Modern Cryptography: Theory and Practice (Hardcover)
暫譯: 現代密碼學:理論與實踐(精裝版)

Wenbo Mao

Modern Cryptography: Theory and Practice (Hardcover)
  • 出版商: Prentice Hall
  • 出版日期: 2003-08-04
  • 售價: $1,007
  • 語言: 英文
  • 頁數: 648
  • 裝訂: Hardcover
  • ISBN: 0130669431
  • ISBN-13: 9780130669438
  • 相關分類: 資訊安全

    • 已絕版

買這商品的人也買了...

商品描述

 

Appropriate for all graduate-level and advanced undergraduate courses in cryptography and related mathematical fields.

Modern Cryptography is an indispensable resource for every advanced student of cryptography who intends to implement strong security in real-world applications. Leading HP security expert Wenbo Mao explains why conventional crypto schemes, protocols, and systems are profoundly vulnerable, introducing both fundamental theory and real-world attacks. Next, he shows how to implement crypto systems that are truly “fit for application,” and formally demonstrate their fitness. He begins by reviewing the foundations of cryptography: probability, information theory, computational complexity, number theory, algebraic techniques, and more. He presents the “ideal” principles of authentication, comparing them with real-world implementation. Mao assesses the strength of IPSec, IKE, SSH, SSL, TLS, Kerberos, and other standards, and offers practical guidance on designing stronger crypto schemes and using formal methods to prove their security and efficiency. Finally, he presents an in-depth introduction to zero-knowledge protocols: their characteristics, development, arguments, and proofs. Mao relies on practical examples throughout, and provides all the mathematical background students will need.

Table of Contents

A Short Description of the Book.


Preface.


List of Figures.


List of Algorithms, Protocols and Attacks.

I. INTRODUCTION.

1. Beginning with a Simple Communication Game.

A Communication Game. Criteria for Desirable Cryptographic Systems and Protocols. Chapter Summary. Exercises.

2. Wrestling between Safeguard and Attack.

Introduction. Encryption. Vulnerable Environment (the Dolev-Yao Threat Model). Authentication Servers. Security Properties for Authenticated Key Establishment. Protocols for Authenticated Key Establishment Using Encryption. Chapter Summary. Exercises.

II MATHEMATICAL FOUNDATIONS.

Standard Notation.


   3. Probability and Information Theory. Introduction. Basic Concept of Probability. Properties. Basic Calculation. Random Variables and their Probability Distributions. Birthday Paradox. Information Theory. Redundancy in Natural Languages. Chapter Summary. Exercises.

   4. Computational Complexity. Introduction. Turing Machines. Deterministic Polynomial Time. Probabilistic Polynomial Time. Non-deterministic Polynomial Time. Non-Polynomial Bounds. Polynomial-time Indistinguishability. Theory of Computational Complexity and Modern Cryptography. Chapter Summary. Exercises. 5. Algebraic Foundations. Introduction. Groups. Rings and Fields. The Structure of Finite Fields. Group Constructed Using Points on an Elliptic Curve. Chapter Summary. Exercises. 6. Number Theory. Introduction. Congruences and Residue Classes. Euler's Phi Function. The Theorems of Fermat, Euler and Lagrange. Quadratic Residues. Square Roots Modulo Integer. Blum Integers. Chapter Summary. Exercises.

III. BASIC CRYPTOGRAPHIC TECHNIQUES.

7. Encryption—Symmetric Techniques.

Introduction. Definition. Substitution Ciphers. Transposition Ciphers. Classical Ciphers: Usefulness and Security. The Data Encryption Standard (DES). The Advanced Encryption Standard (AES). Confidentiality Modes of Operation. Key Channel Establishment for Symmetric Cryptosystems. Chapter Summary. Exercises.

8. Encryption—Asymmetric Techniques.

Introduction. Insecurity of “Textbook Encryption Algorithms”. The Diffie-Hellman Key Exchange Protocol. The Diffie-Hellman Problem and the Discrete Logarithm Problem. The RSA Cryptosystem (Textbook Version). Cryptanalysis Against Public-key Cryptosystems. The RSA Problem. The Integer Factorization Problem. Insecurity of the Textbook RSA Encryption. The Rabin Cryptosystem (Textbook Version). Insecurity of the Textbook Rabin Encryption. The ElGamal Cryptosystem (Textbook Version). Insecurity of the Textbook ElGamal Encryption. Need for Stronger Security Notions for Public-key Cryptosystems. Combination of Asymmetric and Symmetric Cryptography. Key Channel Establishment for Public-key Cryptosystems. Chapter Summary. Exercises.

9. In an Ideal World: Bit Security of the Basic Public-Key Cryptographic Functions.

Introduction. The RSA Bit. The Rabin Bit. The ElGamal Bit. The Discrete Logarithm Bit. Chapter Summary. Exercises.

10. Data Integrity Techniques.

Introduction. Definition. Symmetric Techniques. Asymmetric Techniques I:Digital Signatures. Asymmetric Techniques II: Data Integrity without Source Identification. Chapter Summary. Exercises.

IV. AUTHENTICATION.

11. Authentication Protocols—Principles.

Introduction. Authentication and Refined Notions. Convention. Basic Authentication Techniques. Password-based Authentication. Authenticated Key Exchange Based on Asymmetric Cryptography. Typical Attacks on Authentication Protocols. A Brief Literature Note. Chapter Summary. Exercises.

12. Authentication Protocols—The Real World.

Introduction. Authentication Protocols for Internet Security. The Secure Shell (SSH) Remote Login Protocol. The Kerberos Protocol and its Realization in Windows 2000. SSL and TLS. Chapter Summary. Exercises.

13. Authentication Framework for Public-Key Cryptography.

Introduction. Directory-Based Authentication Framework. Non-Directory Based Public-key Authentication Framework. Chapter Summary. Exercises.

V. FORMAL APPROACHES TO SECURITY ESTABLISHMENT.

14. Formal and Strong Security Definitions for Public-Key Cryptosystems.

Introduction. A Formal Treatment for Security. Semantic Security—the Debut of Provable Security. Inadequacy of Semantic Security. Beyond Semantic Security. Chapter Summary. Exercises.

15. Provably Secure and Efficient Public-Key Cryptosystems.
 
 
Introduction. The Optimal Asymmetric Encryption Padding. The Cramer-Shoup Public-key Cryptosystem. An Overview of Provably Secure Hybrid Cryptosystems. Literature Notes on Practical and Provably Secure Public-key Cryptosystems. Chapter Summary. Exercises.
16. Strong and Provable Security for Digital Signatures.

 

Introduction. Strong Security Notion for Digital Signatures. Strong and Provable Security for ElGamal-family Signatures. Fit-for-application Ways for Signing in RSA and Rabin. Signcryption. Chapter Summary. Exercises.

17. Formal Methods for Authentication Protocols Analysis.

Introduction. Toward Formal Specification of Authentication Protocols. A Computational View of Correct Protocols—the Bellare-Rogaway Model. A Symbolic Manipulation View of Correct Protocols. Formal Analysis Techniques: State System Exploration. Reconciling Two Views of Formal Techniques for Security. Chapter Summary. Exercises.

VI. CRYPTOGRAPHIC PROTOCOLS.

18. Zero-Knowledge Protocols.

Introduction. Basic Definitions. Zero-knowledge Properties. Proof or Argument? Protocols with Two-sided-error. Round Efficiency. Non-interactive Zero-knowledge. Chapter Summary. Exercises.

19. Returning To “Coin Flipping over Telephone”.

Blum's “Coin-Flipping-by-Telephone” Protocol. Security Analysis. Efficiency. Chapter Summary.

20.Afterremark.

Bibliography. Subject Index.

商品描述(中文翻譯)

適合所有研究生及高年級本科生的密碼學及相關數學領域課程。

《現代密碼學》是每位希望在實際應用中實施強大安全性的高級密碼學學生不可或缺的資源。領先的 HP 安全專家毛文博解釋了為什麼傳統的加密方案、協議和系統存在深刻的脆弱性,並介紹了基本理論和現實世界的攻擊。接著,他展示了如何實施真正“適合應用”的加密系統,並正式證明其適用性。他首先回顧了密碼學的基礎:概率、信息理論、計算複雜性、數論、代數技術等。他提出了身份驗證的“理想”原則,並將其與現實世界的實施進行比較。毛文博評估了 IPSec、IKE、SSH、SSL、TLS、Kerberos 和其他標準的強度,並提供了設計更強加密方案的實用指導,以及使用形式方法來證明其安全性和效率。最後,他深入介紹了零知識協議:其特徵、發展、論證和證明。毛文博在整本書中依賴實際範例,並提供學生所需的所有數學背景。

目錄
書籍簡介。
前言。
圖表清單。
算法、協議和攻擊清單。

I. 引言。
1. 從一個簡單的通信遊戲開始。
一個通信遊戲。理想的密碼系統和協議標準。章節摘要。練習。

2. 保護與攻擊之間的鬥爭。
引言。加密。脆弱環境(Dolev-Yao 威脅模型)。身份驗證伺服器。已驗證密鑰建立的安全性質。使用加密的已驗證密鑰建立協議。章節摘要。練習。

II. 數學基礎。
標準符號。
3. 概率與信息理論。引言。概率的基本概念。性質。基本計算。隨機變量及其概率分佈。生日悖論。信息理論。自然語言中的冗餘。章節摘要。練習。

4. 計算複雜性。引言。圖靈機。確定性多項式時間。概率性多項式時間。非確定性多項式時間。非多項式界限。多項式時間不可區分性。計算複雜性理論與現代密碼學。章節摘要。練習。

5. 代數基礎。引言。群。環與域。有限域的結構。使用橢圓曲線上的點構造的群。章節摘要。練習。

6. 數論。引言。同餘與餘數類。歐拉的 φ 函數。費馬、歐拉和拉格朗日的定理。二次剩餘。整數模的平方根。Blum 整數。章節摘要。練習。

III. 基本密碼技術。
7. 加密—對稱技術。
引言。定義。替代密碼。置換密碼。古典密碼:實用性與安全性。數據加密標準(DES)。高級加密標準(AES)。對稱密碼系統的保密性操作模式。對稱密碼系統的密鑰通道建立。章節摘要。練習。

8. 加密—非對稱技術。
引言。“教科書加密算法”的不安全性。Diffie-Hellman 密鑰交換協議。Diffie-Hellman 問題與離散對數問題。RSA 密碼系統(教科書版本)。對公鑰密碼系統的密碼分析。RSA 問題。整數因式分解問題。教科書 RSA 加密的不安全性。Rabin 密碼系統(教科書版本)。教科書 Rabin 加密的不安全性。ElGamal 密碼系統(教科書版本)。教科書 ElGamal 加密的不安全性。對公鑰密碼系統需要更強的安全概念。非對稱與對稱密碼的結合。公鑰密碼系統的密鑰通道建立。章節摘要。練習。

9. 在理想世界中:基本公鑰密碼函數的位安全性。
引言。RSA 位。Rabin 位。ElGamal 位。離散對數位。章節摘要。練習。

10. 數據完整性技術。
引言。定義。對稱技術。非對稱技術 I:數字簽名。非對稱技術 II:無源識別的數據完整性。章節摘要。練習。

IV. 身份驗證。
11. 身份驗證協議—原則。
引言。身份驗證與精煉概念。慣例。基本身份驗證技術。基於密碼的身份驗證。基於非對稱密碼的已驗證密鑰交換。對身份驗證協議的典型攻擊。簡要文獻說明。章節摘要。練習。

12. 身份驗證協議—現實世界。
引言。互聯網安全的身份驗證協議。安全外殼(SSH)遠程登錄協議。Kerberos 協議及其在 Windows 2000 中的實現。SSL 和 TLS。章節摘要。練習。

13. 公鑰密碼學的身份驗證框架。
引言。基於目錄的身份驗證框架。非目錄基礎的公鑰身份驗證框架。章節摘要。練習。

V. 安全建立的形式方法。
14. 公鑰密碼系統的正式與強安全定義。
引言。安全的正式處理。語義安全—可證明安全性的首次亮相。語義安全的不足。超越語義安全。章節摘要。練習。

15. 可證明安全且高效的公鑰密碼系統。
引言。最佳非對稱加密填充。Cramer-Shoup 公鑰密碼系統。可證明安全的混合密碼系統概述。實用與可證明安全的公鑰密碼系統文獻說明。章節摘要。練習。

16. 數字簽名的強與可證明安全性。
引言。數字簽名的強安全概念。ElGamal 家族簽名的強與可證明安全性。RSA 和 Rabin 的適用簽名方式。簽名加密。章節摘要。練習。

17. 身份驗證協議分析的形式方法。
引言。朝向身份驗證協議的正式規範。正確協議的計算視角—Bellare-Rogaway 模型。正確協議的符號操作視角。形式分析技術:狀態系統探索。調和安全的形式技術的兩種視角。章節摘要。練習。

VI. 密碼協議。
18. 零知識協議。
引言。基本定義。零知識性質。證明或論證?具有雙邊錯誤的協議。回合效率。非互動零知識。章節摘要。練習。

19. 回到“電話上的擲幣”。
Blum 的“電話擲幣”協議。安全分析。效率。章節摘要。

20. 附註。
參考文獻。主題索引。

類似商品