Chapter 0 Reader's Guide

0.1 Outline of This Book

0.2 A Roadmap for Readers and Instructors

0.3 Internet and Web Resources

0.4 Standards

Chapter 1 Overview

1.1 Computer Security Concepts

1.2 The OSI Security Architecture

1.3 Security Attacks

1.4 Security Services

1.5 Security Mechanisms

1.6 A Model for Network Security

1.7 Recommended Reading and Web Sites

1.8 Key Terms, Review Questions, and Problems

PART ONE SYMMETRIC CIPHERS

Chapter 2 Classical Encryption Techniques

2.1 Symmetric Cipher Model

2.2 Substitution Techniques

2.3 Transposition Techniques

2.4 Rotor Machines

2.5 Steganography

2.6 Recommended Reading and Web Sites

2.7 Key Terms, Review Questions, and Problems

Chapter 3 Block Ciphers and the Data Encryption Standard

3.1 Block Cipher Principles

3.2 The Data Encryption Standard (DES)

3.3 A DES Example

3.4 The Strength of DES

3.5 Differential and Linear Cryptanalysis

3.6 Block Cipher Design Principles

3.7 Recommended Reading and Web Site

3.8 Key Terms, Review Questions, and Problems

Chapter 4 Basic Concepts in Number Theory and Finite Fields

4.1 Divisibility and the Division Algorithm

4.2 The Euclidean Algorithm

4.3 Modular Arithmetic

4.4 Groups, Rings, and Fields

4.5 Finite Fields of the Form GF(p)

4.6 Polynomial Arithmetic

4.7 Finite Fields of the Form GF(2n)

4.8 Recommended Reading and Web Sites

4.9 Key Terms, Review Questions, and Problems

APPENDIX 4A The Meaning of mod

Chapter 5 Advanced Encryption Standard

5.1 The Origins AES

5.2 AES Structure

5.3 AES Round Functions

5.4 AES Key Expansion

5.5 An AES Example

5.6 AES Implementation

5.7 Recommended Reading and Web Sites

5.8 Key Terms, Review Questions, and Problems

APPENDIX 5A Polynomials with Coefficients in GF(28)

APPENDIX 5B Simplified AES

Chapter 6 Block Cipher Operation

6.1 Multiple Encryption and Triple DES

6.2 Electronic Codebook Mode

6.3 Cipher Block Chaining Mode

6.4 Cipher Feedback Mode

6.5 Output Feedback Mode

6.6 Counter Mode

6.7 XTS Mode for Block-Oriented Storage Devices

6.8 Recommended Web Site

6.9 Key Terms, Review Questions, and Problems

Chapter 7 Pseudorandom Number Generation and Stream Ciphers

7.1 Principles of Pseudorandom Number Generation

7.2 Pseudorandom Number Generators

7.3 Pseudorandom Number Generation Using a Block Cipher

7.4 Stream Ciphers

7.5 RC4

7.6 True Random Numbers

7.7 Recommended Reading

7.8 Key Terms, Review Questions, and Problems

PART TWO ASYMMETRIC CIPHERS

Chapter 8 More Number Theory

8.1 Prime Numbers

8.2 Fermat's and Euler's Theorems

8.3 Testing for Primality

8.4 The Chinese Remainder Theorem

8.5 Discrete Logarithms

8.6 Recommended Reading and Web Sites

8.7 Key Terms, Review Questions, and Problems

Chapter 9 Public-Key Cryptography and RSA

9.1 Principles of Public-Key Cryptosystems

9.2 The RSA Algorithm

9.3 Recommended Reading and Web Sites

9.4 Key Terms, Review Questions, and Problems

Appendix 9A: Proof of the RSA Algorithm

Appendix 9B: The Complexity of Algorithms

Chapter 10 Other Public-Key Cryptosystems

10.1 Diffie-Hellman Key Exchange

10.2 ElGamal Cryptosystem

10.3 Elliptic Curve Arithmetic

10.4 Elliptic Curve Cryptography

10.5 Pseudorandom Number Generation Based on an Asymmetric Cipher

10.6 Recommended Reading and Web Sites

10.7 Key Terms, Review Questions, and Problems

PART THREE CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS

Chapter 11 Cryptographic Hash Functions

11.1 Applications of Cryptographic Hash Functions

11.2 Two Simple Hash Functions

11.3 Requirements and Security

11.4 Hash Functions Based on Cipher Block Chaining

11.5 Secure Hash Algorithm (SHA)

11.6 SHA-3

11.7 Recommended Reading and Web Sites

11.8 Key Terms, Review Questions, and Problems

Appendix 11A: Mathematical Basis of Birthday Attack

Chapter 12 Message Authentication Codes

12.1 Message Authentication Requirements

12.2 Message Authentication Functions

12.3 Message Authentication Codes

12.4 Security of MACs

12.5 MACs Based on Hash Functions: HMAC

12.6 MACs Based on Block Ciphers: DAA and CMAC

12.7 Authenticated Encryption: CCM and GCM

12.8 Pseudorandom Number Generation using Hash Functions and MACs

12.9 Recommended Reading

12.10 Key Terms, Review Questions, and Problems

Chapter 13 Digital Signatures

13.1 Digital Signatures

13.2 ElGamal Digital Signature Scheme

13.3 Schnorr Digital Signature Scheme

13.4 Digital Signature Standard (DSS)

13.5 Recommended Reading and Web Sites

13.6 Key Terms, Review Questions, and Problems

PART FOUR MUTUAL TRUST

Chapter 14 Key Management and Distribution

14.1 Symmetric Key Distribution Using Symmetric Encryption

14.2 Symmetric Key Distribution Using Asymmetric Encryption

14.3 Distribution of Public Keys

14.4 X.509 Certificates

14.5 Public Key Infrastructure

14.6 Recommended Reading and Web Sites

14.7 Key Terms, Review Questions, and Problems

Chapter 15 User Authentication Protocols

15.1 Remote User Authentication Principles

15.2 Remote User Authentication Using Symmetric Encryption

15.3 Kerberos

15.4 Remote User Authentication Using Asymmetric Encryption

15.5 Federated Identity Management

15.6 Recommended Reading and Web Sites

15.7 Key Terms, Review Questions, and Problems

Appendix 15A: Kerberos Encryption Techniques

PART FIVE NETWORK AND INTERNET SECURITY

Chapter 16 Transport-Level Security

16.1 Web Security Issues

16.2 Secure Sockets Layer (SSL)

16.3 Transport Layer Security (TLS)

16.4 HTTPS

16.5 Secure Shell (SSH)

16.6 Recommended Reading and Web Sites

16.7 Key Terms, Review Questions, and Problems

Chapter 17 Wireless Network Security

17.1 IEEE 802.11 Wireless LAN Overview

17.2 IEEE 802.11i Wireless LAN Security

17.3 Wireless Application Protocol Overview

17.4 Wireless Transport Layer Security

17.5 WAP End-to-End Security

17.6 Recommended Reading and Web Sites

17.7 Key Terms, Review Questions, and Problems

Chapter 18 Electronic Mail Security

18.1 Pretty Good Privacy (PGP)

18.2 S/MIME

18.3 DomainKeys Identified Mail (DKIM)

18.4 Recommended Web Sites

18.5 Key Terms, Review Questions, and Problems

Appendix 18A: Radix-64 Conversion

Chapter 19 IP Security

19.1 IP Security Overview

19.2 IP Security Policy

19.3 Encapsulating Security Payload

19.4 Combining Security Associations

19.5 Internet Key Exchange

19.6 Cryptographic Suites

19.7 Recommended Reading and Web Sites

19.8 Key Terms, Review Questions, and Problems

APPENDICES

Appendix A Projects for Teaching Cryptography and Network Security

A.1 Sage Computer Algebra Projects

A.2 Hacking Project

A.3 Block Cipher Projects

A.4 Laboratory Exercises

A.5 Research Projects

A.6 Programming Projects

A.7 Practical Security Assessments

A.8 Writing Assignments

A.9 Reading/Report Assignments

Appendix B Sage Examples

B.1

Appendix C Sage Problems

C.1

ONLINE CHAPTERS

PART SIX SYSTEM SECURITY

Chapter 20 Intruders

20.1 Intruders

20.2 Intrusion Detection

20.3 Password Management

20.4 Recommended Reading and Web Sites

20.5 Key Terms, Review Questions, and Problems

Appendix 20A The Base-Rate Fallacy

Chapter 21 Malicious Software

21.1 Types of Malicious Software

21.2 Viruses

21.3 Virus Countermeasures

21.4 Worms

21.5 Distributed Denial of Service Attacks

21.6 Recommended Reading and Web Sites

21.7 Key Terms, Review Questions, and Problems

Chapter 22 Firewalls

22.1 The Need for Firewalls

22.2 Firewall Characteristics

22.3 Types of Firewalls

22.4 Firewall Basing

22.5 Firewall Location and Configurations

22.6 Recommended Reading and Web Sites

22.7 Key Terms, Review Questions, and Problems

PART SEVEN LEGAL AND ETHICAL ISSUES

Chapter 23 Legal and Ethical Issues

23.1 Cybercrime and Computer Crime

23.2 Intellectual Property

23.3 Privacy

23.4 Ethical Issues

23.5 Recommended Reading and Web Sites

23.6 Key Terms, Review Questions, and Problems

ONLINE APPENDICES

WilliamStallings.com/Crypto/Crypto5e.html

APPENDIX D Standards and Standards-Setting Organizations

D.1 The Importance of Standards

D.2 Internet Standards and the Internet Society

D.3 National Institute of Standards and Technology

APPENDIX E Basic Concepts from Linear Algebra

APPENDIX F Measures of Security and Secrecy

APPENDIX G Simplified DES

E.1 Overview

E.2 S-DES Key Generation

E.3 S-DES Encryption

E.4 Analysis of Simplified DES

E.5 Relationship to DES

APPENDIX H Evaluation Criteria for AES

H.1 The Origins of AES

H.2 AES Evaluation

APPENDIX I More on Simplified AES

G.1 Arithmetic in GF(24)

G.2 The Mix Column Function

APPENDIX J Knapsack Public-Key Algorithm

I.1 The Knapsack Problem

I.2 The Knapsack Cryptosystem

I.3 Example

APPENDIX K Proof of the Digital Signature Algorithm

APPENDIX L TCP/IP and OSI

K.1 Protocols and Protocol Architectures

K.2 The TCP/IP Protocol Architecture

K.3 The Role of an Internet Protocol

K.4 IPv4

K.5 IPv6

K.6 The OSI Protocol Architecture

APPENDIX M Java Cryptographic APIs

M.1 Introduction

M.2 JCA and JCE Architecture

M.3 JCA Classes

M.4 JCE Classes

M.5 Conclusion and References

M.6 Using the Cryptographic Application

M.7 JCA/JCE Cryptography Example

APPENDIX N The Whirlpool Hash Function

N.1 Whirlpool Hash Structure

N.2 Block Cipher W

N.3 Performance of Whirlpool

APPENDIX O Data Compression Using ZIP

APPENDIX P PGP Random Number Generation