导语
内容提要
威廉·斯托林斯编著的《密码编码学与网络安全--原理与实践(第7版英文版)》系统地介绍了密码编码学与网络安全的基本原理和应用技术。纸质教材分为六部分:背景知识部分介绍计算机与网络安全的概念、数论;对称密码部分讨论古典加密技术、分组加密和数据加密标准、有限域、高级加密标准、分组加密操作、随机位生成和流密码;非对称密码部分讨论公钥加密和RSA、其他公钥加密体制;密码编码数据完整性算法部分讨论哈希函数、消息认证编码、数字签名;互信部分讨论密钥管理与分发、用户鉴别;网络和互联网安全部分讨论网络访问控制和云安全、传输层安全、无线网络安全、电子邮件安全、IP安全。联机内容分为两部分:系统安全部分讨论恶意软件、入侵者、防火墙;法律和道德问题部分讨论与计算机和网络安全相关的法律与道德问题。与第六版相比,章节组织基本不变,但增加了许多新内容,如数论、格式保留加密、真随机数生成器、云安全、传输层安全、移动设备安全等。
本书可作为高校计算机、网络安全、信息安全、软件工程等专业研究生和高年级本科生的教材,也可供从事网络空间安全、计算机、通信、电子工程等领域的科技人员参考。
作者简介
威廉·斯托林斯(William Stallings),美国圣母大学电气工程专业学士,麻省理工学院计算机科学专业博士。
William Stallings已出版图书近20种,含修订版在内共出版图书40种,内容涉及计算机安全、计算机网络和计算机体系结构。在多家期刊上发表了大量论文,包括《IEEE学报》《ACM计算评论》和《密码术》。13次荣获教材与学术作者协会颁发的最佳计算机科学教科书奖。在计算机科学领域工作的30多年,William Stallings一直是一位技术贡献者、技术管理者和多家高科技公司的主管;针对许多计算机和操作系统,设计和实现了基于TCP/IP与基于OSI的协议套件。
William Stallings还是政府机构、计算机和软件供应商以及设计、选用网络软件与产品的用户的顾问。创建与维护了计算机科学专业学生资源网站ComputerScienceStudent.com,为计算机科学专业的学生(及专业人员)提供文献及大量专题链接,也是学术期刊《密码术》的编委会成员。
目录
Part One: Background
Chapter 1 Computer and Network Security Concepts
1.1 Computer Security Concepts
1.2 The OSI Security Architecture
1.3 Security Attacks
1.4 Security Services
1.5 Security Mechanisms
1.6 Fundamental Security Design Principles
1.7 Attack Surfaces and Attack Trees
1.8 A Model for Network Security
1.9 Standards
1.10 Key Terms, Review Questions, and Problems
Chapter 2 Introduction to Number Theory
2.1 Divisibility and the Division Algorithm
2.2 The Euclidean Algorithm
2.3 Modular Arithmetic
2.4 Prime Numbers
2.5 Fermat’s and Euler’s Theorems
2.6 Testing for Primality
2.7 The Chinese Remainder Theorem
2.8 Discrete Logarithms
2.9 Key Terms, Review Questions, and Problems
Appendix 2A The Meaning of Mod
Part Two: Symmetric Ciphers
Chapter 3 Classical Encryption Techniques
3.1 Symmetric Cipher Model
3.2 Substitution Techniques
3.3 Transposition Techniques
3.4 Rotor Machines
3.5 Steganography
3.6 Key Terms, Review Questions, and Problems
Chapter 4 Block Ciphers and the Data Encryption Standard
4.1 Traditional Block Cipher Structure
4.2 The Data Encryption Standard
4.3 A DES Example
4.4 The Strength of DES
4.5 Block Cipher Design Principles
4.6 Key Terms, Review Questions, and Problems
Chapter 5 Finite Fields
5.1 Groups
5.2 Rings
5.3 Fields
5.4 Finite Fields of the Form GF(p)
5.5 Polynomial Arithmetic
5.6 Finite Fields of the Form GF(2n)
5.7 Key Terms, Review Questions, and Problems
Chapter 6 Advanced Encryption Standard
6.1 Finite Field Arithmetic
6.2 AES Structure
6.3 AES Transformation Functions
6.4 AES Key Expansion
6.5 An AES Example
6.6 AES Implementation
6.7 Key Terms, Review Questions, and Problems
Appendix 6A Polynomials with Coefficients in GF(28)
Chapter 7 Block Cipher Operation
7.1 Multiple Encryption and Triple DES
7.2 Electronic Codebook
7.3 Cipher Block Chaining Mode
7.4 Cipher Feedback Mode
7.5 Output Feedback Mode
7.6 Counter Mode
7.7 XTS-AES Mode for Block-Oriented Storage Devices
7.8 Format-Preserving Encryption
7.9 Key Terms, Review Questions, and Problems
Chapter 8 Random Bit Generation and Stream Ciphers
8.1 Principles of Pseudorandom Number Generation
8.2 Pseudorandom Number Generators
8.3 Pseudorandom Number Generation Using a Block Cipher
8.4 Stream Ciphers
8.5 RC4
8.6 True Random Number Generators
8.7 Key Terms, Review Questions, and Problems
Part Three: Asymmetric Ciphers
Chapter 9 Public-Key Cryptography and RSA
9.1 Principles of Public-Key Cryptosystems
9.2 The RSA Algorithm
9.3 Key Terms, Review Questions, and Problems
Chapter 10 Other Public-Key Cryptosystems
10.1 Diffie-Hellman Key Exchange
10.2 Elgamal Cryptographic System
10.3 Elliptic Curve Arithmetic
10.4 Elliptic Curve Cryptography
10.5 Pseudorandom Number Generation Based on an Asymmetric Cipher
10.6 Key Terms, Review Questions, and Problems
Part Four: Cryptographic Data Integrity Algorithms
Chapter 11 Cryptographic Hash Functions
11.1 Applications of Cryptographic Hash Functions
11.2 Two Simple Hash Functions
11.3 Requirements and Security
11.4 Hash Functions Based on Cipher Block Chaining
11.5 Secure Hash Algorithm (SHA)
11.6 SHA-3
11.7 Key Terms, Review Questions, and Problems
Chapter 12 Message Authentication Codes
12.1 Message Authentication Requirements
12.2 Message Authentication Functions
12.3 Requirements for Message Authentication Codes
12.4 Security of MACs
12.5 MACs Based on Hash Functions: HMAC
12.6 MACs Based on Block Ciphers: DAA and CMAC
12.7 Authenticated Encryption: CCM and GCM
12.8 Key Wrapping
12.9 Pseudorandom Number Generation Using Hash Functions and MACs
12.10 Key Terms, Review Questions, and Problems
Chapter 13 Digital Signatures
13.1 Digital Signatures
13.2 Elgamal Digital Signature Scheme
13.3 Schnorr Digital Signature Scheme
13.4 NIST Digital Signature Algorithm
13.5 Elliptic Curve Digital Signature Algorithm
13.6 RSA-PSS Digital Signature Algorithm
13.7 Key Terms, Review Questions, and Problems
Part Five: Mutual Trust
Chapter 14 Key Management and Distribution
14.1 Symmetric Key Distribution Using Symmetric Encryption
14.2 Symmetric Key Distribution Using Asymmetric Encryption
14.3 Distribution of Public Keys
14.4 X.509 Certificates
14.5 Public-Key Infrastructure
14.6 Key Terms, Review Questions, and Problems
Chapter 15 User Authentication
15.1 Remote User-Authentication Principles
15.2 Remote User-Authentication Using Symmetric Encryption
15.3 Kerberos
15.4 Remote User-Authentication Using Asymmetric Encryption
15.5 Federated Identity Management
15.6 Personal Identity Verification
15.7 Key Terms, Review Questions, and Problems
Part Six: Network And Internet Security
Chapter 16 Network Access Control and Cloud Security
16.1 Network Access Control
16.2 Extensible Authentication Protocol
16.3 IEEE 802.1X Port-Based Network Access Control
16.4 Cloud Computing
16.5 Cloud Security Risks and Countermeasures
16.6 Data Protection in the Cloud
16.7 Cloud Security as a Service
16.8 Addressing Cloud Computing Security Concerns
16.9 Key Terms, Review Questions, and Problems
Chapter 17 Transport-Level Security
17.1 Web Security Considerations
17.2 Transport Layer Security
17.3 HTTPS
17.4 Secure Shell (SSH)
17.5 Key Terms, Review Questions, and Problems
Chapter 18 Wireless Network Security
18.1 Wireless Security
18.2 Mobile Device Security
18.3 IEEE 802.11 Wireless LAN Overview
18.4 IEEE 802.11i Wireless LAN Security
18.5 Key Terms, Review Questions, and Problems
Chapter 19 Electronic Mail Security
19.1 Internet Mail Architecture
19.2 Email Formats
19.3 Email Threats and Comprehensive Email Security
19.4 S/MIME
19.5 Pretty Good Privacy
19.6 DNSSEC
19.7 DNS-Based Authentication of Named Entities
19.8 Sender Policy Framework
19.9 DomainKeys Identified Mail
19.10 Domain-Based Message Authentication, Reporting, and Conformance
19.11 Key Terms, Review Questions, and Problems
Chapter 20 IP Security
20.1 IP Security Overview
20.2 IP Security Policy
20.3 Encapsulating Security Payload
20.4 Combining Security Associations
20.5 Internet Key Exchange
20.6 Cryptographic Suites
20.7 Key Terms, Review Questions, and Problems
APPENDICES
Appendix A Projects for Teaching Cryptography and Network Security
A.1 Sage Computer Algebra Projects
A.2 Hacking Project
A.3 Block Cipher Projects
A.4 Laboratory Exercises
A.5 Research Projects
A.6 Programming Projects
A.7 Practical Security Assessments
A.8 Firewall Projects
A.9 Case Studies
A.10 Writing Assignments
A.11 Reading/Report Assignments
A.12 Discussion Topics
Appendix B Sage Examples
B.1 Linear Algebra and Matrix Functionality
B.2 Chapter 2: Number Theory
B.3 Chapter 3: Classical Encryption
B.4 Chapter 4: Block Ciphers and the Data Encryption Standard
B.5 Chapter 5: Basic Concepts in Number Theory and Finite Fields
B.6 Chapter 6: Advanced Encryption Standard
B.7 Chapter 8: Pseudorandom Number Generation and Stream Ciphers
B.8 Chapter 9: Public-Key Cryptography and RSA
B.9 Chapter 10: Other Public-Key Cryptosystems
B.10 Chapter 11: Cryptographic Hash Functions
B.11 Chapter 13: Digital Signatures
References
Credits
Index