滿額折
商品簡介
作者簡介
目次
商品簡介
Computer Network Security Theory and Practice introduces to the reader a complete and concise view of network security. It provides in-depth theoretical coverage of recent advancements and practical solutions to network security threats. This book can be used for a one-semester network security course for graduate and upper-level undergraduate students, as well as a reference for IT professionals.
作者簡介
Jie Wang is Professor and Chair of Computer Science at the University of Massachusetts Lowell (UML). He is also Director of the Center for Network and Information Security of UML. His first name ""Jie"" in Mandarin is pronounced similarto ""Jed."" He received Ph.D. degree in Computer Science from Boston University in1990, M.S. degree in Computer Science from Zhongshan University in 1985, andB.S. degree in Computational Mathematics from Zhongshan University in 1982. Hehas over 18 years of teaching and research experience and is equipped with networksecurity consulting experience in financial industry. His research interests includenetwork security, algorithms and computational optimization, computational complexity theory, and wireless sensor networks. His research has been funded continuously by the National Science Foundation since 1991 and has also been funded byIBM, Intel, and the Natural Science Foundation of China. He has published over 95journal and conference papers, two books and three edited books. He is active inprofessional service, including chairing conference program committees and organizing workshops.
目次
1 Network Security Overview
1.1 Mission and Definitions
1.2 Common Attacks and Defense Mechanisms
1.2.1 Eavesdropping
1.2.2 Cryptanalysis
1.2.3 Password Pilfering
1.2.4 Identity Spoofing
1.2.5 Buffer-Overflow Exploitations
1.2.6 Repudiation
1.2.7 Intrusion
1.2.8 Traffic Analysis
1.2.9 Denial of Service Attacks
1.2.10 Malicious Software
1.3 Attacker Profiles
1.3.1 Hackers
1.3.2 Script Kiddies
1.3.3 Cyber Spies
1.3.4 Vicious Employees
1.3.5 Cyber Terrorists
1.3.6 Hypothetical Attackers
1.4 Basic Security Model
1.5 Security Resources
1.6 Closing Remarks
1.7 Exercises
2 Data Eneryption Algorithms
2.1 Data Encryption Algorithm Design Criteria
2.1.1 ASCII Code
2.1.2 XOR Encryption
2.1.3 Criteria of Data Encryptions
2.1.4 Implementation Criteria
2.2 Data Encryption Standard
2.2.1 Feistel's Cipher Scheme
2.2.2 DES Subkeys
2.2.3 DES Substitution Boxes
2.2.4 DES Encryption
2.2.5 DES Decryption and Correctness Proof
2.2.6 DES Security Strength
2.3 Multiple DES
2.3.1 Triple-DES with Two Keys
2.3.2 2DES and 3DES/3
2.3.3 Meet-in-the-Middle Attacks on 2DES
2.4 Advanced Encryption Standard
2.4.1 AES Basic Structures
2.4.2 AES S-Boxes
2.4.3 AES-128 RoundKeys
2.4.4 Add Round Keys
2.4.5 Substitute-Bytes
2.4.6 Shift-Rows
2.4.7 Mix-Columns
2.4.8 AES-128 Encryption
2.4.9 AES-128 Decryption and Correctness Proof
2.4.10 Galois Fields
2.4.11 Construction of the AES S-Box and Its Inverse ..
2.4.12 AES Security Strength
2.5 Standard Block-Cipher Modes of Operations
2.5.1 Electronic-Codebook Mode
2.5.2 Cipher-Block-Chaining Mode
2.5.3 Cipher-Feedback Mode
2.5.4 Output-Feedback Mode
2.5.5 Counter Mode
2.6 Stream Ciphers
2.6.1 RC4 Stream Cipher
2.6.2 RC4 Security Weaknesses
2.7 Key Generations
2.7.1 ANSIX9.17 PRNG
2.7.2 BBS Pseudorandom Bit Generator
2.8 Closing Remarks
2.9 Exercises
3 Public-Key Cryptography and Key Management
3.1 Concepts of Public-Key Cryptography
3.2 Elementary Concepts and Theorems in Number Theory .
3.2.1 Modular Arithmetic and Congruence Relations ..
3.2.2 Modular Inverse
3.2.3 Primitive Roots
3.2.4 Fast Modular Exponentiation
3.2.5 Finding Large Prime Numbers
3.2.6 The Chinese Remainder Theorem
3.2.7 Finite Continued Fractions
3.3 Diffie-Hellman Key Exchange
3.3.1 Key Exchange Protocol
3.3.2 Man-in-the-Middle Attacks
3.3.3 Elgamal PKC
3.4 RSA Cryptosystem
3.4.1 RSA Key Pairs, Encryptions, and Decryptions...
3.4.2 RSA Parameter Attacks
3.4.3 RSA Challenge Numbers
3.5 Elliptic-Curve Cryptography
3.5.1 Commutative Groups on Elliptic Curves
3.5.2 Discrete Elliptic Curves
3.5.3 ECC Encodings
3.5.4 ECC Encryption and Decryption
3.5.5 ECC Key Exchange
3.5.6 ECC Strength
3.6 Key Distributions and Management
3.6.1 Master Keys and Session Keys
3.6.2 Public-Key Certificates
3.6.3 CA Networks
3.6.4 Key Rings
3.7 Closing Remarks
3.8 Exercises
4 Data Authentication
4.1 Cryptographic Hash Functions
4.1.1 Design Criteria of Cryptographic Hash Functions
4.1.2 Quest for Cryptographic Hash Functions
4.1.3 Basic Structure of Standard Hash Functions
4.1.4 SHA-512
4.1.5 WHIRLPOOL
4.2 Cryptographic Checksums
4.2.1 Exclusive-OR Cryptographic Checksums
4.2.2 Design Criteria of MAC Algorithms
4.2.3 Data Authentication Algorithm
4.3 HMAC
4.3.1 Design Criteria of HMAC
4.3.2 HMAC Algorithm
4.4 Offset Codebook Mode of Operations
4.4.1 Basic Operations
4.4.2 OCB Encryption and Tag Generation
4.4.3 OCB Decryption and Tag Verification
4.5 Birthday Attacks
4.5.1 Complexity Upper Bound of Breaking Strong Collision Resistance
4.5.2 Set Intersection Attack
4.6 Digital Signature Standard
4.7 Dual Signatures and Electronic Transactions
4.7.1 Dual Signature Applications
4.7.2 Dual Signatures and Electronic Transactions
4.8 Blind Signatures and Electronic Cash
4.8.1 RSA Blind Signatures
4.8.2 Electronic Cash
4.9 Closing Remarks
4.10 Exercises Network Security Protocols in Practice
5.1 Crypto Placements in Networks
5.1.1 Crypto Placement at the Application Layer
5.1.2 Crypto Placement at the Transport Layer
5.1.3 Crypto Placement at the Network Layer
5.1.4 Crypto Placement at the Data-Link Layer
5.1.5 Hardware versus Software Implementations of Cryptographic Algorithms
5.2 Public-Key Infrastructure
5.2.1 X.509 Public-Key Infrastructure
5.2.2 X.509 Certificate Formats
5.3 IPsec: A Security Protocol at the Network Layer
5.3.1 Security Association
5.3.2 Application Modes and Security Associations
5.3.3 AH Format
5.3.4 ESP Format
5.3.5 Secret Key Determination and Distribution
5.4 SSI.flZ, S: Security Protocols at the Transport Layer
5.4.1 SSL Handshake Protocol
5.4.2 SSL Record Protocol
5.5 PGP and S/MIME: Email Security Protocols
5.5.1 Basic Email Security Mechanisms
5.5.2 PGP
5.5.3 S/MIME
5.6 Kerberos: An Authentication Protocol
5.6.1 Basic Ideas
5.6.2 Single-Realm Kerberos
5.6.3 Multiple-Realm Kerberos
5.7 SSH: Security Protocols for Remote Logins
5.8 Closing Remarks
……
6 Wireless Network Security
7 Network Perimeter Security
8 The Art of Anti Malicious Software
9 The Art of Intrusion Detection
References
Index
1.1 Mission and Definitions
1.2 Common Attacks and Defense Mechanisms
1.2.1 Eavesdropping
1.2.2 Cryptanalysis
1.2.3 Password Pilfering
1.2.4 Identity Spoofing
1.2.5 Buffer-Overflow Exploitations
1.2.6 Repudiation
1.2.7 Intrusion
1.2.8 Traffic Analysis
1.2.9 Denial of Service Attacks
1.2.10 Malicious Software
1.3 Attacker Profiles
1.3.1 Hackers
1.3.2 Script Kiddies
1.3.3 Cyber Spies
1.3.4 Vicious Employees
1.3.5 Cyber Terrorists
1.3.6 Hypothetical Attackers
1.4 Basic Security Model
1.5 Security Resources
1.6 Closing Remarks
1.7 Exercises
2 Data Eneryption Algorithms
2.1 Data Encryption Algorithm Design Criteria
2.1.1 ASCII Code
2.1.2 XOR Encryption
2.1.3 Criteria of Data Encryptions
2.1.4 Implementation Criteria
2.2 Data Encryption Standard
2.2.1 Feistel's Cipher Scheme
2.2.2 DES Subkeys
2.2.3 DES Substitution Boxes
2.2.4 DES Encryption
2.2.5 DES Decryption and Correctness Proof
2.2.6 DES Security Strength
2.3 Multiple DES
2.3.1 Triple-DES with Two Keys
2.3.2 2DES and 3DES/3
2.3.3 Meet-in-the-Middle Attacks on 2DES
2.4 Advanced Encryption Standard
2.4.1 AES Basic Structures
2.4.2 AES S-Boxes
2.4.3 AES-128 RoundKeys
2.4.4 Add Round Keys
2.4.5 Substitute-Bytes
2.4.6 Shift-Rows
2.4.7 Mix-Columns
2.4.8 AES-128 Encryption
2.4.9 AES-128 Decryption and Correctness Proof
2.4.10 Galois Fields
2.4.11 Construction of the AES S-Box and Its Inverse ..
2.4.12 AES Security Strength
2.5 Standard Block-Cipher Modes of Operations
2.5.1 Electronic-Codebook Mode
2.5.2 Cipher-Block-Chaining Mode
2.5.3 Cipher-Feedback Mode
2.5.4 Output-Feedback Mode
2.5.5 Counter Mode
2.6 Stream Ciphers
2.6.1 RC4 Stream Cipher
2.6.2 RC4 Security Weaknesses
2.7 Key Generations
2.7.1 ANSIX9.17 PRNG
2.7.2 BBS Pseudorandom Bit Generator
2.8 Closing Remarks
2.9 Exercises
3 Public-Key Cryptography and Key Management
3.1 Concepts of Public-Key Cryptography
3.2 Elementary Concepts and Theorems in Number Theory .
3.2.1 Modular Arithmetic and Congruence Relations ..
3.2.2 Modular Inverse
3.2.3 Primitive Roots
3.2.4 Fast Modular Exponentiation
3.2.5 Finding Large Prime Numbers
3.2.6 The Chinese Remainder Theorem
3.2.7 Finite Continued Fractions
3.3 Diffie-Hellman Key Exchange
3.3.1 Key Exchange Protocol
3.3.2 Man-in-the-Middle Attacks
3.3.3 Elgamal PKC
3.4 RSA Cryptosystem
3.4.1 RSA Key Pairs, Encryptions, and Decryptions...
3.4.2 RSA Parameter Attacks
3.4.3 RSA Challenge Numbers
3.5 Elliptic-Curve Cryptography
3.5.1 Commutative Groups on Elliptic Curves
3.5.2 Discrete Elliptic Curves
3.5.3 ECC Encodings
3.5.4 ECC Encryption and Decryption
3.5.5 ECC Key Exchange
3.5.6 ECC Strength
3.6 Key Distributions and Management
3.6.1 Master Keys and Session Keys
3.6.2 Public-Key Certificates
3.6.3 CA Networks
3.6.4 Key Rings
3.7 Closing Remarks
3.8 Exercises
4 Data Authentication
4.1 Cryptographic Hash Functions
4.1.1 Design Criteria of Cryptographic Hash Functions
4.1.2 Quest for Cryptographic Hash Functions
4.1.3 Basic Structure of Standard Hash Functions
4.1.4 SHA-512
4.1.5 WHIRLPOOL
4.2 Cryptographic Checksums
4.2.1 Exclusive-OR Cryptographic Checksums
4.2.2 Design Criteria of MAC Algorithms
4.2.3 Data Authentication Algorithm
4.3 HMAC
4.3.1 Design Criteria of HMAC
4.3.2 HMAC Algorithm
4.4 Offset Codebook Mode of Operations
4.4.1 Basic Operations
4.4.2 OCB Encryption and Tag Generation
4.4.3 OCB Decryption and Tag Verification
4.5 Birthday Attacks
4.5.1 Complexity Upper Bound of Breaking Strong Collision Resistance
4.5.2 Set Intersection Attack
4.6 Digital Signature Standard
4.7 Dual Signatures and Electronic Transactions
4.7.1 Dual Signature Applications
4.7.2 Dual Signatures and Electronic Transactions
4.8 Blind Signatures and Electronic Cash
4.8.1 RSA Blind Signatures
4.8.2 Electronic Cash
4.9 Closing Remarks
4.10 Exercises Network Security Protocols in Practice
5.1 Crypto Placements in Networks
5.1.1 Crypto Placement at the Application Layer
5.1.2 Crypto Placement at the Transport Layer
5.1.3 Crypto Placement at the Network Layer
5.1.4 Crypto Placement at the Data-Link Layer
5.1.5 Hardware versus Software Implementations of Cryptographic Algorithms
5.2 Public-Key Infrastructure
5.2.1 X.509 Public-Key Infrastructure
5.2.2 X.509 Certificate Formats
5.3 IPsec: A Security Protocol at the Network Layer
5.3.1 Security Association
5.3.2 Application Modes and Security Associations
5.3.3 AH Format
5.3.4 ESP Format
5.3.5 Secret Key Determination and Distribution
5.4 SSI.flZ, S: Security Protocols at the Transport Layer
5.4.1 SSL Handshake Protocol
5.4.2 SSL Record Protocol
5.5 PGP and S/MIME: Email Security Protocols
5.5.1 Basic Email Security Mechanisms
5.5.2 PGP
5.5.3 S/MIME
5.6 Kerberos: An Authentication Protocol
5.6.1 Basic Ideas
5.6.2 Single-Realm Kerberos
5.6.3 Multiple-Realm Kerberos
5.7 SSH: Security Protocols for Remote Logins
5.8 Closing Remarks
……
6 Wireless Network Security
7 Network Perimeter Security
8 The Art of Anti Malicious Software
9 The Art of Intrusion Detection
References
Index
購物須知
大陸出版品因裝訂品質及貨運條件與台灣出版品落差甚大,除封面破損、內頁脫落等較嚴重的狀態,其餘商品將正常出貨。
特別提醒:部分書籍附贈之內容(如音頻mp3或影片dvd等)已無實體光碟提供,需以QR CODE 連結至當地網站註冊“並通過驗證程序”,方可下載使用。
無現貨庫存之簡體書,將向海外調貨:
海外有庫存之書籍,等候約45個工作天;
海外無庫存之書籍,平均作業時間約60個工作天,然不保證確定可調到貨,尚請見諒。
為了保護您的權益,「三民網路書店」提供會員七日商品鑑賞期(收到商品為起始日)。
若要辦理退貨,請在商品鑑賞期內寄回,且商品必須是全新狀態與完整包裝(商品、附件、發票、隨貨贈品等)否則恕不接受退貨。