanhui Tan
- October 31, 2003
- - download paper

- Using SSL with Client Access Express for AS/400
- Jose Guerrero
- October 31, 2003
- - download paper

- Analysis of a Secure Time Stamp Device
- Chris Russell
- October 31, 2003
- - download paper

- Strong Authentication and Authorization model Using PKI, PMI, and Directory
- Jong Wook Lee
- October 31, 2003
- - download paper

- Securing Certificate Revocation List Infrastructures
- Eddie Turkaly
- October 31, 2003
- - download paper

- Cryptographic Services - A Brief Overview
- Larry D Bennett
- October 31, 2003
- - download paper

- PKI and Information Security Awareness: Opportunity and Obligation
- Jerry K Brown
- October 31, 2003
- - download paper

- A Review of the Diffie-Hellman Algorithm and its Use in Secure Internet Protocols
- David A. Carts
- October 31, 2003
- - download paper

- Basic Cryptanalysis Techniques
- Craig Smith
- October 31, 2003
- - download paper

- Implementing Site-to-Site IPSec Between a Cisco Router and Linux FreeS/WAN
- Neil L. Cleveland
- October 31, 2003
- - download paper

- Stunnel: SSLing Internet Services Easily
- Wesley Wong
- October 31, 2003
- - download paper

- Knock Knock...Who's there? Do you know who is accessing your VPN?
- Norma Jean Schaefer
- October 31, 2003
- - download paper

- Comparing BGP/MPLS and IPSec VPNs
- Gary Alterson
- October 31, 2003
- - download paper

- An Overview of Hardware Security Modules
- Jim Attridge
- October 31, 2003
- - download paper

- Roll Your Own Crypto Services (Using Open Source and Free Cryptography)
- Edward C. Donahue
- October 31, 2003
- - download paper

- Secure Access of Network Resources by Remote Clients
- Glendon MacDonald
- October 31, 2003
- - download paper

- Vulnerability's of IPSEC: A Discussion of Possible Weaknesses in IPSEC Implementation and Pro
- Daniel Clark
- October 31, 2003
- - download paper

- Decommissioning Certification Authorities
- Claudia N. Lukas
- October 31, 2003
- - download paper

- The Ease of Steganography and Camouflage
- John Bartlett
- October 31, 2003
- - download paper

- A Vulnerability Assessment of Roaming Soft Certificate PKI Solutions
- Stephen Wilson
- October 31, 2003
- - download paper

- PKI, The What, The Why, and The How
- Duncan Wood
- October 31, 2003
- - download paper

- VPN-1 SecureClient - Check Point's Solution for Secure Intranet Extension
- Ryan Gibbons
- October 31, 2003
- - download paper

- Infrastructure Design Considerations When Using Client Certificates
- Tim Hollingshead
- October 31, 2003
- - download paper

- Creating a Secure VPN with Cisco Concentrator and ACE Radius/SecurID
- Nathan Lasnoski
- October 31, 2003
- - download paper

- S-Box Modifications and Their Effect in DES-like Encryption Systems
- Joe Gargiulo
- October 31, 2003
- - download paper

- Configuring Secure Shell with TCP Wrappers on Solaris 2.8
- Jane Micheller
- October 31, 2003
- - download paper

- Issues When Using IPsec Over Geosynchronous Satellite Links
- Greg Totsline
- October 31, 2003
- - download paper

- Appropriate Use of Network Encryption Technologies
- Kenneth Forward
- October 31, 2003
- - download paper

- Randomness and Entropy - An Introduction
- Chris Thorn
- October 31, 2003
- - download paper

- No Single Killer App for PKI
- Cliff Schiller
- October 31, 2003
- - download paper

- A Review of Chaffing and Winnowing
- David Spence
- October 31, 2003
- - download paper

- Remote Access IPSec VPNs: Pros and Cons of 2 Common Clients
- Jason Everard
- October 31, 2003
- - download paper

- Applied Encryption: Ensuring Integrity of Tactical Data
- Jennifer Skalski-Pay
- October 31, 2003
- - download paper

- An Overview of Cryptographic Hash Functions and Their Uses
- John Silva
- October 31, 2003
- - download paper

- BUSINESS PARTNER VPN: NEEDED NOW
- Karen Duncanson
- October 31, 2003
- - download paper

- Remote Access VPN - Security Concerns and Policy Enforcement
- Mike Stines
- October 31, 2003
- - download paper

- The Risks Involved With Open and Closed Public Key Infrastructure
- Philip Hlavaty
- October 31, 2003
- - download paper

- The mathematics behind the security features that the computing industry takes for granted
- Ricky Wald
- October 31, 2003
- - download paper

- A Consumer Guide for Personal File and Disk Encryption Programs
- Scott Baldwin
- October 31, 2003
- - download paper

- Is the future of cryptography in qubits
- Wayne Redmond
- October 31, 2003
- - download paper

- Cryptography: What is secure?
- Willy Jiang
- October 31, 2003
- - download paper

- PGP for Everyday Use
- Jeremy Hoel
- October 31, 2003
- - download paper

- Prime Numbers in Public Key Cryptography
- Gerald Crow
- October 31, 2003
- - download paper

- When Security Counts: Securing a Test Server with a VPN Connection
- Patricia Hulsey
- October 31, 2003
- - download paper

- Quantum Encryption - A Means to Perfect Security?
- Bruce Auburn
- October 31, 2003
- - download paper

- Cryptanalysis of RSA: A Survey
- Carlos Cid
- October 31, 2003
- - download paper

- Multiprotocol Label Switching Virtual Private Networks and the enterprise - Do they fit in the security model?
- Michael Stoos
- October 31, 2003
- - download paper

- Network Based VPNs
- Olivier Strahler
- October 31, 2003
- - download paper

- Using GPL Software For Email and File Encryption
- David Tucker
- October 31, 2003
- - download paper

- Attacks on PGP: A Users Perspective
- Ryan Thomas
- October 31, 2003
- - download paper

- IPSec Tunnel Creation
- Chris Gutridge
- October 31, 2003
- - download paper

- Instant Message Security - Analysis Of Cerulean Studios Trillian Application
- Michael Murphy
- October 31, 2003
- - download paper

- MPLS - VPN Services and Security
- Ravi Sinha
- October 31, 2003
- - download paper

- IPSec Interoperability between OpenBSD, Linux and Sonicwall
- Daniel de Young
- October 31, 2003
- - download paper

- Demystifying DSS: The Digital Signature Standard
- Richard Brehove
- October 31, 2003
- - download paper

- Security Implications of SSH
- Bill Pfeifer
- October 31, 2003
- - download paper

- Cryptography - Business Value Behind the Myth
- Jeff Christianson
- October 31, 2003
- - download paper

This is hands-down, the premiere training opportunity.
- Dan Mather, JICPAC