Chapter 1 Introduction 1
1.1 Attacks,Services,and Mechanisms 3
1.2 Security Attacks 6
1.3 Security Services 9
1.4 A Model for Internetwork Security 11
1.5 Outline of this Book 13
1.6 Recommended Reading 16
APPendix 1A:Internet and Web Resources 16
PART ONE CONVENTIONAL ENCRYPTION 19
Chapter 2 Conventional Encryption:Classical Techniques 21
2.1 Conventional Encryption Model 22
2.2 Steganography 26
2.3 Classical Encryption Techniques 28
2.4 Recommended Reading 44
2.5 Problems 45
Chapter 3 Conventional Encryption:Modern Techniques 49
3.1 Simplified DES 50
3.2 Block Cipher Principles 57
3.3 The Data Encryption Standard 65
3.4 The Strength of DES 74
3.5 Differential and Linear Cryptanalysis 76
3.6 Block Cipher Design Principles 79
3.7 Block Cipher Modes of Operation 83
3.8 Recommended Reading 89
3.9 Problems 89
Appendix 3A:Bent Functions 91
Chapter 4 Conventional Encryption:Algorithms 93
4.1 Triple DES 93
4.2 International Data Encryption Algorithm 99
4.3 Blowfish 109
4.4 RC5 114
4.5 CAST-128 120
4.6 RC2 124
4.7 Characteristics of Advanced Symmetric Block Ciphers 126
4.8 Problems 127
Chapter 5 Confidentiality Using Conventional Encryption 131
5.1 Placement of Encryption Function 132
5.2 Traffic Confidentiality 139
5.3 Key Distribution 141
5.4 Random Number Generation 149
5.5 Recommended Reading 156
5.6 Problems 157
PART TWO PUBLIC-KEY ENCRYPTION AND HASH FUNCTIONS 161
Chapter 6 Public-Key Cryptography 163
6.1 Principles of Public-Key Cryptosystems 164
6.2 The RSA Algorithm 173
6.3 Key Management 182
6.4 Diffie-Hellman Key Exchange 190
6.5 Elliptic Curve Cryptography 193
6.7 Problems 199
6.6 Recommended Reading 199
Appendix 6A:The Complexity of Algorithms 203
Chapter 7 Introduction to Number Theory 207
7.1 Prime and Relatively Prime Numbers 208
7.2 Modular Arithmetic 211
7.3 Fermat’s and Euler’s Theorems 217
7.4 Testing for Primality 221
7.5 Euclid’s Algorithm 223
7.6 The Chinese Remainder Theorem 226
7.7 Discrete Logarithms 228
7.8 Recommended Reading 233
7.9 Problems 233
Chapter 8 Message Authentication and Hash Functions 237
8.1 Authentication Requirements 238
8.2 Authentication Functions 239
8.3 Message Authentication Codes 249
8.4 Hash Functions 253
8.5 Security of Hash Functions and MACs 259
8.6 Recommended Reading 263
8.7 Problems 263
Appendix 8A:Mathematical Basis of Birthday Attack 264
Chapter 9 Hash and Mac Algorithms 271
9.1 MD5 Message Digest Algorithm 272
9.2 Secure Hash Algorithm(SHA-1) 281
9.3 RIPEMD-160 286
9.4 HMAC 293
9.5 Problems 298
Chapter 10 Digital Signatures and Authentication Protocols 299
10.1 Digital Signatures 299
10.2 Authentication Protocols 303
10.3 Digital Signature Standard 311
10.4 Recommended Reading 314
10.5 Problems 315
Appendix 10A:Proof of the DSS Algorithm 317
PART THREE NETWORK SECURITY PRACTICE 321
Chapter 11 Authentication Applications 323
11.1 Kerberos 323
11.2 X.509 Directory Authentication Service 341
11.3 Recommended Reading 350
11.4 Problems 350
Appendix 11A:Kerberos Encryption Techniques 351
Chapter 12 Electronic Mail Security 355
12.1 Pretty Good Privacy 356
12.2 S/MIME 374
12.3 Recommended Readings 390
12.4 Problems 391
Appendix 12A:Data Compression Using ZIP 391
Appendix 12B:Radix-64 Conversion 394
Appendix 12C:PGP Random Number Generation 395
Chapter 13 IP Security 399
13.1 IP Security Overview 400
13.2 IP Security Architecture 402
13.3 Authentication Header 408
13.4 Encapsulating Security Payload 413
13.5 Combining Security Associations 418
13.6 Key Management 421
13.7 Recommended Reading 432
13.8 Problems 432
Appendix 13A:Internetworking and Internet Protocols 433
Chapter 14 Web Security 441
14.1 Web Security Requirements 441
14.2 Secure Sockets Layer and Transport Layer Security 444
14.3 Secure Electronic Transaction 461
14.4 Recommended Reading 472
14.5 Problems 473
PART FOUR SYSTEM SECURITY 475
Chapter 15 Intruders,Viruses,and Worms 477
15.1 Intruders 478
15.2 Viruses and Related Threats 501
15.3 Recommended Reading 514
15.4 Problems 514
Chapter 16 Firewalls 517
16.1 Firewall Design Principles 517
16.2 Trusted Systems 527
16.3 Recommended Reading 532
16.4 Problems 533
Appendix A Projects for Teaching Cryptography and Network Security 535
A.1 Research Projects 536
A.2 Programming Projects 536
A.3 Reading/Report Assignments 537
Glossary 539
References 545
Index 559