William Stallings:美国圣母大学电子工程学士,麻省理工学院计算机科学博士,《密码术》期刊编委。美国多家高科技公司执行总监,政府机构、计算机软硬件供应商顾问;曾为各种计算机和操作系统设计并实现TCPIP和OSI协议套件;创建并维护了计算机科学专业学生资源网站ComputerScienceStudent.com。出版图书17种,内容涉及计算机安全、计算机网络和计算机系统结构等;在《IEEE进展》《ACM计算评论》和《密码术》等杂志上发表文章多篇;先后12次获美国年度*计算机科学教科书奖和学术作者协会奖。
William Stallings:美国圣母大学电子工程学士,麻省理工学院计算机科学博士,《密码术》期刊编委。美国多家高科技公司执行总监,政府机构、计算机软硬件供应商顾问;曾为各种计算机和操作系统设计并实现TCPIP和OSI协议套件;创建并维护了计算机科学专业学生资源网站ComputerScienceStudent.com。出版图书17种,内容涉及计算机安全、计算机网络和计算机系统结构等;在《IEEE进展》《ACM计算评论》和《密码术》等杂志上发表文章多篇;先后12次获美国年度*计算机科学教科书奖和学术作者协会奖。
目錄:
Part One: Background 1
Chapter 1 Computer and Network Security Concepts 1
1.1 Computer Security Concepts 3
1.2 The OSI Security Architecture 8
1.3 Security Attacks 9
1.4 Security Services 11
1.5 Security Mechanisms 14
1.6 Fundamental Security Design Principles 16
1.7 Attack Surfaces and Attack Trees 19
1.8 A Model for Network Security 23
1.9 Standards 25
1.10 Key Terms, Review Questions, and Problems 26
Chapter 2 Introduction to Number Theory 28
2.1 Divisibility and the Division Algorithm 29
2.2 The Euclidean Algorithm 31
2.3 Modular Arithmetic 35
2.4 Prime Numbers 43
2.5 Fermat’s and Euler’s Theorems 46
2.6 Testing for Primality 50
2.7 The Chinese Remainder Theorem 53
2.8 Discrete Logarithms 55
2.9 Key Terms, Review Questions, and Problems 60
Appendix 2A The Meaning of Mod 64
Part Two: Symmetric Ciphers 67
Chapter 3 Classical Encryption Techniques 67
3.1 Symmetric Cipher Model 68
3.2 Substitution Techniques 74
3.3 Transposition Techniques 89
3.4 Rotor Machines 90
3.5 Steganography 92
3.6 Key Terms, Review Questions, and Problems 94
Chapter 4 Block Ciphers and the Data Encryption Standard 100
4.1 Traditional Block Cipher Structure 101
4.2 The Data Encryption Standard 111
4.3 A DES Example 113
4.4 The Strength of DES 116
4.5 Block Cipher Design Principles 117
4.6 Key Terms, Review Questions, and Problems 119
Chapter 5 Finite Fields 123
5.1 Groups 125
5.2 Rings 127
5.3 Fields 128
5.4 Finite Fields of the Form GF(p) 129
5.5 Polynomial Arithmetic 133
5.6 Finite Fields of the Form GF(2n) 139
5.7 Key Terms, Review Questions, and Problems 151
Chapter 6 Advanced Encryption Standard 153
6.1 Finite Field Arithmetic 154
6.2 AES Structure 156
6.3 AES Transformation Functions 161
6.4 AES Key Expansion 172
6.5 An AES Example 175
6.6 AES Implementation 179
6.7 Key Terms, Review Questions, and Problems 184
Appendix 6A Polynomials with Coefficients in GF(28) 185
Chapter 7 Block Cipher Operation 189
7.1 Multiple Encryption and Triple DES 190
7.2 Electronic Codebook 195
7.3 Cipher Block Chaining Mode 198
7.4 Cipher Feedback Mode 200
7.5 Output Feedback Mode 202
7.6 Counter Mode 204
7.7 XTS-AES Mode for Block-Oriented Storage Devices 206
7.8 Format-Preserving Encryption 213
7.9 Key Terms, Review Questions, and Problems 227
Chapter 8 Random Bit Generation and Stream Ciphers 232
8.1 Principles of Pseudorandom Number Generation 234
8.2 Pseudorandom Number Generators 240
8.3 Pseudorandom Number Generation Using a Block Cipher 243
8.4 Stream Ciphers 249
8.5 RC4 251
8.6 True Random Number Generators 253
8.7 Key Terms, Review Questions, and Problems 262
Part Three: Asymmetric Ciphers 265
Chapter 9 Public-Key Cryptography and RSA 265
9.1 Principles of Public-Key Cryptosystems 267
9.2 The RSA Algorithm 276
9.3 Key Terms, Review Questions, and Problems 290
Chapter 10 Other Public-Key Cryptosystems 295
10.1 Diffie-Hellman Key Exchange 296
10.2 Elgamal Cryptographic System 300
10.3 Elliptic Curve Arithmetic 303
10.4 Elliptic Curve Cryptography 312
10.5 Pseudorandom Number Generation Based on an Asymmetric Cipher 316
10.6 Key Terms, Review Questions, and Problems 318
Part Four: Cryptographic Data Integrity Algorithms 321
Chapter 11 Cryptographic Hash Functions 321
11.1 Applications of Cryptographic Hash Functions 323
11.2 Two Simple Hash Functions 328
11.3 Requirements and Security 330
11.4 Hash Functions Based on Cipher Block Chaining 336
11.5 Secure Hash Algorithm (SHA) 337
11.6 SHA-3 347
11.7 Key Terms, Review Questions, and Problems 359
Chapter 12 Message Authentication Codes 363
12.1 Message Authentication Requirements 364
12.2 Message Authentication Functions 365
12.3 Requirements for Message Authentication Codes 373
12.4 Security of MACs 375
12.5 MACs Based on Hash Functions: HMAC 376
12.6 MACs Based on Block Ciphers: DAA and CMAC 381
12.7 Authenticated Encryption: CCM and GCM 384
12.8 Key Wrapping 390
12.9 Pseudorandom Number Generation Using Hash Functions and MACs 395
12.10 Key Terms, Review Questions, and Problems 398
Chapter 13 Digital Signatures 401
13.1 Digital Signatures 403
13.2 Elgamal Digital Signature Scheme 406
13.3 Schnorr Digital S
內容試閱:
Preface
In the four years since the sixth edition of this book was published, the field has seen continued innovations and improvements. In this new edition, I try to capture these changes while maintaining a broad and comprehensive coverage of the entire field. To begin this process of revision, the sixth edition of this book was extensively reviewed by a number of professors who teach the subject and by professionals working in the field. The result is that, in many places, the narrative has been clarified and tightened, and illustrations have been improved.
Beyond these refinements to improve pedagogy and user-friendliness, there have been substantive changes throughout the book. Roughly the same chapter organization has been retained, but much of the material has been revised and new material has been added. The most noteworthy changes are as follows:
■■ Fundamental security design principles: Chapter 1 includes a new section discussing the security design principles listed as fundamental by the National Centers of Academic Excellence in Information Assurance/Cyber Defense, which is jointly sponsored by the U.S. National Security Agency and the U.S. Department of Homeland Security.
■■ Attack surfaces and attack trees: Chapter 1 includes a new section describing these two concepts, which are useful in evaluating and classifying security threats.
■■ Number theory coverage: The material on number theory has been consolidated into a single chapter, Chapter 2. This makes for a convenient reference. The relevant portions of Chapter 2 can be assigned as needed.
■■ Finite fields: The chapter on finite fields has been revised and expanded with additional text and new figures to enhance understanding.
■■ Format-preserving encryption: This relatively new mode of encryption is enjoying increasing commercial success. A new section in Chapter 7 covers this method.
■■ Conditioning and health testing for true random number generators: Chapter 8 now provides coverage of these important topics.
■■ User authentication model: Chapter 15 includes a new description of a general model for user authentication, which helps to unify the discussion of the various approaches to user authentication.
■■ Cloud security: The material on cloud security in Chapter 16 has been updated and expanded to reflect its importance and recent developments.
■■ Transport Layer Security (TLS): The treatment of TLS in Chapter 17 has been updated, reorganized to improve clarity, and now includes a discussion of the new TLS version 1.3.
■■ Email Security: Chapter 19 has been completely rewritten to provide a comprehensive and up-to-date discussion of email security. It includes:
—— New: discussion of email threats and a comprehensive approach to email security.
—— New: discussion of STARTTLS, which provides confidentiality and authentication for SMTP.
—— Revised: treatment of S/MIME has been updated to reflect the latest version 3.2.
—— New: discussion of DNSSEC and its role in supporting email security.
—— New: discussion of DNS-based Authentication of Named Entities (DANE) and the use of this approach to enhance security for certificate use in SMTP and S/MIME.
—— New: discussion of Sender Policy Framework (SPF), which is the standardized way for a sending domain to identify and assert the mail senders for a given domain.
—— Revised: discussion of DomainKeys Identified Mail (DKIM) has been revised.
—— New: discussion of Domain-based Message Authentication, Reporting, and Conformance (DMARC) allows email senders to specify policy on how their mail should be handled, the types of reports that receivers can send back, and the frequency those reports should be sent.
It is the purpose of this book to provide a practical survey of both the principles and practice of cryptography and network security. In the first part of the book, the basic issues to be addressed by a network security capability are explored by providing a tutorial and survey of cryptography and network security technology. The latter part of the book deals with the practice of network security: practic
購物車/收銀台(0) | 在線留言板
| 付款方式
| 運費計算
| 聯絡我們
| 幫助中心 |
加入書簽
HOME
新書上架
