Available:*
Library | Item Barcode | Call Number | Material Type | Item Category 1 | Status |
---|---|---|---|---|---|
Searching... | 30000010059919 | QA76.9.A25 K34 2002 | Open Access Book | Book | Searching... |
On Order
Summary
Summary
Appropriate for all graduate-level and upper-level courses in network or computer security.
Widely regarded as the most comprehensive yet comprehensible guide to network security, the First Edition of Network Security received critical acclaim for its lucid and witty explanations of the inner workings of network security protocols. Now, in the 2nd Edition, this books exceptionally distinguished author team draws on its hard-won experience to illuminate every facet of information security, from the basics to advanced cryptography and authentication; secure Web and email services; and emerging security standards. Highlights of the books extensive coverage include Advanced Encryption Standard (AES), IPsec, SSL, X.509 and related PKI standards, and Web security. The authors go far beyond documenting standards and technology: they contrast competing schemes, explain strengths and weaknesses, and identify the crucial errors most likely to compromise secure systems.Author Notes
Charlie Kaufman's latest film, Human Nature, is currently in production. He lives in Los Angeles.
(Bowker Author Biography)
Reviews 1
Library Journal Review
The authors offer a meaty survey of computer security in three broad sections. Opening with cryptography, they describe the meaning of keys and algorithms-a difficult task, requiring a bit of math that may frighten novices. The second part deals with authentication, or proof of identity on a network. The benefits and pitfalls of different schemes are discussed in a lively and engaging way and are spiced with appropriate quotes throughout. In the final section, E-mail-for some the most chaotic risk of all-is examined. Terms are defined well even for beginners, and exercises at the end of each chapter allow you to test your comprehension of a given set of concepts. But the authors use a notation system (discussed in the introduction) that you'll need to understand to follow some of the examples and arguments. Clearly, this thought-provoking book was designed for serious students of computers and their networks, but even a newbie will find entertaining and useful tidbits. (c) Copyright 2010. Library Journals LLC, a wholly owned subsidiary of Media Source, Inc. No redistribution permitted.
Table of Contents
Acknowledgments |
1 Introduction |
Roadmap to the Book |
What Type of Book Is This? |
Terminology |
Notation |
Primer on Networking |
Active vs. Passive Attackc |
Layers and Cryptography |
Authorization |
Tempest |
Key Escrow for Law Enforcement |
Key Escrow for Careless Users |
Viruses, Worms, Trojan Horses |
The Multi-level Model of Security |
Legal Issues |
I Cryptography |
2 Introduction to Cryptography |
What Is Cryptography? |
Breaking an Encryption Scheme |
Types of Cryptographic Functions |
Secret Key Cryptography |
Public Key Cryptography |
Hash Algorithms |
Homework |
3 Secret Key Cryptography |
Introduction |
Generic Block Encryption |
Data Encryption Standard (DES) |
International Data Encryption Algorithm (IDEA) |
Advanced Encryption Standard (AES) |
RC4 |
Homework |
4 Modes of Operation |
Introduction |
Encrypting a Large Message |
Generating MACs |
Multiple Encryption DES |
CBC Outside vs. Inside |
Homework |
5 Hashes and Message Digests |
Introduction |
Nifty Things to Do with a Hash |
MD2 |
MD4 |
MD5 |
SHA-1 |
HMAC |
Homework |
6 Public Key Algorithms |
Introduction |
Modular Arithmetic |
RSA |
Diffie-Hellman |
Digital Signature Standard (DSS) |
How Secure Are RSA and Diffie-Hellman? |
Elliptic Curve Cryptography (ECC) |
Zero Knowledge Proof Systems |
Homework Problems |
7 Number Theory |
Introduction |
Modular Arithmetic |
Primes |
Euclid's Algorithm |
Chinese Remainder Theorem |
Zn. Euler's Totient Function |
Euler's Theorem |
Homework Problems |
8 Math with AES and Elliptic Curves |
Introduction |
Notation |
Groups |
Fields |
Mathematics of Rijndael |
Elliptic Curve Cryptography |
Homework |
II Authentication |
9 Overview of Authentication Systems |
Password-Based Authentication |
Address-Based Authentication |
Cryptographic Authentication Protocols |
Who Is Being Authenticated? |
Passwords as Cryptographic Keys |
Eavesdropping and Server Database Reading |
Trusted Intermediaries |
Session Key Establishment |
Delegation |
Homework |
10 Authentication of People |
Passwords |
On-Line Password Guessing |
Off-Line Password Guessing |
How Big Should a Secret Be? |
Eavesdropping |
Passwords and Careless Users |
Initial Password Distribution |
Authentication Tokens |
Physical Access |
Biometrics |
Homework |
11 Security Handshake Pitfalls |
Login Only |
Mutual Authentication |
Integrity/Encryption for Data |
Mediated Authentication (with KDC) |
Nonce Types |
Picking Random Numbers |
Performance Considerations |
Authentication Protocol Checklist |
Homework |