Views
Cryptography and Network Security
Title: Cryptography and Network Security
Author: Atul Kahate
Publisher: Tata Mcgraw Hill
The enhancements in the second edition are in terms of detailed coverage of algorithms like AES, SHA-256 and its variants and coverage on TLS besides more explanation of mathematical base wherever needed.
Chapter 1 introduces the basic concepts of security, the need for security and the principles of security namely Confidentiality, Authentication, Integrity, Non-Repudiation, Access Control and Availability. Various types of attacks like Virus, Worms, and Trojans to specific attacks like Sniffing, Spoofing, Phishing and Pharming (DNS Spoofing) are discussed.
In Chapter 2, Cryptography Concepts are introduced. Encryption and Decryption process using Substitution techniques like Caesar Cipher, Hill Cipher and transposition techniques like Rail Fence Technique, Columnar Transposition technique are explained. Diffe-Hellman key exchange algorithm is explained and discussed at length.
Chapter 3 explains popular Symmetric key Algorithms highlighting two important aspects of Algorithms namely Type and Mode. The author dwells deep into DES algorithm and lucidly explains with diagrams how the DES algorithm works. The possibility of meet-in-the-middle attack against DES and analysis of various enhanced versions of DES are done. Algorithms like International Data Encryption Algorithm (IDEA) and Rivest Cipher (RC5), Blowfish and Advanced Encryption Standard (AES) are explained in detail.
In Chapter 4, the asymmetric key algorithm RSA, Message Digest and Digital Signature are explained. The complex MD-5 algorithm is explained step by step with excellent diagrams. The Secure Hash Algorithm ( SHA-1) is explained and compared with MD5 algorithm. Topics like Message Authentication Code (MAC), Hash-based Message Authentication Code (HMAC), Elliptic Curve Cryptography (ECC) are also covered.
In Chapter 5 the concepts of Digital Certificates, Certifying Authority (CA) , X509 Standards of Certificates, the process of certificate generation, Root Certification, Cross Certification, Certificate Revocation Lists(CRLs), Online Certificate Status Protocol (OCSP), Certificate Types, Key management , PKCS Standards, XML Digital Certificate, Creating Digital Certificate using Java key tool utility are discussed in detail.
Chapter 6 deals with Internet Security protocols like TCP/IP, SSL, TLS, TSP. E-mail related security concepts like PEM / PGP and S-MIME are also discussed at length. The author also throws light on Wireless Application Protocol (WAP) security and in Chapter 7 talks about authentication of users based on passwords, authentication tokens, certificates and bio-metrics.
Chapter 8 deals with the practical issues involved in cryptography using Java Crypto API and .NET framework with the aid of MS-CAPICOM components including aspects of operating systems security and database security.
In Chapter 9, the concept of Firewall DMZ, IPSec, IKE Protocol, VPN and Intrusion detection are analyzed and in Chapter 10, case studies close to real life situations are discussed including usage of digital certificates in smart cards, Single Sign-on, Secure interbank transactions etc. A brief on DOS Attacks, IP Spoofing, Cross Site Script Vulnerability are also provided.
Each chapter is followed by summary, key terms and concepts, multiple choice questions and exercises. Number systems, encoding standards and such pre-requisites have been provided as Appendix. The web supplements for the readers are available at http://www.mhhe.com/kahate/cns2e
V Raman, Technical Director, Tamil Nadu
v.raman@nic.in