User's Guide To Cryptography And Standards (Artech House Computer Security) (Artech House Computer Security Library)
معرفی کتاب «راهنمای کاربر برای رمزنگاری و استانداردها» (با عنوان لاتین User's Guide To Cryptography And Standards (Artech House Computer Security) (Artech House Computer Security Library)) نوشتهٔ Alexander W. Dent, Chris J. Mitchell، منتشرشده توسط نشر Artech House Publishers در سال 2005. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.
With the scope and frequency of attacks on valuable corporate data growing enormously in recent years, a solid understanding of cryptography is essential for computer/network security practitioners, systems designers, applications developers, and researchers. This timely book delivers the hands-on knowledge professionals need, offering comprehensive coverage on the latest and most-important standardized cryptographic techniques to help them protect their data and computing resources to the fullest. Rather than bogging professionals down with theory like other books on the market, this unique resource describes cryptography from an end-user perspective, presenting in-depth, highly practical comparisons of standards and techniques. Moreover, practitioners learn how to select standardized techniques that are most suitable for their specific needs. Users Guide to Cryptography and Standards......Page 2 Contents......Page 6 Acknowledgements......Page 16 1.1 Scope and purpose......Page 18 1.2 Structure of the book......Page 20 1.3 Terminology......Page 21 1.4 Modular arithmetic......Page 22 References......Page 24 2.1 Why bother with standards?......Page 26 2.2 International standardization organizations......Page 27 2.3 National standardization organizations......Page 29 2.4 Industrialized standardization organizations......Page 30 2.5 Cryptographic evaluation bodies......Page 33 References......Page 34 3.1 Introduction......Page 36 3.2 Security standards......Page 37 3.3 A model for security......Page 38 3.4 Security services......Page 39 3.5 Security mechanisms......Page 43 3.7 Service and protocol layers......Page 48 3.8 Security management......Page 51 3.9 Security frameworks......Page 53 3.10 Notes......Page 55 References......Page 57 4 Encryption......Page 62 4.1 Definitions and basic properties......Page 63 4.2 Block ciphers......Page 65 4.3 Stream ciphers......Page 70 4.4 Asymmetric ciphers......Page 73 4.5 Notes......Page 80 References......Page 84 5.1 Definitions and basic properties......Page 88 5.3 Padding methods......Page 89 5.4 ECB mode......Page 90 5.5 Cipher block chaining (CBC) mode......Page 91 5.6 CTR mode......Page 94 5.7 OFB mode......Page 96 5.8 CFB mode......Page 98 5.9 Choosing a mode of operation......Page 101 5.10 Other modes......Page 103 5.11 Notes......Page 104 References......Page 106 6.1 Definitions and basic properties......Page 110 6.2 Standards for hash functions......Page 114 6.3 Hash Functions based on block ciphers......Page 115 6.4 Dedicated hash functions......Page 120 6.6 Choosing a hash function......Page 122 6.7 Notes......Page 123 References......Page 126 7.1 Definitions and basic properties......Page 130 7.2 Standards for MACs......Page 132 7.3 CBC-MACs......Page 133 7.4 MACs based on hash functions......Page 143 7.5 Other MAC functions......Page 145 7.6 Notes......Page 146 References......Page 148 8.1 Definitions and basic properties......Page 152 8.2 Standards for digitial signatures......Page 158 8.3 The Digital Signature Algorithm (DSA)......Page 159 8.4 RSA-based signature schemes......Page 161 8.5 Digital signatures and the law......Page 164 8.6 Choosing a digital signature scheme......Page 167 8.7 Notes......Page 168 References......Page 173 9.1 Introduction......Page 176 9.3 Non-repudiation model and services......Page 177 9.4 Non-repudiation using symmetic cryptography......Page 181 9.5 Non-repudiation using asymmetric cryptography......Page 185 9.7 Notes......Page 187 References......Page 188 10 Authentication Protocols......Page 190 10.1 Introduction......Page 191 10.2 Standards for entity authentication protocols......Page 192 10.3 Cryptographic mechanisms......Page 193 10.4 Timelines checking mechanisms......Page 196 10.5 Authentication using symmetric cryptography......Page 198 10.6 Authentication using asymmetric cryptography......Page 211 10.7 Manual authentication protocols......Page 217 10.8 Choosing an authentication protocol......Page 222 10.9 Notes......Page 224 References......Page 227 11.1 Standards for key management......Page 232 11.2 Definitions and basic properties......Page 233 11.3 The general framework......Page 236 11.4 The ANSI X9.24 framework......Page 242 11.5 Notes......Page 245 References......Page 246 12.1 Definitions and basic properties......Page 248 12.2 Standards for key establishment......Page 252 12.3 Physical mechanisms......Page 254 12.4 Mechanisms using symmetric cryptography......Page 255 12.5 Mechanisms using asymmetric cryptography......Page 263 12.6 Key establishment based on weak secrets......Page 271 12.7 Key establishment for mobile networks......Page 272 12.8 Choosing a key establishment scheme......Page 275 12.9 Notes......Page 276 References......Page 280 13.1 What is a PKI?......Page 284 13.2 PKI standards......Page 286 13.3 Certificate formats......Page 288 13.4 Certificate management......Page 295 13.5 Certificate storage and retrieval......Page 300 13.6 Certificate status discovery......Page 301 13.7 Certificate policies and certification practice statements......Page 303 13.8 Notes......Page 304 References......Page 306 14.1 Definitions and basic properties......Page 312 14.3 TTP requirements......Page 314 14.4 TTP architectures......Page 316 14.5 Time-stamping authorities......Page 319 14.7 Notes......Page 322 References......Page 324 15.1 Introduction......Page 326 15.2 Standards for crypto APIs......Page 328 15.3 GSS-API......Page 329 15.4 PKCS #11......Page 332 15.5 Security issues......Page 333 15.6 Notes......Page 335 References......Page 336 16.1 Random bit generation......Page 340 16.2 Prime number generation......Page 345 16.3 Authenticated encryption......Page 346 16.4 Security modules......Page 353 16.5 Standards for the use of biometric techniques......Page 356 16.6 Information security management......Page 362 16.7 Notes......Page 364 References......Page 367 17 Standards: The Future......Page 372 A.1 3GPP standards......Page 376 A.3 BSI standards......Page 377 A.6 IETF requests for comments (RFCs)......Page 378 A.7 ISO standards......Page 380 A.8 ITU-T Recommendations......Page 383 A.9 NIST FIPS......Page 384 A.11 SECG standards......Page 385 About the Authors......Page 386 Index......Page 388
designers, Developers, Students, And Committed Users Are Finding Encryption To Be The Essential Element Of Security Systems For Computers And Networks. In This Comprehensive Text Dent And Mitchell (both Information Security, Royal Holloway, U. Of London) Describe Current Standards And The Standardization Process At The National And Industrial Levels, Security Mechanisms And Services, And The Basics Of Encryption. They Examine Modes Of Operation For Block Ciphers, Cryptographic Hash Functions, Message Authentication Codes And Protocols, Digital Signatures, Non-repudiation Mechanisms, Key Management Frameworks, Key Establishment Mechanisms, Public Key Infrastructures, Trusted Third Parties, Cryptographic Application Program Interfaces, And Other Standards Such As Random Bit Generation And Biometric Techniques. They Close By Forecasting The Standards Of The Future And Offer Tables Of Standards As The Appendix. Annotation ©2004 Book News, Inc., Portland, Or
booknews
steganography, A Means By Which Two Or More Parties May Communicate Invisibly By Hiding Secrets In Innocuous Messages, And Watermarking, A Means Of Hiding Copyright Data In Images, Are Becoming Necessary Components Of Commercial Multimedia Applications That Are Vulnerable To Illegal Use. This Collection Of Nine Contributions First Reviews Steganography With A Description Of Possible Applications And A Survey Of Methods Used To Hide Information In Modern Media. The Second Part Introduces Watermarking Methods, Discusses The Similarities And Differences That Characterize Watermarking And Steganography, And Explores The Legal Implications Of Watermarking And Copyright Issues On The Internet. Annotation C. Book News, Inc., Portland, Or (booknews.com)
With the scope and frequency of attacks on valuable corporate data growing enormously in recent years, a solid understanding of cryptography is essential for anyone working in the computer/network security field. This timely book delivers the hands-on knowledge you need, offering comprehensive coverage on the latest and most-important standardized cryptographic techniques to help you protect your data and computing resources to the fullest. Rather than focusing on theory like other books on the market, this unique resource describes cryptography from an end-user perspective, presenting in-depth, highly practical comparisons of standards and techniques. "With the scope and frequency of attacks on valuable corporate data growing enormously in recent years, a solid understanding of cryptography is essential for anyone working in the computer/network security field. This timely book delivers hands-on knowledge of the latest and most important standardized cryptographic techniques that professionals can use to protect data and computing resources to the fullest. Rather than focusing on theory like other books, this resource describes cryptography from an end-user perspective, presenting in-depth, highly practical comparisons of standards and techniques."--BOOK JACKET