密碼學(xué)與網(wǎng)絡(luò)安全

前言

Having worked in the area of information Technology for about six years （in 2001 ）, I had read a lot abouto worked in the area of information Technology for about six years （in 2001）, I had read a lot aboutinformation securitV, and how to achieve it. However, my concepts were vague, and I knew theJ, and how to achieve it. However, my concepts were vague, and I knew thetechnology of security in bits and pieces. This was quite annoying, as it never gave a feeling ofioJ J in bits and pieces. This was quite annoying, as it never gave a feeling ofsatisfaction. It was as if I did not know the complete pictllre. For example, I did know that numbersystems played an important role in cryptography, but did not know how much I should know aboutthem to understand the concepts thoroughly. Similarly, I knew that digital certificates and Public KeyInfrastructure （PKI） were quite wonderful technologies, but knew only to some extent as to how theyworked. Numerous other examples can be given.Then I got an opportunity to lead an information security project in i-flex solutions limited. I knewo pportunity to lead an information security project in i-flex solutions limited. I knewthat I could learn a lot simply by working on that project. However, I also felt very strongly that until Iwas thorouZh with all the aSDects of comDUter securitV/crVptoZraDhv myself. I would not be able to doo poets of computer security/cryptography myself, I would not be able to do..true lustice to this project. It was for this reason that I took up the task of studying each and every aspectJ ustice to this project. It was for this reason that I took up the task of studying each and every aspectof these technologies. Unfortllnately, there were a lot of hurdles. The main hurdle was that there was noto j, Lllere were a lot of hurdles.

內(nèi)容概要

本書以清晰的脈絡(luò)、簡潔的語言，介紹了各種加密技術(shù)、網(wǎng)絡(luò)安全協(xié)議與實(shí)現(xiàn)技術(shù)等內(nèi)容，包括各種對稱密鑰算法與AES，非對稱密鑰算法、數(shù)字簽名與RSA，數(shù)字證書與公鑰基礎(chǔ)設(shè)施，Internet安全協(xié)議，用戶認(rèn)證與Kerberos，Java、.NET和操作系統(tǒng)的加密實(shí)現(xiàn)，網(wǎng)絡(luò)安全、防火墻與VPN，并給出了具體的加密與安全的案例實(shí)現(xiàn)分析，是一本關(guān)于密碼學(xué)與網(wǎng)絡(luò)安全的理論結(jié)合實(shí)踐的優(yōu)秀教材。

作者簡介

Atul Kahate在印度和世界IT業(yè)中已經(jīng)有12年的工作經(jīng)驗(yàn)，他取得了統(tǒng)計(jì)學(xué)學(xué)士學(xué)位和計(jì)算機(jī)系統(tǒng)專業(yè)的MBA學(xué)位。他與他人為Tata McGraw-Hill出版公司合著了多部著作，不少書被用作教材或全世界的大學(xué)/學(xué)院/IT公司用作參考書。Atul Kahate還在印度和國外獲得過多個(gè)獎(jiǎng)項(xiàng)，過去曾就職

書籍目錄

Preface to the Second Editon jace to the Second Editon Preface to the First Editon jace to the First Editon Important Terms andAbbreviations 1. Attacks on Computers and Computer Security　1.1 intfoduction 1 　1.2 The Need for Security 　1.3 SecuritV Approaches 　1.4 Principles of Security 　1.5 TVves of Attacks 　Summary 　Multiple-choice Ouestions 　pie-choice Questions 　Exercises 　Design/Programming Exercises 2. Cryptography: Concepts and Techniques 　2.1 Intfoduction 　2.2 Plain Text and Cipher Text 　2.3 Substitution Techniques 　2.4 Transposition Techniques 　2.5 EncrVption and DecrVption 　2.6 Symmetric and AsVmmetric Key Cryptography 　2.7 Steganography 　2.8 Key Range and Key Size 　2.9 Possible TVves of Attacks 　Summary 　Multiple-choice Ouestions 　pie-choice Questions 　Exercises 　Design/Programming Exercises 3. Symmetric Key Algorithms and AES 　3.1 Introduction 　3.2 Algorithm Types and Modes 　3.3 An Overview of Symmetric Key Cryptography 　3.4 Data Encryption Standard (DES) 　3.5 International Data Encryption Algorithm (IDEA) 　3.6 RC4 　3.7 RCS 　3.8 Blowfish 　3.9 Advanced Encryption Standard (AES) 　Summary 　Multiple-choice Questions 　Exercises 　Design/Programming Exercises 4. Asymmetric Key Algorithms, Digital Signatures and RSA 　4.1 Introduction 　4.2 Brief History of Asymmetric Key Cryptography 　4.3 An Overview of Asymmetric Key Cryptography 　4.4 The RSA Algorithm 　4.5 Symmetric and Asymmetric Key Cryptography Together 　4.6 Digital Signatures 　4.7 KnapsackAlgorithm 　4.8 Some Other Algorithms 　Summary 　Multiple--choice Questions 　Exercises 　Design/Programming Exercises 5. Digital Certificates and Public Key infrastructure (PKI) 　5.1 Introduction 　5.2 Digital Certificates 　5.3 Private Key Management 　5.4 The PKIX Model 　5.5 Public Key Cryptography Standards (PKCS) 　5.6 XML, PKI and Security 　5.7 Creating Digital Certificates Using Java 　Summary 　Multiple-choice Questions 　Exercises 　Design/Programming Exercises 6. Internet Security Protocols 7. User Authentication and Kerberos 8. Cryptography in lava, .NET and Operating Systems 9. Network Security, Firewalls and Virtual Private Networks (VPN) 10. Case Studies on Cryptography and Security APPendixA: Mathematical Background APPendix B: Number Systems APPendix C: Information Theory APPendixD: Real-ide TOols APPendix E: Web Resources APPendix F: A Brief introduction tO ASN, BER, DER References

章節(jié)摘錄

插圖：It is said that a random number generator based purely on deterministic computational techniquecannot really be considered as a perfect random number generator. This is because its output ispredictable. Distinguishing between true and seemingly true random numbers is not easy. Most computer programming languages provide support for random number generators in the formof library functions. They are usually so designed that they can provide a random byte or a floating pointnumber uniformly distributed between the range of 0 and 1. These library functions are often found tohave poor statistical properties and some will repeat patterns after a few cycles. They are usuallyinitialized using a computer's clock as the seed. These functions may provide enough randomness forcertain simple tasks （e.g. computer-based games）, but they are not recommended in situations thatdemand high-quality randomness. Examples of these situations are cryptographic applications,statistical applications or numerical applications. Hence, specialized random number generators are alsoavailable on a majority of operating systems. We might feel that computers can generate random numbers. In fact, many programming languagesprovide facilities to generate random numbers. However, this is not quite correct. Random numbersgenerated by computers are not truly randomover a period of time, we can predict them. This issimply because computers are rulebased machines, which have a finite range for generating （the socalled） random numbers. Therefore, we must make computers generate random numbers by usingsome external means. This process is called as psuedorandom number generation.

編輯推薦

《密碼學(xué)與網(wǎng)絡(luò)安全(第2版)》語言表達(dá)流暢、簡潔，使《密碼學(xué)與網(wǎng)絡(luò)安全(第2版)》的閱讀不再枯燥。全書多達(dá)425幅插圖，極大地方便了讀者的學(xué)習(xí)和理解。全書提供了豐富的多項(xiàng)選擇題、練習(xí)題、設(shè)計(jì)與編程題，有利于加深讀者對所學(xué)知識的理解和掌握。

圖書封面

圖書標(biāo)簽Tags

無

評論、評分、閱讀與下載

---

    密碼學(xué)與網(wǎng)絡(luò)安全 PDF格式下載

---