Product Cover Image

Cryptography and Network Security: Principles and Practice, CourseSmart eTextbook, 6th Edition

By William Stallings

Published by Prentice Hall

Published Date: Apr 2, 2013

Description

For one-semester, undergraduate- or graduate-level courses in Cryptography, Computer Security, and Network Security

A practical survey of cryptography and network security with unmatched support for instructors and students

In this age of universal electronic connectivity, viruses and hackers, electronic eavesdropping, and electronic fraud, security is paramount. This text provides a practical survey of both the principles and practice of cryptography and network security. First, the basic issues to be addressed by a network security capability are explored through a tutorial and survey of cryptography and network security technology. Then, the practice of network security is explored via practical applications that have been implemented and are in use today. An unparalleled support package for instructors and students ensures a successful teaching and learning experience.

Teaching and Learning Experience

To provide a better teaching and learning experience, for both instructors and students, this program will:

  • Support Instructors and Students: An unparalleled support package for instructors and students ensures a successful teaching and learning experience.
  • Apply Theory and/or the Most Updated Research: A practical survey of both the principles and practice of cryptography and network security.
  • Engage Students with Hands-on Projects: Relevant projects demonstrate the importance of the subject, offer a real-world perspective, and keep students interested.

Table of Contents

Preface xiii

Chapter 0 Guide for Readers and Instructors 1

0.1 Outline of This Book 2

0.2 A Roadmap for Readers and Instructors 3

0.3 Internet and Web Resources 4

0.4 Standards 5

Chapter 1 Overview 7

1.1 Computer Security Concepts 9

1.2 The OSI Security Architecture 14

1.3 Security Attacks 15

1.4 Security Services 17

1.5 Security Mechanisms 20

1.6 A Model for Network Security 22

1.7 Recommended Reading 24

1.8 Key Terms, Review Questions, and Problems 25

Part One Symmetric Ciphers 27

Chapter 2 Classical Encryption Techniques 27

2.1 Symmetric Cipher Model 28

2.2 Substitution Techniques 34

2.3 Transposition Techniques 49

2.4 Rotor Machines 50

2.5 Steganography 52

2.6 Recommended Reading 54

2.7 Key Terms, Review Questions, and Problems 55

Chapter 3 Block Ciphers and the Data Encryption Standard 61

3.1 Traditional Block Cipher Structure 63

3.2 The Data Encryption Standard 72

3.3 A DES Example 74

3.4 The Strength of DES 77

3.5 Block Cipher Design Principles 78

3.6 Recommended Reading 80

3.7 Key Terms, Review Questions, and Problems 81

Chapter 4 Basic Concepts in Number Theory and Finite Fields 85

4.1 Divisibility and the Division Algorithm 87

4.2 The Euclidean Algorithm 88

4.3 Modular Arithmetic 91

4.4 Groups, Rings, and Fields 99

4.5 Finite Fields of the Form GF( p) 102

4.6 Polynomial Arithmetic 106

4.7 Finite Fields of the Form GF(2n) 112

4.8 Recommended Reading 124

4.9 Key Terms, Review Questions, and Problems 124

Appendix 4A The Meaning of mod 127

Chapter 5 Advanced Encryption Standard 129

5.1 Finite Field Arithmetic 130

5.2 AES Structure 132

5.3 AES Transformation Functions 137

5.4 AES Key Expansion 148

5.5 An AES Example 151

5.6 AES Implementation 155

5.7 Recommended Reading 159

5.8 Key Terms, Review Questions, and Problems 160

Appendix 5A Polynomials with Coefficients in GF(28) 162

Appendix 5B Simplified AES 164

Chapter 6 Block Cipher Operation 174

6.1 Multiple Encryption and Triple DES 175

6.2 Electronic Code book 180

6.3 Cipher Block Chaining Mode 183

6.4 Cipher Feedback Mode 185

6.5 Output Feedback Mode 187

6.6 Counter Mode 189

6.7 XTS-AES Mode for Block-Oriented Storage Devices 191

6.8 Recommended Reading 198

6.9 Key Terms, Review Questions, and Problems 198

Chapter 7 Pseudorandom Number Generation and Stream Ciphers 202

7.1 Principles of Pseudorandom Number Generation 203

7.2 Pseudorandom Number Generators 210

7.3 Pseudorandom Number Generation Using a Block Cipher 213

7.4 Stream Ciphers 219

7.5 RC4 221

7.6 True Random Number Generators 223

7.7 Recommended Reading 227

7.8 Key Terms, Review Questions, and Problems 228

Part Two Asymmetric Ciphers 231

Chapter 8 More Number Theory 231

8.1 Prime Numbers 232

8.2 Fermat’s and Euler’s Theorems 236

8.3 Testing for Primality 239

8.4 The Chinese Remainder Theorem 242

8.5 Discrete Logarithms 244

8.6 Recommended Reading 249

8.7 Key Terms, Review Questions, and Problems 250

Chapter 9 Public-Key Cryptography and RSA 253

9.1 Principles of Public-Key Cryptosystems 256

9.2 The RSA Algorithm 264

9.3 Recommended Reading 278

9.4 Key Terms, Review Questions, and Problems 279

Appendix 9A The Complexity of Algorithms 283

Chapter 10 Other Public-Key Cryptosystems 286

10.1 Diffie-Hellman Key Exchange 287

10.2 Elgamal Cryptographic System 292

10.3 Elliptic Curve Arithmetic 295

10.4 Elliptic Curve Cryptography 303

10.5 Pseudorandom Number Generation Based on an Asymmetric Cipher 306

10.6 Recommended Reading 309

10.7 Key Terms, Review Questions, and Problems 309

Part Three Cryptographic Data Integrity Algorithms 313

Chapter 11 Cryptographic Hash Functions 313

11.1 Applications of Cryptographic Hash Functions 315

11.2 Two Simple Hash Functions 320

11.3 Requirements and Security 322

11.4 Hash Functions Based on Cipher Block Chaining 328

11.5 Secure Hash Algorithm (SHA) 329

11.6 SHA-3 339

11.7 Recommended Reading 351

11.8 Key Terms, Review Questions, and Problems 351

Chapter 12 Message Authentication Codes 355

12.1 Message Authentication Requirements 357

12.2 Message Authentication Functions 357

12.3 Requirements for Message Authentication Codes 365

12.4 Security of MACs 367

12.5 MACs Based on Hash Functions: HMAC 368

12.6 MACs Based on Block Ciphers: DAA and CMAC 373

12.7 Authenticated Encryption: CCM and GCM 376

12.8 Key Wrapping 382

12.9 Pseudorandom Number Generation using Hash Functions and MACs 387

12.10 Recommended Reading 390

12.11 Key Terms, Review Questions, and Problems 390

Chapter 13 Digital Signatures 393

13.1 Digital Signatures 395

13.2 Elgamal Digital Signature Scheme 398

13.3 Schnorr Digital Signature Scheme 400

13.4 NIST Digital Signature Algorithm 401

13.5 Elliptic Curve Digital Signature Algorithm 404

13.6 RSA-PSS Digital Signature Algorithm 407

13.7 Recommended Reading 412

13.8 Key Terms, Review Questions, and Problems 412

Part Four Mutual Trust 417

Chapter 14 Key Management and Distribution 417

14.1 Symmetric Key Distribution Using Symmetric Encryption 418

14.2 Symmetric Key Distribution Using Asymmetric Encryption 427

14.3 Distribution of Public Keys 430

14.4 X.509 Certificates 435

14.5 Public-Key Infrastructure 443

14.6 Recommended Reading 445

14.7 Key Terms, Review Questions, and Problems 446

Chapter 15 User Authentication 450

15.1 Remote User-Authentication Principles 451

15.2 Remote User-Authentication Using Symmetric Encryption 454

15.3 Kerberos 458

15.4 Remote User Authentication Using Asymmetric Encryption 476

15.5 Federated Identity Management 478

15.6 Personal Identity Verification 484

15.7 Recommended Reading 491

15.8 Key Terms, Review Questions, and Problems 491

Part Five Network And Internet Security 495

Chapter 16 Network Access Control and Cloud Security 495

16.1 Network Access Control 496

16.2 Extensible Authentication Protocol 499

16.3 IEEE 802.1X Port-Based Network Access Control 503

16.4 Cloud Computing 505

16.5 Cloud Security Risks and Countermeasures 512

16.6 Data Protection in the Cloud 514

16.7 Cloud Security as a Service 517

16.8 Recommended Reading 520

16.9 Key Terms, Review Questions, and Problems 521

Chapter 17 Transport-Level Security 522

17.1 Web Security Considerations 523

17.2 Secure Sockets Layer 525

17.3 Transport Layer Security 539

17.4 HTTPS 543

17.5 Secure Shell (SSH) 544

17.6 Recommended Reading 555

17.7 Key Terms, Review Questions, and Problems 556

Chapter 18 Wireless Network Security 558

18.1 Wireless Security 559

18.2 Mobile Device Security 562

18.3 IEEE 802.11 Wireless LAN Overview 566

18.4 IEEE 802.11i Wireless LAN Security 572

18.5 Recommended Reading 586

18.6 Key Terms, Review Questions, and Problems 587

Chapter 19 Electronic Mail Security 590

19.1 Pretty Good Privacy 591

19.2 S/MIME 599

19.3 DomainKeys Identified Mail 615

19.4 Recommended Reading 622

19.5 Key Terms, Review Questions, and Problems 622

Appendix 19A Radix-64 Conversion 623

Chapter 20 IP Security 626

20.1 IP Security Overview 628

20.2 IP Security Policy 632

20.3 Encapsulating Security Payload 638

20.4 Combining Security Associations 645

20.5 Internet Key Exchange 649

20.6 Cryptographic Suites 657

20.7 Recommended Reading 659

20.8 Key Terms, Review Questions, and Problems 659

Appendices 661

Appendix A Projects for Teaching Cryptography and Network Security 661

A.1 Sage Computer Algebra Projects 662

A.2 Hacking Project 663

A.3 Block Cipher Projects 664

A.4 Laboratory Exercises 664

A.5 Research Projects 664

A.6 Programming Projects 665

A.7 Practical Security Assessments 665

A.8 Firewall Projects 666

A.9 Case Studies 666

A.10 Writing Assignments 666

A.11 Reading/Report Assignments 667

A.12 Discussion Topics 667

Appendix B Sage Examples 668

B.1 Linear Algebra and Matrix Functionality 669

B.2 Chapter 2: Classical Encryption 670

B.3 Chapter 3: Block Ciphers and the Data Encryption Standard 673

B.4 Chapter 4: Basic Concepts in Number Theory and Finite Fields 677

B.5 Chapter 5: Advanced Encryption Standard 684

viii Contents

B.6 Chapter 6: Pseudorandom Number Generation and Stream Ciphers 689

B.7 Chapter 8: Number Theory 691

B.8 Chapter 9: Public-Key Cryptography and RSA 696

B.9 Chapter 10: Other Public-Key Cryptosystems 699

B.10 Chapter 11: Cryptographic Hash Functions 704

B.11 Chapter 13: Digital Signatures 706

References 710

Credits 720

Index 723

Online Chapters and Appendices1

Part Six System Security

Chapter 21 Malicious Software

21.1 Types of Malicious Software

21.2 Propagation — Infected Content - Viruses

21.3 Propagation — Vulnerability Exploit - Worms

21.4 Propagation — Social Engineering — SPAM, Trojans

21.5 Payload — System Corruption

21.6 Payload — Attack Agent — Zombie, Bots

21.7 Payload — Information Theft — Keyloggers, Phishing, Spyware

21.8 Payload — Stealthing — Backdoors, Rootkits

21.9 Countermeasures

21.10 Distributed Denial of Service Attacks

21.11 Recommended Reading

21.12 Key Terms, Review Questions, and Problems

Chapter 22 Intruders

22.1 Intruders

22.2 Intrusion Detection

22.3 Password Management

22.4 Recommended Reading

22.5 Key Terms, Review Questions, and Problems

Appendix 22A The Base-Rate Fallacy

Chapter 23 Firewalls

23.1 The Need for Firewalls

23.2 Firewall Characteristics

23.3 Types of Firewalls

23.4 Firewall Basing

23.5 Firewall Location and Configurations

23.6 Recommended Reading

23.7 Key Terms, Review Questions, and Problems

Part seven Legal And Ethical Issues

Chapter 24 Legal and Ethical Issues

24.1 Cybercrime and Computer Crime

24.2 Intellectual Property

24.3 Privacy

24.4 Ethical Issues

24.5 Recommended Reading

24.6 Key Terms, Review Questions, and Problems

Appendix C Sage Exercises

Appendix D Standards and Standards-Setting Organizations

Appendix E Basic Concepts from Linear Algebra

Appendix F Measures of Security and Secrecy

Appendix G Simplified DES

Appendix H Evaluation Criteria for AES

Appendix I More on Simplified AES

Appendix J Knapsack Public-Key Algorithm

Appendix K Proof of the Digital Signature Algorithm

Appendix L TCP/IP and OSI

Appendix M Java Cryptographic APIs

Appendix N MD5 and Whirlpool Hash Functions

Appendix O Data Compression Using ZIP

Appendix P More on PGP

Appendix Q The International Reference Alphabet

Appendix R Proof of the RSA Algorithm

Appendix S Data Encryption Standard (DES)

Appendix T Kerberos Encryption Techniques

Appendix U Mathematical Basis of the Birthday Attack

Appendix V Evaluation Criteria for SHA-3

Purchase Info ?

With CourseSmart eTextbooks and eResources, you save up to 60% off the price of new print textbooks, and can switch between studying online or offline to suit your needs.

Once you have purchased your eTextbooks and added them to your CourseSmart bookshelf, you can access them anytime, anywhere.

Buy Access

Cryptography and Network Security: Principles and Practice, CourseSmart eTextbook, 6th Edition
Format: Safari Book

$63.99 | ISBN-13: 978-0-13-335483-6