CRYPTOGRAPHY AND NETWORK SECURITY

Similar documents
Acronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector

For Tricia: never dull, never boring, the smartest and bravest person I know

DATA AND COMPUTER COMMUNICATIONS

SRI VENKATESWARA COLLEGE OF ENGINEERING

CRYPTOGRAPHY AND NETWROK SECURITY-QUESTION BANK

10EC832: NETWORK SECURITY

Total No. of Questions : 09 ] [ Total No.of Pages : 02

Cryptography and Network Security

KALASALINGAM UNIVERSITY

Database Concepts. David M. Kroenke UNIVERSITATSBIBLIOTHEK HANNOVER

SUMMARY OF INFORMATION ON EACH COURSE

(a) Symmetric model (b) Cryptography (c) Cryptanalysis (d) Steganography

Cryptography and Network Security

Cryptography MIS

THE AVR MICROCONTROLLER AND EMBEDDED SYSTEMS. Using Assembly and С

Chapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010

Business Driven Data Communications

Chapter 8. Network Security. Need for Security. An Introduction to Cryptography. Transposition Ciphers One-Time Pads

Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank

Information Security: Principles and Practice Second Edition. Mark Stamp

A & B Section. Day. A Mrs. Krishnaveni S 1204 UB

The question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).

ony Gaddis Haywood Community College STARTING OUT WITH PEARSON Amsterdam Cape Town Dubai London Madrid Milan Munich Paris Montreal Toronto

INSTITUTE OF AERONAUTICAL ENGINEERING (Autonomous) Dundigal, Hyderabad

Introduction to information Security

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

CONTENTS. vii. Chapter 1 TCP/IP Overview 1. Chapter 2 Symmetric-Key Cryptography 33. Acknowledgements

Visual C# Tony Gaddis. Haywood Community College STARTING OUT WITH. Piyali Sengupta. Third Edition. Global Edition contributions by.

BCA III Network security and Cryptography Examination-2016 Model Paper 1

L13. Reviews. Rocky K. C. Chang, April 10, 2015

Principles of Information Security, Fourth Edition. Chapter 8 Cryptography

Public Key Cryptography

Acronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector

Academic Course Description

Study Guide to Mideterm Exam

Cryptographic Concepts

World Wide Web PROGRAMMING THE PEARSON EIGHTH EDITION. University of Colorado at Colorado Springs

Prelude to Programming

FUNDAMENTALS OF. Database S wctpmc. Shamkant B. Navathe College of Computing Georgia Institute of Technology. Addison-Wesley

Systems:;-'./'--'.; r. Ramez Elmasri Department of Computer Science and Engineering The University of Texas at Arlington

Foreword Preface About the Author Aperitifs The Lexicon of Cryptography Cryptographic Systems Cryptanalysis Side Information Thomas Jefferson and the

Integrated Approach. Operating Systems COMPUTER SYSTEMS. LEAHY, Jr. Georgia Institute of Technology. Umakishore RAMACHANDRAN. William D.

OPERATING SYSTEMS INTERNALS AND DESIGN PRINCIPLES. William Stallings SIXTH EDITION. Pearson Education International. Prentice Hall

Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets

Anany Levitin 3RD EDITION. Arup Kumar Bhattacharjee. mmmmm Analysis of Algorithms. Soumen Mukherjee. Introduction to TllG DCSISFI &

NETWORKING KEITH W. ROSS. Polytechnic Institute of NYU. Addison-Wesley

Glenda Whitbeck Global Computing Security Architect Spirit AeroSystems

HASHING IN COMPUTER SCIENCE FIFTY YEARS OF SLICING AND DICING

Network Security. Chapter 8. MYcsvtu Notes.

Introduction and Overview. Why CSCI 454/554?

Security in Computing

(2½ hours) Total Marks: 75

Access ComprehGnsiwG. Shelley Gaskin, Carolyn McLellan, and. Nancy Graviett. with Microsoft

Introduction to Network Security Missouri S&T University CPE 5420 Exam 2 Logistics

APNIC elearning: Cryptography Basics

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

ACS / Computer Security And Privacy. Fall 2018 Mid-Term Review

Name of chapter & details.

CLASSIC DATA STRUCTURES IN JAVA

KALASALINGAM UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING EVEN SEMESTER COURSE PLAN

PESIT SOUTH CAMPUS 10IS835: INFORMATION AND NETWORK SECURITY. Faculty Name: Aisha Begam No. of Hours: 52

SECURITY MANAGEMENT SYSTEM FUNCTIONAL ARCHITECTURE FOR ENTERPRISE NETWORK

MACHINES AND MECHANISMS

ECE 297:11 Reconfigurable Architectures for Computer Security

Department of Computer Science and Engineering NITK, Surathkal IS703 - Network Security [M. Tech-ISE] (Syllabus and Assessment Plan)

MECHATRONICS. William Bolton. Sixth Edition ELECTRONIC CONTROL SYSTEMS ENGINEERING IN MECHANICAL AND ELECTRICAL PEARSON

Security+ SY0-501 Study Guide Table of Contents

SIDDHARTH GROUP OF INSTITUTIONS :: PUTTUR Siddharth Nagar, Narayanavanam Road QUESTION BANK (DESCRIPTIVE) UNIT I

This chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

Jaringan Komputer (IF8505) Pengamanan jaringan komputer. Cryptography

PROBLEM SOLVING USING JAVA WITH DATA STRUCTURES. A Multimedia Approach. Mark Guzdial and Barbara Ericson PEARSON. College of Computing

Essentials of Database Management

The most important development from the work on public-key cryptography is the digital signature. Message authentication protects two parties who

ECE 646 Fall 2009 Final Exam December 15, Multiple-choice test

Real-Time Systems and Programming Languages

EEC-682/782 Computer Networks I

DEPARTMENT OF COMPUTER APPLICATIONS B.C.A. - THIRD YEAR ( REGULATION) SIXTH SEMESTER LESSON PLAN SRM UNIVERSITY

Analysis, demands, and properties of pseudorandom number generators

M.D UNIVERSITY SCHEME OF STUDIES AND EXAMINATION M.TECH 2nd YEAR (COMPUTER SCIENCE & ENGINEERING) SEMESTER 3rd CBCS Scheme effective from

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

Computer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018

CS669 Network Security

INSTITUTE OF AERONAUTICAL ENGINEERING (Autonomous)

Networking Security Essentials 4th Edition Solution Manual

Cryptography and Network Security Chapter 16. Fourth Edition by William Stallings

Chapter 19 Security. Chapter 19 Security

INSTITUTE OF AERONAUTICAL ENGINEERING Dundigal, Hyderabad

Public Key Algorithms

Computer Security: Principles and Practice

Chapter 3 Public Key Cryptography

Network Security Chapter 8

Networking. Second Edition. Jeffrey S. Beasley. New Mexico State University

Cryptography And Network Security By William Stallings 5th Edition Solution Manual

MLR Institute of Technology

Search Engines Information Retrieval in Practice

Cryptography and Network Security

Information Security CS 526

CSC 774 Network Security

C - Cryptography

Transcription:

CRYPTOGRAPHY AND NETWORK SECURITY PRINCIPLES AND PRACTICE FIFTH EDITION William Stallings Prentice Hall Boston Columbus Indianapolis New York San Francisco Upper Saddle River Amsterdam Cape Town Dubai London Madrid Milan Munich Paris Montreal Toronto Delhi Mexico City Sao Paulo Sydney Hong Kong Seoul Singapore Taipei Tokyo

CONTENTS Notation 13 Preface 15 About the Author 23 Chapter 0 Reader's Guide 25 0.1 Outline of This Book 26 0.2 A Roadmap for Readers and Instructors 26 0.3 Internet and Web Resources 28 0.4 Standards 29 Chapter 1 Overview 31 1.1 Computer Security Concepts 33 1.2 The OSI Security Architecture 38 1.3 Security Attacks 39 1.4 Security Services 43 1.5 Security Mechanisms 47 1.6 A Model for Network Security 49 1.7 Recommended Reading and Web Sites 51 1.8 Key Terms, Review Questions, and Problems 53 PART ONE SYMMETRIC CIPHERS 55 Chapter 2 Classical Encryption Techniques 55 2.1 Symmetric Cipher Model 57 2.2 Substitution Techniques 62 2.3 Transposition Techniques 77 2.4 Rotor Machines 79 2.5 Steganography 81 2.6 Recommended Reading and Web Sites 83 2.7 Key Terms, Review Questions, and Problems 84 Chapter 3 Block Ciphers and the Data Encryption Standard 90 3.1 Block Cipher Principles 92 3.2 The Data Encryption Standard (DES) 101 3.3 A DES Example 109 3.4 The Strength of DES 112 3.5 Differential and Linear Cryptanalysis 113 3.6 Block Cipher Design Principles 116 3.7 Recommended Reading and Web Site 120 3.8 Key Terms, Review Questions, and Problems 121 Chapter 4 Basic Concepts in Number Theory and Finite Fields 125 4.1 Divisibility and the Division Algorithm 127 4.2 The Euclidean Algorithm 129

6 CONTENTS 4.3 Modular Arithmetic 132 4.4 Groups, Rings, and Fields 140 4.5 Finite Fields of the Form GF(p) 144 4.6 Polynomial Arithmetic 146 4.7 Finite Fields of the Form GF(2") 153 4.8 Recommended Reading and Web Sites 165 4.9 Key Terms, Review Questions, and Problems 165 Appendix 4 A The Meaning of mod 168 Chapter 5 Advanced Encryption Standard 171 5.1 Finite Field Arithmetic 172 5.2 AES Structure 174 5.3 AES Transformation Functions 179 5.4 AES Key Expansion 190 5.5 An AES Example 193 5.6 AES Implementation 198 5.7 Recommended Reading and Web Sites 202 5.8 Key Terms, Review Questions, and Problems 203 Appendix 5A Polynomials with Coefficients in GF(2 ) 204 Appendix 5B Simplified AES 207 Chapter 6 Block Cipher Operation 216 6.1 Multiple Encryption and Triple DES 217 6.2 Electronic Code Book 222 6.3 Cipher Block Chaining Mode 225 6.4 Cipher Feedback Mode 227 6.5 Output Feedback Mode 229 6.6 Counter Mode 230 6.7 XTS-AES Mode for Block-Oriented Storage Devices 234 6.8 Recommended Web Site 238 6.9 Key Terms, Review Questions, and Problems 238 Chapter 7 Pseudorandom Number Generation and Stream Ciphers 242 7.1 Principles of Pseudorandom Number Generation 243 7.2 Pseudorandom Number Generators 250 7.3 Pseudorandom Number Generation Using a Block Cipher 253 7.4 Stream Ciphers 256 7.5 RC4 258 7.6 True Random Number Generators 261 7.7 Recommended Reading and Web Sites 262 7.8 Key Terms, Review Questions, and Problems 263 PART TWO ASYMMETRIC CIPHERS 267 Chapter 8 Introduction to Number Theory 267 8.1 Prime Numbers 269 8.2 Fermat's and Euler's Theorems 272 8.3 Testing for Primality 275 8.4 The Chinese Remainder Theorem 278

8.5 Discrete Logarithms 281 8.6 Recommended Reading and Web Sites 286 8.7 Key Terms, Review Questions, and Problems 287 Chapter 9 Public-Key Cryptography and RSA 290 9.1 Principles of Public-Key Cryptosystems 293 9.2 The RS A Algorithm 301 9.3 Recommended Reading and Web Site 315 9.4 Key Terms, Review Questions, and Problems 315 Appendix 9A Proof of the RSA Algorithm 320 Appendix 9B The Complexity of Algorithms 321 Chapter 10 Other Public-Key Cryptosystems 324 10.1 Diffie-Hellman Key Exchange 325 10.2 ElGamal Cryptographic system 329 10.3 Elliptic Curve Arithmetic 332 10.4 Elliptic Curve Cryptography 341 10.5 Pseudorandom Number Generation Based on an Asymmetric Cipher 345 10.6 Recommended Reading and Web Site 347 10.7 Key Terms, Review Questions, and Problems 348 PART THREE CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS 351 Chapter 11 Cryptographic Hash Functions 351 11.1 Applications of Cryptographic Hash Functions 353 11.2 Two Simple Hash Functions 357 11.3 Requirements and Security 359 11.4 Hash Functions Based on Cipher Block Chaining 365 11.5 Secure Hash Algorithm (SHA) 366 11.6 SHA-3 376 11.7 Recommended Reading and Web Sites 377 11.8 Key Terms, Review Questions, and Problems 377 Appendix IIA Mathematical Basis of the Birthday Attack 380 Chapter 12 Message Authentication Codes 386 12.1 Message Authentication Requirements 388 12.2 Message Authentication Functions 389 12.3 Requirements for Message Authentication Codes 396 12.4 Security of MACs 398 12.5 MACs Based on Hash Functions: HMAC 399 12.6 MACs Based on Block Ciphers: DAA and CMAC 404 12.7 Authenticated Encryption: CCM and GCM 407 12.8 Pseudorandom Number Generation Using Hash Functions and MACs 413 12.9 Recommended Reading and Web Site 416 12.10 Key Terms, Review Questions, and Problems 417 Chapter 13 Digital Signatures 419 13.1 Digital Signatures 420 13.2 ElGamal Digital Signature Scheme 424

8 CONTENTS 13.3 Schnorr Digital Signature Scheme 426 13.4 Digital Signature Standard 427 13.5 Recommended Reading and Web Site 430 13.6 Key Terms, Review Questions, and Problems 431 PART FOUR MUTUAL TRUST 435 Chapter 14 Key Management and Distribution 435 14.1 Symmetric Key Distribution Using Symmetric Encryption 437 14.2 Symmetric Key Distribution Using Asymmetric Encryption 446 14.3 Distribution of Public Keys 448 14.4 X.509 Certificates 453 14.5 Public-Key Infrastructure 461 14.6 Recommended Reading and Web Sites 463 14.7 Key Terms, Review Questions, and Problems 464 Chapter 15 User Authentication 468 15.1 Remote User-Authentication Principles 469 15.2 Remote User-Authentication Using Symmetric Encryption 472 15.3 Kerberos 476 15.4 Remote User Authentication Using Asymmetric Encryption 494 15.5 Federated Identity Management 496 15.6 Recommended Reading and Web Sites 502 15.7 Key Terms, Review Questions, and Problems 503 Appendix 15A Kerberos Encryption Techniques 505 PART FIVE NETWORK AND INTERNET SECURITY 509 Chapter 16 Transport-Level Security 509 16.1 Web Security Considerations 510 16.2 Secure Socket Layer and Transport Layer Security 513 16.3 Transport Layer Security 526 16.4 HTTPS 530 16.5 Secure SheU (SSH) 532 16.6 Recommended Reading andweb Sites 543 16.7 Key Terms, Review Questions, and Problems 543 Chapter 17 Wireless Network Security 545 17.1 IEEE 802.11 Wireless LAN Overview 547 17.2 IEEE 802. Hi Wireless LAN Security 553 17.3 Wireless Application Protocol Overview 567 17.4 Wireless Transport Layer Security 574 17.5 WAP End-to-End Security 584 17.6 Recommended Reading and Web Sites 587 17.7 Key Terms, Review Questions, and Problems 588 Chapter 18 Electronic Mail Security 591 18.1 Pretty Good Privacy 592 18.2 S/MIME 611

Л.Л 18.3 DomainKeys Identified Mail 627 18.4 Recommended Reading and Web Sites 634 18.5 Key Terms, Review Questions, and Problems 635 Appendix 18A Radix-64 Conversion 636 Chapter 19 IP Security 639 19.1 IP Security Overview 640 19.2 IP Security Policy 646 19.3 Encapsulating Security Payload 651 19.4 Combining Security Associations 658 19.5 Internet Key Exchange 662 19.6 Cryptographic Suites 671 19.7 Recommended Reading and Web Sites 672 19.8 Key Terms, Review Questions, and Problems 673 APPENDICES 675 Appendix A Projects for Teaching Cryptography and Network Security 675 A.l Sage Computer Algebra Projects 676 A.2 Hacking Project 677 A.3 Block Cipher Projects 677 A.4 Laboratory Exercises 678 A.5 Research Projects 678 A.6 Programming Projects 679 A.7 Practical Security Assessments 679 A.8 Writing Assignments 679 A.9 Reading/Report Assignments 680 Appendix В Sage Examples 681 B. 1 Linear Algebra and Matrix Functionality 682 B.2 Chapter 2: Classical Encryption 683 B.3 Chapter 3: Block Ciphers and the Data Encryption Standard 686 B.4 Chapter 4: Basic Concepts in Number Theory and Finite Fields 690 B.5 Chapter 5: Advanced Encryption Standard 697 B.6 Chapter 6: Pseudorandom Number Generation and Stream Ciphers 702 B. 7 Chapter 8: Number Theory 704 B.8 Chapter 9: Public-Key Cryptography and RSA 709 B.9 Chapter 10: Other Public-Key Cryptosystems 712 B.10 Chapter 11: Cryptographic Hash Functions 717 B. 11 Chapter 13: Digital Signatures 719 References 723 Index 735 ONLINE CHAPTERS PART SIX SYSTEM SECURITY Chapter 20 Intruders 20.1 Intruders 20.2 Intrusion Detection

10 CONTENTS 20.3 Password Management 20.4 Recommended Reading and Web Sites 20.5 Key Terms, Review Questions, and Problems Appendix 20A The Base-Rate Fallacy Chapter 21 Malicious Software 21.1 Types of Malicious Software 21.2 Viruses 21.3 Virus Countermeasures 21.4 Worms 21.5 Distributed Denial of Service Attacks 21.6 Recommended Reading and Web Sites 21.7 Key Terms, Review Questions, and Problems Chapter 22 Firewalls 22.1 The Need for Firewalls 22.2 Firewall Characteristics 22.3 Types of Firewalls 22.4 Firewall Basing 22.5 Firewall Location and Configurations 22.6 Recommended Reading and Web Sites 22.7 Key Terms, Review Questions, and Problems PART SEVEN LEGAL AND ETHICAL ISSUES Chapter 23 Legal and Ethical Issues 23.1 Cybercrime and Computer Crime 23.2 Intellectual Property 23.3 Privacy 23.4 Ethical Issues 23.5 Recommended Reading andweb Sites 23.6 Key Terms, Review Questions, and Problems ONLINE APPENDICES WilliamStallings.com/Crypto/Crypto5e.html Appendix С Sage Problems C. 1 Getting Started with Sage C.2 Programming with Sage C.3 Chapter 2: Classical Encryption Techniques C.4 Chapter 3: Block Ciphers and the Data Encryption Standard C.5 Chapter 4: Basic Concepts in Number Theory and Finite Fields C.6 Chapter 5: Advanced Encryption Standard C.7 Chapter 7: Pseudorandom Number Generation and Stream Ciphers C.8 Chapter 8: Number Theory C.9 Chapter 9: Public-Key Cryptography and RS A CIO Chapter 10: Other Public-Key Cryptosystems C.ll Chapter 11: Cryptographic Hash Functions C.12 Chapter 13: Digital Signatures

CONTENTS 11 Appendix D Standards and Standards-Setting Organizations D.l The Importance of Standards D.2 Internet Standards and the Internet Society D.3 National Institute of Standards and Technology Appendix E Basic Concepts from Linear Algebra E.l Operations on Vectors and Matrices E.2 Linear Algebra Operations over Z n Appendix F Measures of Security and Secrecy F.l E2 E3 Perfect Secrecy Information and Entropy Entropy and Secrecy Appendix G Simplified DES G. 1 Overview G.2 S-DES Key Generation G.3 S-DES Encryption G.4 Analysis of Simplified DES G.5 Relationship to DES Appendix H Evaluation Criteria for AES H.l The Origins of AES H.2 AES Evaluation Appendix I More on Simplified AES 1.1 Arithmetic in GF(2 4 ) 1.2 The Mix Column Function Appendix J Knapsack Public-Key Algorithm J.l The Knapsack Problem ' J. 2 The Knapsack Cryptosystem J.3 Example Appendix К Proof of the Digital Signature Algorithm Appendix L TCP/IP and OSI L.l Protocols and Protocol Architectures L.2 The TCP/IP Protocol Architecture L.3 The Role of an Internet Protocol L.4 IPv4 L.5 IPv6 L.6 The OSI Protocol Architecture Appendix M Java Cryptographic APIs M.l Introduction M.2 JCA and JCE Architecture M.3 JCA Classes M.4 JCE Classes M.5 Conclusion and References

12 CONTENTS M.6 Using the Cryptographic Application M.7 JCA/JCE Cryptography Example Appendix N The Whirlpool Hash Function N.l Whirlpool Hash Structure N.2 Block Cipher W N.3 Performance of Whirlpool Appendix О Data Compression Using ZIP O.l Compression Algorithm 0.2 Decompression Algorithm Appendix P PGP Random Number Generation P.l True Random Numbers P.2 Pseudorandom Numbers Appendix Q International Reference Alphabet Glossary

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback