Network Security: Private Communications in a Public World, 3rd Edition
The classic guide to cryptography and network security – now fully updated!
“Alice and Bob are back!”
Widely regarded as the most comprehensive yet comprehensible guide to network security and cryptography, the previous editions of Network Security received critical acclaim for lucid and witty explanations of the inner workings of cryptography and network security protocols. In this edition, the authors have significantly updated and revised the previous content, and added new topics that have become important.
This book explains sophisticated concepts in a friendly and intuitive manner. For protocol standards, it explains the various constraints and committee decisions that led to the current designs. For cryptographic algorithms, it explains the intuition behind the designs, as well as the types of attacks the algorithms are designed to avoid. It explains implementation techniques that can cause vulnerabilities even if the cryptography itself is sound. Homework problems deepen your understanding of concepts and technologies, and an updated glossary demystifies the field’s jargon. Network Security, Third Edition will appeal to a wide range of professionals, from those who design and evaluate security systems to system administrators and programmers who want a better understanding of this important field. It can also be used as a textbook at the graduate or advanced undergraduate level.
- Network security protocol and cryptography basics
- Design considerations and techniques for secret key and hash algorithms (AES, DES, SHA-1, SHA-2, SHA-3)
- First-generation public key algorithms (RSA, Diffie-Hellman, ECC)
- How quantum computers work, and why they threaten the first-generation public key algorithms
- Quantum computers: how they work, and why they threaten the first-generation public key algorithms
- Multi-factor authentication of people
- Real-time communication (SSL/TLS, SSH, IPsec)
- New applications (electronic money, blockchains)
- New cryptographic techniques (homomorphic encryption, secure multiparty computation)
Cover Page About This eBook Title Page Copyright Page Pearson's Commitment to Diversity, Equity, and Inclusion Dedication Page Contents Acknowledgments About the Authors 1. Introduction 1.1 Opinions, Products 1.2 Roadmap to the Book 1.3 Terminology 1.4 Notation 1.5 Cryptographically Protected Sessions 1.6 Active and Passive Attacks 1.7 Legal Issues 1.8 Some Network Basics 1.9 Names for Humans 1.10 Authentication and Authorization 1.11 Malware: Viruses, Worms, Trojan Horses 1.12 Security Gateway 1.13 Denial-of-Service (DoS) Attacks 1.14 NAT (Network Address Translation) 2. Introduction to Cryptography 2.1 Introduction 2.2 Secret Key Cryptography 2.3 Public Key Cryptography 2.4 Hash Algorithms 2.5 Breaking an Encryption Scheme 2.6 Random Numbers 2.7 Numbers 2.8 Homework 3. Secret Key Cryptography 3.1 Introduction 3.2 Generic Block Cipher Issues 3.3 Constructing a Practical Block Cipher 3.4 Choosing Constants 3.5 Data Encryption Standard (DES) 3.6 3DES (Multiple Encryption DES) 3.7 Advanced Encryption Standard (AES) 3.8 RC 3.9 Homework 4. Modes of Operation 4.1 Introduction 4.2 Encrypting a Large Message 4.3 Generating MACs 4.4 Ensuring Privacy and Integrity Together 4.5 Performance Issues 4.6 Homework 5. Cryptographic Hashes 5.1 Introduction 5.2 The Birthday Problem 5.3 A Brief History of Hash Functions 5.4 Nifty Things to Do with a Hash 5.5 Creating a Hash Using a Block Cipher 5.6 Construction of Hash Functions 5.7 Padding 5.8 The Internal Encryption Algorithms 5.9 SHA-3 f Function (Also Known as KECCAK-f) 5.10 Homework 6. First-Generation Public Key Algorithms 6.1 Introduction 6.2 Modular Arithmetic 6.3 RSA 6.4 Diffie-Hellman 6.5 Digital Signature Algorithm (DSA) 6.6 How Secure Are RSA and Diffie-Hellman? 6.7 Elliptic Curve Cryptography (ECC) 6.8 Homework 7. Quantum Computing 7.1 What Is a Quantum Computer? 7.2 Grover’s Algorithm 7.3 Shor’s Algorithm 7.4 Quantum Key Distribution (QKD) 7.5 How Hard Are Quantum Computers to Build? 7.6 Quantum Error Correction 7.7 Homework 8. Post-Quantum Cryptography 8.1 Signature and/or Encryption Schemes 8.2 Hash-based Signatures 8.3 Lattice-Based Cryptography 8.4 Code-based Schemes 8.5 Multivariate Cryptography 8.6 Homework 9. Authentication of People 9.1 Password-based Authentication 9.2 Address-based Authentication 9.3 Biometrics 9.4 Cryptographic Authentication Protocols 9.5 Who Is Being Authenticated? 9.6 Passwords as Cryptographic Keys 9.7 On-Line Password Guessing 9.8 Off-Line Password Guessing 9.9 Using the Same Password in Multiple Places 9.10 Requiring Frequent Password Changes 9.11 Tricking Users into Divulging Passwords 9.12 Lamport’s Hash 9.13 Password Managers 9.14 Web Cookies 9.15 Identity Providers (IDPs) 9.16 Authentication Tokens 9.17 Strong Password Protocols 9.18 Credentials Download Protocols 9.19 Homework 10. Trusted Intermediaries 10.1 Introduction 10.2 Functional Comparison 10.3 Kerberos 10.4 PKI 10.5 Website Gets a DNS Name and Certificate 10.6 PKI Trust Models 10.7 Building Certificate Chains 10.8 Revocation 10.9 Other Information in a PKIX Certificate 10.10 Issues with Expired Certificates 10.11 DNSSEC (DNS Security Extensions) 10.12 Homework 11. Communication Session Establishment 11.1 One-way Authentication of Alice 11.2 Mutual Authentication 11.3 Integrity/Encryption for Data 11.4 Nonce Types 11.5 Intentional MITM 11.6 Detecting MITM 11.7 What Layer? 11.8 Perfect Forward Secrecy 11.9 Preventing Forged Source Addresses 11.10 Endpoint Identifier Hiding 11.11 Live Partner Reassurance 11.12 Arranging for Parallel Computation 11.13 Session Resumption/Multiple Sessions 11.14 Plausible Deniability 11.15 Negotiating Crypto Parameters 11.16 Homework 12. IPsec 12.1 IPsec Security Associations 12.2 IKE (Internet Key Exchange Protocol) 12.3 Creating a Child-SA 12.4 AH and ESP 12.5 AH (Authentication Header) 12.6 ESP (Encapsulating Security Payload) 12.7 Comparison of Encodings 12.8 Homework 13. SSL/TLS and SSH 13.1 Using TCP 13.2 StartTLS 13.3 Functions in the TLS Handshake 13.4 TLS 1.2 (and Earlier) Basic Protocol 13.5 TLS 1.3 13.6 Session Resumption 13.7 PKI as Deployed by TLS 13.8 SSH (Secure Shell) 13.9 Homework 14. Electronic Mail Security 14.1 Distribution Lists 14.2 Store and Forward 14.3 Disguising Binary as Text 14.4 HTML-Formatted Email 14.5 Attachments 14.6 Non-cryptographic Security Features 14.7 Malicious Links in Email 14.8 Data Loss Prevention (DLP) 14.9 Knowing Bob’s Email Address 14.10 Self-Destruct, Do-Not-Forward, … 14.11 Preventing Spoofing of From Field 14.12 In-Flight Encryption 14.13 End-to-End Signed and Encrypted Email 14.14 Encryption by a Server 14.15 Message Integrity 14.16 Non-Repudiation 14.17 Plausible Deniability 14.18 Message Flow Confidentiality 14.19 Anonymity 14.20 Homework 15. Electronic Money 15.1 ECASH 15.2 Offline eCash 15.3 Bitcoin 15.4 Wallets for Electronic Currency 15.5 Homework 16. Cryptographic Tricks 16.1 Secret Sharing 16.2 Blind Signature 16.3 Blind Decryption 16.4 Zero-Knowledge Proofs 16.5 Group Signatures 16.6 Circuit Model 16.7 Secure Multiparty Computation (MPC) 16.8 Fully Homomorphic Encryption (FHE) 16.9 Homework 17. Folklore 17.1 Misconceptions 17.2 Perfect Forward Secrecy 17.3 Change Encryption Keys Periodically 17.4 Don’t Encrypt without Integrity Protection 17.5 Multiplexing Flows over One Secure Session 17.6 Using Different Secret Keys 17.7 Using Different Public Keys 17.8 Establishing Session Keys 17.9 Hash in a Constant When Hashing a Password 17.10 HMAC Rather than Simple Keyed Hash 17.11 Key Derivation 17.12 Use of Nonces in Protocols 17.13 Creating an Unpredictable Nonce 17.14 Compression 17.15 Minimal vs Redundant Designs 17.16 Overestimate the Size of Key 17.17 Hardware Random Number Generators 17.18 Put Checksums at the End of Data 17.19 Forward Compatibility Glossary Math M.1 Introduction M.2 Some definitions and notation M.3 Arithmetic M.4 Abstract Algebra M.5 Modular Arithmetic M.6 Groups M.7 Fields M.8 Mathematics of Rijndael M.9 Elliptic Curve Cryptography M.10 Rings M.11 Linear Transformations M.12 Matrix Arithmetic M.13 Determinants M.14 Homework Bibliography Index Code Snippets
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.