did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9781580535304

User's Guide to Cryptography and Standards

by ;
  • ISBN13:

    9781580535304

  • ISBN10:

    1580535305

  • Format: Hardcover
  • Copyright: 2004-10-31
  • Publisher: Artech House

Note: Supplemental materials are not guaranteed with Rental or Used book purchases.

Purchase Benefits

  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
  • Write a Review Icon Write a Review
List Price: $116.00 Save up to $29.00
  • Buy Used
    $87.00
    Add to Cart Free Shipping Icon Free Shipping

    USUALLY SHIPS IN 2-4 BUSINESS DAYS

Supplemental Materials

What is included with this book?

Summary

With the scope and frequency of attacks on valuable corporate data growing enormously in recent years, a solid understanding of cryptography is essential for anyone working in the computer/network security field. This timely book delivers the hands-on knowledge you need, offering comprehensive coverage on the latest and most-important standardized cryptographic techniques to help you protect your data and computing resources to the fullest. Rather than focusing on theory like other books on the market, this unique resource describes cryptography from an end-user perspective, presenting in-depth, highly practical comparisons of standards and techniques.

Author Biography

Alexander W. Dent is an EPSRC junior research fellow at the Information Security Group, Royal Holloway, University of London.

Table of Contents

Acknowledgments xv
1 Introduction
1.1 Scope and purpose
1(2)
1.2 Structure of the book
3(1)
1.3 Terminology
4(1)
1.4 Modular arithmetic
5(2)
1.5 Notes
7(1)
References
7(2)
2 Standards and the Standardization Process
9(10)
2.1 Why bother with standards?
9(1)
2.2 International standardization organizations
10(2)
2.2.1 International Organization for Standardization (ISO)
10(2)
2.2.2 International Electrotechnical Commission (IEC)
12(1)
2.2.3 International Telecommunication Union (ITU)
12(1)
2.3 National standardization organizations
12(1)
2.3.1 American National Standards Institute (ANSI)
13(1)
2.3.2 British Standards Institute (BSI)
13(1)
2.3.3 National Institute of Standards and Technology (NIST)
13(1)
2.4 Industrial standardization organizations
13(3)
2.4.1 Third Generation Partnership Project (3GPP)
14(1)
2.4.2 European Telecommunications Standard Institute (ETSI)
14(1)
2.4.3 Institute of Electrical and Electronics Engineers (IEEE)
14(1)
2.4.4 Internet Engineering Task Force (IETF)
14(1)
2.4.5 Standards for Efficient Cryptography Croup (SECG)
15(1)
2.4.6 Public-Key Cryptography Standards (PKCSs)
15(1)
2.5 Cryptographic evaluation bodies
16(1)
2.6 Notes
17(1)
References
17(2)
3 Security Mechanisms and Security Services
19(26)
3.1 Introduction
19(1)
3.2 Security standards
20(1)
3.3 A model for security
21(1)
3.3.1 Security policies
21(1)
3.4 Security services
22(4)
3.4.1 Authentication
23(1)
3.4.2 Access control
23(1)
3.4.3 Data confidentiality
24(1)
3.4.4 Data integrity
24(1)
3.4.5 Non-repudiation
25(1)
3.4.6 Other services
25(1)
3.4.7 Summary
25(1)
3.5 Security mechanisms
26(5)
3.5.1 Specific security mechanisms
26(3)
3.5.2 Pervasive security mechanisms
29(1)
3.5.3 Selection of security mechanisms
30(1)
3.6 Relating services to mechanisms
31(1)
3.7 Service and protocol layers
31(3)
3.7.1 The OSI model
31(1)
3.7.2 Layers versus security services
32(1)
3.7.3 The Internet model
33(1)
3.8 Security management
34(2)
3.8.1 System security management
35(1)
3.8.2 Security service management
35(1)
3.8.3 Security mechanism management
35(1)
3.8.4 Security of OSI management
36(1)
3.8.5 Assurance
36(1)
3.9 Security frameworks
36(31)
3.9.1 Frameworks overview
37(1)
3.9.2 Authentication framework
37(1)
3.9.3 Access control framework
37(1)
3.9.4 Non-repudiation framework
37(1)
3.9.5 Confidentiality framework
38(1)
3.9.6 Integrity framework
38(1)
3.9.7 Audit and alarms framework
38(1)
3.10 Notes
38(2)
References
40(5)
4 Encryption
45(26)
4.1 Definitions and basic properties
46(2)
4.1.1 Symmetric ciphers
46(1)
4.1.2 Asymmetric ciphers
46(1)
4.1.3 Attacks against encryption schemes
47(1)
4.2 Block ciphers
48(5)
4.2.1 The National Bureau of Standards and DES
49(2)
4.2.2 The ISO Register of Cryptographic Algorithms
51(1)
4.2.3 NIST and AES
52(1)
4.2.4 3GPP and KASUMI
52(1)
4.2.5 ISO/IEC 18033
53(1)
4.3 Stream ciphers
53(3)
4.4 Asymmetric ciphers
56(7)
4.4.1 The Rivest-Shamir-Adleman (RSA) scheme
57(2)
4.4.2 Industry Standards for Asymmetric Encryption
59(1)
4.4.3 IEEE 1363
60(1)
4.4.4 ISO/IEC 18033
61(2)
4.5 Notes
63(4)
References
67(4)
5 Modes of Operation for Block Ciphers
71(22)
5.1 Definitions and basic properties
71(1)
5.2 Standards for modes of operation
72(1)
5.3 Padding methods
72(1)
5.4 ECB mode
73(1)
5.5 Cipher block chaining (CBC) mode
74(3)
5.6 CTR mode
77(2)
5.7 OFB mode
79(2)
5.8 CFB mode
81(3)
5.9 Choosing a mode of operation
84(2)
5.10 Other modes
86(1)
5.10.1 Triple-DES modes
86(1)
5.10.2 Authenticated encryption modes
87(1)
5.11 Notes
87(2)
References
89(4)
6 Cryptographic Hash Functions
93(20)
6.1 Definitions and basic properties
93(4)
6.1.1 The security of a hash function
93(2)
6.1.2 Iterative hash functions
95(2)
6.2 Standards for hash functions
97(1)
6.3 Hash functions based on block ciphers
98(5)
6.3.1 Padding methods
98(1)
6.3.2 Block cipher hash function 1
99(2)
6.3.3 Block cipher hash function 2
101(2)
6.4 Dedicated hash functions
103(2)
6.5 Hash functions based on modular arithmetic
105(1)
6.6 Choosing a hash function
105(1)
6.7 Notes
106(3)
References
109(4)
7 Message Authentication Codes (MACs)
113(22)
7.1 Definitions and basic properties
113(2)
7.2 Standards for MACs
115(1)
7.3 CBC-MACs
116(10)
7.3.1 SMAC-the simplest form of CBC-MAC
116(1)
7.3.2 Padding methods
117(2)
7.3.3 Output transformations
119(2)
7.3.4 Other CBC-MAC schemes
121(2)
7.3.5 MAC algorithm 4 from ISO/IEC 9797-1
123(1)
7.3.6 MAC algorithms 5 and 6 from ISO/IEC 9797-1
124(1)
7.3.7 XCBC, TMAC, and OMAC
124(1)
7.3.8 Choosing a CBC-MAC function
125(1)
7.4 MACs based on hash functions
126(2)
7.4.1 The MDx-MAC functions
127(1)
7.4.2 HMAC
127(1)
7.4.3 MDx-MAC variant for short messages
128(1)
7.4.4 Choosing a hash-based MAC function
128(1)
7.5 Other MAC functions
128(1)
7.6 Notes
129(2)
References
131(4)
8 Digital Signatures
135(24)
8.1 Definitions and basic properties
135(6)
8.1.1 Deterministic and probabilistic signature schemes
138(1)
8.1.2 Reversible and nonreversible signature schemes
139(1)
8.1.3 Identity-based and certificate-based signature schemes
140(1)
8.2 Standards for digital signatures
141(1)
8.3 The Digital Signature Algorithm (DSA)
142(2)
8.4 RSA-based signature schemes
144(3)
8.5 Digital signatures and the law
147(3)
8.5.1 U.S. legislation
147(2)
8.5.2 Certification authorities
149(1)
8.5.3 EU legislation
149(1)
8.6 Choosing a digital signature scheme
150(1)
8.7 Notes
151(5)
References
156(3)
9 Non-Repudiation Mechanisms
159(14)
9.1 Introduction
159(1)
9.2 Standards for non-repudiation
160(1)
9.3 Non-repudiation model and services
160(4)
9.3.1 A model for non-repudiation
161(1)
9.3.2 Types of evidence
162(1)
9.3.3 Non-repudiation services
162(1)
9.3.4 Non-repudiation tokens
163(1)
9.4 Non-repudiation using symmetric cryptography
164(4)
9.4.1 Non-repudiation of origin using MACS
164(2)
9.4.2 Non-repudiation of delivery using MACs
166(2)
9.4.3 Other mechanisms
168(1)
9.5 Non-repudiation using asymmetric cryptography
168(2)
9.5.1 Non-repudiation of origin using signatures
168(1)
9.5.2 Non-repudiation of delivery using signatures
169(1)
9.5.3 Other mechanisms
170(1)
9.6 Time-stamping and non-repudiation
170(1)
9.7 Notes
170(1)
References
171(2)
10 Authentication Protocols 173(42)
10.1 Introduction
174(1)
10.2 Standards for entity authentication protocols
175(1)
10.3 Cryptographic mechanisms
176(3)
10.3.1 Using symmetric encryption
176(1)
10.3.2 Using MACs
177(1)
10.3.3 Using digital signatures
178(1)
10.3.4 Zero-knowledge protocols
178(1)
10.3.5 Using asymmetric encryption
178(1)
10.3.6 Using other asymmetric cryptographic techniques
179(1)
10.4 Timeliness checking mechanisms
179(2)
10.4.1 Time-stamps
179(1)
10.4.2 Nonces
180(1)
10.5 Authentication using symmetric cryptography
181(13)
10.5.1 Unilateral authentication protocols
181(4)
10.5.2 Mutual authentication protocols
185(4)
10.5.3 Third party-aided mechanisms
189(5)
10.6 Authentication using asymmetric cryptography
194(6)
10.6.1 Unilateral authentication mechanisms
195(2)
10.6.2 Mutual authentication mechanisms
197(3)
10.7 Manual authentication protocols
200(5)
10.7.1 Manual authentication using a short check-value
202(1)
10.7.2 Manual authentication using a full-length MAC function
203(2)
10.8 Choosing an authentication protocol
205(2)
10.9 Notes
207(3)
References
210(5)
11 Key Management Frameworks 215(16)
11.1 Standards for key management
215(1)
11.2 Definitions and basic properties
216(3)
11.2.1 Threats and protection
216(1)
11.2.2 Basic definitions
217(1)
11.2.3 Key separation
218(1)
11.2.4 Key hierarchies
218(1)
11.2.5 Registration authorities
219(1)
11.3 The general framework
219(6)
11.3.1 Key generation
221(2)
11.3.2 Key activation
223(1)
11.3.3 Key deactivation
223(1)
11.3.4 Key reactivation
224(1)
11.3.5 Key destruction
224(1)
11.4 The ANSI X9.24 framework
225(3)
11.4.1 General requirements
225(2)
11.4.2 Key generation
227(1)
11.4.3 Key distribution
227(1)
11.4.4 Key utilization
227(1)
11.4.5 Key replacement
228(1)
11.4.6 Key destruction and archival
228(1)
11.5 Notes
228(1)
References
229(2)
12 Key Establishment Mechanisms 231(36)
12.1 Definitions and basic properties
231(4)
12.1.1 Key establishment mechanisms and authentication protocols
233(1)
12.1.2 Properties of key establishment mechanisms
234(1)
12.2 Standards for key establishment
235(2)
12.2.1 Standards using symmetric techniques
235(1)
12.2.2 Standards using asymmetric techniques
236(1)
12.3 Physical mechanisms
237(1)
12.3.1 Dual control
238(1)
12.4 Mechanisms using symmetric cryptography
238(8)
12.4.1 Direct communication
239(2)
12.4.2 Key distribution centers
241(3)
12.4.3 Key translation centers (KTCs)
244(2)
12.4.4 Key establishment between different security domains
246(1)
12.5 Mechanisms using asymmetric cryptography
246(8)
12.5.1 The Diffie-Hellman function
248(1)
12.5.2 Key agreement mechanisms
249(4)
12.5.3 Key transport mechanisms
253(1)
12.6 Key establishment based on weak secrets
254(1)
12.7 Key establishment for mobile networks
255(3)
12.8 Choosing a key establishment scheme
258(1)
12.9 Notes
259(4)
References
263(4)
13 Public Key Infrastructures 267(28)
13.1 What is a PKI?
267(2)
13.2 PKI standards
269(2)
13.3 Certificate formats
271(7)
13.3.1 X.509 public key certificates
271(5)
13.3.2 X.509 attribute certificates
276(1)
13.3.3 X.509 certificate profiles
276(2)
13.3.4 Other certificate formats
278(1)
13.4 Certificate management
278(5)
13.4.1 The certificate management protocol (CMP)
279(2)
13.4.2 Certificate request messages
281(1)
13.4.3 Mechanisms for proof of possession
282(1)
13.4.4 Other certificate management standards
282(1)
13.5 Certificate storage and retrieval
283(1)
13.5.1 X.500 directories
283(1)
13.5.2 Using LDAP version 2
283(1)
13.5.3 Using FTP and HTTP
284(1)
13.5.4 Delegating certification path discovery
284(1)
13.6 Certificate status discovery
284(2)
13.6.1 Certificate revocation lists (CRLs)
285(1)
13.6.2 The on-line certificate status protocol (OCSP)
285(1)
13.6.3 Using proxies for status management
285(1)
13.7 Certificate policies and certification practice statements
286(1)
13.8 Notes
287(2)
References
289(6)
14 Trusted Third Parties 295(14)
14.1 Definitions and basic properties
295(2)
14.2 Standards for managing TTPs
297(1)
14.3 TTP requirements
297(2)
14.3.1 Policy and practice statements
297(1)
14.3.2 TTP management
298(1)
14.3.3 Legal considerations
299(1)
14.4 TTP architectures
299(3)
14.4.1 Two-party TTP architectures
300(2)
14.4.2 Interworking TTPs
302(1)
14.5 Time-stamping authorities
302(3)
14.5.1 Time-stamping tokens
303(1)
14.5.2 Linked tokens
304(1)
14.6 Digital archiving authorities
305(1)
14.7 Notes
305(2)
References
307(2)
15 Cryptographic APIs 309(14)
15.1 Introduction
309(2)
15.2 Standards for crypto APIs
311(1)
15.3 GSS-API
312(3)
15.3.1 Properties of the API
313(1)
15.3.2 Language bindings
314(1)
15.3.3 Authentication protocols
314(1)
15.4 PKCS #11
315(1)
15.4.1 Data storage
315(1)
15.4.2 Access control
316(1)
15.4.3 Sessions and concurrency
316(1)
15.5 Security issues
316(2)
15.6 Notes
318(1)
References
319(4)
16 Other Standards 323(32)
16.1 Random bit generation
323(5)
16.1.1 Nondeterministic RBGs
324(2)
16.1.2 Deterministic RBGs
326(1)
16.1.3 Generating random numbers
327(1)
16.2 Prime number generation
328(1)
16.3 Authenticated encryption
329(7)
16.3.1 CTR and CBC-MAC (CCM) mode
330(3)
16.3.2 CTR and OMAC (EAX) mode
333(3)
16.4 Security modules
336(3)
16.4.1 Security modules in the financial sector
336(2)
16.4.2 Security modules in the wider world
338(1)
16.5 Standards for the use of biometric techniques
339(6)
16.5.1 General requirements of a biometric
340(1)
16.5.2 Common biometrics
341(2)
16.5.3 The general biometric architecture
343(1)
16.5.4 Supporting functions
344(1)
16.5.5 Biometric standards
344(1)
16.6 Information security management
345(2)
16.7 Notes
347(3)
References
350(5)
17 Standards: The Future 355(4)
Appendix A: Table of Standards 359(10)
A.1 3GPP standards
359(1)
A.2 ANSI standards
360(1)
A.3 BSI standards
360(1)
A.4 ETSI standards
361(1)
A.5 IEEE standards
361(1)
A.6 IETF requests for comments (RFCs)
361(2)
A.7 ISO standards
363(3)
A.8 ITU-T Recommendations
366(1)
A.9 NIST FIPS
367(1)
A.10 RSA PKCS
368(1)
A.11 SECG standards
368(1)
About the Authors 369(2)
Index 371

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program