- ホーム
- > 洋書
- > 英文書
- > Computer / General
Full Description
For one-semester, undergraduate- or graduate-level courses in Cryptography, Computer Security, and Network Security. The book is suitable for self-study and so provides a solid and up-to-date tutorial. The book is also a comprehensive treatment of cryptography and network security and so is suitable as a reference for a system engineer, programmer, system manager, network manager, product marketing personnel, or system support specialist.A practical survey of cryptography and network security with unmatched support for instructors and studentsIn this age of universal electronic connectivity, viruses and hackers, electronic eavesdropping, and electronic fraud, security is paramount. This text provides a practical survey of both the principles and practice of cryptography and network security. First, the basic issues to be addressed by a network security capability are explored through a tutorial and survey of cryptography and network security technology. Then, the practice of network security is explored via practical applications that have been implemented and are in use today. An unparalleled support package for instructors and students ensures a successful teaching and learning experience.
Contents
Preface xiiiChapter 0 Guide for Readers and Instructors 10.1 Outline of This Book 2 0.2 A Roadmap for Readers and Instructors 3 0.3 Internet and Web Resources 4 0.4 Standards 5 Chapter 1 Overview 71.1 Computer Security Concepts 9 1.2 The OSI Security Architecture 14 1.3 Security Attacks 15 1.4 Security Services 17 1.5 Security Mechanisms 20 1.6 A Model for Network Security 22 1.7 Recommended Reading 24 1.8 Key Terms, Review Questions, and Problems 25 Part One Symmetric Ciphers 27Chapter 2 Classical Encryption Techniques 272.1 Symmetric Cipher Model 28 2.2 Substitution Techniques 34 2.3 Transposition Techniques 49 2.4 Rotor Machines 50 2.5 Steganography 52 2.6 Recommended Reading 54 2.7 Key Terms, Review Questions, and Problems 55 Chapter 3 Block Ciphers and the Data Encryption Standard 613.1 Traditional Block Cipher Structure 63 3.2 The Data Encryption Standard 72 3.3 A DES Example 74 3.4 The Strength of DES 77 3.5 Block Cipher Design Principles 78 3.6 Recommended Reading 80 3.7 Key Terms, Review Questions, and Problems 81 Chapter 4 Basic Concepts in Number Theory and Finite Fields 854.1 Divisibility and the Division Algorithm 87 4.2 The Euclidean Algorithm 88 4.3 Modular Arithmetic 91 4.4 Groups, Rings, and Fields 99 4.5 Finite Fields of the Form GF( p) 102 4.6 Polynomial Arithmetic 106 4.7 Finite Fields of the Form GF(2n) 112 4.8 Recommended Reading 124 4.9 Key Terms, Review Questions, and Problems 124 Appendix 4A The Meaning of mod 127Chapter 5 Advanced Encryption Standard 1295.1 Finite Field Arithmetic 130 5.2 AES Structure 132 5.3 AES Transformation Functions 137 5.4 AES Key Expansion 148 5.5 An AES Example 151 5.6 AES Implementation 155 5.7 Recommended Reading 159 5.8 Key Terms, Review Questions, and Problems 160 Appendix 5A Polynomials with Coefficients in GF(28) 162Appendix 5B Simplified AES 164Chapter 6 Block Cipher Operation 1746.1 Multiple Encryption and Triple DES 175 6.2 Electronic Code book 180 6.3 Cipher Block Chaining Mode 183 6.4 Cipher Feedback Mode 185 6.5 Output Feedback Mode 187 6.6 Counter Mode 189 6.7 XTS-AES Mode for Block-Oriented Storage Devices 191 6.8 Recommended Reading 198 6.9 Key Terms, Review Questions, and Problems 198 Chapter 7 Pseudorandom Number Generation and Stream Ciphers 2027.1 Principles of Pseudorandom Number Generation 203 7.2 Pseudorandom Number Generators 210 7.3 Pseudorandom Number Generation Using a Block Cipher 213 7.4 Stream Ciphers 219 7.5 RC4 221 7.6 True Random Number Generators 223 7.7 Recommended Reading 227 7.8 Key Terms, Review Questions, and Problems 228 Part Two Asymmetric Ciphers 231Chapter 8 More Number Theory 2318.1 Prime Numbers 232 8.2 Fermat's and Euler's Theorems 236 8.3 Testing for Primality 239 8.4 The Chinese Remainder Theorem 242 8.5 Discrete Logarithms 244 8.6 Recommended Reading 249 8.7 Key Terms, Review Questions, and Problems 250 Chapter 9 Public-Key Cryptography and RSA 2539.1 Principles of Public-Key Cryptosystems 256 9.2 The RSA Algorithm 264 9.3 Recommended Reading 278 9.4 Key Terms, Review Questions, and Problems 279 Appendix 9A The Complexity of Algorithms 283Chapter 10 Other Public-Key Cryptosystems 28610.1 Diffie-Hellman Key Exchange 287 10.2 Elgamal Cryptographic System 292 10.3 Elliptic Curve Arithmetic 295 10.4 Elliptic Curve Cryptography 303 10.5 Pseudorandom Number Generation Based on an Asymmetric Cipher 306 10.6 Recommended Reading 309 10.7 Key Terms, Review Questions, and Problems 309 Part Three Cryptographic Data Integrity Algorithms 313Chapter 11 Cryptographic Hash Functions 31311.1 Applications of Cryptographic Hash Functions 315 11.2 Two Simple Hash Functions 320 11.3 Requirements and Security 322 11.4 Hash Functions Based on Cipher Block Chaining 328 11.5 Secure Hash Algorithm (SHA) 329 11.6 SHA-3 339 11.7 Recommended Reading 351 11.8 Key Terms, Review Questions, and Problems 351 Chapter 12 Message Authentication Codes 35512.1 Message Authentication Requirements 357 12.2 Message Authentication Functions 357 12.3 Requirements for Message Authentication Codes 365 12.4 Security of MACs 367 12.5 MACs Based on Hash Functions: HMAC 368 12.6 MACs Based on Block Ciphers: DAA and CMAC 373 12.7 Authenticated Encryption: CCM and GCM 376 12.8 Key Wrapping 382 12.9 Pseudorandom Number Generation using Hash Functions and MACs 387 12.10 Recommended Reading 390 12.11 Key Terms, Review Questions, and Problems 390 Chapter 13 Digital Signatures 39313.1 Digital Signatures 395 13.2 Elgamal Digital Signature Scheme 398 13.3 Schnorr Digital Signature Scheme 400 13.4 NIST Digital Signature Algorithm 401 13.5 Elliptic Curve Digital Signature Algorithm 404 13.6 RSA-PSS Digital Signature Algorithm 407 13.7 Recommended Reading 412 13.8 Key Terms, Review Questions, and Problems 412 Part Four Mutual Trust 417Chapter 14 Key Management and Distribution 41714.1 Symmetric Key Distribution Using Symmetric Encryption 418 14.2 Symmetric Key Distribution Using Asymmetric Encryption 427 14.3 Distribution of Public Keys 430 14.4 X.509 Certificates 435 14.5 Public-Key Infrastructure 443 14.6 Recommended Reading 445 14.7 Key Terms, Review Questions, and Problems 446 Chapter 15 User Authentication 45015.1 Remote User-Authentication Principles 451 15.2 Remote User-Authentication Using Symmetric Encryption 454 15.3 Kerberos 458 15.4 Remote User Authentication Using Asymmetric Encryption 476 15.5 Federated Identity Management 478 15.6 Personal Identity Verification 484 15.7 Recommended Reading 491 15.8 Key Terms, Review Questions, and Problems 491 Part Five Network And Internet Security 495Chapter 16 Network Access Control and Cloud Security 49516.1 Network Access Control 496 16.2 Extensible Authentication Protocol 499 16.3 IEEE 802.1X Port-Based Network Access Control 503 16.4 Cloud Computing 505 16.5 Cloud Security Risks and Countermeasures 512 16.6 Data Protection in the Cloud 514 16.7 Cloud Security as a Service 517 16.8 Recommended Reading 520 16.9 Key Terms, Review Questions, and Problems 521 Chapter 17 Transport-Level Security 52217.1 Web Security Considerations 523 17.2 Secure Sockets Layer 525 17.3 Transport Layer Security 539 17.4 HTTPS 543 17.5 Secure Shell (SSH) 544 17.6 Recommended Reading 555 17.7 Key Terms, Review Questions, and Problems 556 Chapter 18 Wireless Network Security 55818.1 Wireless Security 559 18.2 Mobile Device Security 562 18.3 IEEE 802.11 Wireless LAN Overview 566 18.4 IEEE 802.11i Wireless LAN Security 572 18.5 Recommended Reading 586 18.6 Key Terms, Review Questions, and Problems 587 Chapter 19 Electronic Mail Security 59019.1 Pretty Good Privacy 591 19.2 S/MIME 599 19.3 DomainKeys Identified Mail 615 19.4 Recommended Reading 622 19.5 Key Terms, Review Questions, and Problems 622 Appendix 19A Radix-64 Conversion 623Chapter 20 IP Security 62620.1 IP Security Overview 628 20.2 IP Security Policy 632 20.3 Encapsulating Security Payload 638 20.4 Combining Security Associations 645 20.5 Internet Key Exchange 649 20.6 Cryptographic Suites 657 20.7 Recommended Reading 659 20.8 Key Terms, Review Questions, and Problems 659 Appendices 661Appendix A Projects for Teaching Cryptography and Network Security 661A.1 Sage Computer Algebra Projects 662 A.2 Hacking Project 663 A.3 Block Cipher Projects 664 A.4 Laboratory Exercises 664 A.5 Research Projects 664 A.6 Programming Projects 665 A.7 Practical Security Assessments 665 A.8 Firewall Projects 666 A.9 Case Studies 666 A.10 Writing Assignments 666 A.11 Reading/Report Assignments 667 A.12 Discussion Topics 667 Appendix B Sage Examples 668B.1 Linear Algebra and Matrix Functionality 669 B.2 Chapter 2: Classical Encryption 670 B.3 Chapter 3: Block Ciphers and the Data Encryption Standard 673 B.4 Chapter 4: Basic Concepts in Number Theory and Finite Fields 677 B.5 Chapter 5: Advanced Encryption Standard 684 viii Contents B.6 Chapter 6: Pseudorandom Number Generation and Stream Ciphers 689 B.7 Chapter 8: Number Theory 691 B.8 Chapter 9: Public-Key Cryptography and RSA 696 B.9 Chapter 10: Other Public-Key Cryptosystems 699 B.10 Chapter 11: Cryptographic Hash Functions 704 B.11 Chapter 13: Digital Signatures 706 References 710Credits 720Index 723Online Chapters and Appendices1Part Six System SecurityChapter 21 Malicious Software21.1 Types of Malicious Software 21.2 Propagation - Infected Content - Viruses 21.3 Propagation - Vulnerability Exploit - Worms 21.4 Propagation - Social Engineering - SPAM, Trojans 21.5 Payload - System Corruption 21.6 Payload - Attack Agent - Zombie, Bots 21.7 Payload - Information Theft - Keyloggers, Phishing, Spyware 21.8 Payload - Stealthing - Backdoors, Rootkits 21.9 Countermeasures 21.10 Distributed Denial of Service Attacks 21.11 Recommended Reading 21.12 Key Terms, Review Questions, and Problems Chapter 22 Intruders22.1 Intruders 22.2 Intrusion Detection 22.3 Password Management 22.4 Recommended Reading 22.5 Key Terms, Review Questions, and Problems Appendix 22A The Base-Rate FallacyChapter 23 Firewalls23.1 The Need for Firewalls 23.2 Firewall Characteristics 23.3 Types of Firewalls 23.4 Firewall Basing 23.5 Firewall Location and Configurations 23.6 Recommended Reading 23.7 Key Terms, Review Questions, and Problems Part seven Legal And Ethical IssuesChapter 24 Legal and Ethical Issues24.1 Cybercrime and Computer Crime 24.2 Intellectual Property 24.3 Privacy 24.4 Ethical Issues 24.5 Recommended Reading 24.6 Key Terms, Review Questions, and ProblemsAppendix C Sage ExercisesAppendix D Standards and Standards-Setting OrganizationsAppendix E Basic Concepts from Linear AlgebraAppendix F Measures of Security and SecrecyAppendix G Simplified DESAppendix H Evaluation Criteria for AESAppendix I More on Simplified AESAppendix J Knapsack Public-Key AlgorithmAppendix K Proof of the Digital Signature AlgorithmAppendix L TCP/IP and OSIAppendix M Java Cryptographic APIsAppendix N MD5 and Whirlpool Hash FunctionsAppendix O Data Compression Using ZIPAppendix P More on PGPAppendix Q The International Reference AlphabetAppendix R Proof of the RSA AlgorithmAppendix S Data Encryption Standard (DES)Appendix T Kerberos Encryption TechniquesAppendix U Mathematical Basis of the Birthday AttackAppendix V Evaluation Criteria for SHA-3
