Cryptography and network security : principles and practice /
William Stallings.
- 4th ed.
- New Delhi : Pearson/Prentice Hall, 2009
- xvi, 680 p. ill. ; 24 cm.
Includes bibliographical references (p. 663-672) and index.
Chapter 0 reader's guide 1 Outline of this book 2 Roadmap 2 Internet and web resources 4 Chapter 1 introduction 6 Security trends 9 The osi security architecture 12 Security attacks 13 Security services 16 Security mechanisms 19 A model for network security 22 Recommended reading and web sites 24 Key terms, review questions, and problems 25 Part one symmetric ciphers 26 Chapter 2 classical encryption techniques 28 2.1 symmetric cipher model 30 2.2 substitution techniques 35 2.3 transposition techniques 49 2.4 rotor machines 51 2.5 steganography 53 2.6 recommended reading and web sites 55 2.7 key terms, review questions, and problems 56 Chapter 3 block ciphers and the data encryption standard 62 3.1 block cipher principles 64 3.2 the data encryption standard 72 3.3 the strength of des 82 3.4 differential and linear cryptanalysis 83 3.5 block cipher design principles 86 3.6 recommended reading 90 3.7 key terms, review questions, and problems 90 Chapter 4 finite fields 95 4.1 groups, rings, and fields 97 4.2 modular arithmetic 101 4.3 the euclidean algorithm 107 4.4 finite fields of the form gf(p) 109 4.5 polynomial arithmetic 113 4.6 finite fields of the form gf(2") 119 4.7 recommended reading and web sites 129 4.8 keyterms, review questions, and problems 130 Chapter 5 advanced encryption standard 134 5.1 evaluation criteria foraes 135 5.2 the aes cipher 140 5.3 recommended reading and web sites 160 5.4 key terms, review questions, and problems 161 Appendix 5a polynomials with coefficients in gf(28) 163 Appendix 5b simplified aes 165 Chapter 6 more on symmetric ciphers 174 6.1 multiple encryption and triple des 175 6.2 block cipher modes of operation 181 6.3 stream ciphers and rc4 189 6.4 recommended reading and web site 194 6.5 key terms, review questions, and problems 194 Chapter 7 confidentiality using symmetric encryption 199 7.1 placement of encryption function 201 7.2 traffic confidentiality 209 7.3 key distribution 210 7.4 random number generation 218 7.5 recommended reading and web sites 227 7.6 key terms, review questions, and problems 228 Part two public-key encryption and hash functions 232 Chapter 8 introduction to number theory 234 8.1 prime numbers 236 8.2 fermat's and euler's theorems 238 8.3 testing for primality 242 8.4 the chinese remainder theorem 245 8.5 discrete logarithms 247 8.6 recommended reading and web site 253 8.7 key terms, review questions, and problems 254 Chapter 9 public-key cryptography and rsa 257 9.1 principles of public-key cryptosystems 259 9.2 the rsa algorithm 268 9.3 recommended reading and web site 280 9.4 key terms, review questions, and problems 281 Appendix 9a proof of the rsa algorithm 285 Appendix 9b the complexity of algorithms 286 Chapter 10 key management; other public-key cryptosystems 289 10.1 key management 290 10.2 diffie-hellman key exchange 298 10.3 elliptic curve arithmetic 301 10.4 elliptic curve cryptography 310 10.5 recommended reading and web site 313 10.6 key terms, review questions, and problems 314 Chapter 11 message authentication and hash functions 317 11.1 authentication requirements 319 11.2 authentication functions 320 11.3 message authentication codes 331 11.4 hash functions 334 11.5 security of hash functions and macs 340 11.6 recommended reading 344 11.7 key terms, review questions, and problems 344 Appendix 11 a mathematical basis of the birthday attack 346 Chapter 12 hash and mac algorithms 351 12.1 secure hash algorithm 353 12.2 whirlpool 358 12.3 hmac 368 12.4 cmac 372 12.5 recommended reading and web sites 374 12.6 key terms, review questions, and problems 375 Chapter 13 digital signatures and authentication protocols 377 13.1 digital signatures 378 13.2 authentication protocols 382 13.3 digital signature standard 390 13.4 recommended reading and web sites 393 13.5 key terms, review questions, and problems 393 Part three network security applications 398 Chapter 14 authentication applications 400 14.1 kerberos 401 14.2 x.509 authentication service 419 14.3 public-key infrastructure 428 14.4 recommended reading and web sites 430 14.5 key terms, review questions, and problems 431 Appendix 14a kerberos encryption techniques 433 Chapter 15 electronic mail security 436 15.1 pretty good privacy 438 15.2 s/mime 457 15.3 recommended web sites 474 15.4 keyterms, review questions, and problems 474 Appendix 15a data compression using zip 475 Appendix 15b radix-64 conversion 478 Appendix 15c pgp random number generation 479 Chapter 16 ip security 483 16.1 ip security overview 485 16.2 ip security architecture 487 16.3 authentication header 493 16.4 encapsulating security payload 498 16.5 combining security associations 503 16.6 key management 506 16.7 recommended reading and web site 516 16.8 key terms, review questions, and problems 517 Appendix 16a internetworking and internet protocols 518 Chapter 17 web security 527 17.1 web security considerations 528 17.2 secure socket layer and transport layer security 531 17.3 secure electronic transaction 549 17.4 recommended reading and web sites 560 17.5 key terms, review questions, and problems 561 Part four system security 563 Chapter 18 intruders 565 18.1 intruders 567 18.2 intrusion detection 570 18.3 password management 582 18.4 recommended reading and web sites 591 18.5 key terms, review questions, and problems 592 Appendix 18a the base-rate fallacy 594 Chapter 19 malicious software 598 19.1 viruses and related threats 599 19.2 virus countermeasures 610 19.3 distributed denial of service attacks 614 19.4 recommended reading and web sites 619 19.5 key terms, review questions, and problems 620 Chapter 20 firewalls 621 20.1 firewall design principles 622 20.2 trusted systems 634 20.3 common criteria for information technology security evaluation 640 20.3 recommended reading and web sites 644 20.4 key terms, review questions, and problems 645 Appendices 647 Appendix a standards and standards-setting organizations 647 A.1 the importance of standards 648 A.2 internet standards and the internet society 649 A.3 national institute of standards and technology 652 Appendix b projects for teaching cryptography and network security 653 B.1 research projects 654 B.2 programming projects 655 B.3 laboratory exercises 655 B.4 writing assignments 655 B.5 reading/report assignments 656