【文件属性】:
文件名称:Network Security: Private Communication in a Public World, Second Edition
文件大小:5.16MB
文件格式:CHM
更新时间:2013-04-10 23:20:28
network security kaufman
Network Security: Private Communication in a Public World, Second Edition
By Charlie Kaufman, Radia Perlman, Mike Speciner
...............................................
Publisher: Prentice Hall
Pub Date: April 22, 2002
Print ISBN-10: 0-13-046019-2
Print ISBN-13: 978-0-13-046019-6
Web ISBN-10: 0-13-715588-3
Web ISBN-13: 978-0-13-715588-0
Pages: 752
Copyright
The Radia Perlman Series in Computer Networking and Security
Acknowledgments
Chapter 1. Introduction
Section 1.1. Roadmap to the Book
Section 1.2. What Type of Book Is This?
Section 1.3. Terminology
Section 1.4. Notation
Section 1.5. Primer on Networking
Section 1.6. Active vs. Passive Attacks
Section 1.7. Layers and Cryptography
Section 1.8. Authorization
Section 1.9. Tempest
Section 1.10. Key Escrow for Law Enforcement
Section 1.11. Key Escrow for Careless Users
Section 1.12. Viruses, Worms, * Horses
Section 1.13. The Multi-Level Model of Security
Section 1.14. Legal Issues
Part 1: Cryptography
Chapter 2. Introduction to Cryptography
Section 2.1. What Is Cryptography?
Section 2.2. Breaking an Encryption Scheme
Section 2.3. Types of Cryptographic Functions
Section 2.4. Secret Key Cryptography
Section 2.5. Public Key Cryptography
Section 2.6. Hash Algorithms
Section 2.7. Homework
Chapter 3. Secret Key Cryptography
Section 3.1. Introduction
Section 3.2. Generic Block Encryption
Section 3.3. Data Encryption Standard (DES)
Section 3.4. International Data Encryption Algorithm (IDEA)
Section 3.5. Advanced Encryption Standard (AES)
Section 3.6. RC4
Section 3.7. Homework
Chapter 4. Modes of Operation
Section 4.1. Introduction
Section 4.2. Encrypting a Large Message
Section 4.3. Generating MACs
Section 4.4. Multiple Encryption DES
Section 4.5. Homework
Chapter 5. Hashes and Message Digests
Section 5.1. Introduction
Section 5.2. Nifty Things to Do with a Hash
Section 5.3. MD2
Section 5.4. MD4
Section 5.5. MD5
Section 5.6. SHA-1
Section 5.7. HMAC
Section 5.8. Homework
Chapter 6. Public Key Algorithms
Section 6.1. Introduction
Section 6.2. Modular Arithmetic
Section 6.3. RSA
Section 6.4. Diffie-Hellman
Section 6.5. Digital Signature Standard (DSS)
Section 6.6. How Secure Are RSA and Diffie-Hellman?
Section 6.7. Elliptic Curve Cryptography (ECC)
Section 6.8. Zero Knowledge Proof Systems
Section 6.9. Homework Problems
Chapter 7. Number Theory
Section 7.1. Introduction
Section 7.2. Modular Arithmetic
Section 7.3. Primes
Section 7.4. Euclid's Algorithm
Section 7.5. Chinese Remainder Theorem
Section 7.6. Zn*
Section 7.7. Euler's Totient Function
Section 7.8. Euler's Theorem
Section 7.9. Homework Problems
Chapter 8. Math with AES and Elliptic Curves
Section 8.1. Introduction
Section 8.2. Notation
Section 8.3. Groups
Section 8.4. Fields
Section 8.5. Mathematics of Rijndael
Section 8.6. Elliptic Curve Cryptography
Section 8.7. Homework
Part 2: Authentication
Chapter 9. Overview of Authentication Systems
Section 9.1. Password-Based Authentication
Section 9.2. Address-Based Authentication
Section 9.3. Cryptographic Authentication Protocols
Section 9.4. Who Is Being Authenticated?
Section 9.5. Passwords as Cryptographic Keys
Section 9.6. Eavesdropping and Server Database Reading
Section 9.7. Trusted Intermediaries
Section 9.8. Session Key Establishment
Section 9.9. Delegation
Section 9.10. Homework
Chapter 10. Authentication of People
Section 10.1. Passwords
Section 10.2. On-Line Password Guessing
Section 10.3. Off-Line Password Guessing
Section 10.4. How Big Should a Secret Be?
Section 10.5. Eavesdropping
Section 10.6. Passwords and Careless Users
Section 10.7. Initial Password Distribution
Section 10.8. Authentication Tokens
Section 10.9. Physical Access
Section 10.10. Biometrics
Section 10.11. Homework
Chapter 11. Security Handshake Pitfalls
Section 11.1. Login Only
Section 11.2. Mutual Authentication
Section 11.3. Integrity/Encryption for Data
Section 11.4. Mediated Authentication (with KDC)
Section 11.5. Nonce Types
Section 11.6. Picking Random Numbers
Section 11.7. Performance Considerations
Section 11.8. Authentication Protocol Checklist
Section 11.9. Homework
Chapter 12. Strong Password Protocols
Section 12.1. Introduction
Section 12.2. Lamport's Hash
Section 12.3. Strong Password Protocols
Section 12.4. Strong Password Credentials Download Protocols
Section 12.5. Homework
Part 3: Standards
Chapter 13. Kerberos V4
Section 13.1. Introduction
Section 13.2. Tickets and Ticket-Granting Tickets
Section 13.3. Configuration
Section 13.4. Logging Into the Network
Section 13.5. Replicated KDCs
Section 13.6. Realms
Section 13.7. Interrealm Authentication
Section 13.8. Key Version Numbers
Section 13.9. Encryption for Privacy and Integrity
Section 13.10. Encryption for Integrity Only
Section 13.11. Network Layer Addresses in Tickets
Section 13.12. Message Formats
Section 13.13. Homework
Chapter 14. Kerberos V5
Section 14.1. ASN.1
Section 14.2. Names
Section 14.3. Delegation of Rights
Section 14.4. Ticket Lifetimes
Section 14.5. Key Versions
Section 14.6. Making Master Keys in Different Realms Different
Section 14.7. Optimizations
Section 14.8. Cryptographic Algorithms
Section 14.9. Hierarchy of Realms
Section 14.10. Evading Password-Guessing Attacks
Section 14.11. Key Inside Authenticator
Section 14.12. Double TGT Authentication
Section 14.13. PKINITÂPublic Keys for Users
Section 14.14. KDC Database
Section 14.15. Kerberos V5 Messages
Section 14.16. Homework
Chapter 15. PKI (Public Key Infrastructure)
Section 15.1. Introduction
Section 15.2. Some Terminology
Section 15.3. PKI Trust Models
Section 15.4. Revocation
Section 15.5. Directories and PKI
Section 15.6. PKIX and X.509
Section 15.7. X.509 and PKIX Certificates
Section 15.8. Authorization Futures
Section 15.9. Homework
Chapter 16. Real-Time Communication Security
Section 16.1. What Layer?
Section 16.2. Session Key Establishment
Section 16.3. Perfect Forward Secrecy
Section 16.4. PFS-Foilage
Section 16.5. Denial-of-Service/Clogging Protection
Section 16.6. Endpoint Identifier Hiding
Section 16.7. Live Partner Reassurance
Section 16.8. Arranging for Parallel Computation
Section 16.9. Session Resumption
Section 16.10. Plausible Deniability
Section 16.11. Data Stream Protection
Section 16.12. Negotiating Crypto Parameters
Section 16.13. Easy Homework
Section 16.14. Homework
Chapter 17. IPsec: AH and ESP
Section 17.1. Overview of IPsec
Section 17.2. IP and IPv6
Section 17.3. AH (Authentication Header)
Section 17.4. ESP (Encapsulating Security Payload)
Section 17.5. So, Do We Need AH?
Section 17.6. Comparison of Encodings
Section 17.7. Easy Homework
Section 17.8. Homework
Chapter 18. IPsec: IKE
Section 18.1. Photuris
Section 18.2. SKIP
Section 18.3. History of IKE
Section 18.4. IKE Phases
Section 18.5. Phase 1 IKE
Section 18.6. Phase-2 IKE: Setting up IPsec SAs
Section 18.7. ISAKMP/IKE Encoding
Section 18.8. Homework
Chapter 19. SSL/TLS
Section 19.1. Introduction
Section 19.2. Using TCP
Section 19.3. Quick History
Section 19.4. SSL/TLS Basic Protocol
Section 19.5. Session Resumption
Section 19.6. Computing the Keys
Section 19.7. Client Authentication
Section 19.8. PKI as Deployed by SSL
Section 19.9. Version Numbers
Section 19.10. Negotiating Cipher Suites
Section 19.11. Negotiating Compression Method
Section 19.12. Attacks Fixed in v3
Section 19.13. Exportability
Section 19.14. Encoding
Section 19.15. Further Reading
Section 19.16. Easy Homework
Section 19.17. Homework
Part 4: Electronic Mail
Chapter 20. Electronic Mail Security
Section 20.1. Distribution Lists
Section 20.2. Store and Forward
Section 20.3. Security Services for Electronic Mail
Section 20.4. Establishing Keys
Section 20.5. Privacy
Section 20.6. Authentication of the Source
Section 20.7. Message Integrity
Section 20.8. Non-Repudiation
Section 20.9. Proof of Submission
Section 20.10. Proof of Delivery
Section 20.11. Message Flow Confidentiality
Section 20.12. Anonymity
Section 20.13. Containment
Section 20.14. Annoying Text Format Issues
Section 20.15. Names and Addresses
Section 20.16. Verifying When a Message was Really Sent
Section 20.17. Homework
Chapter 21. PEM & S/MIME
Section 21.1. Introduction
Section 21.2. Structure of a PEM Message
Section 21.3. Establishing Keys
Section 21.4. Some PEM History
Section 21.5. PEM Certificate Hierarchy
Section 21.6. Certificate Revocation Lists (CRLs)
Section 21.7. Reformatting Data to Get Through Mailers
Section 21.8. General Structure of a PEM Message
Section 21.9. Encryption
Section 21.10. Source Authentication and Integrity Protection
Section 21.11. Multiple Recipients
Section 21.12. Bracketing PEM Messages
Section 21.13. Forwarding and Enclosures
Section 21.14. Unprotected Information
Section 21.15. Message Formats
Section 21.16. DES-CBC as MIC Doesn't Work
Section 21.17. Differences in S/MIME
Section 21.18. S/MIME Certificate Hierarchy
Section 21.19. Homework
Chapter 22. PGP (Pretty Good Privacy)
Section 22.1. Introduction
Section 22.2. Overview
Section 22.3. Key Distribution
Section 22.4. Efficient Encoding
Section 22.5. Certificate and Key Revocation
Section 22.6. Signature Types
Section 22.7. Your Private Key
Section 22.8. Key Rings
Section 22.9. Anomalies
Section 22.10. Object Formats
Part 5: Leftovers
Chapter 23. Firewalls
Section 23.1. Packet Filters
Section 23.2. Application Level Gateway
Section 23.3. Encrypted Tunnels
Section 23.4. Comparisons
Section 23.5. Why Firewalls Don't Work
Section 23.6. Denial-of-Service Attacks
Section 23.7. Should Firewalls Go Away?
Chapter 24. More Security Systems
Section 24.1. NetWare V3
Section 24.2. NetWare V4
Section 24.3. KryptoKnight
Section 24.4. DASS/SPX
Section 24.5. Lotus Notes Security
Section 24.6. DCE Security
Section 24.7. Microsoft Windows Security
Section 24.8. Network Denial of Service
Section 24.9. Clipper
Section 24.10. Homework
Chapter 25. Web Issues
Section 25.1. Introduction
Section 25.2. URLs/URIs
Section 25.3. HTTP
Section 25.4. HTTP Digest Authentication
Section 25.5. Cookies
Section 25.6. Other Web Security Problems
Section 25.7. Homework
Chapter 26. Folklore
Section 26.1. Perfect Forward Secrecy
Section 26.2. Change Keys Periodically
Section 26.3. Multiplexing Flows over a Single SA
Section 26.4. Use Different Keys in the Two Directions
Section 26.5. Use Different Secret Keys for Encryption vs. Integrity Protection
Section 26.6. Use Different Keys for Different Purposes
Section 26.7. Use Different Keys for Signing vs. Encryption
Section 26.8. Have Both Sides Contribute to the Master Key
Section 26.9. Don't Let One Side Determine the Key
Section 26.10. Hash in a Constant When Hashing a Password
Section 26.11. HMAC Rather than Simple MD
Section 26.12. Key Expansion
Section 26.13. Randomly Chosen IVs
Section 26.14. Use of Nonces in Protocols
Section 26.15. Don't Let Encrypted Data Begin with a Constant
Section 26.16. Don't Let Encrypted Data Begin with a Predictable Value
Section 26.17. Compress Data Before Encrypting It
Section 26.18. Don't Do Encryption Only
Section 26.19. Avoiding Weak Keys
Section 26.20. Minimal vs. Redundant Designs
Section 26.21. Overestimate the Size of Key
Section 26.22. Hardware Random Number Generators
Section 26.23. Timing Attacks
Section 26.24. Put Checksums at the End of Data
Section 26.25. Forward Compatibility
Section 26.26. Negotiating Parameters
Section 26.27. Homework
Bibliography
Glossary
Index
网友评论
- 下载后打不开哦,为啥?
- 网络安全大热门,很不错的学习资料
- 只能看到目录。
- 感谢分享!!!!
- 謝謝分享,終於找到了。很清晰,很赞啊~推荐~~ .
- 可以可以,谢谢楼主,书很好用
- 很好的资源,谢谢!
- 不错的资源,就是字有点小,看不太清
- 非常经典的教材,一定坚持看完
- 非常经典的教材
- 清晰度很高,看起来也方便
- 非常经典的教材!!
- 经典的一本书
- 经典的网络安全教材
- 教材是经典,不过挺多内容还是跟不上时代了。
- 本人外行,看了才知道是10年前的书了
- chm格式,使用起来比pdf方便,排版就没有那么好了,内容非常经典~ 值得一读
- 非常经典的网络安全教材,chm格式的在电脑上看起来比PDF要方便
- 这个数讲的比较简单
- 是chm格式的 书讲的非常好 需要的就是这个
- 好书啊,要是有中文版的就好了。
- 感谢分享,很好用,给力,终于可以找到我的问题的答案了,谢谢
- 是chm格式的 书讲的非常好 可以放大字体看
- 格式是CHM的,有点可惜,但书是很好的书,网络安全老师的参考书目中最推荐的一本!
- 读者chm格式的书有点不太爽,如果是pdf就好了……