If you’re looking for an accessible (read: short) list of classic papers on computer/information security, I’ve got you.
My PhD program requires that we read five classic papers in our area for the candidacy exam. My area is cybersecurity, whatever that means, so I’ve been given five classic papers on security.
I’ve included links to the online versions of the paper below.
- Jerome Saltzer and Michael Schroeder, The Protection of Information in Computer Systems, Proceedings of the IEEE, Vol. 63, Issue 9, September 1975.
- Whitfield Diffie and Martin Hellman, New Directions in Cryptography, IEEE Transactions on Information Theory, Vol. IT-22, No. 6, November 1976.
- Danny Dolev and Andrew C. Yao, On the Security of Public Key Protocols, IEEE Transactions on Information Theory, IT-29: 198–208, March 1983.
- Ken Thompson, Reflections on Trusting Trust, Communications of the ACM, Vol. 27, No. 8:761-763, August 1984.
- Ross Anderson, Why Cryptosystems Fail, Proc. CCS ’93, pages 215-227, November 1993.
These are by no means the MOST IMPORTANT security papers ever. But they’re a good start.