فهرست مطالب

• Cover Page
• About This eBook
• Title Page
• Copyright Page
• Pearson’s Commitment to Diversity, Equity, and Inclusion
• Dedication Page
• Contents
• Acknowledgments
• About the Authors
• 1. Introduction
• 1.1 Opinions, Products
• 1.2 Roadmap to the Book
• 1.3 Terminology
• 1.4 Notation
• 1.5 Cryptographically Protected Sessions
• 1.6 Active and Passive Attacks
• 1.7 Legal Issues
• 1.8 Some Network Basics
• 1.9 Names for Humans
• 1.10 Authentication and Authorization
• 1.11 Malware: Viruses, Worms, Trojan Horses
• 1.12 Security Gateway
• 1.13 Denial-of-Service (DoS) Attacks
• 1.14 NAT (Network Address Translation)
• 2. Introduction to Cryptography
• 2.1 Introduction
• 2.2 Secret Key Cryptography
• 2.3 Public Key Cryptography
• 2.4 Hash Algorithms
• 2.5 Breaking an Encryption Scheme
• 2.6 Random Numbers
• 2.7 Numbers
• 2.8 Homework
• 3. Secret Key Cryptography
• 3.1 Introduction
• 3.2 Generic Block Cipher Issues
• 3.3 Constructing a Practical Block Cipher
• 3.4 Choosing Constants
• 3.5 Data Encryption Standard (DES)
• 3.6 3DES (Multiple Encryption DES)
• 3.7 Advanced Encryption Standard (AES)
• 3.8 RC
• 3.9 Homework
• 4. Modes of Operation
• 4.1 Introduction
• 4.2 Encrypting a Large Message
• 4.3 Generating MACs
• 4.4 Ensuring Privacy and Integrity Together
• 4.5 Performance Issues
• 4.6 Homework
• 5. Cryptographic Hashes
• 5.1 Introduction
• 5.2 The Birthday Problem
• 5.3 A Brief History of Hash Functions
• 5.4 Nifty Things to Do with a Hash
• 5.5 Creating a Hash Using a Block Cipher
• 5.6 Construction of Hash Functions
• 5.7 Padding
• 5.8 The Internal Encryption Algorithms
• 5.9 SHA-3 f Function (Also Known as KECCAK-f)
• 5.10 Homework
• 6. First-Generation Public Key Algorithms
• 6.1 Introduction
• 6.2 Modular Arithmetic
• 6.3 RSA
• 6.4 Diffie-Hellman
• 6.5 Digital Signature Algorithm (DSA)
• 6.6 How Secure Are RSA and Diffie-Hellman?
• 6.7 Elliptic Curve Cryptography (ECC)
• 6.8 Homework
• 7. Quantum Computing
• 7.1 What Is a Quantum Computer?
• 7.2 Grover’s Algorithm
• 7.3 Shor’s Algorithm
• 7.4 Quantum Key Distribution (QKD)
• 7.5 How Hard Are Quantum Computers to Build?
• 7.6 Quantum Error Correction
• 7.7 Homework
• 8. Post-Quantum Cryptography
• 8.1 Signature and/or Encryption Schemes
• 8.2 Hash-based Signatures
• 8.3 Lattice-Based Cryptography
• 8.4 Code-based Schemes
• 8.5 Multivariate Cryptography
• 8.6 Homework
• 9. Authentication of People
• 9.1 Password-based Authentication
• 9.2 Address-based Authentication
• 9.3 Biometrics
• 9.4 Cryptographic Authentication Protocols
• 9.5 Who Is Being Authenticated?
• 9.6 Passwords as Cryptographic Keys
• 9.7 On-Line Password Guessing
• 9.8 Off-Line Password Guessing
• 9.9 Using the Same Password in Multiple Places
• 9.10 Requiring Frequent Password Changes
• 9.11 Tricking Users into Divulging Passwords
• 9.12 Lamport’s Hash
• 9.13 Password Managers
• 9.14 Web Cookies
• 9.15 Identity Providers (IDPs)
• 9.16 Authentication Tokens
• 9.17 Strong Password Protocols
• 9.18 Credentials Download Protocols
• 9.19 Homework
• 10. Trusted Intermediaries
• 10.1 Introduction
• 10.2 Functional Comparison
• 10.3 Kerberos
• 10.4 PKI
• 10.5 Website Gets a DNS Name and Certificate
• 10.6 PKI Trust Models
• 10.7 Building Certificate Chains
• 10.8 Revocation
• 10.9 Other Information in a PKIX Certificate
• 10.10 Issues with Expired Certificates
• 10.11 DNSSEC (DNS Security Extensions)
• 10.12 Homework
• 11. Communication Session Establishment
• 11.1 One-way Authentication of Alice
• 11.2 Mutual Authentication
• 11.3 Integrity/Encryption for Data
• 11.4 Nonce Types
• 11.5 Intentional MITM
• 11.6 Detecting MITM
• 11.7 What Layer?
• 11.8 Perfect Forward Secrecy
• 11.9 Preventing Forged Source Addresses
• 11.10 Endpoint Identifier Hiding
• 11.11 Live Partner Reassurance
• 11.12 Arranging for Parallel Computation
• 11.13 Session Resumption/Multiple Sessions
• 11.14 Plausible Deniability
• 11.15 Negotiating Crypto Parameters
• 11.16 Homework
• 12. IPsec
• 12.1 IPsec Security Associations
• 12.2 IKE (Internet Key Exchange Protocol)
• 12.3 Creating a Child-SA
• 12.4 AH and ESP
• 12.5 AH (Authentication Header)
• 12.6 ESP (Encapsulating Security Payload)
• 12.7 Comparison of Encodings
• 12.8 Homework
• 13. SSL/TLS and SSH
• 13.1 Using TCP
• 13.2 StartTLS
• 13.3 Functions in the TLS Handshake
• 13.4 TLS 1.2 (and Earlier) Basic Protocol
• 13.5 TLS 1.3
• 13.6 Session Resumption
• 13.7 PKI as Deployed by TLS
• 13.8 SSH (Secure Shell)
• 13.9 Homework
• 14. Electronic Mail Security
• 14.1 Distribution Lists
• 14.2 Store and Forward
• 14.3 Disguising Binary as Text
• 14.4 HTML-Formatted Email
• 14.5 Attachments
• 14.6 Non-cryptographic Security Features
• 14.7 Malicious Links in Email
• 14.8 Data Loss Prevention (DLP)
• 14.9 Knowing Bob’s Email Address
• 14.10 Self-Destruct, Do-Not-Forward, …
• 14.11 Preventing Spoofing of From Field
• 14.12 In-Flight Encryption
• 14.13 End-to-End Signed and Encrypted Email
• 14.14 Encryption by a Server
• 14.15 Message Integrity
• 14.16 Non-Repudiation
• 14.17 Plausible Deniability
• 14.18 Message Flow Confidentiality
• 14.19 Anonymity
• 14.20 Homework
• 15. Electronic Money
• 15.1 ECASH
• 15.2 Offline eCash
• 15.3 Bitcoin
• 15.4 Wallets for Electronic Currency
• 15.5 Homework
• 16. Cryptographic Tricks
• 16.1 Secret Sharing
• 16.2 Blind Signature
• 16.3 Blind Decryption
• 16.4 Zero-Knowledge Proofs
• 16.5 Group Signatures
• 16.6 Circuit Model
• 16.7 Secure Multiparty Computation (MPC)
• 16.8 Fully Homomorphic Encryption (FHE)
• 16.9 Homework
• 17. Folklore
• 17.1 Misconceptions
• 17.2 Perfect Forward Secrecy
• 17.3 Change Encryption Keys Periodically
• 17.4 Don’t Encrypt without Integrity Protection
• 17.5 Multiplexing Flows over One Secure Session
• 17.6 Using Different Secret Keys
• 17.7 Using Different Public Keys
• 17.8 Establishing Session Keys
• 17.9 Hash in a Constant When Hashing a Password
• 17.10 HMAC Rather than Simple Keyed Hash
• 17.11 Key Derivation
• 17.12 Use of Nonces in Protocols
• 17.13 Creating an Unpredictable Nonce
• 17.14 Compression
• 17.15 Minimal vs Redundant Designs
• 17.16 Overestimate the Size of Key
• 17.17 Hardware Random Number Generators
• 17.18 Put Checksums at the End of Data
• 17.19 Forward Compatibility
• Glossary
• Math
• Bibliography
• Index
• Code Snippets