| |
| |
Notation | |
| |
| |
Preface | |
| |
| |
| |
Guide for Readers and Instructors | |
| |
| |
| |
Outline of This Book | |
| |
| |
| |
A Roadmap for Readers and Instructors | |
| |
| |
| |
Internet and Web Resources | |
| |
| |
| |
Standards | |
| |
| |
| |
Overview | |
| |
| |
| |
Computer Security Concepts | |
| |
| |
| |
The OSI Security Architecture | |
| |
| |
| |
Security Attacks | |
| |
| |
| |
Security Services | |
| |
| |
| |
Security Mechanisms | |
| |
| |
| |
A Model for Network Security | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Symmetric Ciphers | |
| |
| |
| |
Classical Encryption Techniques | |
| |
| |
| |
Symmetric Cipher Model | |
| |
| |
| |
Substitution Techniques | |
| |
| |
| |
Transposition Techniques | |
| |
| |
| |
Rotor Machines | |
| |
| |
| |
Steganography | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Block Ciphers and the Data Encryption Standard | |
| |
| |
| |
Traditional Block Cipher Structure | |
| |
| |
| |
The Data Encryption Standard | |
| |
| |
| |
A DES Example | |
| |
| |
| |
The Strength of DES | |
| |
| |
| |
Block Cipher Design Principles | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Basic Concepts in Number Theory and Finite Fields | |
| |
| |
| |
Divisibility and the Division Algorithm | |
| |
| |
| |
The Euclidean Algorithm | |
| |
| |
| |
Modular Arithmetic | |
| |
| |
| |
Groups, Rings, and Fields | |
| |
| |
| |
Finite Fields of the Form GF(p) | |
| |
| |
| |
Polynomial Arithmetic | |
| |
| |
| |
Finite Fields of the Form GF(2<sup>n</sup>) | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
The Meaning of mod | |
| |
| |
| |
Advanced Encryption Standard | |
| |
| |
| |
Finite Field Arithmetic | |
| |
| |
| |
AES Structure | |
| |
| |
| |
AES Transformation Functions | |
| |
| |
| |
AES Key Expansion | |
| |
| |
| |
An AES Example | |
| |
| |
| |
AES Implementation | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Polynomials with Coefficients in GF(2<sup>8</sup>) | |
| |
| |
| |
Simplified AES | |
| |
| |
| |
Block Cipher Operation | |
| |
| |
| |
Multiple Encryption and Triple DES | |
| |
| |
| |
Electronic Code book | |
| |
| |
| |
Cipher Block Chaining Mode | |
| |
| |
| |
Cipher Feedback Mode | |
| |
| |
| |
Output Feedback Mode | |
| |
| |
| |
Counter Mode | |
| |
| |
| |
XTS-AES Mode for Block-Oriented Storage Devices | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Pseudorandom Number Generation and Stream Ciphers | |
| |
| |
| |
Principles of Pseudorandom Number Generation | |
| |
| |
| |
Pseudorandom Number Generators | |
| |
| |
| |
Pseudorandom Number Generation Using a Block Cipher | |
| |
| |
| |
Stream Ciphers | |
| |
| |
| |
RC4 | |
| |
| |
| |
True Random Number Generators | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Asymmetric Ciphers | |
| |
| |
| |
More Number Theory | |
| |
| |
| |
Prime Numbers | |
| |
| |
| |
Fermat's and Euler's Theorems | |
| |
| |
| |
Testing for Primality | |
| |
| |
| |
The Chinese Remainder Theorem | |
| |
| |
| |
Discrete Logarithms | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Public-Key Cryptography and RSA | |
| |
| |
| |
Principles of Public-Key Cryptosystems | |
| |
| |
| |
The RSA Algorithm | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
The Complexity of Algorithms | |
| |
| |
| |
Other Public-Key Cryptosystems | |
| |
| |
| |
Diffie-Hellman Key Exchange | |
| |
| |
| |
Elgamal Cryptographic System | |
| |
| |
| |
Elliptic Curve Arithmetic | |
| |
| |
| |
Elliptic Curve Cryptography | |
| |
| |
| |
Pseudorandom Number Generation Based on an Asymmetric Cipher | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Cryptographic Data Integrity Algorithms | |
| |
| |
| |
Cryptographic Hash Functions | |
| |
| |
| |
Applications of Cryptographic Hash Functions | |
| |
| |
| |
Two Simple Hash Functions | |
| |
| |
| |
Requirements and Security | |
| |
| |
| |
Hash Functions Based on Cipher Block Chaining | |
| |
| |
| |
Secure Hash Algorithm (SHA) | |
| |
| |
| |
SHA-3 | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Message Authentication Codes | |
| |
| |
| |
Message Authentication Requirements | |
| |
| |
| |
Message Authentication Functions | |
| |
| |
| |
Requirements for Message Authentication Codes | |
| |
| |
| |
Security of MACs | |
| |
| |
| |
MACs Based on Hash Functions: HMAC | |
| |
| |
| |
MACs Based on Block Ciphers: DAA and CMAC | |
| |
| |
| |
Authenticated Encryption: CCM and GCM | |
| |
| |
| |
Key Wrapping | |
| |
| |
| |
Pseudorandom Number Generation using Hash Functions and MACs | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Digital Signatures | |
| |
| |
| |
Digital Signatures | |
| |
| |
| |
Elgamal Digital Signature Scheme | |
| |
| |
| |
Schnorr Digital Signature Scheme | |
| |
| |
| |
NIST Digital Signature Algorithm | |
| |
| |
| |
Elliptic Curve Digital Signature Algorithm | |
| |
| |
| |
RSA-PSS Digital Signature Algorithm | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Mutual Trust | |
| |
| |
| |
Key Management and Distribution | |
| |
| |
| |
Symmetric Key Distribution Using Symmetric Encryption | |
| |
| |
| |
Symmetric Key Distribution Using Asymmetric Encryption | |
| |
| |
| |
Distribution of Public Keys | |
| |
| |
| |
X.509 Certificates | |
| |
| |
| |
Public-Key Infrastructure | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
User Authentication | |
| |
| |
| |
Remote User-Authentication Principles | |
| |
| |
| |
Remote User-Authentication Using Symmetric Encryption | |
| |
| |
| |
Kerberos | |
| |
| |
| |
Remote User Authentication Using Asymmetric Encryption | |
| |
| |
| |
Federated Identity Management | |
| |
| |
| |
Personal Identity Verification | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Network and Internet Security | |
| |
| |
| |
Network Access Control and Cloud Security | |
| |
| |
| |
Network Access Control | |
| |
| |
| |
Extensible Authentication Protocol | |
| |
| |
| |
IEEE 802.1X Port-Based. Network Access Control | |
| |
| |
| |
Cloud Computing | |
| |
| |
| |
Cloud Security Risks and Countermeasures | |
| |
| |
| |
Data Protection in the Cloud | |
| |
| |
| |
Cloud Security as a Service | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Transport-Level Security | |
| |
| |
| |
Web Security Considerations | |
| |
| |
| |
Secure Sockets Layer | |
| |
| |
| |
Transport Layer Security | |
| |
| |
| |
HTTPS | |
| |
| |
| |
Secure Shell (SSH) | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Wireless Network Security | |
| |
| |
| |
Wireless Security | |
| |
| |
| |
Mobile Device Security | |
| |
| |
| |
IEEE 802.11 Wireless LAN Overview | |
| |
| |
| |
IEEE 802.11i Wireless LAN Security | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Electronic Mail Security | |
| |
| |
| |
Pretty Good Privacy | |
| |
| |
| |
S/MIME | |
| |
| |
| |
DomainKeys Identified Mail | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Radix-64 Conversion | |
| |
| |
| |
IP Security | |
| |
| |
| |
IP Security Overview | |
| |
| |
| |
IP Security Policy | |
| |
| |
| |
Encapsulating Security Payload | |
| |
| |
| |
Combining Security Associations | |
| |
| |
| |
Internet Key Exchange | |
| |
| |
| |
Cryptographic Suites | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
Appendices | |
| |
| |
| |
Projects for Teaching Cryptography and Network Security | |
| |
| |
| |
Sage Computer Algebra Projects | |
| |
| |
| |
Hacking Project | |
| |
| |
| |
Block Cipher Projects | |
| |
| |
| |
Laboratory Exercises | |
| |
| |
| |
Research Projects | |
| |
| |
| |
Programming Projects | |
| |
| |
| |
Practical Security Assessments | |
| |
| |
| |
Firewall Projects | |
| |
| |
| |
Case Studies | |
| |
| |
| |
Writing Assignments | |
| |
| |
| |
Reading/Report Assignments | |
| |
| |
| |
Discussion Topics | |
| |
| |
| |
Sage Examples | |
| |
| |
| |
Linear Algebra and Matrix Functionality | |
| |
| |
| |
Chapter 2: Classical Encryption | |
| |
| |
| |
Chapter 3: Block Ciphers and the Data Encryption Standard | |
| |
| |
| |
Chapter 4: Basic Concepts in Number Theory and Finite Fields | |
| |
| |
| |
Chapter 5: Advanced Encryption Standard | |
| |
| |
| |
Chapter 6: Pseudorandom Number Generation and Stream Ciphers | |
| |
| |
| |
Chapter 8: Number Theory | |
| |
| |
| |
Chapter 9: Public-Key Cryptography and RSA | |
| |
| |
| |
Chapter 10: Other Public-Key Cryptosystems | |
| |
| |
| |
Chapter 11: Cryptographic Hash Functions | |
| |
| |
| |
Chapter 13: Digital Signatures | |
| |
| |
References | |
| |
| |
Credits | |
| |
| |
Index | |
| |
| |
Online Chapters and Appendices<sup>1</sup> | |
| |
| |
| |
System Security | |
| |
| |
| |
Malicious Software | |
| |
| |
| |
Types of Malicious Software | |
| |
| |
| |
Propagation - Infected Content - Viruses | |
| |
| |
| |
Propagation - Vulnerability Exploit - Worms | |
| |
| |
| |
Propagation - Social Engineering - SPAM, Trojans | |
| |
| |
| |
Payload - System Corruption | |
| |
| |
| |
Payload - Attack Agent - Zombie, Bots | |
| |
| |
| |
Payload - Information Theft - Keyloggers, Phishing, Spyware | |
| |
| |
| |
Payload - Stealthing - Backdoors, Rootkits | |
| |
| |
| |
Countermeasures | |
| |
| |
| |
Distributed Denial of Service Attacks | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Intruders | |
| |
| |
| |
Intruders | |
| |
| |
| |
Intrusion Detection | |
| |
| |
| |
Password Management | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
The Base-Rate Fallacy | |
| |
| |
| |
Firewalls | |
| |
| |
| |
The Need for Firewalls | |
| |
| |
| |
Firewall Characteristics | |
| |
| |
| |
Types of Firewalls | |
| |
| |
| |
Firewall Basing | |
| |
| |
| |
Firewall Location and Configurations | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Legal and Ethical Issues | |
| |
| |
| |
Legal and. Ethical Issues | |
| |
| |
| |
Cybercrime and Computer Crime | |
| |
| |
| |
Intellectual Property | |
| |
| |
| |
Privacy | |
| |
| |
| |
Ethical Issues | |
| |
| |
| |
Recommended Reading | |
| |
| |
| |
Key Terms, Review Questions, and Problems | |
| |
| |
| |
Sage Exercises | |
| |
| |
| |
Standards and Standards-Setting Organizations | |
| |
| |
| |
Basic Concepts from Linear Algebra | |
| |
| |
| |
Measures of Security and Secrecy | |
| |
| |
| |
Simplified DES | |
| |
| |
| |
Evaluation Criteria for AES | |
| |
| |
| |
More on Simplified AES | |
| |
| |
| |
Knapsack Public-Key Algorithm | |
| |
| |
| |
Proof of the Digital Signature Algorithm | |
| |
| |
| |
TCP/IP and OSI | |
| |
| |
| |
Java Cryptographic APIs | |
| |
| |
| |
MD5 and Whirlpool Hash Functions | |
| |
| |
| |
Data Compression Using ZIP | |
| |
| |
| |
More on PGP | |
| |
| |
| |
The International Reference Alphabet | |
| |
| |
| |
Proof of the RSA Algorithm | |
| |
| |
| |
Data Encryption Standard (DES) | |
| |
| |
| |
Kerberos Encryption Techniques | |
| |
| |
| |
Mathematical Basis of the Birthday Attack | |
| |
| |
| |
Evaluation Criteria for SHA-3 | |
| |
| |
Glossary | |