◆PREY NEXT◆ [Page xvi] Acknowledgments This new edition has benefited from review by a number of people,who gave generously of their time and expertise.The following people reviewed all or a large part of the manuscript:Danny Krizanc(Wesleyan University).Breno de Medeiros(Florida State University),Roger H.Brown(Rensselaer at Hartford),Cristina Nita-Rotarul(Purdue University),and Jimmy McGibney (Waterford Institute of Technology) Thanks also to the many people who provided detailed technical reviews of a single chapter:Richard Outerbridge,Jorge Nakahara, Jeroen van de Graaf,Philip Moseley,Andre Correa,Brian Bowling.James Muir,Andrew Holt,Decio Luiz Gazzoni Filho,Lucas Ferreira. Dr.Kemal Bicakci,Routo Terada,Anton Stiglic.Valery Pryamikov,and Yongge Wang. Joan Daemen kindly reviewed the chapter on AES.Vincent Rijmen reviewed the material on Whirlpool.And Edward F.Schaefer reviewed the material on simplified AES. The following people contributed homework problems for the new edition:Joshua Brandon Holden(Rose-Hulman Institute if Technology),Kris Gaj(George Mason University),and James Muir(University of Waterloo). Sanjay Rao and Ruben Torres of Purdue developed the laboratory exercises that appear in the instructor's supplement.The following people contributed project assignments that appear in the instructor's supplement:Henning Schulzrinne(Columbia University):Cetin Kaya Koc (Oregon State University);and David Balenson(Trusted Information Systems and George Washington University). Finally.I would like to thank the many people responsible for the publication of the book.all of whom did their usual excellent job.This includes the staff at Prentice Hall,particularly production manager Rose Kernan;my supplements manager Sarah Parker;and my new editor Tracy Dunkelberger.Also.Patricia M.Daly did the copy editing. With all this assistance,little remains for which I can take full credit.However,I am proud to say that,with no help whatsoever,I selected all of the quotations. ◆PREY NEXT◆
[Page xvi] Acknowledgments This new edition has benefited from review by a number of people, who gave generously of their time and expertise. The following people reviewed all or a large part of the manuscript: Danny Krizanc (Wesleyan University), Breno de Medeiros (Florida State University), Roger H. Brown (Rensselaer at Hartford), Cristina Nita-Rotarul (Purdue University), and Jimmy McGibney (Waterford Institute of Technology). Thanks also to the many people who provided detailed technical reviews of a single chapter: Richard Outerbridge, Jorge Nakahara, Jeroen van de Graaf, Philip Moseley, Andre Correa, Brian Bowling, James Muir, Andrew Holt, Décio Luiz Gazzoni Filho, Lucas Ferreira, Dr. Kemal Bicakci, Routo Terada, Anton Stiglic, Valery Pryamikov, and Yongge Wang. Joan Daemen kindly reviewed the chapter on AES. Vincent Rijmen reviewed the material on Whirlpool. And Edward F. Schaefer reviewed the material on simplified AES. The following people contributed homework problems for the new edition: Joshua Brandon Holden (Rose-Hulman Institute if Technology), Kris Gaj (George Mason University), and James Muir (University of Waterloo). Sanjay Rao and Ruben Torres of Purdue developed the laboratory exercises that appear in the instructor's supplement. The following people contributed project assignments that appear in the instructor's supplement: Henning Schulzrinne (Columbia University); Cetin Kaya Koc (Oregon State University); and David Balenson (Trusted Information Systems and George Washington University). Finally, I would like to thank the many people responsible for the publication of the book, all of whom did their usual excellent job. This includes the staff at Prentice Hall, particularly production manager Rose Kernan; my supplements manager Sarah Parker; and my new editor Tracy Dunkelberger. Also, Patricia M. Daly did the copy editing. With all this assistance, little remains for which I can take full credit. However, I am proud to say that, with no help whatsoever, I selected all of the quotations
◆PREY NEXT◆ [Page 1] Chapter 0.Reader's Guide 0.1 Outline of this Book 0.2 Roadmap Subject Matter Topic Ordering 0.3 Internet and Web Resources Web Sites for This Book Other Web Sites USENET Newsgroups [Page 2] The art of war teaches us to rely not on the likelihood of the enemy's not coming,but on our own readiness to receive him:not on the chance of his not attacking,but rather on the fact that we have made our position unassailable The Art of War,Sun Tzu This book.with its accompanying Web site,covers a lot of material.Here we give the reader an overview. ◆PREY NEXT◆
[Page 1] Chapter 0. Reader's Guide 0.1 Outline of this Book 0.2 Roadmap Subject Matter Topic Ordering 0.3 Internet and Web Resources Web Sites for This Book Other Web Sites USENET Newsgroups [Page 2] The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable. The Art of War, Sun Tzu This book, with its accompanying Web site, covers a lot of material. Here we give the reader an overview
◆PREY NEXT◆ [Page 2(continued)] 0.1.Outline of this Book Following an introductory chapter,Chapter 1,the book is organized into four parts: Part One:Symmetric Ciphers:Provides a survey of symmetric encryption,including classical and modern algorithms.The emphasis is on the two most important algorithms,the Data Encryption Standard(DES)and the Advanced Encryption Standard(AES).This part also addresses message authentication and key management. Part Two:Public-Key Encryption and Hash Functions:Provides a survey of public-key algorithms,including RSA(Rivest-Shamir-Adelman)and elliptic curve.It also covers public-key applications,including digital signatures and key exchange. Part Three:Network Security Practice:Examines the use of cryptographic algorithms and security protocols to provide security over networks and the Internet.Topics covered include user authentication,e-mail,IP security, and Web security. Part Four:System Security:Deals with security facilities designed to protect a computer system from security threats,including intruders,viruses,and worms.This part also looks at firewall technology. Many of the cryptographic algorithms and network security protocols and applications described in this book have been specified as standards.The most important of these are Internet Standards,defined in Intemet RFCs(Request for Comments),and Federal Information Processing Standards(FIPS),issued by the National Institute of Standards and Technology (NIST).Appendix A discusses the standards-making process and lists the standards cited in this book. PREY NEXT◆
[Page 2 (continued)] 0.1. Outline of this Book Following an introductory chapter, Chapter 1, the book is organized into four parts: Part One: Symmetric Ciphers: Provides a survey of symmetric encryption, including classical and modern algorithms. The emphasis is on the two most important algorithms, the Data Encryption Standard (DES) and the Advanced Encryption Standard (AES). This part also addresses message authentication and key management. Part Two: Public-Key Encryption and Hash Functions: Provides a survey of public-key algorithms, including RSA (Rivest-Shamir-Adelman) and elliptic curve. It also covers public-key applications, including digital signatures and key exchange. Part Three: Network Security Practice: Examines the use of cryptographic algorithms and security protocols to provide security over networks and the Internet. Topics covered include user authentication, e-mail, IP security, and Web security. Part Four: System Security: Deals with security facilities designed to protect a computer system from security threats, including intruders, viruses, and worms. This part also looks at firewall technology. Many of the cryptographic algorithms and network security protocols and applications described in this book have been specified as standards. The most important of these are Internet Standards, defined in Internet RFCs (Request for Comments), and Federal Information Processing Standards (FIPS), issued by the National Institute of Standards and Technology (NIST). Appendix A discusses the standards-making process and lists the standards cited in this book
[Page 2(continued)] 0.2.Roadmap Subject Matter The material in this book is organized into three broad categories: Cryptology:This is the study of techniques for ensuring the secrecy and/or authenticity of information.The two main branches of cryptology are cryptography,which is the study of the design of such techniques;and cryptanalysis,which deals with the defeating such techniques,to recover information,or forging information that will be accepted as authentic. Page3】 Network security:This area covers the use of cryptographic algorithms in network protocols and network applications. Computer security:In this book,we use this term to refer to the security of computers against intruders (e.g., hackers)and malicious software(e.g.,viruses).Typically,the computer to be secured is attached to a network and the bulk of the threats arise from the network. The first two parts of the book deal with two distinct cryptographic approaches:symmetric cryptographic algorithms and public-key.or asymmetric,cryptographic algorithms.Symmetric algorithms make use of a single shared key shared by two parties.Public-key algorithms make use of two keys:a private key known only to one party,and a public key,available to other parties. Topic Ordering This book covers a lot of material.For the instructor or reader who wishes a shorter treatment,there are a number of opportunities. To thoroughly cover the material in the first two parts,the chapters should be read in sequence.With the exception of the Advanced Encryption Standard(AES).none of the material in Part One requires any special mathematical background.To understand AES,it is necessary to have some understanding of finite fields.In turn,an understanding of finite fields requires a basic background in prime numbers and modular arithmetic.Accordingly.Chapter 4 covers all of these mathematical preliminaries just prior to their use ihapter5 on AES.Thus,if Chapter 5 is skipped,it is safe to skip Chapter 4 as well. Chapter 2 introduces some concepts that are useful in later chapters oPart One.However,for the reader whose sole interest is contemporary cryptography.this chapter can be quickly skimmed.The two most important symmetric cryptographic algorithms are DES and AES,which are covered in Chapters 3 and 5,respectively.Chapter 6 covers two other interesting algorithms,both of which enjoy commercial use.This chapter can be safely skipped if these algorithms are not of interest For Part Two,the only additional mathematical background that is needed is in the area of number theory,which is covered ihapter 8 The reader who has skipped Chapters 4 and 5 should first review the material onSections 4.1 through 4.3. The two most widely used general-purpose public-key algorithms are RSA and elliptic curve,with RSA enjoying much wider acceptance The reader may wish to skip the material on elliptic curve cryptography in Chapter 10,at least on a first reading.In Chapter 12,Whirlpool and CMAC are of lesser importance
[Page 2 (continued)] 0.2. Roadmap Subject Matter The material in this book is organized into three broad categories: Cryptology: This is the study of techniques for ensuring the secrecy and/or authenticity of information. The two main branches of cryptology are cryptography, which is the study of the design of such techniques; and cryptanalysis, which deals with the defeating such techniques, to recover information, or forging information that will be accepted as authentic. [Page 3] Network security: This area covers the use of cryptographic algorithms in network protocols and network applications. Computer security: In this book, we use this term to refer to the security of computers against intruders (e.g., hackers) and malicious software (e.g., viruses). Typically, the computer to be secured is attached to a network and the bulk of the threats arise from the network. The first two parts of the book deal with two distinct cryptographic approaches: symmetric cryptographic algorithms and public-key, or asymmetric, cryptographic algorithms. Symmetric algorithms make use of a single shared key shared by two parties. Public-key algorithms make use of two keys: a private key known only to one party, and a public key, available to other parties. Topic Ordering This book covers a lot of material. For the instructor or reader who wishes a shorter treatment, there are a number of opportunities. To thoroughly cover the material in the first two parts, the chapters should be read in sequence. With the exception of the Advanced Encryption Standard (AES), none of the material in Part One requires any special mathematical background. To understand AES, it is necessary to have some understanding of finite fields. In turn, an understanding of finite fields requires a basic background in prime numbers and modular arithmetic. Accordingly, Chapter 4 covers all of these mathematical preliminaries just prior to their use in Chapter 5 on AES. Thus, if Chapter 5 is skipped, it is safe to skip Chapter 4 as well. Chapter 2 introduces some concepts that are useful in later chapters of Part One. However, for the reader whose sole interest is contemporary cryptography, this chapter can be quickly skimmed. The two most important symmetric cryptographic algorithms are DES and AES, which are covered in Chapters 3 and 5, respectively. Chapter 6 covers two other interesting algorithms, both of which enjoy commercial use. This chapter can be safely skipped if these algorithms are not of interest. For Part Two, the only additional mathematical background that is needed is in the area of number theory, which is covered in Chapter 8. The reader who has skipped Chapters 4 and 5 should first review the material on Sections 4.1 through 4.3. The two most widely used general-purpose public-key algorithms are RSA and elliptic curve, with RSA enjoying much wider acceptance. The reader may wish to skip the material on elliptic curve cryptography in Chapter 10, at least on a first reading. In Chapter 12, Whirlpool and CMAC are of lesser importance
Part Three and Part Four are relatively independent of each other and can be read in either order.Both parts assume a basic understanding of the material in Parts One and Two. ◆PREY NEXT◆
Part Three and Part Four are relatively independent of each other and can be read in either order. Both parts assume a basic understanding of the material in Parts One and Two