书籍详情
![《密码学与网络安全AtulKahate著》[41M]百度网盘|亲测有效|pdf下载](/uploads/s0309/90cb393c-48d7-46f9-a5bc-6907622e630e.jpg)
密码学与网络安全AtulKahate著
- 出版社:云韬图书图书专营店
- 出版时间:2009-05
- 热度:10254
- 上架时间:2024-06-30 09:08:33
- 价格:0.0
书籍下载
书籍预览
免责声明
本站支持尊重有效期内的版权/著作权,所有的资源均来自于互联网网友分享或网盘资源,一旦发现资源涉及侵权,将立即删除。希望所有用户一同监督并反馈问题,如有侵权请联系站长或发送邮件到ebook666@outlook.com,本站将立马改正
内容介绍
基本信息
参考信息(以实物为准)
编辑推荐
语言表达流畅、简洁,使《密码学与网络安全(第□版)》的阅读不再枯燥。
全书多达4□5幅插图,极大地方便了读者的学习和理解。
全书提供了丰富的多项选择题、练习题、设计与编程题,有利于加深读者对所学知识的理解和掌握。
全书多达4□5幅插图,极大地方便了读者的学习和理解。
全书提供了丰富的多项选择题、练习题、设计与编程题,有利于加深读者对所学知识的理解和掌握。
内容简介
《密码学与网络安全(第□版)》以清晰的脉络、简洁的语言,介绍了各种加密技术、网络安全协议与实现技术等内容,包括各种对称密钥算法与AES,非对称密钥算法、数字签名与RSA,数字证书与公钥基础设施,Internet安全协议,用户认证与Kerberos,Java、.NET和操作系统的加密实现,网络安全、防火墙与VPN,并给出了具体的加密与安全的案例实现分析,是一本关于密码学与网络安全的理论结合实践的优秀教材。
前言序言
Having worked in the area of information Technology for about six years (in □001 ) I had read a lot abouto worked in the area of information Technology for about six years (in □001) I had read a lot aboutinformation securitV and how to achieve it. However my concepts were vague and I knew theJ and how to achieve it. However my concepts were vague and I knew thetechnology of security in bits and pieces. This was quite annoying as it never gave a feeling ofioJ J in bits and pieces. This was quite annoying as it never gave a feeling ofsatisfaction. It was as if I did not know the complete pictllre. For example I did know that numbersystems played an important role in cryptography but did not know how much I should know aboutthem to understand the concepts thoroughly. Similarly I knew that digital certificates and Public KeyInfrastructure (PKI) were quite wonderful technologies but knew only to some extent as to how theyworked. Numerous other examples can be given.Then I got an opportunity to lead an information security project in i-flex solutions limited. I knewo pportunity to lead an information security project in i-flex solutions limited. I knewthat I could learn a lot simply by working on that project. However I also felt very strongly that until Iwas thorouZh with all the aSDects of comDUter securitV/crVptoZraDhv myself. I would not be able to doo poets of computer security/cryptography myself I would not be able to do..true lustice to this project. It was for this reason that I took up the task of studying each and every aspectJ ustice to this project. It was for this reason that I took up the task of studying each and every aspectof these technologies. Unfortllnately there were a lot of hurdles. The main hurdle was that there was noto j Lllere were a lot of hurdles.
目录
Preface to the Second Editon xi
jace to the Second Editon xi
Preface to the First Editon xv
jace to the First Editon xv
Important Terms andAbbreviations xvii
1. Attacks on Computers and Computer Security
1.1 intfoduction 11
1.□ The Need for Security 1
1.3 SecuritV Approaches 4
1.4 Principles of Security 7
1.5 TVves of Attacks 1□
Summary 33
Multiple-choice Ouestions 34
pie-choice Questions 34
Exercises 36
Design/Programming Exercises 37
□. Cryptography: Concepts and Techniques 38
□.1 Intfoduction 38
□.□ Plain Text and Cipher Text 40
□.3 Substitution Techniques 41
□.4 Transposition Techniques 54
□.5 EncrVption and DecrVption 59
□.6 Symmetric and AsVmmetric Key Cryptography 6□
□.7 Steganography 73
□.8 Key Range and Key Size 74
□.9 Possible TVves of Attacks 77
Multiple-choice Ouestions 83
pie-choice Questions 83
Exercises 85
Design/Programming Exercises 85
vin Content□<□r>
3. Symmetric Key Algorithms and AES 87
3.1 Introduction 87
3.□ Algorithm Types and Modes 87
3.3 An Overview of Symmetric Key Cryptography 98
3.4 Data Encryption Standard (DES) 100
3.5 International Data Encryption Algorithm (IDEA) 115
3.6 RC4 1□3
3.7 RCS 1□5
3.8 Blowfish 131
3.9 Advanced Encryption Standard (AES) 137
Summary 148
Multiple-choice Questions 150
Exercises 15□
Design/Programming Exercises 15□
4. Asymmetric Key Algorithms, Digital Signatures and RSA 153
4.1 Introduction 153
4.□ Brief History of Asymmetric Key Cryptography 153
4.3 An Overview of Asymmetric Key Cryptography 154
4.4 The RSA Algorithm 156
4.5 Symmetric and Asymmetric Key Cryptography Together 160
4.6 Digital Signatures 165
4.7 KnapsackAlgorithm 197
4.8 Some Other Algorithms 198
Summary □01
Multiple——choice Questions □01
Exercises □03
Design/Programming Exercises □03
5. Digital Certificates and Public Key infrastructure (PKI) □05
5.1 Introduction □05
5.□ Digital Certificates □06
5.3 Private Key Management □37
5.4 The PKIX Model □39
5.5 Public Key Cryptography Standards (PKCS) □41
5.6 XML, PKI and Security □47
5.7 Creating Digital Certificates Using Java □5□
Summary □60
Multiple-choice Questions □6□
Exercises □63
Design/Programming Exercises □63
Contents ix
6. Internet Security Protocols □65
6.1 Introduction □65
6.□ Basic Concepts □65
6.3 Secure Socket Layer (SSL) □7□
6.4 Transport Layer Security (TLS) □84
6.5 Secure Hyper Text Transfer Protocol (SHTTP) □84
6.6 Time Stamping Protocol (TSP) □85
6.7 Secure Electronic Transaction (SET) □86
6.8 SSL Versus SET □98
6.9 3-D Secure Protocol □99
6.10 Electronic Money 30□
6.11 Email Security 307
6.1□ Wireless Application Protocol (WAP) Security 3□7
6.13 Security in GSM 330
6.14 Security in 3G 33□
Summary 335
Multiple-choice Questions 337
Exercises 338
Design/Programming Exercises 339
7. User Authentication and Kerberos 340
7.1 Intfoduction 340
7.□ Authentication Basics 340
7.3 Passwords 341
7.4 Authentication Tokens 354
7.5 Certificate-based Authentication 365
7.6 Biometric Authentication 371
7.7 Kerberos 37□
7.8 Key Distribution Center (KDC) 378
7.9 Security Handshake Pitfalls 379
7.10 Single Sign On (SSO) Approaches 387
Summary 388
Multiple-choice Questions 390
Exercises 391
Design/Programming Exercises 391
8. Cryptography in lava, .NET and Operating Systems 393
8.1 Intfoduction 393
8.□ Cryptographic Solutions Using Java 393
8.3 Cryptographic Solutions Using Microsoft .NET Framework 400
8.4 Cryptographic Toolkits 403
x Content□<□r>8.5 Security and Operating Systems 404
8.6 Database Security 409
Summary 4□6
Multiple-choice Questions 4□7
Exercises 4□8
Design/Programming Exercises 4□8
9. Network Security, Firewalls and Virtual Private Networks (VPN) 430
9.1 Intfoduction 430
9.□ Brief introduction to TCP/IP 430
9.3 Firewalls 435
9.4 lP Security 45□
9.5 Virtual Private Networks (VPN) 469
9.6 Intrusion 47□
Summary 476
Multiple-choice Questions 478
Exercises 479
Design/Programming Exercises 480
10. Case Studies on Cryptography and Security 481
10.1 Introduction 481
10.□ Cryptographic Solutions——A Case Study 481
10.3 Single Sign On (SSO) 488
10.4 Secure inter-branch Payment Transactions 491
10.5 Denial Of Service (DOS) Attacks 496
10.6 lP Spoofing Attacks 498
10.7 Cross Site Scripting Vulnerability (CSSV) 499
10.8 Contract Signing 501
10.9 Secret Splitting 501
10.10 Virtual Elections 50□
10.11 Secure Multiparty Calculation 504
10.1□ Creating a VPN 505
10.13 Cookies and Privacy 506
APPendix A: Mathematical Background 507
APPendix B: Number Systems 516
APPendix C: Information Theory 5□1
APPendix D: Real-ide TOols 5□3
APPendix E: Web Resources 5□4
APPendix F: A Brief introduction tO ASN, BER, DER 5□7
References 533
jace to the Second Editon xi
Preface to the First Editon xv
jace to the First Editon xv
Important Terms andAbbreviations xvii
1. Attacks on Computers and Computer Security
1.1 intfoduction 11
1.□ The Need for Security 1
1.3 SecuritV Approaches 4
1.4 Principles of Security 7
1.5 TVves of Attacks 1□
Summary 33
Multiple-choice Ouestions 34
pie-choice Questions 34
Exercises 36
Design/Programming Exercises 37
□. Cryptography: Concepts and Techniques 38
□.1 Intfoduction 38
□.□ Plain Text and Cipher Text 40
□.3 Substitution Techniques 41
□.4 Transposition Techniques 54
□.5 EncrVption and DecrVption 59
□.6 Symmetric and AsVmmetric Key Cryptography 6□
□.7 Steganography 73
□.8 Key Range and Key Size 74
□.9 Possible TVves of Attacks 77
Multiple-choice Ouestions 83
pie-choice Questions 83
Exercises 85
Design/Programming Exercises 85
vin Content□<□r>
3. Symmetric Key Algorithms and AES 87
3.1 Introduction 87
3.□ Algorithm Types and Modes 87
3.3 An Overview of Symmetric Key Cryptography 98
3.4 Data Encryption Standard (DES) 100
3.5 International Data Encryption Algorithm (IDEA) 115
3.6 RC4 1□3
3.7 RCS 1□5
3.8 Blowfish 131
3.9 Advanced Encryption Standard (AES) 137
Summary 148
Multiple-choice Questions 150
Exercises 15□
Design/Programming Exercises 15□
4. Asymmetric Key Algorithms, Digital Signatures and RSA 153
4.1 Introduction 153
4.□ Brief History of Asymmetric Key Cryptography 153
4.3 An Overview of Asymmetric Key Cryptography 154
4.4 The RSA Algorithm 156
4.5 Symmetric and Asymmetric Key Cryptography Together 160
4.6 Digital Signatures 165
4.7 KnapsackAlgorithm 197
4.8 Some Other Algorithms 198
Summary □01
Multiple——choice Questions □01
Exercises □03
Design/Programming Exercises □03
5. Digital Certificates and Public Key infrastructure (PKI) □05
5.1 Introduction □05
5.□ Digital Certificates □06
5.3 Private Key Management □37
5.4 The PKIX Model □39
5.5 Public Key Cryptography Standards (PKCS) □41
5.6 XML, PKI and Security □47
5.7 Creating Digital Certificates Using Java □5□
Summary □60
Multiple-choice Questions □6□
Exercises □63
Design/Programming Exercises □63
Contents ix
6. Internet Security Protocols □65
6.1 Introduction □65
6.□ Basic Concepts □65
6.3 Secure Socket Layer (SSL) □7□
6.4 Transport Layer Security (TLS) □84
6.5 Secure Hyper Text Transfer Protocol (SHTTP) □84
6.6 Time Stamping Protocol (TSP) □85
6.7 Secure Electronic Transaction (SET) □86
6.8 SSL Versus SET □98
6.9 3-D Secure Protocol □99
6.10 Electronic Money 30□
6.11 Email Security 307
6.1□ Wireless Application Protocol (WAP) Security 3□7
6.13 Security in GSM 330
6.14 Security in 3G 33□
Summary 335
Multiple-choice Questions 337
Exercises 338
Design/Programming Exercises 339
7. User Authentication and Kerberos 340
7.1 Intfoduction 340
7.□ Authentication Basics 340
7.3 Passwords 341
7.4 Authentication Tokens 354
7.5 Certificate-based Authentication 365
7.6 Biometric Authentication 371
7.7 Kerberos 37□
7.8 Key Distribution Center (KDC) 378
7.9 Security Handshake Pitfalls 379
7.10 Single Sign On (SSO) Approaches 387
Summary 388
Multiple-choice Questions 390
Exercises 391
Design/Programming Exercises 391
8. Cryptography in lava, .NET and Operating Systems 393
8.1 Intfoduction 393
8.□ Cryptographic Solutions Using Java 393
8.3 Cryptographic Solutions Using Microsoft .NET Framework 400
8.4 Cryptographic Toolkits 403
x Content□<□r>8.5 Security and Operating Systems 404
8.6 Database Security 409
Summary 4□6
Multiple-choice Questions 4□7
Exercises 4□8
Design/Programming Exercises 4□8
9. Network Security, Firewalls and Virtual Private Networks (VPN) 430
9.1 Intfoduction 430
9.□ Brief introduction to TCP/IP 430
9.3 Firewalls 435
9.4 lP Security 45□
9.5 Virtual Private Networks (VPN) 469
9.6 Intrusion 47□
Summary 476
Multiple-choice Questions 478
Exercises 479
Design/Programming Exercises 480
10. Case Studies on Cryptography and Security 481
10.1 Introduction 481
10.□ Cryptographic Solutions——A Case Study 481
10.3 Single Sign On (SSO) 488
10.4 Secure inter-branch Payment Transactions 491
10.5 Denial Of Service (DOS) Attacks 496
10.6 lP Spoofing Attacks 498
10.7 Cross Site Scripting Vulnerability (CSSV) 499
10.8 Contract Signing 501
10.9 Secret Splitting 501
10.10 Virtual Elections 50□
10.11 Secure Multiparty Calculation 504
10.1□ Creating a VPN 505
10.13 Cookies and Privacy 506
APPendix A: Mathematical Background 507
APPendix B: Number Systems 516
APPendix C: Information Theory 5□1
APPendix D: Real-ide TOols 5□3
APPendix E: Web Resources 5□4
APPendix F: A Brief introduction tO ASN, BER, DER 5□7
References 533
精彩书摘
It is said that a random number generator based purely on deterministic computational techniquecannot really be considered as a perfect random number generator. This is because its output ispredictable. Distinguishing between true and seemingly true random numbers is not easy. Most computer programming languages provide support for random number generators in the formof library functions. They are usually so designed that they can provide a random byte or a floating pointnumber uniformly distributed between the range of 0 and 1. These library functions are often found tohave poor statistical properties and some will repeat patterns after a few cycles. They are usuallyinitialized using a computers clock as the seed. These functions may provide enough randomness forcertain simple tasks (e.g. computer-based games), but they are not recommended in situations thatdemand high-quality randomness. Examples of these situations are cryptographic applications,statistical applications or numerical applications. Hence, specialized random number generators are alsoavailable on a majority of operating systems. We might feel that computers can generate random numbers. In fact, many programming languagesprovide facilities to generate random numbers. However, this is not quite correct. Random numbersgenerated by computers are not truly randomover a period of time, we can predict them. This issimply because computers are rulebased machines, which have a finite range for generating (the socalled) random numbers. Therefore, we must make computers generate random numbers by usingsome external means. This process is called as psuedorandom number generation.
作者简介
Atul Kahate在印度和世界IT业中已经有1□年的工作经验,他取得了统计学学士学位和计算机系统专业的MBA学位。他与他人为Tata McGraw-Hill出版公司合著了多部著作,不少书被用作教材或全世界的大学/学院/IT公司用作参考书。Atul Kahate还在印度和国外获得过多个奖项,过去曾就职于Syntel、L&T Infotech American Express和德国银行,现就职于i-flex solution有限公司。