![密碼編碼學與網絡安全――原理與實踐(第七版)(英文版) [Cryptography and Network Security: Principles and ]](https://pic.qciss.net/12086237/592eee8bN39c6e718.jpg)
具體描述
編輯推薦
適讀人群 :本書適用於高校計算機專業及信息安全專業的高年級本科生和低年級研究生學習,也可作為密碼學領域技術人員的參考用書。本書是密碼編碼學與網絡空間安全領域的經典教材,已被國內幾十所高校高年級本科生和研究生課程采用為教材。
內容簡介
本書係統地介紹瞭密碼編碼學與網絡安全的基本原理和應用技術。紙質教材分為六部分:背景知識部分介紹計算機與網絡安全的概念、數論;對稱密碼部分討論古典加密技術、分組加密和數據加密標準、有限域、高級加密標準、分組加密操作、隨機位生成和流密碼;非對稱密碼部分討論公鑰加密和RSA、其他公鑰加密體製;密碼編碼數據完整性算法部分討論哈希函數、消息認證編碼、數字簽名;互信部分討論密鑰管理與分發、用戶鑒彆;網絡和互聯網安全部分討論網絡訪問控製和雲安全、傳輸層安全、無綫網絡安全、電子郵件安全、IP安全。聯機內容分為兩部分:係統安全部分討論惡意軟件、入侵者、防火牆;法律和道德問題部分討論與計算機和網絡安全相關的法律與道德問題。與第六版相比,書的章節組織基本不變,但增加瞭許多新內容,如數論、格式保留加密、真隨機數生成器、雲安全、傳輸層安全、移動設備安全等。
作者簡介
William Stallings:美國聖母大學電子工程學士,麻省理工學院計算機科學博士,《密碼術》期刊編委。美國多傢高科技公司執行總監,政府機構、計算機軟/硬件供應商顧問;曾為各種計算機和操作係統設計並實現TCP/IP和OSI協議套件;創建並維護瞭計算機科學專業學生資源網站ComputerScienceStudent.com。齣版圖書17種,內容涉及計算機安全、計算機網絡和計算機係統結構等;在《IEEE進展》《ACM計算評論》和《密碼術》等雜誌上發錶文章多篇;先後12次獲美國年度*佳計算機科學教科書奬和學術作者協會奬。
William Stallings:美國聖母大學電子工程學士,麻省理工學院計算機科學博士,《密碼術》期刊編委。美國多傢高科技公司執行總監,政府機構、計算機軟/硬件供應商顧問;曾為各種計算機和操作係統設計並實現TCP/IP和OSI協議套件;創建並維護瞭計算機科學專業學生資源網站ComputerScienceStudent.com。齣版圖書17種,內容涉及計算機安全、計算機網絡和計算機係統結構等;在《IEEE進展》《ACM計算評論》和《密碼術》等雜誌上發錶文章多篇;先後12次獲美國年度*佳計算機科學教科書奬和學術作者協會奬。
目錄
Part One: Background 1Chapter 1 Computer and Network Security Concepts 1
1.1 Computer Security Concepts 3
1.2 The OSI Security Architecture 8
1.3 Security Attacks 9
1.4 Security Services 11
1.5 Security Mechanisms 14
1.6 Fundamental Security Design Principles 16
1.7 Attack Surfaces and Attack Trees 19
1.8 A Model for Network Security 23
1.9 Standards 25
1.10 Key Terms, Review Questions, and Problems 26
Chapter 2 Introduction to Number Theory 28
2.1 Divisibility and the Division Algorithm 29
2.2 The Euclidean Algorithm 31
2.3 Modular Arithmetic 35
2.4 Prime Numbers 43
2.5 Fermat’s and Euler’s Theorems 46
2.6 Testing for Primality 50
2.7 The Chinese Remainder Theorem 53
2.8 Discrete Logarithms 55
2.9 Key Terms, Review Questions, and Problems 60
Appendix 2A The Meaning of Mod 64
Part Two: Symmetric Ciphers 67
Chapter 3 Classical Encryption Techniques 67
3.1 Symmetric Cipher Model 68
3.2 Substitution Techniques 74
3.3 Transposition Techniques 89
3.4 Rotor Machines 90
3.5 Steganography 92
3.6 Key Terms, Review Questions, and Problems 94
Chapter 4 Block Ciphers and the Data Encryption Standard 100
4.1 Traditional Block Cipher Structure 101
4.2 The Data Encryption Standard 111
4.3 A DES Example 113
4.4 The Strength of DES 116
4.5 Block Cipher Design Principles 117
4.6 Key Terms, Review Questions, and Problems 119
Chapter 5 Finite Fields 123
5.1 Groups 125
5.2 Rings 127
5.3 Fields 128
5.4 Finite Fields of the Form GF(p) 129
5.5 Polynomial Arithmetic 133
5.6 Finite Fields of the Form GF(2n) 139
5.7 Key Terms, Review Questions, and Problems 151
Chapter 6 Advanced Encryption Standard 153
6.1 Finite Field Arithmetic 154
6.2 AES Structure 156
6.3 AES Transformation Functions 161
6.4 AES Key Expansion 172
6.5 An AES Example 175
6.6 AES Implementation 179
6.7 Key Terms, Review Questions, and Problems 184
Appendix 6A Polynomials with Coefficients in GF(28) 185
Chapter 7 Block Cipher Operation 189
7.1 Multiple Encryption and Triple DES 190
7.2 Electronic Codebook 195
7.3 Cipher Block Chaining Mode 198
7.4 Cipher Feedback Mode 200
7.5 Output Feedback Mode 202
7.6 Counter Mode 204
7.7 XTS-AES Mode for Block-Oriented Storage Devices 206
7.8 Format-Preserving Encryption 213
7.9 Key Terms, Review Questions, and Problems 227
Chapter 8 Random Bit Generation and Stream Ciphers 232
8.1 Principles of Pseudorandom Number Generation 234
8.2 Pseudorandom Number Generators 240
8.3 Pseudorandom Number Generation Using a Block Cipher 243
8.4 Stream Ciphers 249
8.5 RC4 251
8.6 True Random Number Generators 253
8.7 Key Terms, Review Questions, and Problems 262
Part Three: Asymmetric Ciphers 265
Chapter 9 Public-Key Cryptography and RSA 265
9.1 Principles of Public-Key Cryptosystems 267
9.2 The RSA Algorithm 276
9.3 Key Terms, Review Questions, and Problems 290
Chapter 10 Other Public-Key Cryptosystems 295
10.1 Diffie-Hellman Key Exchange 296
10.2 Elgamal Cryptographic System 300
10.3 Elliptic Curve Arithmetic 303
10.4 Elliptic Curve Cryptography 312
10.5 Pseudorandom Number Generation Based on an Asymmetric Cipher 316
10.6 Key Terms, Review Questions, and Problems 318
Part Four: Cryptographic Data Integrity Algorithms 321
Chapter 11 Cryptographic Hash Functions 321
11.1 Applications of Cryptographic Hash Functions 323
11.2 Two Simple Hash Functions 328
11.3 Requirements and Security 330
11.4 Hash Functions Based on Cipher Block Chaining 336
11.5 Secure Hash Algorithm (SHA) 337
11.6 SHA-3 347
11.7 Key Terms, Review Questions, and Problems 359
Chapter 12 Message Authentication Codes 363
12.1 Message Authentication Requirements 364
12.2 Message Authentication Functions 365
12.3 Requirements for Message Authentication Codes 373
12.4 Security of MACs 375
12.5 MACs Based on Hash Functions: HMAC 376
12.6 MACs Based on Block Ciphers: DAA and CMAC 381
12.7 Authenticated Encryption: CCM and GCM 384
12.8 Key Wrapping 390
12.9 Pseudorandom Number Generation Using Hash Functions and MACs 395
12.10 Key Terms, Review Questions, and Problems 398
Chapter 13 Digital Signatures 401
13.1 Digital Signatures 403
13.2 Elgamal Digital Signature Scheme 406
13.3 Schnorr Digital Signature Scheme 407
13.4 NIST Digital Signature Algorithm 408
13.5 Elliptic Curve Digital Signature Algorithm 412
13.6 RSA-PSS Digital Signature Algorithm 415
13.7 Key Terms, Review Questions, and Problems 420
Part Five: Mutual Trust 423
Chapter 14 Key Management and Distribution 423
14.1 Symmetric Key Distribution Using Symmetric Encryption 424
14.2 Symmetric Key Distribution Using Asymmetric Encryption 433
14.3 Distribution of Public Keys 436
14.4 X.509 Certificates 441
14.5 Public-Key Infrastructure 449
14.6 Key Terms, Review Questions, and Problems 451
Chapter 15 User Authentication 455
15.1 Remote User-Authentication Principles 456
15.2 Remote User-Authentication Using Symmetric Encryption 460
15.3 Kerberos 464
15.4 Remote User-Authentication Using Asymmetric Encryption 482
15.5 Federated Identity Management 484
15.6 Personal Identity Verification 490
15.7 Key Terms, Review Questions, and Problems 497
Part Six: Network And Internet Security 501
Chapter 16 Network Access Control and Cloud Security 501
16.1 Network Access Control 502
16.2 Extensible Authentication Protocol 505
16.3 IEEE 802.1X Port-Based Network Access Control 509
16.4 Cloud Computing 511
16.5 Cloud Security Risks and Countermeasures 517
16.6 Data Protection in the Cloud 519
16.7 Cloud Security as a Service 523
16.8 Addressing Cloud Computing Security Concerns 526
16.9 Key Terms, Review Questions, and Problems 527
Chapter 17 Transport-Level Security 528
17.1 Web Security Considerations 529
17.2 Transport Layer Security 531
17.3 HTTPS 548
17.4 Secure Shell (SSH) 549
17.5 Key Terms, Review Questions, and Problems 561
Chapter 18 Wireless Network Security 563
18.1 Wireless Security 564
18.2 Mobile Device Security 567
18.3 IEEE 802.11 Wireless LAN Overview 571
18.4 IEEE 802.11i Wireless LAN Security 577
18.5 Key Terms, Review Questions, and Problems 592
Chapter 19 Electronic Mail Security 594
19.1 Internet Mail Architecture 595
19.2 Email Formats 599
19.3 Email Threats and Comprehensive Email Security 607
19.4 S/MIME 609
19.5 Pretty Good Privacy 620
19.6 DNSSEC 621
19.7 DNS-Based Authentication of Named Entities 625
19.8 Sender Policy Framework 627
19.9 DomainKeys Identified Mail 630
19.10 Domain-Based Message Authentication, Reporting, and Conformance 636
19.11 Key Terms, Review Questions, and Problems 641
Chapter 20 IP Security 643
20.1 IP Security Overview 644
20.2 IP Security Policy 650
20.3 Encapsulating Security Payload 655
20.4 Combining Security Associations 663
20.5 Internet Key Exchange 666
20.6 Cryptographic Suites 674
20.7 Key Terms, Review Questions, and Problems 676
APPENDICES 678
Appendix A Projects for Teaching Cryptography and Network Security 678
A.1 Sage Computer Algebra Projects 679
A.2 Hacking Project 680
A.3 Block Cipher Projects 681
A.4 Laboratory Exercises 681
A.5 Research Projects 681
A.6 Programming Projects 682
A.7 Practical Security Assessments 682
A.8 Firewall Projects 683
A.9 Case Studies 683
A.10 Writing Assignments 683
A.11 Reading/Report Assignments 684
A.12 Discussion Topics 684
Appendix B Sage Examples 685
B.1 Linear Algebra and Matrix Functionality 686
B.2 Chapter 2: Number Theory 687
B.3 Chapter 3: Classical Encryption 692
B.4 Chapter 4: Block Ciphers and the Data Encryption Standard 695
B.5 Chapter 5: Basic Concepts in Number Theory and Finite Fields 699
B.6 Chapter 6: Advanced Encryption Standard 706
B.7 Chapter 8: Pseudorandom Number Generation and Stream Ciphers 711
B.8 Chapter 9: Public-Key Cryptography and RSA 713
B.9 Chapter 10: Other Public-Key Cryptosystems 716
B.10 Chapter 11: Cryptographic Hash Functions 721
B.11 Chapter 13: Digital Signatures 723
References 726
Credits 735
Index 736
Online Chapters and Appendices1
Part Seven: System Security
Chapter 21 Malicious Software
21.1 Types of Malicious Software (Malware)
21.2 Advanced Persistent Threat
21.3 Propagation―Infected Content―Viruses
21.4 Propagation―Vulnerability Exploit―Worms
21.5 Propagation―Social Engineering―Spam E-mail, Trojans
21.6 Payload―System Corruption
21.7 Payload―Attack Agent―Zombie, Bots
21.8 Payload―Information Theft―Keyloggers, Phishing, Spyware
21.9 Payload―Stealthing―Backdoors, Rootkits
21.10 Countermeasures
21.11 Distributed Denial of Service Attacks
21.12 References
21.13 Key Terms, Review Questions, and Problems
Chapter 22 Intruders
22.1 Intruders
22.2 Intrusion Detection
22.3 Password Management
22.4 References
22.5 Key Terms, Review Questions, and Problems
Chapter 23 Firewalls
23.1 The Need for Firewalls
23.2 Firewall Characteristics and Access Policy
23.3 Types of Firewalls
23.4 Firewall Basing
23.5 Firewall Location and Configurations
23.6 References
23.7 Key Terms, Review Questions, and Problems
Part EIGHT: Legal And Ethical Issues
Chapter 24 Legal and Ethical Aspects
24.1 Cybercrime and Computer Crime
24.2 Intellectual Property
24.3 Privacy
24.4 Ethical Issues
24.5 Recommended Reading
24.6 References
24.7 Key Terms, Review Questions, and Problems
24.A Information Privacy
Appendix C Sage Exercises
Appendix D Standards and Standard-Setting Organizations
Appendix E Basic Concepts from Linear Algebra
Appendix F Measures of Secrecy and Security
Appendix G Simplified DES
Appendix H Evaluation Criteria for AES
Appendix I Simplified AES
Appendix J The Knapsack Algorithm
Appendix K Proof of the Digital Signature Algorithm
Appendix L TCP/IP and OSI
Appendix M Java Cryptographic APIs
Appendix N MD5 Hash Function
Appendix O Data Compression Using ZIP
Appendix P PGP
Appendix Q The International Reference Alphabet
Appendix R Proof of the RSA Algorithm
Appendix S Data Encryption Standard
Appendix T Kerberos Encryption Techniques
Appendix U Mathematical Basis of the Birthday Attack
Appendix V Evaluation Criteria for SHA-3
Appendix W The Complexity of Algorithms
Appendix X Radix-64 Conversion
Appendix Y The Base Rate Fallacy
Glossary
前言/序言
Preface
In the four years since the sixth edition of this book was published, the field has seen continued innovations and improvements. In this new edition, I try to capture these changes while maintaining a broad and comprehensive coverage of the entire field. To begin this process of revision, the sixth edition of this book was extensively reviewed by a number of professors who teach the subject and by professionals working in the field. The result is that, in many places, the narrative has been clarified and tightened, and illustrations have been improved.
Beyond these refinements to improve pedagogy and user-friendliness, there have been substantive changes throughout the book. Roughly the same chapter organization has been retained, but much of the material has been revised and new material has been added. The most noteworthy changes are as follows:
■■ Fundamental security design principles: Chapter 1 includes a new section discussing the security design principles listed as fundamental by the National Centers of Academic Excellence in Information Assurance/Cyber Defense, which is jointly sponsored by the U.S. National Security Agency and the U.S. Department of Homeland Security.
■■ Attack surfaces and attack trees: Chapter 1 includes a new section describing these two concepts, which are useful in evaluating and classifying security threats.
■■ Number theory coverage: The material on number theory has been consolidated into a single chapter, Chapter 2. This makes for a convenient reference. The relevant portions of Chapter 2 can be assigned as needed.
■■ Finite fields: The chapter on finite fields has been revised and expanded with additional text and new figures to enhance understanding.
■■ Format-preserving encryption: This relatively new mode of encryption is enjoying increasing commercial success. A new section in Chapter 7 covers this method.
■■ Conditioning and health testing for true random number generators: Chapter 8 now provides coverage of these important topics.
■■ User authentication model: Chapter 15 includes a new description of a general model for user authentication, which helps to unify the discussion of the various approaches to user authentication.
■■ Cloud security: The material on cloud security in Chapter 16 has been updated and expanded to reflect its importance and recent developments.
■■ Transport Layer Security (TLS): The treatment of TLS in Chapter 17 has been updated, reorganized to improve clarity, and now includes a discussion of the new TLS version 1.3.
■■ Email Security: Chapter 19 has been completely rewritten to provide a comprehensive and up-to-date discussion of email security. It includes:
—— New: discussion of email threats and a comprehensive approach to email security.
—— New: discussion of STARTTLS, which provides confidentiality and authentication for SMTP.
—— Revised: treatment of S/MIME has been updated to reflect the latest version 3.2.
—— New: discussion of DNSSEC and its role in supporting email security.
—— New: discussion of DNS-based Authentication of Named Entities (DANE) and the use of this approach to enhance security for certificate use in SMTP and S/MIME.
—— New: discussion of Sender Policy Framework (SPF), which is the standardized way for a sending domain to identify and assert the mail senders for a given domain.
—— Revised: discussion of DomainKeys Identified Mail (DKIM) has been revised.
—— New: discussion of Domain-based Message Authentication, Reporting, and Conformance (DMARC) allows email senders to specify policy on how their mail should be handled, the types of reports that receivers can send back, and the frequency those reports should be sent.
It is the purpose of this book to provide a practical survey of both the principles and practice of cryptography and network security. In the first part of the book, the basic issues to be addressed by a network security capability are explored by providing a tutorial and survey of cryptography and network security technology. The latter part of the book deals with the practice of network security: practic
用戶評價
看看
評分看看
評分有點皺瞭
評分看看
評分有點皺瞭
評分有點皺瞭
評分有點皺瞭
評分看看
評分有點皺瞭
相關圖書
![兒童少年衛生學(供預防醫學類專業用 第8版 配增值)/全國高等學校教材 [Child and Adolescent Health] pdf epub mobi 電子書 下載](https://pic.qciss.net/12132157/596f0ce5N7445db1b.jpg)
![體驗商務英語綜閤教程1(第二版 附多媒體學習光盤) [Market Leader Elementary Business English Course Book] pdf epub mobi 電子書 下載](https://pic.qciss.net/12244397/5a951bfaNaa156c55.jpg)
![中國新聞事業史(修訂版) [China Press Development] pdf epub mobi 電子書 下載](https://pic.qciss.net/12245293/5ac96d16Nd7673562.jpg)
![現代企業管理學—理論、技術與方法 [Modern Enterprise Administration] pdf epub mobi 電子書 下載](https://pic.qciss.net/12287710/5a7c0e8fN282334db.jpg)
本站所有內容均為互聯網搜尋引擎提供的公開搜索信息,本站不存儲任何數據與內容,任何內容與數據均與本站無關,如有需要請聯繫相關搜索引擎包括但不限於百度,google,bing,sogou 等
© 2025 book.cndgn.com All Rights Reserved. 新城书站 版權所有