第1页 / 共758页
第2页 / 共758页
第3页 / 共758页
第4页 / 共758页
第5页 / 共758页
第6页 / 共758页
第7页 / 共758页
第8页 / 共758页
Cryptography and Network Security Principles and Practice 6th ed....pdf
Cover
Title Page
Copyright Page
Contents
Notation
Preface
Chapter 0 Guide for Readers and Instructors
0.1 Outline of This Book
0.2 A Roadmap for Readers and Instructors
0.3 Internet and Web Resources
0.4 Standards
Chapter 1 Overview
1.1 Computer Security Concepts
1.2 The OSI Security Architecture
1.3 Security Attacks
1.4 Security Services
1.5 Security Mechanisms
1.6 A Model for Network Security
1.7 Recommended Reading
1.8 Key Terms, Review Questions, and Problems
PART ONE: SYMMETRIC CIPHERS
Chapter 2 Classical Encryption Techniques
2.1 Symmetric Cipher Model
2.2 Substitution Techniques
2.3 Transposition Techniques
2.4 Rotor Machines
2.5 Steganography
2.6 Recommended Reading
2.7 Key Terms, Review Questions, and Problems
Chapter 3 Block Ciphers and the Data Encryption Standard
3.1 Traditional Block Cipher Structure
3.2 The Data Encryption Standard
3.3 A DES Example
3.4 The Strength of DES
3.5 Block Cipher Design Principles
3.6 Recommended Reading
3.7 Key Terms, Review Questions, and Problems
Chapter 4 Basic Concepts in Number Theory and Finite Fields
4.1 Divisibility and the Division Algorithm
4.2 The Euclidean Algorithm
4.3 Modular Arithmetic
4.4 Groups, Rings, and Fields
4.5 Finite Fields of the Form GF(p)
4.6 Polynomial Arithmetic
4.7 Finite Fields of the Form GF(2[sup(n)])
4.8 Recommended Reading
4.9 Key Terms, Review Questions, and Problems
Appendix 4A: The Meaning of mod
Chapter 5 Advanced Encryption Standard
5.1 Finite Field Arithmetic
5.2 AES Structure
5.3 AES Transformation Functions
5.4 AES Key Expansion
5.5 An AES Example
5.6 AES Implementation
5.7 Recommended Reading
5.8 Key Terms, Review Questions, and Problems
Appendix 5A: Polynomials with Coefficients in GF(2[sup(8)])
Appendix 5B: Simplified AES
Chapter 6 Block Cipher Operation
6.1 Multiple Encryption and Triple DES
6.2 Electronic Code book
6.3 Cipher Block Chaining Mode
6.4 Cipher Feedback Mode
6.5 Output Feedback Mode
6.6 Counter Mode
6.7 XTS-AES Mode for Block-Oriented Storage Devices
6.8 Recommended Reading
6.9 Key Terms, Review Questions, and Problems
Chapter 7 Pseudorandom Number Generation and Stream Ciphers
7.1 Principles of Pseudorandom Number Generation
7.2 Pseudorandom Number Generators
7.3 Pseudorandom Number Generation Using a Block Cipher
7.4 Stream Ciphers
7.5 RC4
7.6 True Random Number Generators
7.7 Recommended Reading
7.8 Key Terms, Review Questions, and Problems
PART TWO: ASYMMETRIC CIPHERS
Chapter 8 More Number Theory
8.1 Prime Numbers
8.2 Fermat’s and Euler’s Theorems
8.3 Testing for Primality
8.4 The Chinese Remainder Theorem
8.5 Discrete Logarithms
8.6 Recommended Reading
8.7 Key Terms, Review Questions, and Problems
Chapter 9 Public-Key Cryptography and RSA
9.1 Principles of Public-Key Cryptosystems
9.2 The RSA Algorithm
9.3 Recommended Reading
9.4 Key Terms, Review Questions, and Problems
Appendix 9A: The Complexity of Algorithms
Chapter 10 Other Public-Key Cryptosystems
10.1 Diffie-Hellman Key Exchange
10.2 Elgamal Cryptographic System
10.3 Elliptic Curve Arithmetic
10.4 Elliptic Curve Cryptography
10.5 Pseudorandom Number Generation Based on an Asymmetric Cipher
10.6 Recommended Reading
10.7 Key Terms, Review Questions, and Problems
PART THREE: CRYPTOGRAPHIC DATA INTERGRITY ALGORITHMS
Chapter 11 Cryptographic Hash Functions
11.1 Applications of Cryptographic Hash Functions
11.2 Two Simple Hash Functions
11.3 Requirements and Security
11.4 Hash Functions Based on Cipher Block Chaining
11.5 Secure Hash Algorithm (SHA)
11.6 SHA-3
11.7 Recommended Reading
11.8 Key Terms, Review Questions, and Problems
Chapter 12 Message Authentication Codes
12.1 Message Authentication Requirements
12.2 Message Authentication Functions
12.3 Requirements for Message Authentication Codes
12.4 Security of MACs
12.5 MACs Based on Hash Functions: HMAC
12.6 MACs Based on Block Ciphers: DAA and CMAC
12.7 Authenticated Encryption: CCM and GCM
12.8 Key Wrapping
12.9 Pseudorandom Number Generation using Hash Functions and MACs
12.10 Recommended Reading
12.11 Key Terms, Review Questions, and Problems
Chapter 13 Digital Signatures
13.1 Digital Signatures
13.2 Elgamal Digital Signature Scheme
13.3 Schnorr Digital Signature Scheme
13.4 NIST Digital Signature Algorithm
13.5 Elliptic Curve Digital Signature Algorithm
13.6 RSA-PSS Digital Signature Algorithm
13.7 Recommended Reading
13.8 Key Terms, Review Questions, and Problems
PART FOUR: MUTUAL TRUST
Chapter 14 Key Management and Distribution
14.1 Symmetric Key Distribution Using Symmetric Encryption
14.2 Symmetric Key Distribution Using Asymmetric Encryption
14.3 Distribution of Public Keys
14.4 X.509 Certificates
14.5 Public-Key Infrastructure
14.6 Recommended Reading
14.7 Key Terms, Review Questions, and Problems
Chapter 15 User Authentication
15.1 Remote User-Authentication Principles
15.2 Remote User-Authentication Using Symmetric Encryption
15.3 Kerberos
15.4 Remote User Authentication Using Asymmetric Encryption
15.5 Federated Identity Management
15.6 Personal Identity Verification
15.7 Recommended Reading
15.8 Key Terms, Review Questions, and Problems
PART FIVE: NETWORK AND INTERNET SECURITY
Chapter 16 Network Access Control and Cloud Security
16.1 Network Access Control
16.2 Extensible Authentication Protocol
16.3 IEEE 802.1X Port-Based Network Access Control
16.4 Cloud Computing
16.5 Cloud Security Risks and Countermeasures
16.6 Data Protection in the Cloud
16.7 Cloud Security as a Service
16.8 Recommended Reading
16.9 Key Terms, Review Questions, and Problems
Chapter 17 Transport-Level Security
17.1 Web Security Considerations
17.2 Secure Sockets Layer
17.3 Transport Layer Security
17.4 HTTPS
17.5 Secure Shell (SSH)
17.6 Recommended Reading
17.7 Key Terms, Review Questions, and Problems
Chapter 18 Wireless Network Security
18.1 Wireless Security
18.2 Mobile Device Security
18.3 IEEE 802.11 Wireless LAN Overview
18.4 IEEE 802.11i Wireless LAN Security
18.5 Recommended Reading
18.6 Key Terms, Review Questions, and Problems
Chapter 19 Electronic Mail Security
19.1 Pretty Good Privacy
19.2 S/MIME
19.3 DomainKeys Identified Mail
19.4 Recommended Reading
19.5 Key Terms, Review Questions, and Problems
Appendix 19A: Radix-64 Conversion
Chapter 20 IP Security
20.1 IP Security Overview
20.2 IP Security Policy
20.3 Encapsulating Security Payload
20.4 Combining Security Associations
20.5 Internet Key Exchange
20.6 Cryptographic Suites
20.7 Recommended Reading
20.8 Key Terms, Review Questions, and Problems
APPENDICES
Appendix A: Projects for Teaching Cryptography and Network Security
A.1 Sage Computer Algebra Projects
A.2 Hacking Project
A.3 Block Cipher Projects
A.4 Laboratory Exercises
A.5 Research Projects
A.6 Programming Projects
A.7 Practical Security Assessments
A.8 Firewall Projects
A.9 Case Studies
A.10 Writing Assignments
A.11 Reading/Report Assignments
A.12 Discussion Topics
Appendix B: Sage Examples
B.1 Linear Algebra and Matrix Functionality
B.2 Chapter 2: Classical Encryption
B.3 Chapter 3: Block Ciphers and the Data Encryption Standard
B.4 Chapter 4: Basic Concepts in Number Theory and Finite Fields
B.5 Chapter 5: Advanced Encryption Standard
B.6 Chapter 6: Pseudorandom Number Generation and Stream Ciphers
B.7 Chapter 8: Number Theory
B.8 Chapter 9: Public-Key Cryptography and RSA
B.9 Chapter 10: Other Public-Key Cryptosystems
B.10 Chapter 11: Cryptographic Hash Functions
B.11 Chapter 13: Digital Signatures
References
Credits
Index
A
B
C
D
E
F
G
H
I
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Z
ONLINE ACCESS for Cryptography and Network Security: Principles
and Practice, Sixth Edition
Thank you for purchasing a new copy of Cryptography and Network Security:
Principles and Practice, Sixth Edition. Your textbook includes six months of prepaid
access to the book’s Premium Web site. This prepaid subscription provides you with full
access to the following student support areas:
• VideoNotes are step-by-step video tutorials specifically designed to enhance the
programming concepts presented in this textbook
• Online Chapters
• Online Appendices
• Supplemental homework problems with solutions
• Supplemental papers for reading
Note that this prepaid subscription does not include access to MyProgrammingLab, which is
available at http://www.myprogramminglab.com for purchase.
Use a coin to scratch off the coating and reveal your student access code.
Do not use a knife or other sharp object as it may damage the code.
To access the Cryptography and Network Security: Principles and Practice, Sixth Edition,
Premium Web site for the first time, you will need to register online using a computer with
an Internet connection and a web browser. The process takes just a couple of minutes and
only needs to be completed once.
1. Go to http://www.pearsonhighered.com/stallings/
2. Click on Premium Web site.
3. Click on the Register button.
4. On the registration page, enter your student access code* found beneath the
scratch-off panel. Do not type the dashes. You can use lower- or uppercase.
5. Follow the on-screen instructions. If you need help at any time during the online
registration process, simply click the Need Help? icon.
6. Once your personal Login Name and Password are confirmed, you can begin using
the Cryptography and Network Security: Principles and Practice, Sixth Edition
Premium Web site!
To log in after you have registered:
You only need to register for this Premium Web site once. After that, you can log in any
time at http://www.pearsonhighered.com/stallings/ by providing your Login Name and
Password when prompted.
*Important: The access code can only be used once. This subscription is valid for six months
upon activation and is not transferable. If this access code has already been revealed, it
may�no longer be valid. If this is the case, you can purchase a subscription by going to
http://www.pearsonhighered.com/stallings/ and following the on-screen instructions.
This page intentionally left blank
Cryptography and
network SeCurity
PrinciPles and Practice
Sixth edition
William Stallings
Boston Columbus
Indianapolis New York San Francisco Upper Saddle River
Amsterdam Cape Town Dubai London Madrid Milan Munich Paris Montréal Toronto
Delhi Mexico City São Paulo Sydney Hong Kong Seoul Singapore Taipei Tokyo
For Tricia never dull never boring
the smartest and bravest
person I know
Editorial Director, ECS: Marcia Horton
Executive Editor: Tracy Johnson
Associate Editor: Carole Snyder
Director of Marketing: Christy Lesko
Marketing Manager: Yez Alayan
Director of Production: Erin Gregg
Managing Editor: Scott Disanno
Associate Managing Editor: Robert Engelhardt
Production Manager: Pat Brown
Art Director: Jayne Conte
Cover Designer: Bruce Kenselaar
Permissions Supervisor: Michael Joyce
Permissions Administrator: Jenell Forschler
Director, Image Asset Services: Annie Atherton
Manager, Visual Research: Karen Sanatar
Cover Photo: © Valery Sibrikov/Fotolia
Media Project Manager: Renata Butera
Full-Service Project Management: Shiny Rajesh/
Integra Software Services Pvt. Ltd.
Composition: Integra Software Services Pvt. Ltd.
Printer/Binder: Courier Westford
Cover Printer: Lehigh-Phoenix
Credits and acknowledgments borrowed from other sources and reproduced, with permission, in this textbook
appear in the Credits section in the end matter of this text.
Copyright © 2014, 2011, 2006 Pearson Education, Inc., All rights reserved. Printed in the United States of America.
This publication is protected by Copyright, and permission should be obtained from the publisher prior to any
prohibited reproduction, storage in a retrieval system, or transmission in any form or by any means, electronic,
mechanical, photocopying, recording, or likewise. To obtain permission(s) to use material from this work, please
submit a written request to Pearson Education, Inc., Permissions Department, One Lake Street, Upper Saddle
River, New Jersey 07458, or you may fax your request to 201-236-3290.
Many of the designations by manufacturers and sellers to distinguish their products are claimed as trademarks. Where
those designations appear in this book, and the publisher was aware of a trademark claim, the designations have been
printed in initial caps or all caps.
Library of Congress Cataloging-in-Publication Data on file.
10 9 8 7 6 5 4 3 2 1
ISBN 10: 0-13-335469-5
ISBN 13: 978-0-13-335469-0
ContentS
Notation xi
Preface xiii
0.1
0.2
0.3
0.4
Chapter 0 Guide for Readers and Instructors 1
Outline of This Book 2
A Roadmap for Readers and Instructors 3
Internet and Web Resources 4
Standards 5
Chapter 1 Overview 7
Computer Security Concepts 9
The OSI Security Architecture 14
Security Attacks 15
Security Services 17
Security Mechanisms 20
A Model for Network Security 22
Recommended Reading 24
Key Terms, Review Questions, and Problems 25
1.1
1.2
1.3
1.4
1.5
1.6
1.7
1.8
2.1
2.2
2.3
2.4
2.5
2.6
2.7
Symmetric Cipher Model 28
Substitution Techniques 34
Transposition Techniques 49
Rotor Machines 50
Steganography 52
Recommended Reading 54
Key Terms, Review Questions, and Problems 55
Part One Symmetric ciPherS 27
Chapter 2 Classical Encryption Techniques 27
Chapter 3 Block Ciphers and the Data Encryption Standard 61
Chapter 4 Basic Concepts in Number Theory and Finite Fields 85
Traditional Block Cipher Structure 63
The Data Encryption Standard 72
A DES Example 74
The Strength of DES 77
Block Cipher Design Principles 78
Recommended Reading 80
Key Terms, Review Questions, and Problems 81
Divisibility and the Division Algorithm 87
The Euclidean Algorithm 88
3.1
3.2
3.3
3.4
3.5
3.6
3.7
4.1
4.2
iii
iv Contents
5.1
5.2
5.3
5.4
5.5
5.6
5.7
5.8
4.3
4.4
4.5
4.6
4.7
4.8
4.9
Finite Field Arithmetic 130
AES Structure 132
AES Transformation Functions 137
AES Key Expansion 148
An AES Example 151
AES Implementation 155
Recommended Reading 159
Key Terms, Review Questions, and Problems 160
Appendix 5A Polynomials with Coefficients in GF(28) 162
Appendix 5B Simplified AES 164
Modular Arithmetic 91
Groups, Rings, and Fields 99
Finite Fields of the Form GF( p) 102
Polynomial Arithmetic 106
Finite Fields of the Form GF(2n) 112
Recommended Reading 124
Key Terms, Review Questions, and Problems 124
Appendix 4A The Meaning of mod 127
Chapter 5 Advanced Encryption Standard 129
Chapter 6 Block Cipher Operation 174
Chapter 7 Pseudorandom Number Generation and Stream Ciphers 202
Multiple Encryption and Triple DES 175
Electronic Code book 180
Cipher Block Chaining Mode 183
Cipher Feedback Mode 185
Output Feedback Mode 187
Counter Mode 189
XTS-AES Mode for Block-Oriented Storage Devices 191
Recommended Reading 198
Key Terms, Review Questions, and Problems 198
Principles of Pseudorandom Number Generation 203
Pseudorandom Number Generators 210
Pseudorandom Number Generation Using a Block Cipher 213
Stream Ciphers 219
RC4 221
True Random Number Generators 223
Recommended Reading 227
Key Terms, Review Questions, and Problems 228
6.1
6.2
6.3
6.4
6.5
6.6
6.7
6.8
6.9
7.1
7.2
7.3
7.4
7.5
7.6
7.7
7.8
Part twO aSymmetric ciPherS 231
Chapter 8 More Number Theory 231
Prime Numbers 232
Fermat’s and Euler’s Theorems 236
Testing for Primality 239
The Chinese Remainder Theorem 242
8.1
8.2
8.3
8.4
Contents v
8.5
8.6
8.7
9.1
9.2
9.3
9.4
Discrete Logarithms 244
Recommended Reading 249
Key Terms, Review Questions, and Problems 250
Chapter 9 Public-Key Cryptography and RSA 253
Principles of Public-Key Cryptosystems 256
The RSA Algorithm 264
Recommended Reading 278
Key Terms, Review Questions, and Problems 279
Appendix 9A The Complexity of Algorithms 283
Chapter 10 Other Public-Key Cryptosystems 286
Diffie-Hellman Key Exchange 287
Elgamal Cryptographic System 292
Elliptic Curve Arithmetic 295
Elliptic Curve Cryptography 303
Pseudorandom Number Generation Based on an Asymmetric Cipher 306
Recommended Reading 309
Key Terms, Review Questions, and Problems 309
10.1
10.2
10.3
10.4
10.5
10.6
10.7
11.1
11.2
11.3
11.4
11.5
11.6
11.7
11.8
Applications of Cryptographic Hash Functions 315
Two Simple Hash Functions 320
Requirements and Security 322
Hash Functions Based on Cipher Block Chaining 328
Secure Hash Algorithm (SHA) 329
SHA-3 339
Recommended Reading 351
Key Terms, Review Questions, and Problems 351
Part three cryPtOgraPhic Data integrity algOrithmS 313
Chapter 11 Cryptographic Hash Functions 313
Chapter 12 Message Authentication Codes 355
Chapter 13 Digital Signatures 393
12.1 Message Authentication Requirements 357
12.2 Message Authentication Functions 357
12.3
12.4
12.5 MACs Based on Hash Functions: HMAC 368
12.6 MACs Based on Block Ciphers: DAA and CMAC 373
12.7
12.8
12.9
12.10 Recommended Reading 390
12.11 Key Terms, Review Questions, and Problems 390
Authenticated Encryption: CCM and GCM 376
Key Wrapping 382
Pseudorandom Number Generation using Hash Functions and MACs 387
Digital Signatures 395
Elgamal Digital Signature Scheme 398
Schnorr Digital Signature Scheme 400
Requirements for Message Authentication Codes 365
Security of MACs 367
13.1
13.2
13.3
相关推荐
2023年江西萍乡中考道德与法治真题及答案.doc
2012年重庆南川中考生物真题及答案.doc
2013年江西师范大学地理学综合及文艺理论基础考研真题.doc
2020年四川甘孜小升初语文真题及答案I卷.doc
2020年注册岩土工程师专业基础考试真题及答案.doc
2023-2024学年福建省厦门市九年级上学期数学月考试题及答案.doc
2021-2022学年辽宁省沈阳市大东区九年级上学期语文期末试题及答案.doc
2022-2023学年北京东城区初三第一学期物理期末试卷及答案.doc
2018上半年江西教师资格初中地理学科知识与教学能力真题及答案.doc
2012年河北国家公务员申论考试真题及答案-省级.doc
2020-2021学年江苏省扬州市江都区邵樊片九年级上学期数学第一次质量检测试题及答案.doc
2022下半年黑龙江教师资格证中学综合素质真题及答案.doc
