Cryptography and Network Security Principles and Practices,
Fourth Edition By William Stallings
Publisher : Prentice Hall
Pub Date : November 16, 2005
Print ISBN-10 : 0-13-187316-4
Print ISBN-13 : 978-0-13-187316-2
Text ISBN-10 : 0-13-187319-9
eText ISBN-13 : 978-0-13-187319-3
Pages : 592
Intended Audience xiii
Plan of the Book xiv
Internet Services for Instructors and Students xiv
Projects for Teaching Cryptography and Network Security xiv
What's New in the Fourth Edition xv
Acknowledgments xvi
Chapter 0. Reader's
Guide 1
Section 0.1. Outline
of this Book 2
Section 0.2. Roadmap
2
Section 0.3. Internet
and Web Resources 4
Chapter 1.
Introduction 6
Section 1.1. Security
Trends 9
Section 1.2. The OSI
Security Architecture 12
Section 1.3. Security
Attacks 13
Section 1.4. Security
Services 16
Section 1.5. Security
Mechanisms 19
Section 1.6. A Model
for Network Security 22
Section 1.7.
Recommended Reading and Web Sites 24
Section 1.8. Key
Terms, Review Questions, and Problems 25
Part One: Symmetric
Ciphers 26
Chapter 2. Classical
Encryption Techniques 28
Section 2.1.
Symmetric Cipher Model 30
Section 2.2.
Substitution Techniques 35
Section 2.3.
Transposition Techniques 49
Section 2.4. Rotor
Machines 51
Section 2.5.
Steganography 53
Section 2.6.
Recommended Reading and Web Sites 55
Section 2.7. Key
Terms, Review Questions, and Problems 56
Chapter 3. Block
Ciphers and the Data Encryption Standard 62
Section 3.1. Block
Cipher Principles 64
Section 3.2. The Data
Encryption Standard 72
Section 3.3. The
Strength of Des 82
Section 3.4.
Differential and Linear Cryptanalysis 83
Section 3.5. Block
Cipher Design Principles 86
Section 3.6.
Recommended Reading 90
Section 3.7. Key
Terms, Review Questions, and Problems 90
Chapter 4. Finite Fields
95
Section 4.1. Groups,
Rings, and Fields 97
Section 4.2. Modular
Arithmetic 101
Section 4.3. The
Euclidean Algorithm 107
Section 4.4. Finite
Fields of The Form GF(p) 109
Section 4.5.
Polynomial Arithmetic 113
Section 4.6. Finite
Fields Of the Form GF(2n) 119
Section 4.7.
Recommended Reading and Web Sites 129
Section 4.8. Key
Terms, Review Questions, and Problems 130
Chapter 5. Advanced
Encryption Standard 134
Section 5.1.
Evaluation Criteria For AES 135
Section 5.2. The AES
Cipher 140
Section 5.3.
Recommended Reading and Web Sites 160
Section 5.4. Key
Terms, Review Questions, and Problems 161
Appendix 5A Polynomials with Coefficients in GF(28) 163
Appendix 5B Simplified AES 165
Chapter 6. More on
Symmetric Ciphers 174
Section 6.1. Multiple
Encryption and Triple DES 175
Section 6.2. Block
Cipher Modes of Operation 181
Section 6.3. Stream
Ciphers and RC4 189
Section 6.4.
Recommended Reading and Web Site 194
Section 6.5. Key
Terms, Review Questions, and Problems 194
Chapter 7. Confidentiality
Using Symmetric Encryption 199
Section 7.1.
Placement of Encryption Function 201
Section 7.2. Traffic
Confidentiality 209
Section 7.3. Key
Distribution 210
Section 7.4. Random
Number Generation 218
Section 7.5.
Recommended Reading and Web Sites 227
Section 7.6. Key
Terms, Review Questions, and Problems 228
Part Two: Public-Key
Encryption and Hash Functions 232
Chapter 8.
Introduction to Number Theory 234
Section 8.1. Prime
Numbers 236
Section 8.2. Fermat's
and Euler's Theorems 238
Section 8.3. Testing
for Primality 242
Section 8.4. The
Chinese Remainder Theorem 245
Section 8.5. Discrete
Logarithms 247
Section 8.6.
Recommended Reading and Web Sites 253
Section 8.7. Key
Terms, Review Questions, and Problems 254
Chapter 9. Public-Key
Cryptography and RSA 257
Section 9.1.
Principles of Public-Key Cryptosystems 259
Section 9.2. The RSA
Algorithm 268
Section 9.3.
Recommended Reading and Web Sites 280
Section 9.4. Key
Terms, Review Questions, and Problems 281
Appendix 9A Proof of the RSA Algorithm 285
Appendix 9B The Complexity of Algorithms 286
Chapter 10. Key
Management; Other Public-Key Cryptosystems 289
Section 10.1. Key
Management 290
Section 10.2.
Diffie-Hellman Key Exchange 298
Section 10.3.
Elliptic Curve Arithmetic 301
Section 10.4.
Elliptic Curve Cryptography 310
Section 10.5.
Recommended Reading and Web Sites 313
Section 10.6. Key
Terms, Review Questions, and Problems 314
Chapter 11. Message
Authentication and Hash Functions 317
Section 11.1.
Authentication Requirements 319
Section 11.2.
Authentication Functions 320
Section 11.3. Message
Authentication Codes 331
Section 11.4. Hash
Functions 334
Section 11.5.
Security of Hash Functions and Macs 340
Section 11.6.
Recommended Reading 344
Section 11.7. Key
Terms, Review Questions, and Problems 344
Appendix 11A Mathematical Basis of the Birthday Attack 346
Chapter 12. Hash and
MAC Algorithms 351
Section 12.1. Secure
Hash Algorithm 353
Section 12.2.
Whirlpool 358
Section 12.3. HMAC
368
Section 12.4. CMAC
372
Section 12.5.
Recommended Reading and Web Sites 374
Section 12.6. Key
Terms, Review Questions, and Problems 374
Chapter 13. Digital
Signatures and Authentication Protocols 377
Section 13.1. Digital
Signatures 378
Section 13.2.
Authentication Protocols 382
Section 13.3. Digital
Signature Standard 390
Section 13.4.
Recommended Reading and Web Sites 393
Section 13.5. Key
Terms, Review Questions, and Problems 393
Part Three: Network
Security Applications 398
Chapter 14.
Authentication Applications 400
Section 14.1.
Kerberos 401
Section 14.2. X.509
Authentication Service 419
Section 14.3.
Public-Key Infrastructure 428
Section 14.4.
Recommended Reading and Web Sites 430
Section 14.5. Key
Terms, Review Questions, and Problems 431
Appendix 14A Kerberos Encryption Techniques 433
Chapter 15.
Electronic Mail Security 436
Section 15.1. Pretty
Good Privacy 438
Section 15.2. S/MIME
457
Section 15.3. Key
Terms, Review Questions, and Problems 474
Appendix 15A Data Compression Using Zip 475
Appendix 15B Radix-64 Conversion 478
Appendix 15C PGP Random Number Generation 479
Chapter 16. IP
Security 483
Section 16.1. IP
Security Overview 485
Section 16.2. IP
Security Architecture 487
Section 16.3.
Authentication Header 493
Section 16.4.
Encapsulating Security Payload 498
Section 16.5.
Combining Security Associations 503
Section 16.6. Key
Management 506
Section 16.7.
Recommended Reading and Web Site 516
Section 16.8. Key
Terms, Review Questions, and Problems 517
Appendix 16A Internetworking and Internet Protocols 518
Chapter 17. Web
Security 527
Section 17.1. Web
Security Considerations 528
Section 17.2. Secure
Socket Layer and Transport Layer Security 531
Section 17.3. Secure
Electronic Transaction 549
Section 17.4.
Recommended Reading and Web Sites 560
Section 17.5. Key
Terms, Review Questions, and Problems 561
Part Four: System
Security 563
Chapter 18. Intruders
565
Section 18.1.
Intruders 567
Section 18.2.
Intrusion Detection 570
Section 18.3.
Password Management 582
Section 18.4.
Recommended Reading and Web Sites 591
Section 18.5. Key
Terms, Review Questions, and Problems 592
Appendix 18A The Base-Rate Fallacy 594
Chapter 19. Malicious
Software 598
Section 19.1. Viruses
and Related Threats 599
Section 19.2. Virus
Countermeasures 610
Section 19.3.
Distributed Denial of Service Attacks 614
Section 19.4.
Recommended Reading and Web Sites 619
Section 19.5. Key
Terms, Review Questions, and Problems 620
Chapter 20. Firewalls
621
Section 20.1.
Firewall Design Principles 622
Section 20.2. Trusted
Systems 634
Section 20.3. Common
Criteria for Information Technology Security Evaluation 640
Section 20.4.
Recommended Reading and Web Sites 644
Section 20.5. Key
Terms, Review Questions, and Problems 645
Appendix A. Standards
and Standards-Setting Organizations 647
Section A.1. The
Importance of Standards 648
Section A.2. Internet
Standards and the Internet Society 649
Section A.3. National
Institute of Standards and Technology 652
Appendix B. Projects
for Teaching Cryptography and Network Security 653
Section B.1. Research
Projects 654
Section B.2.
Programming Projects 655
Section B.3.
Laboratory Exercises 655
Section B.4. Writing
Assignments 655
Section B.5.
Reading/Report Assignments 656
Glossary 657
References 663
Abbreviations 663
Inside Front Cover InsideFrontCover
Inside Back Cover InsideBackCover
Index
