【内容简介】
　Computer Network Security Theory and Practice introduces to the reader a complete and concise view of network security. It provides in-depth theoretical coverage of recent advancements and practical solutions to network security threats. This book can be used for a one-semester network security course for graduate and upper-level undergraduate students， as well as a reference for IT professionals.
【目次】
1 Network Security Overview
1.1 Mission and Definitions
1.2 Common Attacks and Defense Mechanisms
1.2.1 Eavesdropping
1.2.2 Cryptanalysis
1.2.3 Password Pilfering
1.2.4 Identity Spoofing
1.2.5 Buffer-Overflow Exploitations
1.2.6 Repudiation
1.2.7 Intrusion
1.2.8 Traffic Analysis
1.2.9 Denial of Service Attacks
1.2.10 Malicious Software
1.3 Attacker Profiles
1.3.1 Hackers
1.3.2 Script Kiddies
1.3.3 Cyber Spies
1.3.4 Vicious Employees
1.3.5 Cyber Terrorists
1.3.6 Hypothetical Attackers
1.4 Basic Security Model
1.5 Security Resources
1.6 Closing Remarks
1.7 Exercises
2 Data Eneryption Algorithms
2.1 Data Encryption Algorithm Design Criteria
2.1.1 ASCII Code
2.1.2 XOR Encryption
2.1.3 Criteria of Data Encryptions
2.1.4 Implementation Criteria
2.2 Data Encryption Standard
2.2.1 Feistel's Cipher Scheme
2.2.2 DES Subkeys
2.2.3 DES Substitution Boxes
2.2.4 DES Encryption
2.2.5 DES Decryption and Correctness Proof
2.2.6 DES Security Strength
2.3 Multiple DES
2.3.1 Triple-DES with Two Keys
2.3.2 2DES and 3DES/3
2.3.3 Meet-in-the-Middle Attacks on 2DES
2.4 Advanced Encryption Standard
2.4.1 AES Basic Structures
2.4.2 AES S-Boxes
2.4.3 AES-128 RoundKeys
2.4.4 Add Round Keys
2.4.5 Substitute-Bytes
2.4.6 Shift-Rows
2.4.7 Mix-Columns
2.4.8 AES-128 Encryption
2.4.9 AES-128 Decryption and Correctness Proof
2.4.10 Galois Fields
2.4.11 Construction of the AES S-Box and Its Inverse ..
2.4.12 AES Security Strength
2.5 Standard Block-Cipher Modes of Operations
2.5.1 Electronic-Codebook Mode
2.5.2 Cipher-Block-Chaining Mode
2.5.3 Cipher-Feedback Mode
2.5.4 Output-Feedback Mode
2.5.5 Counter Mode
2.6 Stream Ciphers
2.6.1 RC4 Stream Cipher
2.6.2 RC4 Security Weaknesses
2.7 Key Generations
2.7.1 ANSIX9.17 PRNG
2.7.2 BBS Pseudorandom Bit Generator
2.8 Closing Remarks
2.9 Exercises
3 Public-Key Cryptography and Key Management
3.1 Concepts of Public-Key Cryptography
3.2 Elementary Concepts and Theorems in Number Theory .
3.2.1 Modular Arithmetic and Congruence Relations ..
3.2.2 Modular Inverse
3.2.3 Primitive Roots
3.2.4 Fast Modular Exponentiation
3.2.5 Finding Large Prime Numbers
3.2.6 The Chinese Remainder Theorem
3.2.7 Finite Continued Fractions
3.3 Diffie-Hellman Key Exchange
3.3.1 Key Exchange Protocol
3.3.2 Man-in-the-Middle Attacks
3.3.3 Elgamal PKC
3.4 RSA Cryptosystem
3.4.1 RSA Key Pairs, Encryptions, and Decryptions...
3.4.2 RSA Parameter Attacks
3.4.3 RSA Challenge Numbers
3.5 Elliptic-Curve Cryptography
3.5.1 Commutative Groups on Elliptic Curves
3.5.2 Discrete Elliptic Curves
3.5.3 ECC Encodings
3.5.4 ECC Encryption and Decryption
3.5.5 ECC Key Exchange
3.5.6 ECC Strength
3.6 Key Distributions and Management
3.6.1 Master Keys and Session Keys
3.6.2 Public-Key Certificates
3.6.3 CA Networks
3.6.4 Key Rings
3.7 Closing Remarks
3.8 Exercises
4 Data Authentication
4.1 Cryptographic Hash Functions
4.1.1 Design Criteria of Cryptographic Hash Functions
4.1.2 Quest for Cryptographic Hash Functions
4.1.3 Basic Structure of Standard Hash Functions
4.1.4 SHA-512
4.1.5 WHIRLPOOL
4.2 Cryptographic Checksums
4.2.1 Exclusive-OR Cryptographic Checksums
4.2.2 Design Criteria of MAC Algorithms
4.2.3 Data Authentication Algorithm
4.3 HMAC
4.3.1 Design Criteria of HMAC
4.3.2 HMAC Algorithm
4.4 Offset Codebook Mode of Operations
4.4.1 Basic Operations
4.4.2 OCB Encryption and Tag Generation
4.4.3 OCB Decryption and Tag Verification
4.5 Birthday Attacks
4.5.1 Complexity Upper Bound of Breaking Strong Collision Resistance
4.5.2 Set Intersection Attack
4.6 Digital Signature Standard
4.7 Dual Signatures and Electronic Transactions
4.7.1 Dual Signature Applications
4.7.2 Dual Signatures and Electronic Transactions
4.8 Blind Signatures and Electronic Cash
4.8.1 RSA Blind Signatures
4.8.2 Electronic Cash
4.9 Closing Remarks
4.10 Exercises Network Security Protocols in Practice
5.1 Crypto Placements in Networks
5.1.1 Crypto Placement at the Application Layer
5.1.2 Crypto Placement at the Transport Layer
5.1.3 Crypto Placement at the Network Layer
5.1.4 Crypto Placement at the Data-Link Layer
5.1.5 Hardware versus Software Implementations of Cryptographic Algorithms
5.2 Public-Key Infrastructure
5.2.1 X.509 Public-Key Infrastructure
5.2.2 X.509 Certificate Formats
5.3 IPsec: A Security Protocol at the Network Layer
5.3.1 Security Association
5.3.2 Application Modes and Security Associations
5.3.3 AH Format
5.3.4 ESP Format
5.3.5 Secret Key Determination and Distribution
5.4 SSI.flZ, S: Security Protocols at the Transport Layer
5.4.1 SSL Handshake Protocol
5.4.2 SSL Record Protocol
5.5 PGP and S/MIME: Email Security Protocols
5.5.1 Basic Email Security Mechanisms
5.5.2 PGP
5.5.3 S/MIME
5.6 Kerberos: An Authentication Protocol
5.6.1 Basic Ideas
5.6.2 Single-Realm Kerberos
5.6.3 Multiple-Realm Kerberos
5.7 SSH: Security Protocols for Remote Logins
5.8 Closing Remarks
6 Wireless Network Security
7 Network Perimeter Security
8 The Art of Anti Malicious Software
9 The Art of Intrusion Detection
References
Index