An introduction to one of the backbones of the digital world
Cryptography is one of the most important aspects of information technology security, central to the protection of digital assets and the mitigation of risks that come with increased global connectivity. The digital world is wholly reliant on secure algorithms and protocols for establishing identity, protecting user data, and more. Groundbreaking recent developments in network communication and a changing digital landscape have been accompanied by similar advances in cryptography, which is more central to digital life than ever before.
This book constitutes a comprehensive yet accessible introduction to the algorithms, protocols, and standards which protect the modern internet. Built around both foundational theories and hundreds of specific algorithms, it also incorporates the required skills in complex mathematics. The result is an indispensable introduction to the protocols and systems which should define cryptography for decades to come.
Readers will also find: - Over 450 problems with accompanying solutions to reinforce key concepts and test retention - Detailed discussion of topics including symmetric and asymmetric algorithms, random number generation, user authentication, and many more - Over 200 figures and tables that provide rich detail to the content
Cryptography: Algorithms, Protocols, and Standards for Computer Security is ideal for undergraduate and graduate students in cryptography and information technology subjects, as well as for researchers looking for a working reference on existing cryptographic algorithms and protocols.
Table of Contents
Preface xviii
1 Introduction to Computer Security 1
1.1 Introduction 1
1.2 Security Terms and Definitions 4
1.3 Security Services 6
1.4 Attacks 8
1.5 Countermeasures/Defenses 16
1.6 Overview of Defense Systems 20
1.7 Introduction to Privacy Protection 26
1.8 Concluding Remarks 29
1.9 Exercises and Solutions 29
2 Introduction to Cryptography 33
2.1 Definitions of Basic Terms 33
2.2 Cryptographic Primitives 39
2.3 Fundamental Properties of Cryptographic Algorithms 43
2.4 Attacks Against Cryptographic Algorithms 45
2.5 Steganography 51
2.6 Exercises and Problems 52
3 Mathematical Basics and Computation Algorithms for Cryptography 59
3.1 Number Theory Notations, Definitions, and Theorems 59
3.2 Basic Algebraic Structures 66
3.3 Computation Algorithms 80
3.4 Birthday Paradox and Its Generalization 92
3.5 Solutions to Exercises and Problems 93
4 Symmetric Ciphering: Historical Ciphers 117
4.1 Definitions 117
4.2 Caesar’s Cipher 117
4.3 Affine Ciphers 118
4.4 Vigenere’s Cipher 120
4.5 Enigma Machine 122
4.6 One-time Pad 133
4.7 Exercises and Problems 133
5 Hash Functions, Message Authentication Codes, and Digital Signature 142
5.1 Hash Functions 142
5.2 Secure Hash Algorithms (SHA) 146
5.3 Message Authentication Codes 157
5.4 Digital Signature 161
5.5 Concluding Remarks 163
5.6 Problems 163
6 Stream Ciphers 173
6.1 Stream Ciphers 173
6.2 Examples of Standard Keystream Generators 182
6.3 Exercises and Problems 197
7 Block Ciphers: Basics, TDEA, and AES 207
7.1 Construction Principles for Block Cipher Design 207
7.2 Triple Data Encryption Algorithm (TDEA) 211
7.3 Advanced Encryption System (AES) 222
7.4 Exercises and Problems 235
8 Block Cipher Modes of Operation for Confidentiality 247
8.1 Introduction 247
8.2 ECB Mode of Operation 249
8.3 CBC Modes of Operation 250
8.4 OFB Mode of Operation 253
8.5 CTR Mode of Operation 253
8.6 CFB Mode of Operation 255
8.7 Format-Preserving Encryption Modes of Operation 256
8.8 XTS-AES Mode of Operation 264
8.9 Comparison of Design Features of Modes for Confidentiality 269
8.10 Security of Modes of Operation for Confidentiality 269
8.11 Exercises and Problems 273
9 Block Cipher Modes of Operation for Authentication and Confidentiality 281
9.1 Introduction 281
9.2 Block Cipher Modes of Operation for Confidentiality and Authentication 282
9.3 Exercises and Problems 306
10 Introduction to Security Analysis of Block Ciphers 314
10.1 Pseudorandom Functions and Permutations 314
10.2 Security of TDEA and AES 320
10.3 Security Analysis Modes of Operation of BC for Confidentiality 322
10.4 Security Analysis of Authenticity-only Schemes 326
10.5 Generic Models for Security Analysis of Authenticated-Encryption Modes 329
10.6 Problems and Solutions 332
11 Introduction to Cryptanalysis Attacks on Symmetric Ciphers 338
11.1 Memory-Time Trade-off Attacks 339
11.2 Linear Cryptanalysis 347
11.3 Differential Cryptanalysis 360
11.4 Algebraic Cryptanalysis 366
11.5 Cube Attack 368
11.6 Other Attacks Against Stream Ciphers 372
11.7 Problems and Solutions 374
12 Public-Key Cryptosystems 381
12.1 Introduction to Public-Key Cryptosystems 381
12.2 RSA Cryptosystem 383
12.3 Finite Field-based Cryptography 394
12.4 Digital Signature Algorithm (DSA) 400
12.5 Exercises and Problems 401
13 Public-Key Cryptosystems: Elliptic Curve Cryptography 424
13.1 Introduction 424
13.2 Elliptic Curve Cryptography over Prime Field Fp 426
13.3 Elliptic Curve Cryptography over Extension Fields 431
13.4 Security of EC Cryptosystems 436
13.5 Elliptic Curve-based Algorithms 437
13.6 Exercises and Problems 451
14 Key Management 465
14.1 Key-Management-related Notions 465
14.2 Key-Generation Schemes 469
14.3 Key-Establishment Schemes 482
14.4.1 List of Problems 501
14.4.2 Solutions to Problems 503
15 Digital Certificate, Public-Key Infrastructure, TLS, and Kerberos 509
15.1 Digital Certificate: Notion and X.509 Format 509
15.2 Public-Key Infrastructure 511
15.3 Transport Layer Security (TLS 1.3) 517
15.4 Kerberos 521
15.5 Exercises and Problems 527
16 Generation of Pseudorandom and Prime Numbers for Cryptographic Applications 531
16.1 Introduction to Pseudorandom Number Generation 531
16.2 Pseudorandom Bit Generators Recommended for Cryptography 541
16.3 Prime Number Generation 549
16.4 Exercises and Problems 561
Notes 565
References 565
Appendix: Multiple Choice Questions and Answers 566
Index 580