Cryptography Decrypted: A Pictorial Introduction to Digital Security
H. X. Mel, Doris M. Baker
 出版商: AddisonWesley Professional
 出版日期: 20001231
 售價: $1,930
 貴賓價: 9.5 折 $1,834
 語言: 英文
 頁數: 384
 裝訂: Paperback
 ISBN: 0201616475
 ISBN13: 9780201616477
立即出貨 (庫存 < 4)
買這商品的人也買了...

貴賓價: $1,121Applied Cryptography, 2/e

貴賓價: $1,568Practical Cryptography (Paperback)

貴賓價: $1,007Modern Cryptography: Theory and Practice (Hardcover)
商品描述
Description
A clear, comprehensible, and practical guide to the essentials of computer cryptography, from Caesar's Cipher through modernday public key. Cryptographic capabilities like detecting imposters and stopping eavesdropping are thoroughly illustrated with easytounderstand analogies, visuals, and historical sidebars. The student needs little or no background in cryptography to read Cryptography Decrypted. Nor does it require technical or mathematical expertise. But for those with some understanding of the subject, this book is comprehensive enough to solidify knowledge of computer cryptography and challenge those who wish to explore the highlevel math appendix.
Appropriate Courses
Computer Security/Cryptography.
Table Of Contents
Foreword.Preface.
Introduction.
I. SECRET KEY CRYPTOGRAPHY.
1. Locks and Keys.Defining Cryptographic Terms.
Making and Solving Puzzles.
Review.
2. Substitution and Caesar's Cipher.
Empowering the Masses.
The Importance of Separating the Method and the Key.
Adding Keys.
More Complex Substitution: Vigenere's Cipher.
Review.
3. Transposition Ciphers: Moving Around.
Adding Complexity.
Computer Transposition.
Combining Substitution and Transposition.
Review.
4. Diffuse and Confuse: How Cryptographers Win the End Game.
The Principle of Confusion.
Cryptographic Locks and Keys.
Review.
5. DES Isn't Strong Anymore.
Cycling Through Computer Keys.
Double and Triple DES.
DES (and Other Block Cipher) Modes.
The Avalanche Effect.
Supplement: Binary Numbers and Computer Letters.
Review.
6. Evolution of Cryptography: Going Global.
Commercial and Military Needs.
Entering the Computer Age.
Review.
7. Secret Key Assurances.
Authentication.
Not Really Random Numbers.
Integrity.
Why Bother Using a Message Authentication Code?
File and MAC Compression.
Nonrepudiation: Secret Keys Can't Do It.
Review.
8. Problems with Secret Key Exchange.
Using a Trusted Third Party.
Key Distribution Center and Key Recovery.
Problems with Using a Trusted Third Party.
Trust and Lifetime.
Review.
II. PUBLIC KEY CRYPTOGRAPHY.
9. Pioneering Public Key: Public Exchange of Secret Keys.
Developing an Innovative Secret Key Delivery Solution.
Second Attempt: An Encrypted Database of Key/Serial Number Pairs.
Merkle's Insight: Individually Encrypted Key/Serial Number Pairs.
Black Hat's Frustrating Problem.
The Key to Public Key Technology.
A New Solution: DiffieHellmanMerkle Key Agreement.
Problems with the DiffieHellman Method.
Separate Encryption and Decryption Keys.
Review.
10. Confidentiality Using Public Keys.
Confidentiality Assurances.
Distribution of Public Keys.
TwoWay Confidentiality.
Review.
11. Making Public Keys: Math Tricks.
Grade School Math Tricks.
More Grade School Math.
Division and Remainders: Modular Math.
Modular Inverses.
Using Modular Inverses to Make a Public Key.
Putting It All Together.
Trapdoor to the Easy Problem.
Knapsack Cryptography.
Modulo Calculations.
Exercise: Find Which Numbers Sum to 103.
Review.
12. Creating Digital Signatures Using the Private Key.
Reviewing and Comparing Authentication.
Private Key Authentication 117
Authentication and Integrity Using Private and Secret Keys.
Private Key Authentication Methods.
DSA.
Signing Terminology.
Nonrepudiation.
Assurances in Both Directions.
Summary of Public Key Assurances.
Assurance Initiated.
Compressing before Signing.
Review.
13. Hashes: Nonkeyed Message Digests.
Detecting Intentional Modifications.
Signing the Message Digest.
Replay Attacks.
Supplement: Unsuccessfully Imitating a Message Digest.
Review.
14. Message Digest Assurances.
Nonkeyed Message Digest Assurances.
Collision Resistance.
Weak Collision Resistance.
Examples of Oneway and Weak Collision Resistance.
Strong Collision Resistance.
Nonkeyed Digest Implementations.
Keyed Message Digest Assurances.
DESMAC Security.
Message Digest Compression.
Digest Speed Comparisons.
Hashed MAC.
Review.
15. Comparing Secret Key, Public Key, and Message Digests.
Key Length.
Ease of Key Distribution.
Cryptographic Assurances.
Asymmetric (Public) Key.
Review.
III. DISTRIBUTION OF PUBLIC KEYS.
16. Digital Certificates.
Attacking Digital Certificates.
Malicious Certificate Creator.
Attacking the Digital Certificate User.
The Most Devastating Attack.
Understanding Digital Certificates: A Familiar Comparison.
Issuer Authentication.
Transfer of Trust from the Issuer to the Subject.
Issuer's Limited Liability.
Time Limits.
Revoking Trust.
More than One Certificate.
Fees for Use.
The Needs of Digital Certificate Users.
Getting Your First Public Key.
Certificates Included in Your Browser.
Review.
17. X.509 Public Key Infrastructure.
What Is a Certificate Authority?
Certificate Revocation.
Polling and Pushing: Two CRL Delivery Models.
Building X.509 Trust Networks.
More Risks and Precautions.
Distinguished Names.
Certification Practice Statement.
X.509 Certificate Data.
Review.
18. Pretty Good Privacy and the Web of Trust.
Comparing X.509 and PGP Certificates.
Building Trust Networks.
Casey Validates Alice's Key Sent by Bob.
Dawn Validates Alice's Key Sent by Casey via Bob.
Web of Trust.
PGP Certificate Repositories and Revocation.
Compatibility of X.509 and PGP
Review.
IV. REALWORLD SYSTEMS.
Email Cryptographic Parameters.Negotiation of SSL and IPsec Cryptographic Parameters.
User Initiation of Cryptographic Email, SSL, and Ipsec.
19. Secure Email.
Invoking Cryptographic Services.
Confidentiality and Authentication.
Positioning Services.
Deterring Email Viruses.
Review.
20. Secure Socket Layer and Transport.
History of SSL.
Overview of an SSL Session.
An SSL Session in Detail.
Key Agreement (Exchange).
Authentication.
Confidentiality and Integrity.
TLS Variations.
Fixed and Ephemeral DiffieHellman.
Comparing TLS, SSL v3, and SSL v2.
A Possible Problem with TLS and SSL.
Generating Shared Secrets.
Bob Authenticates Himself to AliceDotComStocks.
Review.
21. IPsec Overview.
Key Management.
Automated Distribution.
IPsec Part 1: User Authentication and Key Exchange Using IKE.
Security Association.
Phases.
IKE Nomenclature.
Benefits of TwoPhase Key Exchange.
IPsec Part 2: Bulk Data Confidentiality and Integrity for Message or File Transport.
ESP Examples.
AH Examples.
Management Control.
Implementation Incompatibilities and Complications.
Review.
22. Cryptographic Gotchas.
ManintheMiddle Attack.
Finding Your Keys in Memory.
Does Confidentiality Imply Integrity?
Example 2: CutandPaste Attack.
Public Key as a Cryptanalysis Tool.
Public Key Cryptographic Standards.
Example 2: The Bleichenbacher Attack.
BlackHat Uses Bob's RSA Private Key.
Review.
23. Protecting Your Keys.
What's Inside a Smart Card.
Protections and Limitations.
Smart Card Attacks.
Review.
Epilogue.
Appendix A. Public Key Mathematics (and Some Words on Random Numbers).
Appendix B. (A Few) IPsec Details.
Bibliography.
Index. 0201616475T04062001