Note: Supplemental materials are not guaranteed with Rental or Used book purchases.
Purchase Benefits
What is included with this book?
Preface xiii
About the Author xxi
Acknowledgments xxiii
1 Internetworking and Layered Models 1
1.1 Networking Technology 2
1.1.1 Local Area Networks (LANs) 2
1.1.2 Wide Area Networks (WANs) 3
1.2 Connecting Devices 5
1.2.1 Switches 5
1.2.2 Repeaters 6
1.2.3 Bridges 7
1.2.4 Routers 7
1.2.5 Gateways 8
1.3 The OSI Model 8
1.4 TCP/IP Model 12
1.4.1 Network Access Layer 13
1.4.2 Internet Layer 14
1.4.3 Transport Layer 14
1.4.4 Application Layer 14
2 TCP/IP Suite and Internet Stack Protocols 15
2.1 Network Layer Protocols 15
2.1.1 Internet Protocol (IP) 15
2.1.2 Address Resolution Protocol (ARP) 28
2.1.3 Reverse Address Resolution Protocol (RARP) 31
2.1.4 Classless Interdomain Routing (CIDR) 31
2.1.5 IP Version 6 (IPv6 or IPng) 32
2.1.6 Internet Control Message Protocol (ICMP) 40
2.1.7 Internet Group Management Protocol (IGMP) 41
2.2 Transport Layer Protocols 41
2.2.1 Transmission Control Protocol (TCP) 41
2.2.2 User Datagram Protocol (UDP) 44
2.3 World Wide Web 47
2.3.1 Hypertext Transfer Protocol (HTTP) 47
2.3.2 Hypertext Markup Language (HTML) 47
2.3.3 Common Gateway Interface (CGI) 48
2.3.4 Java 49
2.4 File Transfer 49
2.4.1 File Transfer Protocol (FTP) 49
2.4.2 Trivial File Transfer Protocol (TFTP) 49
2.4.3 Network File System (NFS) 50
2.5 E-Mail 50
2.5.1 Simple Mail Transfer Protocol (SMTP) 50
2.5.2 Post Office Protocol Version 3 (POP3) 51
2.5.3 Internet Message Access Protocol (IMAP) 51
2.5.4 Multipurpose Internet Mail Extension (MIME) 52
2.6 Network Management Service 52
2.6.1 Simple Network Management Protocol (SNMP) 52
2.7 Converting IP Addresses 53
2.7.1 Domain Name System (DNS) 53
2.8 Routing Protocols 54
2.8.1 Routing Information Protocol (RIP) 54
2.8.2 Open Shortest Path First (OSPF) 54
2.8.3 Border Gateway Protocol (BGP) 55
2.9 Remote System Programs 55
2.9.1 TELNET 55
2.9.2 Remote Login (Rlogin) 56
2.10 Social Networking Services 56
2.10.1 Facebook 56
2.10.2 Twitter 56
2.10.3 Linkedin 57
2.10.4 Groupon 57
2.11 Smart IT Devices 57
2.11.1 Smartphones 57
2.11.2 Smart TV 57
2.11.3 Video Game Console 58
2.12 Network Security Threats 58
2.12.1 Worm 58
2.12.2 Virus 58
2.12.3 DDoS 58
2.13 Internet Security Threats 58
2.13.1 Phishing 58
2.13.2 SNS Security Threats 59
2.14 Computer Security Threats 59
2.14.1 Exploit 59
2.14.2 Password Cracking 60
2.14.3 Rootkit 60
2.14.4 Trojan Horse 60
2.14.5 Keylogging 61
2.14.6 Spoofing Attack 61
2.14.7 Packet Sniffer 62
2.14.8 Session Hijacking 62
3 Global Trend of Mobile Wireless Technology 63
3.1 1G Cellular Technology 63
3.1.1 AMPS (Advanced Mobile Phone System) 64
3.1.2 NMT (Nordic Mobile Telephone) 64
3.1.3 TACS (Total Access Communications System) 64
3.2 2G Mobile Radio Technology 64
3.2.1 CDPD (Cellular Digital Packet Data), North American Protocol 65
3.2.2 GSM (Global System for Mobile Communications) 65
3.2.3 TDMA-136 or IS-54 66
3.2.4 iDEN (Integrated Digital Enhanced Network) 66
3.2.5 cdmaOne IS-95A 67
3.2.6 PDC (Personal Digital Cellular) 67
3.2.7 i-mode 67
3.2.8 WAP (Wireless Application Protocol) 67
3.3 2.5G Mobile Radio Technology 67
3.3.1 ECSD (Enhanced Circuit-Switched Data) 69
3.3.2 HSCSD (High-Speed Circuit-Switched Data) 69
3.3.3 GPRS (General Packet Radio Service) 69
3.3.4 EDGE (Enhanced Data rate for GSM Evolution) 69
3.3.5 cdmaOne IS-95B 69
3.4 3G Mobile Radio Technology (Situation and Status of 3G) 70
3.4.1 UMTS (Universal Mobile Telecommunication System) 73
3.4.2 HSDPA (High-Speed Downlink Packet Access) 73
3.4.3 CDMA2000 1x 74
3.4.4 CDMA2000 1xEV (1x Evolution) 74
3.4.5 CDMA2000 1xEV-DO (1x Evolution Data Only) 74
3.4.6 CDMA2000 1xEV-DV (1x Evolution Data Voice) 74
3.5 3G UMTS Security-Related Encryption Algorithm 75
3.5.1 KASUMI Encryption Function 75
4 Symmetric Block Ciphers 81
4.1 Data Encryption Standard (DES) 81
4.1.1 Description of the Algorithm 82
4.1.2 Key Schedule 84
4.1.3 DES Encryption 86
4.1.4 DES Decryption 91
4.1.5 Triple DES 95
4.1.6 DES-CBC Cipher Algorithm with IV 97
4.2 International Data Encryption Algorithm (IDEA) 99
4.2.1 Subkey Generation and Assignment 100
4.2.2 IDEA Encryption 101
4.2.3 IDEA Decryption 106
4.3 RC5 Algorithm 108
4.3.1 Description of RC5 109
4.3.2 Key Expansion 110
4.3.3 Encryption 114
4.3.4 Decryption 117
4.4 RC6 Algorithm 123
4.4.1 Description of RC6 123
4.4.2 Key Schedule 124
4.4.3 Encryption 125
4.4.4 Decryption 128
4.5 AES (Rijndael) Algorithm 135
4.5.1 Notational Conventions 135
4.5.2 Mathematical Operations 137
4.5.3 AES Algorithm Specification 140
5 Hash Function, Message Digest, and Message Authentication Code 161
5.1 DMDC Algorithm 161
5.1.1 Key Schedule 162
5.1.2 Computation of Message Digests 166
5.2 Advanced DMDC Algorithm 171
5.2.1 Key Schedule 171
5.2.2 Computation of Message Digests 173
5.3 MD5 Message-Digest Algorithm 176
5.3.1 Append Padding Bits 176
5.3.2 Append Length 177
5.3.3 Initialize MD Buffer 177
5.3.4 Define Four Auxiliary Functions (F, G, H, I) 177
5.3.5 FF, GG, HH, and II Transformations for Rounds 1, 2, 3, and 4 178
5.3.6 Computation of Four Rounds (64 Steps) 178
5.4 Secure Hash Algorithm (SHA-1) 188
5.4.1 Message Padding 188
5.4.2 Initialize 160-bit Buffer 189
5.4.3 Functions Used 189
5.4.4 Constants Used 190
5.4.5 Computing the Message Digest 191
5.5 Hashed Message Authentication Codes (HMAC) 195
6 Asymmetric Public-Key Cryptosystems 203
6.1 Diffie–Hellman Exponential Key Exchange 203
6.2 RSA Public-Key Cryptosystem 207
6.2.1 RSA Encryption Algorithm 208
6.2.2 RSA Signature Scheme 212
6.3 ElGamal’s Public-Key Cryptosystem 215
6.3.1 ElGamal Encryption 215
6.3.2 ElGamal Signatures 217
6.3.3 ElGamal Authentication Scheme 219
6.4 Schnorr’s Public-Key Cryptosystem 222
6.4.1 Schnorr’s Authentication Algorithm 222
6.4.2 Schnorr’s Signature Algorithm 224
6.5 Digital Signature Algorithm 227
6.6 The Elliptic Curve Cryptosystem (ECC) 230
6.6.1 Elliptic Curves 230
6.6.2 Elliptic Curve Cryptosystem Applied to the ElGamal Algorithm 239
6.6.3 Elliptic Curve Digital Signature Algorithm 240
6.6.4 ECDSA Signature Computation 244
7 Public-Key Infrastructure 249
7.1 Internet Publications for Standards 250
7.2 Digital Signing Techniques 251
7.3 Functional Roles of PKI Entities 258
7.3.1 Policy Approval Authority 258
7.3.2 Policy Certification Authority 260
7.3.3 Certification Authority 261
7.3.4 Organizational Registration Authority 262
7.4 Key Elements for PKI Operations 263
7.4.1 Hierarchical Tree Structures 264
7.4.2 Policy-Making Authority 265
7.4.3 Cross-Certification 266
7.4.4 X.500 Distinguished Naming 269
7.4.5 Secure Key Generation and Distribution 270
7.5 X.509 Certificate Formats 271
7.5.1 X.509 v1 Certificate Format 271
7.5.2 X.509 v2 Certificate Format 273
7.5.3 X.509 v3 Certificate Format 274
7.6 Certificate Revocation List 282
7.6.1 CRL Fields 282
7.6.2 CRL Extensions 284
7.6.3 CRL Entry Extensions 285
7.7 Certification Path Validation 287
7.7.1 Basic Path Validation 287
7.7.2 Extending Path Validation 289
8 Network Layer Security 291
8.1 IPsec Protocol 291
8.1.1 IPsec Protocol Documents 292
8.1.2 Security Associations (SAs) 294
8.1.3 Hashed Message Authentication Code (HMAC) 296
8.2 IP Authentication Header 299
8.2.1 AH Format 300
8.2.2 AH Location 301
8.3 IP ESP 301
8.3.1 ESP Packet Format 303
8.3.2 ESP Header Location 304
8.3.3 Encryption and Authentication Algorithms 306
8.4 Key Management Protocol for IPsec 308
8.4.1 OAKLEY Key Determination Protocol 308
8.4.2 ISAKMP 309
9 Transport Layer Security: SSLv3 and TLSv1 325
9.1 SSL Protocol 325
9.1.1 Session and Connection States 326
9.1.2 SSL Record Protocol 327
9.1.3 SSL Change Cipher Spec Protocol 331
9.1.4 SSL Alert Protocol 331
9.1.5 SSL Handshake Protocol 332
9.2 Cryptographic Computations 338
9.2.1 Computing the Master Secret 338
9.2.2 Converting the Master Secret into Cryptographic Parameters 339
9.3 TLS Protocol 339
9.3.1 HMAC Algorithm 340
9.3.2 Pseudo-random Function 344
9.3.3 Error Alerts 349
9.3.4 Certificate Verify Message 350
9.3.5 Finished Message 351
9.3.6 Cryptographic Computations (for TLS) 351
10 Electronic Mail Security: PGP, S/MIME 353
10.1 PGP 353
10.1.1 Confidentiality via Encryption 354
10.1.2 Authentication via Digital Signature 355
10.1.3 Compression 356
10.1.4 Radix-64 Conversion 357
10.1.5 Packet Headers 361
10.1.6 PGP Packet Structure 363
10.1.7 Key Material Packet 367
10.1.8 Algorithms for PGP 5.x 371
10.2 S/MIME 372
10.2.1 MIME 372
10.2.2 S/MIME 379
10.2.3 Enhanced Security Services for S/MIME 382
11 Internet Firewalls for Trusted Systems 387
11.1 Role of Firewalls 387
11.2 Firewall-Related Terminology 388
11.2.1 Bastion Host 389
11.2.2 Proxy Server 389
11.2.3 SOCKS 390
11.2.4 Choke Point 391
11.2.5 Demilitarized Zone (DMZ) 391
11.2.6 Logging and Alarms 391
11.2.7 VPN 392
11.3 Types of Firewalls 392
11.3.1 Packet Filters 392
11.3.2 Circuit-Level Gateways 397
11.3.3 Application-Level Gateways 397
11.4 Firewall Designs 398
11.4.1 Screened Host Firewall (Single-Homed Bastion Host) 399
11.4.2 Screened Host Firewall (Dual-Homed Bastion Host) 400
11.4.3 Screened Subnet Firewall 400
11.5 IDS Against Cyber Attacks 401
11.5.1 Internet Worm Detection 401
11.5.2 Computer Virus 402
11.5.3 Special Kind of Viruses 403
11.6 Intrusion Detections Systems 404
11.6.1 Network-Based Intrusion Detection System (NIDS) 404
11.6.2 Wireless Intrusion Detection System (WIDS) 406
11.6.3 Network Behavior Analysis System (NBAS) 408
11.6.4 Host-Based Intrusion Detection System (HIDS) 409
11.6.5 Signature-Based Systems 410
11.6.6 Anomaly-Based Systems 411
11.6.7 Evasion Techniques of IDS Systems 412
12 SET for E-Commerce Transactions 415
12.1 Business Requirements for SET 415
12.2 SET System Participants 417
12.3 Cryptographic Operation Principles 418
12.4 Dual Signature and Signature Verification 420
12.5 Authentication and Message Integrity 424
12.6 Payment Processing 427
12.6.1 Cardholder Registration 427
12.6.2 Merchant Registration 433
12.6.3 Purchase Request 434
12.6.4 Payment Authorization 435
12.6.5 Payment Capture 437
13 4G Wireless Internet Communication Technology 439
13.1 Mobile WiMAX 440
13.1.1 Mobile WiMAX Network Architecture 440
13.1.2 Reference Points in WiMAX Network Reference Model (NRM) 442
13.1.3 Key Supporting Technologies 444
13.1.4 Comparison between Mobile WiMAX Network and Cellular Wireless Network 447
13.2 WiBro (Wireless Broadband) 448
13.2.1 WiBro Network Architecture 448
13.2.2 Key Elements in WiBro System Configuration 449
13.2.3 System Comparison between HSDPA and WiBro 451
13.2.4 Key Features on WiBro Operation 451
13.3 UMB (Ultra Mobile Broadband) 452
13.3.1 Design Objectives of UMB 453
13.3.2 Key Technologies Applicable to UMB 453
13.3.3 UMB IP-Based Network Architecture 455
13.3.4 Conclusive Remarks 456
13.4 LTE (Long Term Evolution) 457
13.4.1 LTE Features and Capabilities 457
13.4.2 LTE Frame Structure 458
13.4.3 LTE Time-Frequency Structure for Downlink 458
13.4.4 LTE SC-FDMA on Uplink 460
13.4.5 LTE Network Architecture 461
13.4.6 Key Components Supporting LTE Design 463
13.4.7 Concluding Remarks 464
Acronyms 467
Bibliography 473
Index 481
The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.