| |
| |
A Short Description of the Book | |
| |
| |
Preface | |
| |
| |
List of Figures | |
| |
| |
List of Algorithms, Protocols and Attacks | |
| |
| |
| |
Introduction | |
| |
| |
| |
Beginning with a Simple Communication Game | |
| |
| |
| |
A Communication Game | |
| |
| |
| |
Criteria for Desirable Cryptographic Systems and Protocols | |
| |
| |
| |
Chapter Summary | |
| |
| |
Exercises | |
| |
| |
| |
Wrestling Between Safeguard and Attack | |
| |
| |
| |
Introduction | |
| |
| |
| |
Encryption | |
| |
| |
| |
Vulnerable Environment (the Dolev-Yao Threat Model) | |
| |
| |
| |
Authentication Servers | |
| |
| |
| |
Security Properties for Authenticated Key Establishment | |
| |
| |
| |
Protocols for Authenticated Key Establishment Using Encryption | |
| |
| |
| |
Chapter Summary | |
| |
| |
Exercises | |
| |
| |
| |
Mathematical Foundations | |
| |
| |
Standard Notation | |
| |
| |
| |
Probability and Information Theory | |
| |
| |
| |
Introduction | |
| |
| |
| |
Basic Concept of Probability | |
| |
| |
| |
Properties | |
| |
| |
| |
Basic Calculation | |
| |
| |
| |
Random Variables and their Probability Distributions | |
| |
| |
| |
Birthday Paradox | |
| |
| |
| |
Information Theory | |
| |
| |
| |
Redundancy in Natural Languages | |
| |
| |
| |
Chapter Summary | |
| |
| |
Exercises | |
| |
| |
| |
Computational Complexity | |
| |
| |
| |
Introduction | |
| |
| |
| |
Turing Machines | |
| |
| |
| |
Deterministic Polynomial Time | |
| |
| |
| |
Probabilistic Polynomial Time | |
| |
| |
| |
Non-deterministic Polynomial Time | |
| |
| |
| |
Non-Polynomial Bounds | |
| |
| |
| |
Polynomial-time Indistinguishability | |
| |
| |
| |
Theory of Computational Complexity and Modern Cryptography | |
| |
| |
| |
Chapter Summary | |
| |
| |
Exercises | |
| |
| |
| |
Algebraic Foundations | |
| |
| |
| |
Introduction | |
| |
| |
| |
Groups | |
| |
| |
| |
Rings and Fields | |
| |
| |
| |
The Structure of Finite Fields | |
| |
| |
| |
Group Constructed Using Points on an Elliptic Curve | |
| |
| |
| |
Chapter Summary | |
| |
| |
Exercises | |
| |
| |
| |
Number Theory | |
| |
| |
| |
Introduction | |
| |
| |
| |
Congruences and Residue Classes | |
| |
| |
| |
Euler's Phi Function | |
| |
| |
| |
The Theorems of Fermat, Euler and Lagrange | |
| |
| |
| |
Quadratic Residues | |
| |
| |
| |
Square Roots Modulo Integer | |
| |
| |
| |
Blum Integers | |
| |
| |
| |
Chapter Summary | |
| |
| |
Exercises | |
| |
| |
| |
Basic Cryptographic Techniques | |
| |
| |
| |
Encryption--Symmetric Techniques | |
| |
| |
| |
Introduction | |
| |
| |
| |
Definition | |
| |
| |
| |
Substitution Ciphers | |
| |
| |
| |
Transposition Ciphers | |
| |
| |
| |
Classical Ciphers: Usefulness and Security | |
| |
| |
| |
The Data Encryption Standard (DES) | |
| |
| |
| |
The Advanced Encryption Standard (AES) | |
| |
| |
| |
Confidentiality Modes of Operation | |
| |
| |
| |
Key Channel Establishment for Symmetric Cryptosystems | |
| |
| |
| |
Chapter Summary | |
| |
| |
Exercises | |
| |
| |
| |
Encryption--Asymmetric Techniques | |
| |
| |
| |
Introduction | |
| |
| |
| |
Insecurity of "Textbook Encryption Algorithms" | |
| |
| |
| |
The Diffie-Hellman Key Exchange Protocol | |
| |
| |
| |
The Diffie-Hellman Problem and the Discrete Logarithm Problem | |
| |
| |
| |
The RSA Cryptosystem (Textbook Version) | |
| |
| |
| |
Cryptanalysis Against Public-key Cryptosystems | |
| |
| |
| |
The RSA Problem | |
| |
| |
| |
The Integer Factorization Problem | |
| |
| |
| |
Insecurity of the Textbook RSA Encryption | |
| |
| |
| |
The Rabin Cryptosystem (Textbook Version) | |
| |
| |
| |
Insecurity of the Textbook Rabin Encryption | |
| |
| |
| |
The ElGamal Cryptosystem (Textbook Version) | |
| |
| |
| |
Insecurity of the Textbook ElGamal Encryption | |
| |
| |
| |
Need for Stronger Security Notions for Public-key Cryptosystems | |
| |
| |
| |
Combination of Asymmetric and Symmetric Cryptography | |
| |
| |
| |
Key Channel Establishment for Public-key Cryptosystems | |
| |
| |
| |
Chapter Summary | |
| |
| |
Exercises | |
| |
| |
| |
In an Ideal World: Bit Security of the Basic Public-Key Cryptographic Functions | |
| |
| |
| |
Introduction | |
| |
| |
| |
The RSA Bit | |
| |
| |
| |
The Rabin Bit | |
| |
| |
| |
The ElGamal Bit | |
| |
| |
| |
The Discrete Logarithm Bit | |
| |
| |
| |
Chapter Summary | |
| |
| |
Exercises | |
| |
| |
| |
Data Integrity Techniques | |
| |
| |
| |
Introduction | |
| |
| |
| |
Definition | |
| |
| |
| |
Symmetric Techniques | |
| |
| |
| |
Asymmetric Techniques I: Digital Signatures | |
| |
| |
| |
Asymmetric Techniques II: Data Integrity Without Source Identification | |
| |
| |
| |
Chapter Summary | |
| |
| |
Exercises | |
| |
| |
| |
Authentication | |
| |
| |
| |
Authentication Protocols--Principles | |
| |
| |
| |
Introduction | |
| |
| |
| |
Authentication and Refined Notions | |
| |
| |
| |
Convention | |
| |
| |
| |
Basic Authentication Techniques | |
| |
| |
| |
Password-based Authentication | |
| |
| |
| |
Authenticated Key Exchange Based on Asymmetric Cryptography | |
| |
| |
| |
Typical Attacks on Authentication Protocols | |
| |
| |
| |
A Brief Literature Note | |
| |
| |
| |
Chapter Summary | |
| |
| |
Exercises | |
| |
| |
| |
Authentication Protocols--the Real World | |
| |
| |
| |
Introduction | |
| |
| |
| |
Authentication Protocols for Internet Security | |
| |
| |
| |
The Secure Shell (SSH) Remote Login Protocol | |
| |
| |
| |
The Kerberos Protocol and its Realization in Windows 2000 | |
| |
| |
| |
SSL and TLS | |
| |
| |
| |
Chapter Summary | |
| |
| |
Exercises | |
| |
| |
| |
Authentication Framework for Public-Key Cryptography | |
| |
| |
| |
Introduction | |
| |
| |
| |
Directory-Based Authentication Framework | |
| |
| |
| |
Non-Directory Based Public-key Authentication Framework | |
| |
| |
| |
Chapter Summary | |
| |
| |
Exercises | |
| |
| |
| |
Formal Approaches to Security Establishment | |
| |
| |
| |
Formal and Strong Security Definitions for Public-key Cryptosystems | |
| |
| |
| |
Introduction | |
| |
| |
| |
A Formal Treatment for Security | |
| |
| |
| |
Semantic Security--the Debut of Provable Security | |
| |
| |
| |
Inadequacy of Semantic Security | |
| |
| |
| |
Beyond Semantic Security | |
| |
| |
| |
Chapter Summary | |
| |
| |
Exercises | |
| |
| |
| |
Provably Secure and Efficient Public-key Cryptosystems | |
| |
| |
| |
Introduction | |
| |
| |
| |
The Optimal Asymmetric Encryption Padding | |
| |
| |
| |
The Cramer-Shoup Public-key Cryptosystem | |
| |
| |
| |
An Overview of Provably Secure Hybrid Cryptosystems | |
| |
| |
| |
Literature Notes on Practical and Provably Secure Public-key Cryptosystems | |
| |
| |
| |
Chapter Summary | |
| |
| |
Exercises | |
| |
| |
| |
Strong and Provable Security for Digital Signatures | |
| |
| |
| |
Introduction | |
| |
| |
| |
Strong Security Notion for Digital Signatures | |
| |
| |
| |
Strong and Provable Security for ElGamal-family Signatures | |
| |
| |
| |
Fit-for-application Ways for Signing in RSA and Rabin | |
| |
| |
| |
Signcryption | |
| |
| |
| |
Chapter Summary | |
| |
| |
Exercises | |
| |
| |
| |
Formal Methods for Authentication Protocols Analysis | |
| |
| |
| |
Introduction | |
| |
| |
| |
Toward Formal Specification of Authentication Protocols | |
| |
| |
| |
A Computational View of Correct Protocols--the Bellare-Rogaway Model | |
| |
| |
| |
A Symbolic Manipulation View of Correct Protocols | |
| |
| |
| |
Formal Analysis Techniques: State System Exploration | |
| |
| |
| |
Reconciling Two Views of Formal Techniques for Security | |
| |
| |
| |
Chapter Summary | |
| |
| |
Exercises | |
| |
| |
| |
Cryptographic Protocols | |
| |
| |
| |
Zero-Knowledge Protocols | |
| |
| |
| |
Introduction | |
| |
| |
| |
Basic Definitions | |
| |
| |
| |
Zero-knowledge Properties | |
| |
| |
| |
Proof or Argument? | |
| |
| |
| |
Protocols with Two-sided-error | |
| |
| |
| |
Round Efficiency | |
| |
| |
| |
Non-interactive Zero-knowledge | |
| |
| |
| |
Chapter Summary | |
| |
| |
Exercises | |
| |
| |
| |
Returning to "Coin Flipping over Telephone" | |
| |
| |
| |
Blum's "Coin-Flipping-by-Telephone" Protocol | |
| |
| |
| |
Security Analysis | |
| |
| |
| |
Efficiency | |
| |
| |
| |
Chapter Summary | |
| |
| |
| |
Afterremark | |
| |
| |
Bibliography | |
| |
| |
Subject Index | |