Too many engineers consider cryptography to be a sort of magic security dust that they can sprinkle over their hardware or software, and which will imbue those products with the mythical property of “security.” Security is only as strong as the weakest link, and the mathematics of cryptography is almost never the weakest link. The fundamentals of cryptography are important, but far more important are, how those fundamentals are implemented and used. You can argue whether the stake should be a mile or a mile-and-a-half high, but the attacker is simply going to walk around the stake. Security is a broad stockade: it’s the things around the cryptography that make the cryptography effective. This book is intended for Professional cryptographers, presenting the techniques and algorithms of greatest interest to the current practitioner, along with the supporting motivation and background material. It also provides a comprehensive source from which to learn cryptography, serving both students and instructors. Throughout each chapter, we emphasize the relationship between various aspects of cryptography. We believe this style of presentation allows a better understanding of how algorithms actually work. Each chapter was written to provide a self-contained treatment of one major topic. Collectively, however, the chapters have been designed and carefully integrated to be entirely complementary with respect to definitions, terminology, and notation. Furthermore, there is essentially no duplication of material across chapters; instead, appropriate cross-chapter references are provided where relevant.
Additional Info
  • Publisher: Laxmi Publications
  • Language: English
  • ISBN : 978-93-5138-266-9
  • Chapter 1

    Introduction to symmetric encryption Price 2.99  |  2.99 Rewards Points

    Security attack: Any action that compromises the security of information owned by an organization. Security mechanism: A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack. Security service: A processing or communication service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service.
  • Chapter 2

    Groups, rings and fields Price 2.99  |  2.99 Rewards Points

    A group G, sometimes denoted by {G, ·} is a set of elements with a binary operation, denoted by, that associates to each ordered pair (a, b) of elements in G an element (a · b) in G, such that the following axioms are obeyed: The operator is generic and can refer to addition, multiplication, or some other mathematical operation.
  • Chapter 3

    Message authentication and hash functions Price 2.99  |  2.99 Rewards Points

    In the context of communications across a network, the following attacks can be identified: 1. Disclosure: Release of message contents to any person or process not possessing the appropriate cryptographic key. 2. Traffic Analysis: Discovery of the pattern of traffic between parties. 3. Masquerade: Insertion of messages into the network from a fraudulent source. 4. ContentModification: Changes to the contents of a message, including insertion, deletion, transposition, and modification. 5. Sequence Modification: Any modification to a sequence of messages between parties, including insertion, deletion, and reordering. 6. Timing Modification: Delay or replay of messages. 7. Source Repudiation: Denial of transmission of message by source. 8. Destination Repudiation: Denial of receipt of message by destination.
  • Chapter 4

    Authentication applications Price 2.99  |  2.99 Rewards Points

    Kerberos is an authentication service developed as part of Project Athena at MIT. The problem that Kerberos addresses is this: Assume an open distributed environment in which users at workstations wish to access services on servers distributed throughout the network. We would like for servers to be able to restrict access to authorized users and to be able to authenticate requests for service. In this environment, a workstation cannot be trusted to identify its users correctly to network services.
  • Chapter 5

    Network and system security Price 2.99  |  2.99 Rewards Points

    IP SECURITY • IP security (IPSec) is a capability that can be added to either current version of the Internet Protocol (IPv4 or IPv6), by means of additional headers. • IPSec encompasses three functional areas: authentication, confidentiality, and key management. • Authentication makes use of the HMAC message authentication code. Authentication can be applied to the entire original IP packet (tunnel mode) or to the entire packet except for the IP header (transport mode). • Confidentiality is provided by an encryption format known as encapsulating security payload. Both tunnel and transport modes can be accommodated. • IPSec defines a number of techniques for key management. IPSecurity (IPSec) is a collection of protocols designed by the Internet Engineering Task Force (IETF) to provide security for a packet at the network level. IPSec helps to create authenticated and confidential packets for the IP layer.

About the Author