CRYPTOG NETWORK SECURITY

Size: px

Start display at page:

Download "CRYPTOG NETWORK SECURITY"

Mariah Poole
10 years ago
Views:

1 CRYPTOG NETWORK SECURITY PRINCIPLES AND PRACTICES FOURTH EDITION William Stallings Prentice Hall Upper Saddle River, NJ 07458

2 'jkfetmhki^^rij^jibwfcmf «MMr""'-^.; <-^Lä?^96SB^H B H I H I H ^ H " CONTENTS Notation xi Preface xiii i Chapter Chapter Reader's Guide 1 Outline of This Book 2 Roadmap 2 Internet and Web Resources 4 Introduction 6 Security Trends 9 The OSI Security Architecture 12 Security Attacks 13 Security Services 16 Security Mechanisms 19 A Model for Network Security 22 Recommended Reading and Web Sites 24 Key Terms, Review Questions, and Problems 25 PART ONE SYMMETRIC CIPHERS 26 Chapter Chapter Chapter Classical Encryption Techniques 28 Symmetrie Cipher Model 30 Substitution Techniques 35 Transposition Techniques 49 Rotor Machines 51 Steganography 53 Recommended Reading and Web Sites 55 Key Terms, Review Questions, and Problems 56 Block Ciphers and the Data Encryption Standard 62 Block Cipher Principles 64 The Data Encryption Standard 72 TheStrength ofdes 82 Differential and Linear Cryptanalysis 83 Block Cipher Design Principles 86 Recommended Reading 90 Key Terms, Review Questions, and Problems 90 Finite Fields 95 Groups, Rings, and Fields 97 Modular Anthmetic 101 The Euclidean Algorithm 107 Finite Fields of the Form GF(p) 109 Polynomial Arithmetic 113 Finite Fields of the Form GF(2") 119 V

Mechanisms 19 A Model for Network Security 22 Recommended Reading and Web Sites 24 Key Terms, Review Questions, and Problems 25 PART ONE SYMMETRIC CIPHERS 26 Chapter 2 2.1 2.2 2.3 2.4 2.5 2.6 2.

3 vi CONTENTS 4.7 Recommended Reading and Web Sites Key Terms, Review Questions, and Problems 130 Chapter 5 Advanced Encryption Standard Evaluation Criteria for AES TheAES Cipher Recommended Reading and Web Sites Key Terms, Review Questions, and Problems 161 Appendix 5A Polynomials with CoefFicients in GF(2 8 ) 163 Appendix 5B Simplified AES 165 Chapter 6 More on Symmetrie Ciphers Multiple Encryption andtriple DES Block Cipher Modes of Operation Stream Ciphers and RC Recommended Reading and Web Site Key Terms, Review Questions, and Problems 194 Chapter 7 Confidentiality Using Symmetrie Encryption Placement of Encryption Function Traffic Confidentiality Key Distribution Random Number Generation Recommended Reading and Web Sites Key Terms, Review Questions, and Problems 228 PARTTWO PUBLIC-KEY ENCRYPTION AND HASH FUNCTIONS 232 Chapter 8 Introduction to Number Theory Prime Numbers Fermat's and Euler's Theorems Testing for Primality The Chinese Remainder Theorem Discrete Logarithms Recommended Reading and Web Site Key Terms, Review Questions, and Problems 254 Chapter 9 Public-Key Cryptography and RSA Principles of Public-Key Cryptosystems The RSA Algonthm Recommended Reading and Web Site Key Terms, Review Questions, and Problems 281 Appendix 9A Proof of the RSA Algorithm 285 Appendix 9B The Complexity of Algorithms 286 Chapter 10 Key Management; Other Public-Key Cryptosystems Key Management Diffie-Hellman Key Exchange Elliptic Curve Arithmetic Elliptic Curve Cryptography 310

4 Key Terms, Review Questions, and Problems 161 Appendix 5A Polynomials with CoefFicients in GF(2 8 ) 163 Appendix 5B Simplified AES 165 Chapter 6 More on Symmetrie Ciphers 174 6.

4 10.5 Recommended Reading and Web Site KeyTerms, Review Questions, and Problems 314 Chapter 11 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of Hash Functions and MACs Recommended Reading KeyTerms, Review Questions, and Problems 344 Appendix IIA Mathematical Basis of the Birthday Attack 346 Chapter 12 Hash and MAC Algorithms Secure Hash Algorithm Whirlpool HMAC CMAC Recommended Reading and Web Sites KeyTerms, Review Questions, and Problems 375 Chapter 13 Digital Signatures and Authentication Protocols Digital Signatures Authentication Protocols Digital Signature Standard Recommended Reading and Web Sites KeyTerms, Review Questions, and Problems 393 PART THREE NETWORK SECURITY APPLICATIONS 398 Chapter 14 Authentication Applications Kerberos X.509 Authentication Service Public-Key Infrastructure Recommended Reading and Web Sites KeyTerms, Review Questions, and Problems 431 Appendix 14A Kerberos Encryption Techniques 433 Chapter 15 Electronic Mail Security Pretty Good Privacy S/MIME Recommended Web Sites KeyTerms, Review Questions, and Problems 474 Appendix 15A Data Compression Using ZIP 475 Appendix 15B Radix-64 Conversion 478 Appendix 1 5C PGP Random Number Generation 479 Chapter 16 IP Security IP Security Overview IP Security Architecture 487

7 KeyTerms, Review Questions, and Problems 344 Appendix IIA Mathematical Basis of the Birthday Attack 346 Chapter 12 Hash and MAC Algorithms 351 12.1 Secure Hash Algorithm 353 12.2 Whirlpool 358 12.

5 Vlll CONTENTS 16.3 Authentication Header Encapsulating Security Payload Combining Security Associations Key Management Recommended Reading and Web Site Key Terms, Review Questions, and Problems 517 Appendix 16A Internetworking and Internet Protocols 518 Chapter 17 Web Security Web Security Considerations Secure Socket Layer and Transport Layer Security Secure Electronic Transaction Recommended Reading and Web Sites Key Terms, Review Questions, and Problems 561 PART FOUR SYSTEM SECURITY 563 Chapter 18 Intruders Intruders Intrusion Detection Password Management Recommended Reading and Web Sites Key Terms, Review Questions, and Problems 592 Appendix 18A The Base-Rate Fallacy 594 Chapter 19 Malicious Software Viruses and Related Threats Virus Countermeasures Distributed Denial of Service Attacks Recommended Reading and Web Sites Key Terms, Review Questions, and Problems 620 Chapter 20 Firewalls Firewall Design Principles Trusted Systems Common Criteria for Information Technology Security Evaluation Recommended Reading and Web Sites Key Terms, Review Questions, and Problems 645 APPENDICES 647 Appendix A Standards and Standards-Setting Organizations 647 A.l The Importance of Standards 648 A.2 Internet Standards and the Internet Society 649 A.3 National Institute of Standards and Technology 652 Appendix B Projects for Teaching Cryptography and Network Security 653 B.l Research Projects 654 B.2 Programming Projects 655 B.3 Laboratory Exercises 655

2 Secure Socket Layer and Transport Layer Security 531 17.3 Secure Electronic Transaction 549 17.4 Recommended Reading and Web Sites 560 17.

6 B.4 Writing Assignments 655 B.5 Reading/Report Assignments 656 Glossary 657 References 663 Index 673 ONLINE APPENDICES williamstallings.com/crypto/crypto4e.html Appendix C Simplified Des C.l Overview C.2 S-DES Key Generation C.3 S-DES Key Encryption C.4 Analysis of Simplified DES C.5 Relationship to DES Appendix D The Meaning ofmod D.l The Binary Operator mod D.2 The Congruence Relation mod Appendix E More on Simplified AES E.l Anthmetic in GF(2 4 ) E.2 The Mix Column Function Appendix F Knapsack Public-Key Algorithm F.l The Knapsack Problem F.2 The Knapsack Cryptosystem F.3 Example Appendix G Proof of the Digital Signature Algorithm Appendix H TCP/IP and OSI H.l H.l H.l Protocols and Protocol Architectures The TCP/OIP Protocol Architecture The OSI Protocol Architecture

2 The Congruence Relation mod Appendix E More on Simplified AES E.l Anthmetic in GF(2 4 ) E.2 The Mix Column Function Appendix F Knapsack Public-Key Algorithm F.l The Knapsack Problem F.

CRYPTOGRAPHY AND NETWORK SECURITY

CRYPTOGRAPHY AND NETWORK SECURITY PRINCIPLES AND PRACTICE SIXTH EDITION William Stallings International Edition contributions by Mohit P Tahiliani NITK Surathkal PEARSON Boston Columbus Indianapolis New