The ultimate guide to cryptography, updated from an author team
of the world's top cryptography experts.
Cryptography is vital to keeping information safe, in an era
when the formula to do so becomes more and more challenging.
Written by a team of world-renowned cryptography experts, this
essential guide is the definitive introduction to all major areas
of cryptography: message security, key negotiation, and key
management. You'll learn how to think like a cryptographer. You'll
discover techniques for building cryptography into products from
the start and you'll examine the many technical changes in the
field.
After a basic overview of cryptography and what it means today,
this indispensable resource covers such topics as block ciphers,
block modes, hash functions, encryption modes, message
authentication codes, implementation issues, negotiation protocols,
and more. Helpful examples and hands-on exercises enhance your
understanding of the multi-faceted field of cryptography.
* An author team of internationally recognized cryptography
experts updates you on vital topics in the field of
cryptography
* Shows you how to build cryptography into products from the
start
* Examines updates and changes to cryptography
* Includes coverage on key servers, message security,
authentication codes, new standards, block ciphers, message
authentication codes, and more
Cryptography Engineering gets you up to speed in the
ever-evolving field of cryptography.
Autorentext
Niels Ferguson is a cryptographer for Microsoft who has designed and implemented cryptographic algorithms, protocols, and large-scale security infrastructures.
Bruce Schneier is an internationally renowned security technologist whose advice is sought by business, government, and the media. He is the author of Applied Cryptography, Secrets and Lies, and Schneier on Security.
Tadayoshi Kohno is a professor at the University of Washington. He is known for his research and for developing innovative new approaches to cryptography and computer security education.
Zusammenfassung
The ultimate guide to cryptography, updated from an author team of the world's top cryptography experts.
Cryptography is vital to keeping information safe, in an era when the formula to do so becomes more and more challenging. Written by a team of world-renowned cryptography experts, this essential guide is the definitive introduction to all major areas of cryptography: message security, key negotiation, and key management. You'll learn how to think like a cryptographer. You'll discover techniques for building cryptography into products from the start and you'll examine the many technical changes in the field.
After a basic overview of cryptography and what it means today, this indispensable resource covers such topics as block ciphers, block modes, hash functions, encryption modes, message authentication codes, implementation issues, negotiation protocols, and more. Helpful examples and hands-on exercises enhance your understanding of the multi-faceted field of cryptography.
- An author team of internationally recognized cryptography experts updates you on vital topics in the field of cryptography
- Shows you how to build cryptography into products from the start
- Examines updates and changes to cryptography
- Includes coverage on key servers, message security, authentication codes, new standards, block ciphers, message authentication codes, and more
Cryptography Engineering gets you up to speed in the ever-evolving field of cryptography.
Inhalt
Preface to Cryptography Engineering xxiii
History xxiv
Example Syllabi xxiv
Additional Information xxvi
Preface to Practical Cryptography (the 1st Edition) xxvii
How to Read this Book xxix
Part I Introduction 1
Chapter 1 The Context of Cryptography 3
1.1 The Role of Cryptography 4
1.2 The Weakest Link Property 5
1.3 The Adversarial Setting 7
1.4 Professional Paranoia 8
1.4.1 Broader Benefits 9
1.4.2 Discussing Attacks 9
1.5 Threat Model 10
1.6 Cryptography Is Not the Solution 12
1.7 Cryptography Is Very Difficult 13
1.8 Cryptography Is the Easy Part 13
1.9 Generic Attacks 14
1.10 Security and Other Design Criteria 14
1.10.1 Security Versus Performance 14
1.10.2 Security Versus Features 17
1.10.3 Security Versus Evolving Systems 17
1.11 Further Reading 18
1.12 Exercises for Professional Paranoia 18
1.12.1 Current Event Exercises 19
1.12.2 Security Review Exercises 20
1.13 General Exercises 21
Chapter 2 Introduction to Cryptography 23
2.1 Encryption 23
2.1.1 Kerckhoffs' Principle 24
2.2 Authentication 25
2.3 Public-Key Encryption 27
2.4 Digital Signatures 29
2.5 PKI 29
2.6 Attacks 31
2.6.1 The Ciphertext-Only Model 31
2.6.2 The Known-Plaintext Model 31
2.6.3 The Chosen-Plaintext Model 32
2.6.4 The Chosen-Ciphertext Model 32
2.6.5 The Distinguishing Attack Goal 32
2.6.6 Other Types of Attack 33
2.7 Under the Hood 33
2.7.1 Birthday Attacks 33
2.7.2 Meet-in-the-Middle Attacks 34
2.8 Security Level 36
2.9 Performance 37
2.10 Complexity 37
2.11 Exercises 38
Part II Message Security 41
Chapter 3 Block Ciphers 43
3.1 What Is a Block Cipher? 43
3.2 Types of Attack 44
3.3 The Ideal Block Cipher 46
3.4 Definition of Block Cipher Security 46
3.4.1 Parity of a Permutation 49
3.5 Real Block Ciphers 50
3.5.1 DES 51
3.5.2 AES 54
3.5.3 Serpent 56
3.5.4 Twofish 57
3.5.5 Other AES Finalists 58
3.5.6 Which Block Cipher Should I Choose? 59
3.5.7 What Key Size Should I Use? 60
3.6 Exercises 61
Chapter 4 Block Cipher Modes 63
4.1 Padding 64
4.2 ECB 65
4.3 CBC 65
4.3.1 Fixed IV 66
4.3.2 Counter IV 66
4.3.3 Random IV 66
4.3.4 Nonce-Generated IV 67
4.4 OFB 68
4.5 CTR 70
4.6 Combined Encryption and Authentication 71
4.7 Which Mode Should I Use? 71
4.8 Information Leakage 72
4.8.1 Chances of a Collision 73
4.8.2 How to Deal With Leakage 74
4.8.3 About Our Math 75
4.9 Exercises 75
Chapter 5 Hash Functions 77
5.1 Security of Hash Functions 78
5.2 Real Hash Functions 79
5.2.1 A Simple But Insecure Hash Function 80
5.2.2 MD5 81
5.2.3 SHA-1 82
5.2.4 SHA-224, SHA-256, SHA-384, and SHA-512 82
5.3 Weaknesses of Hash Functions 83
5.3.1 Length Extensions 83
5.3.2 Partial-Message Collision 84
5.4 Fixing the Weaknesses 84
5.4.1 Toward a Short-term Fix 85
5.4.2 A More Efficient Short-term Fix 85
5.4.3 Another Fix 87
5.5 Which Hash Function Should I Choose? 87
5.6 Exercises 87
Chapter 6 Message Authentication Codes 89
6.1 What a MAC Does 89
6.2 The Ideal MAC and MAC Security 90
6.3 CBC-MA...