《密碼學與網路安全(中文導讀英文版)》是2009年清華大學出版社出版的圖書。
基本介紹
- 書名:密碼學與網路安全(中文導讀英文版)
- ISBN:9787302197270
- 定價:59.9元
- 出版社:清華大學出版社
- 出版時間:2009-3-19
- 裝幀:平裝
內容簡介,圖書目錄,
內容簡介
本書作者Behrou A. Forouzan 運用一種易於理解的寫作風格和直觀的表述方法,為全面介紹了中間的章節中,這樣既為後面章節的學習打下必要不是的數學基礎,又緊密碼學,使枯燥的數學概念變得妙趣橫生.本書以網際網路為框架,詳細地介紹了密碼學、數據通信和網路領域的基礎知識、基本概念、基本原理和實踐方法,包含大量實踐性強的程式,涵蓋最新的網路安全技術,堪稱密碼與網路安全方面的經典著作。
圖書目錄
第1章導言(Introduction).........................................................................................1
1.1安全目標(SECURITYGOALS).............................................................................................2
1.1.1機密性(Confidentiality)...............................................................................................2
1.1.2完整性(Integrity).........................................................................................................3
1.1.3可用性(Availability)....................................................................................................3
1.2攻擊(ATTACKS).....................................................................................................................3
1.2.1威脅機密性的攻擊(AttacksThreateningConfidentiality).........................................3
1.2.2威脅完整性的攻擊(AttacksThreateningIntegrity)....................................................4
1.2.3威脅可用性的攻擊(AttacksThreateningAvailability)...............................................5
1.2.4被動攻擊與主動攻擊(PassiveVersusActiveAttacks)...............................................5
1.3服務和機制(SERVICESANDMECHANISM).....................................................................6
1.3.1安全服務(SecurityServices).......................................................................................6
1.3.2安全機制(SecurityMechanisms)................................................................................7
1.3.3服務和機制之間的關係(RelationbetweenServicesandMechanisms)....................8
1.4技術(TECHNIQUES)..............................................................................................................9
1.4.1密碼術(Cryptography).................................................................................................9
1.4.2密寫術(Steganography).............................................................................................10
1.5本書的其餘部分(THERESTOFTHEBOOK)...................................................................12
1.6推薦閱讀(RECOMMENDEDREADING)...........................................................................12
1.7關鍵術語(KEYTERMS).......................................................................................................13
1.8概要(SUMMARY).................................................................................................................13
1.9習題集(PRACTICESET)......................................................................................................14
目錄(Contents目錄(Contents)
第I部分對稱密鑰加密(Symmetric-KeyEncipherment)
第2章密碼數學I:模算法、同餘和矩陣(MathematicsofCryptographyI:
ModularArithmetic,Congruence,andMatrices).......................................19
2.1整數算法(INTEGERARITHMETIC)..................................................................................20
2.1.1整數集(SetofIntegers).............................................................................................20
2.1.2二進制運算(BinaryOperations)...............................................................................20
2.1.3整數除法(IntegerDivision).......................................................................................21
2.1.4整除性(Divisibility)...................................................................................................22
2.1.5線性丟番圖方程(LinearDiophantineEquations).....................................................28
2.2模運算(MODULARARITHMETIC)...................................................................................29
2.2.1模算符(ModuloOperator).........................................................................................29
2.2.2餘集:Zn(SetofResidues:Zn)...................................................................................30
2.2.3同餘(Congruence).....................................................................................................30
2.2.4在集合Zn當中的運算(OperationsinZn)...................................................................32
2.2.5逆(Inverses)...............................................................................................................35
2.2.6加法表和乘法表(AdditionandMultiplicationTables).............................................39
2.2.7加法集和乘法集的不同(DifferentSetsforAdditionandMultiplication)...............39
2.2.8另外兩個集合(TwoMoreSets)................................................................................40
2.3矩陣(MATRICES).................................................................................................................40
2.3.1定義(Definitions).......................................................................................................40
2.3.2運算和關係(OperationsandRelations)....................................................................41
2.3.3行列式(Determinant).................................................................................................43
2.3.4逆(Inverses)...............................................................................................................44
2.3.5剩餘陣(ResidueMatrices).........................................................................................44
2.4線性同餘(LINEARCONGRUENCE)..................................................................................45
2.4.1單變數線性方程(Single-VariableLinearEquations)...............................................45
2.4.2線性方程組(SetofLinearEquations).......................................................................46
2.5推薦閱讀(RECOMMENDEDREADING)...........................................................................47
2.6關鍵術語(KEYTERMS).......................................................................................................47
2.7概要(SUMMARY).................................................................................................................48
2.8習題集(PRACTICESET)......................................................................................................49
第3章傳統對稱密鑰密碼(TraditionalSymmetric-KeyCiphers).............................55
3.1導言(INTRODUCTION).......................................................................................................56
3.1.1Kerckhoff原理(Kerckhoff'sPrinciple)......................................................................57
密碼學與網路安全VI(中文導讀英文版)
3.1.2密碼分析(Cryptanalysis)...........................................................................................57
3.1.3傳統密碼的分類(CategoriesofTraditionalCiphers)...............................................60
3.2代換密碼(SUBSTITUTIONCIPHERS)...............................................................................61
3.2.1單碼代換密碼(MonoalphabeticCiphers).................................................................61
3.2.2多碼代換密碼(PolyalphabeticCiphers)....................................................................69
3.3換位密碼(TRANSPOSITIONCIPHERS)............................................................................80
3.3.1無密鑰換位密碼(KeylessTranspositionCiphers)....................................................81
3.3.2有密鑰的換位密碼(KeyedTranspositionCiphers)..................................................82
3.3.3把兩種方法組合起來(CombiningTwoApproaches)...............................................83
3.4流密碼和分組密碼(STREAMANDBLOCKCIPHERS)....................................................87
3.4.1流密碼(StreamCiphers)............................................................................................87
3.4.2分組密碼(BlockCiphers)..........................................................................................89
3.4.3組合(Combination)....................................................................................................89
3.5推薦閱讀(RECOMMENDEDREADING)...........................................................................90
3.6關鍵術語(KEYTERMS).......................................................................................................90
3.7概要(SUMMARY).................................................................................................................91
3.8習題集(PRACTICESET)......................................................................................................92
第4章密碼數學II:代數結構(MathematicsofCryptographyII:
AlgebraicStructures).................................................................................97
4.1代數結構(ALGEBRAICSTRUCTURES)............................................................................98
4.1.1群(Groups).................................................................................................................98
4.1.2環(Ring)...................................................................................................................104
4.1.3域(Field)...................................................................................................................105
4.1.4小結(Summary).......................................................................................................107
4.2GF(2n)域(GF(2n)FIELDS)...................................................................................................107
4.2.1多項式(Polynomials)...............................................................................................108
4.2.2運用一個生成器(UsingaGenerator).....................................................................114
4.2.3小結(Summary).......................................................................................................117
4.3推薦閱讀(RECOMMENDEDREADING).........................................................................117
4.4關鍵術語(KEYTERMS).....................................................................................................118
4.5概要(SUMMARY)...............................................................................................................118
4.6習題集(PRACTICESET)....................................................................................................119
目錄(Contents)VII
第5章現代對稱密鑰密碼(IntroductiontoModernSymmetric-KeyCiphers).......123
5.1現代分組密碼(MODERNBLOCKCIPHERS)..................................................................124
5.1.1代換與換位(SubstitutionorTransposition)............................................................125
5.1.2作為置換群的分組密碼(BlockCiphersasPermutationGroups)..........................125
5.1.3現代分組密碼的成分(ComponentsofaModernBlockCipher)...........................128
5.1.4換字盒(S-Boxes).....................................................................................................132
5.1.5乘積密碼(ProductCiphers).....................................................................................136
5.1.6兩類乘積密碼(TwoClassesofProductCiphers)...................................................139
5.1.7關於分組密碼的攻擊(AttacksonBlockCiphers)..................................................143
5.2現代流密碼(MODERNSTREAMCIPHERS)...................................................................148
5.2.1同步流密碼(SynchronousStreamCiphers)............................................................149
5.2.2異步流密碼(NonsynchronousStreamCiphers)......................................................154
5.3推薦閱讀(RECOMMENDEDREADING).........................................................................154
5.4關鍵術語(KEYTERMS).....................................................................................................154
5.5概要(SUMMARY)...............................................................................................................155
5.6習題集(PRACTICESET)....................................................................................................156
第6章數據加密標準(DataEncryptionStandard(DES)).....................................159
6.1導言(INTRODUCTION).....................................................................................................159
6.1.1數據加密標準(DES)簡史(History).........................................................................159
6.1.2概觀(Overview).......................................................................................................160
6.2DES的結構(DESSTRUCTURE)........................................................................................160
6.2.1初始置換和最終置換(InitialandFinalPermutations)...........................................160
6.2.2輪(Rounds)...............................................................................................................163
6.2.3密碼和反向密碼(CipherandReverseCipher).......................................................167
6.2.4示例(Examples).......................................................................................................173
6.3DES分析(DESANALYSIS)................................................................................................175
6.3.1性質(Properties).......................................................................................................175
6.3.2設計標準(DesignCriteria)......................................................................................176
6.3.3DES的缺陷(DESWeaknesses)...............................................................................177
6.4多重DES(MULTIPLEDES)..............................................................................................181
6.4.1雙重DES(DoubleDES)...........................................................................................182
6.4.2三重DES(TripleDES).............................................................................................184
6.5DES的安全性(SECURITYOFDES).................................................................................185
6.5.1蠻力攻擊(Brute-ForceAttack)................................................................................185
密碼學與網路安全VIII(中文導讀英文版)
6.5.2差分密碼分析(DifferentialCryptanalysis).............................................................185
6.5.3線性密碼分析(LinearCryptanalysis).....................................................................186
6.6推薦閱讀(RECOMMENDEDREADING).........................................................................186
6.7關鍵術語(KEYTERMS).....................................................................................................186
6.8概要(SUMMARY)...............................................................................................................187
6.9習題集(PRACTICESET)....................................................................................................188
第7章高級加密標準(AdvancedEncryptionStandard(AES)).............................191
7.1導言(INTRODUCTION).....................................................................................................191
7.1.1高級加密標準(AES)簡史(History).........................................................................191
7.1.2標準(Criteria)...........................................................................................................192
7.1.3輪(Rounds)...............................................................................................................192
7.1.4數據單位(DataUnits)..............................................................................................193
7.1.5每一個輪的結構(StructureofEachRound)...........................................................195
7.2轉換(TRANSFORMATIONS)............................................................................................196
7.2.1代換(Substitution)...................................................................................................196
7.2.2置換(Permutation)...................................................................................................202
7.2.3混合(Mixing)...........................................................................................................203
7.2.4密鑰加(KeyAdding)...............................................................................................206
7.3密鑰擴展(KEYEXPANSION)............................................................................................207
7.3.1在AES-128中的密鑰擴展(KeyExpansioninAES-128)........................................208
7.3.2AES-192和AES-256中的密鑰擴展
(KeyExpansioninAES-192andAES-256)............................................................212
7.3.3密鑰擴展分析(Key-ExpansionAnalysis)...............................................................212
7.4密碼(CIPHERS)...................................................................................................................213
7.4.1源設計(OriginalDesign).........................................................................................213
7.4.2選擇性設計(AlternativeDesign)............................................................................214
7.5示例(EXAMPLES)..............................................................................................................216
7.6AES的分析(ANALYSISOFAES)......................................................................................219
7.6.1安全性(Security).....................................................................................................219
7.6.2可執行性(Implementation).....................................................................................219
7.6.3複雜性和費用(SimplicityandCost).......................................................................220
7.7推薦閱讀(RECOMMENDEDREADING).........................................................................220
7.8關鍵術語(KEYTERMS).....................................................................................................220
7.9概要(SUMMARY)...............................................................................................................221
目錄(Contents)IX
7.10習題集(PRACTICESET)..................................................................................................222
第8章套用現代對稱密鑰密碼的加密(EnciphermentUsingModern
Symmetric-KeyCiphers)...........................................................................225
8.1現代分組密碼的套用(USEOFMODERNBLOCKCIPHERS).......................................225
8.1.1電子密碼本模式(ElectronicCodebook(ECB)Mode)...........................................226
8.1.2密碼分組連結(CBC)模式(CipherBlockChaining(CBC)Mode).........................228
8.1.3密碼反饋(CFB)模式(CipherFeedback(CFB)Mode)............................................231
8.1.4輸出反饋(OFB)模式(OutputFeedback(OFB)Mode)...........................................234
8.1.5計數器(CTR)模式(Counter(CTR)Mode)..............................................................236
8.2流密碼的套用(USEOFSTREAMCIPHERS)...................................................................238
8.1.1RC4..........................................................................................................................238
8.2.2A5/1..........................................................................................................................242
8.3其他問題(OTHERISSUES)...............................................................................................244
8.3.1密鑰管理(KeyManagement)..................................................................................244
8.3.2密鑰生成(KeyGeneration).....................................................................................244
8.4推薦閱讀(RECOMMENDEDREADING).........................................................................245
8.5關鍵術語(KEYTERMS).....................................................................................................245
8.6概要(SUMMARY)...............................................................................................................246
8.7習題集(PRACTICESET)....................................................................................................246
第Ⅱ部分非對稱密鑰加密(Asymmetric-KeyEncipherment)
第9章密碼數學III:素數及其相關的同餘方程(MathematicsofCryptographyIII:
PrimesandRelatedCongruenceEquations)...........................................251
9.1素數(PRIMES).....................................................................................................................251
9.1.1定義(Definition)......................................................................................................251
9.1.2素數的基數(CardinalityofPrimes)........................................................................252
9.1.3素性檢驗(CheckingforPrimeness)........................................................................253
9.1.4EulerPhi-函式(Euler’sPhi-Function).....................................................................254
9.1.5Fermat(費爾馬)小定理(Fermat’sLittleTheorem)..................................................256
9.1.6Euler定理(Euler’sTheorem)...................................................................................257
9.1.7生成素數(GeneratingPrimes).................................................................................258
9.2素性測試(PRIMALITYTESTING)....................................................................................260
9.2.1確定性算法(DeterministicAlgorithms)..................................................................260
9.2.2機率算法(ProbabilisticAlgorithms)........................................................................261
密碼學與網路安全X(中文導讀英文版)
9.2.3推薦的素性檢驗(RecommendedPrimalityTest)...................................................266
9.3因數分解(FACTORIZATION)............................................................................................267
9.3.1算術基本定理(FundamentalTheoremofArithmetic)............................................267
9.3.2因數分解方法(FactorizationMethods)...................................................................268
9.3.3Fermat方法(FermatMethod)...................................................................................269
9.3.4Pollardp–1方法(Pollardp–1Method).................................................................270
9.3.5Pollardrho方法(PollardrhoMethod)......................................................................271
9.3.6更有效的方法(MoreEfficientMethods)................................................................272
9.4中國剩餘定理(CHINESEREMAINDERTHEOREM).....................................................274
9.5二次同餘(QUADRATICCONGRUENCE)........................................................................276
9.5.1二次同餘模一個素數(QuadraticCongruenceModuloaPrime)............................276
9.5.2二次同餘模一個複合數(QuadraticCongruenceModuloaComposite)................277
9.6指數與對數(EXPONENTIATIONANDLOGARITHM)..................................................278
9.6.1指數(Exponentiation)..............................................................................................279
9.6.2對數(Logarithm)......................................................................................................281
9.7推薦閱讀(RECOMMENDEDREADING).........................................................................286
9.8關鍵術語(KEYTERMS).....................................................................................................286
9.9概要(SUMMARY)...............................................................................................................287
9.10習題集(PRACTICESET)..................................................................................................288
第10章非對稱密鑰密碼學(Asymmetric-KeyCryptography)...............................293
10.1導言(INTRODUCTION)...................................................................................................293
10.1.1密鑰(Keys)...........................................................................................................294
10.1.2一般概念(GeneralIdea)......................................................................................294
10.1.3雙方的需要(NeedforBoth)................................................................................296
10.1.4單向暗門函式(TrapdoorOne-WayFunction).....................................................296
10.1.5背包密碼系統(KnapsackCryptosystem)............................................................298
10.2RSA密碼系統(RSACRYPTOSYSTEM).........................................................................301
10.2.1簡介(Introduction)...............................................................................................301
10.2.2過程(Procedure)...................................................................................................301
10.2.3一些普通的例子(SomeTrivialExamples).........................................................304
10.2.4針對RSA的攻擊(AttacksonRSA).....................................................................305
10.2.5建議(Recommendations).....................................................................................310
10.2.6最優非對稱加密填充
(OptimalAsymmetricEncryptionPadding(OAEP))..........................................311
目錄(Contents)XI
10.2.7套用(Applications)..............................................................................................314
10.3RABIN密碼系統(RABINCRYPTOSYSTEM)................................................................314
10.3.1過程(Procedure)...................................................................................................315
10.3.2Rabin系統的安全性(SecurityoftheRabinSystem)..........................................317
10.4ELGAMAL密碼系統(ELGAMALCRYPTOSYSTEM)..................................................317
10.4.1ElGamal密碼系統(ElGamalCryptosystem).......................................................317
10.4.2過程(Procedure)...................................................................................................317
10.4.3證明(Proof)..........................................................................................................319
10.4.4分析(Analysis).....................................................................................................319
10.4.5ElGamal的安全性(SecurityofElGamal)............................................................320
10.4.6套用(Application)................................................................................................321
10.5橢圓曲線密碼系統(ELLIPTICCURVECRYPTOSYSTEMS).......................................321
10.5.1基於實數的橢圓曲線(EllipticCurvesoverRealNumbers)...............................321
10.5.2基於GF(p)的橢圓曲線(EllipticCurvesoverGF(p))........................................324
10.5.3基於GF(2n)的橢圓曲線(EllipticCurvesoverGF(2n))........................................326
10.5.4模擬ElGamal的橢圓曲線加密系統
(EllipticCurveCryptographySimulatingElGamal)...........................................328
10.6推薦閱讀(RECOMMENDEDREADING).......................................................................330
10.7關鍵術語(KEYTERMS)...................................................................................................331
10.8概要(SUMMARY).............................................................................................................331
10.9習題集(PRACTICESET)..................................................................................................333
第Ⅲ部分完整性、驗證和密鑰管理
(Integrity,Authentication,andKeyManagement)
第11章信息的完整性和信息驗證
(MessageIntegrityandMessageAuthentication)...................................339
11.1信息完整性(MESSAGEINTEGRITY)............................................................................339
11.1.1文檔與指紋(DocumentandFingerprint)............................................................340
11.1.2信息與信息摘要(MessageandMessageDigest)................................................340
11.1.3區別(Difference)..................................................................................................340
11.1.4檢驗完整性(CheckingIntegrity).........................................................................340
11.1.5加密hash函式標準(CryptographicHashFunctionCriteria)...............................340
11.2隨機預言模型(RANDOMORACLEMODEL)...............................................................343
11.2.1鴿洞原理(PigeonholePrinciple).........................................................................345
密碼學與網路安全XII(中文導讀英文版)
11.2.2生日問題(BirthdayProblems).............................................................................345
11.2.3針對隨機預言模型的攻擊(AttacksonRandomOracleModel)........................347
11.2.4針對結構的攻擊(AttacksontheStructure)........................................................351
11.3信息驗證(MESSAGEAUTHENTICATION)................................................................352
11.3.1修改檢測碼(ModificationDetectionCode)........................................................352
11.3.2信息驗證代碼(MessageAuthenticationCode(MAC))......................................353
11.4推薦閱讀(RECOMMENDEDREADING)....................................................................357
11.5關鍵術語(KEYTERMS)................................................................................................357
11.6概要(SUMMARY)..........................................................................................................358
11.7習題集(PRACTICESET)...............................................................................................359
第12章加密hash函式(CryptographicHashFunctions)......................................363
12.1導言(INTRODUCTION)...................................................................................................363
12.1.1疊代hash函式(IteratedHashFunction)...............................................................363
12.1.2兩組壓縮函式(TwoGroupsofCompressionFunctions)....................................364
12.2SHA-512............................................................................................................................367
12.2.1簡介(Introduction)...............................................................................................367
12.2.2壓縮函式(CompressionFunction)......................................................................372
12.2.3分析(Analysis).....................................................................................................375
12.3WHIRLPOOL....................................................................................................................376
12.3.1Whirlpool密碼(WhirlpoolCipher)......................................................................377
12.3.2小結(Summary)...................................................................................................384
12.3.3分析(Analysis).....................................................................................................384
12.4推薦閱讀(RECOMMENDEDREADING).......................................................................384
12.5關鍵術語(KEYTERMS)...................................................................................................385
12.6概要(SUMMARY).............................................................................................................385
12.7習題集(PRACTICESET)..................................................................................................386
第13章數字簽名(DigitalSignature)....................................................................389
13.1對比(COMPARISON).......................................................................................................390
13.1.1包含性(Inclusion)................................................................................................390
13.1.2驗證方法(VerificationMethod)..........................................................................390
13.1.3關係(Relationship)...............................................................................................390
13.1.4二重性(Duplicity)................................................................................................390
13.2過程(PROCESS)................................................................................................................390
13.2.1密鑰需求(NeedforKeys)...................................................................................391
目錄(Contents)XIII
13.2.2摘要簽名(SigningtheDigest).............................................................................392
13.3服務(SERVICES)..............................................................................................................393
13.3.1信息身份驗證(MessageAuthentication)............................................................393
13.3.2信息完整性(MessageIntegrity)..........................................................................393
13.3.3不可否認性(Nonrepudiation)..............................................................................393
13.3.4機密性(Confidentiality).......................................................................................394
13.4針對數字簽名的攻擊(ATTACKSONDIGITALSIGNATURE).....................................395
13.4.1攻擊類型(AttackTypes)......................................................................................395
13.4.2偽造類型(ForgeryTypes)....................................................................................395
13.5數字簽名方案(DIGITALSIGNATURESCHEMES).......................................................396
13.5.1RSA數字簽名方案(RSADigitalSignatureScheme).........................................396
13.5.2ElGamal數字簽名方案(ElGamalDigitalSignatureScheme)............................400
13.5.3Schnorr數字簽名方案(SchnorrDigitalSignatureScheme)...............................403
13.5.4數字簽名標準(DigitalSignatureStandard(DSS)).............................................405
13.5.5橢圓曲線數字簽名方案(EllipticCurveDigitalSignatureScheme)..................407
13.6變化與套用(VARIATIONSANDAPPLICATIONS).......................................................409
13.6.1變化(Variations)...................................................................................................409
13.6.2套用(Applications)..............................................................................................411
13.7推薦閱讀(RECOMMENDEDREADING).......................................................................411
13.8關鍵術語(KEYTERMS)...................................................................................................412
13.9概要(SUMMARY).............................................................................................................412
13.10習題集(PRACTICESET)................................................................................................413
第14章實體驗證(EntityAuthentication)..............................................................415
14.1導言(INTRODUCTION)...................................................................................................415
14.1.1數據源驗證與實體驗證(Data-OriginVersusEntityAuthentication)................415
14.1.2驗證的類型(VerificationCategories)..................................................................416
14.1.3實體驗證和密鑰管理(EntityAuthenticationandKeyManagement)................416
14.2口令(PASSWORDS).........................................................................................................416
14.2.1固定口令(FixedPassword).................................................................................416
14.2.2一次性密碼(One-TimePassword)......................................................................419
14.3挑戰—應答(CHALLENGE-RESPONSE)........................................................................421
14.3.1對稱密鑰密碼的運用(UsingaSymmetric-KeyCipher)....................................421
14.3.2帶密鑰hash函式的套用(UsingKeyed-HashFunctions)....................................423
14.3.3非對稱密鑰密碼的套用(UsinganAsymmetric-KeyCipher)............................424
密碼學與網路安全XIV(中文導讀英文版)
14.3.4數字簽名的套用(UsingDigitalSignature).........................................................425
14.4零知識(ZERO-KNOWLEDGE)........................................................................................426
14.4.1Fiat-Shamir協定(Fiat-ShamirProtocol)..............................................................427
14.4.2Feige-Fiat-Shamir協定(Feige-Fiat-ShamirProtocol)..........................................429
14.4.3Guillou-Quisquater協定(Guillou-QuisquaterProtocol)......................................429
14.5生物測試(BIOMETRICS).................................................................................................430
14.5.1設備(Components)...............................................................................................431
14.5.2註冊(Enrollment).................................................................................................431
14.5.3驗證(Authentication)...........................................................................................431
14.5.4技術(Techniques).................................................................................................432
14.5.5準確性(Accuracy)...............................................................................................433
14.5.6套用(Applications)..............................................................................................434
14.6推薦閱讀(RECOMMENDEDREADING).......................................................................434
14.7關鍵術語(KEYTERMS)...................................................................................................434
14.8概要(SUMMARY).............................................................................................................435
14.9習題集(PRACTICESET)..................................................................................................435
第15章密鑰管理(KeyManagement)..................................................................437
15.1對稱密鑰分配(SYMMETRIC-KEYDISTRIBUTION)...................................................438
15.1.1密鑰分配中心(Key-DistributionCenter,KDC).................................................438
15.1.2會話密鑰(SessionKeys).....................................................................................439
15.2KERBEROS.......................................................................................................................443
15.2.1伺服器(Servers)...................................................................................................444
15.2.2操作(Operation)...................................................................................................445
15.2.3不同伺服器的運用(UsingDifferentServers).....................................................445
15.2.4Kerberos第五版(KerberosVersion5).................................................................447
15.2.5領域(Realms).......................................................................................................447
15.3對稱密鑰協定(SYMMETRIC-KEYAGREEMENT)......................................................447
15.3.1Diffie-Hellman密鑰協定(Diffie-HellmanKeyAgreement)...............................447
15.3.2站對站密鑰協定(Station-to-StationKeyAgreement)........................................451
15.4公鑰分配(PUBLIC-KEYDISTRIBUTION)....................................................................453
15.4.1公鑰公布(PublicAnnouncement).......................................................................453
15.4.2可信中心(TrustedCenter)...................................................................................453
15.4.3可信中心的控制(ControlledTrustedCenter).....................................................454
15.4.4認證機關(CertificationAuthority)......................................................................454
目錄(Contents)XV
15.4.5X.509....................................................................................................................456
15.4.6公鑰基礎設施(Public-KeyInfrastructures,PKI)................................................458
15.5推薦閱讀(RECOMMENDEDREADING).......................................................................461
15.6關鍵術語(KEYTERMSANDCONCEPTS)....................................................................462
15.7概要(SUMMARY).............................................................................................................462
15.8習題集(PRACTICESET)..................................................................................................463
第Ⅳ部分網路安全(NetworkSecurity)
第16章套用層的安全性:PGP和S/MIME
(SecurityattheApplicationLayer:PGPandS/MIME)...........................467
16.1電子郵件(E-MAIL)...........................................................................................................467
16.1.1電子郵件的構造(E-mailArchitecture)...............................................................467
16.1.2電子郵件的安全性(E-mailSecurity)..................................................................469
16.2PGP...................................................................................................................................470
16.2.1情景(Scenarios)...................................................................................................470
16.2.2密鑰環(KeyRings)..............................................................................................472
16.2.3PGP證書(PGPCertificates).................................................................................475
16.2.4密鑰撤回(KeyRevocation).................................................................................482
16.2.5從環中提取訊息(ExtractingInformationfromRings).......................................482
16.2.6PGP包(PGPPackets)...........................................................................................484
16.2.7PGP信息(PGPMessages)....................................................................................490
16.2.8PGP的套用(ApplicationsofPGP)......................................................................492
16.3S/MIME.............................................................................................................................492
16.3.1MIME...................................................................................................................492
16.3.2S/MIME...............................................................................................................498
16.3.3S/MIME的套用(ApplicationsofS/MIME).........................................................502
16.4推薦閱讀(RECOMMENDEDREADING).......................................................................502
16.5關鍵術語(KEYTERMS)...................................................................................................502
16.6概要(SUMMARY).............................................................................................................503
16.7習題集(EXERCISES)........................................................................................................504
第17章傳輸層的安全性:SSL和TLS
(SecurityattheTransportLayer:SSLandTLS).....................................507
17.1SSL結構(SSLARCHITECTURE)....................................................................................508
17.1.1服務(Services).....................................................................................................508
密碼學與網路安全XVI(中文導讀英文版)
17.1.2密鑰交換算法(KeyExchangeAlgorithms)........................................................509
17.1.3加密/解密算法(Encryption/DecryptionAlgorithms)..........................................511
17.1.4散列算法(HashAlgorithms)................................................................................512
17.1.5密碼套件(CipherSuite).......................................................................................512
17.1.6壓縮算法(CompressionAlgorithms)...................................................................513
17.1.7加密參數的生成(CryptographicParameterGeneration)....................................513
17.1.8會話和連線(SessionsandConnections).............................................................515
17.24個協定(FOURPROTOCOLS)........................................................................................517
17.2.1握手協定(HandshakeProtocol)..........................................................................518
17.2.2改變密碼規格協定(ChangeCipherSpecProtocol).............................................525
17.2.3告警協定(AlertProtocol)....................................................................................526
17.2.4記錄協定(RecordProtocol).................................................................................526
17.3SSL信息構成(SSLMESSAGEFORMATS)....................................................................529
17.3.1改變密碼規格協定(ChangeCipherSpecProtocol).............................................530
17.3.2告警協定(AlertProtocol)....................................................................................530
17.3.3握手協定(HandshakeProtocol)..........................................................................530
17.3.4套用數據(ApplicationData)...............................................................................537
17.4傳輸層安全(TRANSPORTLAYERSECURITY)...........................................................538
17.4.1版本(Version).......................................................................................................539
17.4.2密碼套件(CipherSuite).......................................................................................539
17.4.3加密秘密的生成(GenerationofCryptographicSecrets)....................................539
17.4.4告警協定(AlertProtocol)....................................................................................542
17.4.5握手協定(HandshakeProtocol)..........................................................................543
17.4.6記錄協定(RecordProtocol).................................................................................543
17.5推薦閱讀(RECOMMENDEDREADING).......................................................................545
17.6關鍵術語(KEYTERMS)...................................................................................................545
17.7概要(SUMMARY).............................................................................................................546
17.8習題集(PRACTICESET)..................................................................................................546
第18章網路層的安全性:IPSec(SecurityattheNetworkLayer:IPSec)............549
18.1兩種模式(TWOMODES).................................................................................................550
18.2兩個安全協定(TWOSECURITYPROTOCOLS)...........................................................552
18.2.1驗證檔案頭(AuthenticationHeader,AH)...........................................................552
18.2.2封裝安全載荷(EncapsulatingSecurityPayload,ESP).......................................554
18.2.3IPv4和IPv6(IPv4andIPv6).................................................................................555
目錄(Contents)XVII
18.2.4AH和ESP(AHversusESP).................................................................................555
18.2.5IPSec提供的服務(ServicesProvidedbyIPSec).................................................555
18.3安全關聯(SECURITYASSOCIATION)...........................................................................557
18.3.1安全關聯的概念(IdeaofSecurityAssociation)..................................................557
18.3.2安全關聯資料庫(SecurityAssociationDatabase,SAD)....................................558
18.4安全策略(SECURITYPOLICY)......................................................................................560
18.5網際網路密鑰交換(INTERNETKEYEXCHANGE,IKE).................................................563
18.5.1改進的Diffie-Hellman密鑰交換
(ImprovedDiffie-HellmanKeyExchange).........................................................563
18.5.2IKE階段(IKEPhases)..........................................................................................566
18.5.3階段和模式(PhasesandModes).........................................................................566
18.5.4階段I:主模式(PhaseI:MainMode).................................................................567
18.5.5階段I:野蠻模式(PhaseI:AggressiveMode)....................................................573
18.5.6階段II:快速模式(PhaseII:QuickMode).........................................................575
18.5.7SA算法(SAAlgorithms)......................................................................................577
18.6ISAKMP............................................................................................................................578
18.6.1一般檔案頭(GeneralHeader)..............................................................................578
18.6.2有效載荷(Payloads)............................................................................................578
18.7推薦閱讀(RECOMMENDEDREADING).......................................................................588
18.8關鍵術語(KEYTERMS)...................................................................................................588
18.9概要(SUMMARY).............................................................................................................589
18.10習題集(PRACTICESET)................................................................................................590
