3. About This Book
This book provides a basic introduction to cryptographic and hashing techniques that are used to
secure data all around us – in organizations and in society. It looks at the concepts and principles of
cryptography.
The book focuses on internet security, which consists of measures to deter, prevent, detect, and correct
security violations that involve the transmission of information across networks.
It look at some of the historical aspects of cryptography and use of cryptography such as providing
confidentiality, integrity, authentication and accountability.
The book also provides at an overview of the main classes of cryptography such as symmetric and
asymmetric cryptography along with some of the commonly used algorithms.
The book reviews hashing, message digests, passwords and even looks at an SSL transaction to
demonstrate why the web is insecure.
For comments, discussions, hints on questions and more information about network security visit the
book web page at: http://msafirinet.net/the-purple-book/
Target Audience
The primary target readers, users and beneficiary of this book are beginners in the field of networks and
communications security who are in their first year of study at university or attending a commercial
college in any number of study area that uses or benefits from the existence of computer networks and
communications across them and the internet.
The secondary target audience of this book is the general audience with an interest in understanding the
foundations of network security and the building blocks of blockchain technology, and more
importantly who are imbued with the greatest force on the universe- curiosity and the desire to learn
more of the why of things.
A general understanding of IT concepts and basic mathematics is assumed.
Labs And Review Questions
These are hands on opportunities for mastering and appreciating more of what we shall be learning,
each lab has a clear set of objectives, where to find any resources you need for the challenge and how
long it should take you to crack the challenge.
The review questions give the reader a chance to try and recall what has already been covered.
|Page 3 of 33
4. About The Author
The author is a physicist by training, a teletraffic engineer by profession and a trader by occupation – to
be a trader you must be, by necessity, committed to life long learning – for each trade is never exactly
the same as the previous trade.
Dedications
This book is dedicated to my grandfathers.
Makau Yumbya Kamula – my paternal grandfather, died in 1981 at Aga Khan hospital Nairobi, he
was a long distance trader, ferrying his tobacco from Ukambani through Ngong and across Kikuyu land
to Meru and back. He went to school up to the old standard four so that he could read the AIC(African
Inland Church) bible and the golden bells for himself. He taught me of the dangers of coffee to the
chest (heart palpitations etcetera), he once narrated to me how he and his employer landed into a
geological fault line that had cut across the road along the Kenyan Rift Valley on their way to Nakuru
and had to be pulled out by ropes and thus to be always aware that the Rift Valley is alive and
constantly undergoing construction, he also numerously talked about the mugging techniques employed
across the Dagoreti area in the ‘30’s, 40’s and 50’s by the residents of the region to unwary travellers
and then he taught me the most important lesson of all – “to always be a friend of your God – however
and whomever you may conceive him to be”.
Joel Ngove Kathendu – my maternal grandfather, he died in a car accident along Mombasa road,
swept off the Athi river bridge, he and his driver, in 1969. He was the ultimate trader, in any sense of
the word, by 1950 he had his own bus, lorry, a personal car – a zephyr at that, a ranch with a road
around it cut using a bulldozer, and had built a house with two water tanks – all that by 1950. He
funded his own partners by providing upfront their equity contribution, which was to be recovered back
as personal loans from the accruing profits of the business at hand. He did this time and time again,
primarily because he loved people and wished them well and prosperity. And so he did and funded
ventures like Roof Garden Hotels – Nairobi Jerusalem, International Bar & Restaurant – Nairobi
Maringo , Athusi Holdings – Nairobi CBD, Riverhouse Holdings – Nairobi CBD, etcetera. While he
never went to school, he loved knowledge, education, book reading and knowing above all else.
|Page 4 of 33
5. |Page 5 of 33
ESSENTIALS OF
CRYPTOGRAPHY IN
NETWORK SECURITY
Introduction To The Building Blocks Of Security
6. Table of Contents
About This Book........................................................................................................................................2
Target Audience.....................................................................................................................................2
Labs And Review Questions.................................................................................................................2
About The Author..................................................................................................................................3
Dedications............................................................................................................................................3
Chapter One – Security Models.................................................................................................................7
1.1 Security Considerations...................................................................................................................8
1.2 Network Security Violations.........................................................................................................10
1.3 Network Security Is Complex.......................................................................................................11
1.4 A Model For Network Security.....................................................................................................12
1.5 Network Access Security Model...................................................................................................14
1.6 Review Questions..........................................................................................................................16
Chapter Two - Network Security.............................................................................................................18
2.1 Understanding Why Encryption Is Necessary...............................................................................19
2.2 The OSI Security Architecture......................................................................................................21
2.3 Providing Confidentiality, Integrity, Authentication, and Non-Repudiation.................................23
2.4 Comparing Passive and Active Networks Attacks........................................................................25
2.5 X.800 Security Mechanisms..........................................................................................................33
2.6 Relationship Between Security Services and Mechanisms...........................................................35
2.7 Review Questions..........................................................................................................................36
Chapter Three - Introduction To Cryptography.......................................................................................37
3.1 Introduction To Common Cryptographic Concepts and Terminology..........................................38
3.2 Cryptography.................................................................................................................................42
3.3 Cryptanalysis.................................................................................................................................43
3.4 Reviewing The History Of Cryptography.....................................................................................44
3.5 Lab Work – Coding With The Enigma Machine...........................................................................48
3.6 Review Questions..........................................................................................................................49
Chapter Four – Symmetric Encryption....................................................................................................50
4.1 Introduction To Symmetric Encryption.........................................................................................51
4.2 Making Sense of The Feistel Cipher.............................................................................................54
4.3 Working With The Advanced Encryption Standard (AES)...........................................................57
4.4 Dissecting Block and Stream Ciphers...........................................................................................59
4.5 Using Wireshark To Crack WEP...................................................................................................66
4.6 Review Questions..........................................................................................................................67
Chapter Five – Asymmetric Encryption and Digital Signatures..............................................................68
5.1 Cryptographic Requirements.........................................................................................................69
5.2 The Public Key Technologies :Diffie-Hellman, RSA and PGP....................................................74
5.3 Lab Work - Creating Key Pairs For The D-H Algorithm..............................................................77
5.4 Managing Keys..............................................................................................................................78
5.5 Using Certificates..........................................................................................................................82
|Page 6 of 33
7. 5.6 Lab- Looking At This In Action....................................................................................................89
5.7 Review Questions..........................................................................................................................92
Chapter Six – Hash Algorithms, Message Digest and Authentication.....................................................93
6.1 Diving Into Hash Algorithms and Message Digest.......................................................................94
6.2 Looking Deeper Into Message Digest...........................................................................................98
6.3 Understanding Passwords, Hash, Salt and Rainbow Tables........................................................105
6.4 Lab - Password Strength Demonstration.....................................................................................107
6.5 Review Questions........................................................................................................................110
Chapter Seven – Secure Sockets Layer (SSL).......................................................................................111
7.1 Introduction To Secure Sockets Layer (SSL)..............................................................................112
7.2 Exploring Web Security...............................................................................................................119
7.3 Review Questions........................................................................................................................122
Chapter Eight – Email Security.............................................................................................................123
8.1 Investigating Email Privacy and Authentication Concerns.........................................................124
8.2 Implementing PGP Email Security With GPG............................................................................127
Chapter Nine – Internet Protocol Security.............................................................................................128
9.1 Exploring Internet Protocol Security (IPSec)..............................................................................129
9.2 Dissecting The Authentication Header........................................................................................133
9.3 Encapsulating Security Payload..................................................................................................136
9.4 Using Operating Mechanism.......................................................................................................138
9.5 Review Questions........................................................................................................................142
Chapter Ten – Denial-of-Service Attacks...............................................................................................143
10.1 Growing International Attacks..................................................................................................144
10.2 DoS and DDoS Definition.........................................................................................................146
10.3 DDoS Attack Types and Clarification.......................................................................................147
10.4 Direct DDOS Attack..................................................................................................................151
10.5 Reflector DDoS Attacks............................................................................................................152
10.6 A SYN Flood Attack..................................................................................................................153
10.7 A ICMP Attack..........................................................................................................................154
10.8 Constructing The DDoS Attack Network..................................................................................156
10.9 DDoS Countermeasures............................................................................................................158
10.10 Review Questions....................................................................................................................159
Glossary of Terms Used in Network Security........................................................................................160
Recommended Further Reading.............................................................................................................167
Bibliography...........................................................................................................................................168
|Page 7 of 33
9. 1.6 Review Questions
1.1 Before computers how was sensitive data secured – give an example of each method used.
1.2 What is computer security?
1.3 What is network security?
1.4 What are the four simple one word labels that could be used to describe security requirements?
1.5 Draw the model of security used to understand network security.
1.6 How is the security model similar to the basic communication model (basic communication model
is shown here: http://msafirinet.net/back-to-basics-the-basic-communication-model/
1.7 What are the differences between the security model and the basic communication model?
1.8 Name four general task involved in designing a security service.
1.9 What are the two broad categories of unwanted access security mechanisms, explain the work of
each category?
1.10 Name two type of software attacks.
1.11 Draw a diagram depicting network access security model.
1.12 What are the similarities and differences between the network security model and the access
security model?
1.13 Who or what is a hacker?
1.14 Discussion question - where do you think the demarcation between computer security and network
security should be?
1.15 Discussion question - why should data be secured?
1.16 Discussion question - what is the difference between something that is private and one that is
secret.
1.17 Discussion question - How would you secure the sending of a message between you and your
secret lover to meet later tonight without your keen partners knowing?
1.18 Discussion question - How do you ensure that if any of your partners in 1.1 above got hold of the
message they would not understand its meaning?
1.19 Discussion question - How would you ensure an employee who is to be fired does not pilfer
sensitive corporate information as they go?
|Page 9 of 33
10. 1.20 Discussion question - How would you ensure that the person you send a message cannot refute
receiving the message?
1.21 Discussion question – why do you think internet security is complex?
1.22 What is the meaning of the following terms:
Security Model Access Security Model Hacker
Security Mechanism What Is Computer Security What Is Network Security
|Page 10 of 33
12. 2.7 Review Questions
2.1 Discussion Question - Why do you think encryption is necessary ?
2.2 Discussion Question - From the report “Minimal Key Lengths for Symmetric Ciphers to Provide
Adequate Commercial Security” why do you think the authors were concerned about security them, are
they reason valid today?
2.3 What is FPGA stand for and what can it be used for in network security (the answer is in the report
“Minimal Key Lengths for Symmetric Ciphers to Provide Adequate Commercial Security”.
2.4 What is ciphertext?
2.5 What are the two types of encryption?
2.6 What type of encryption is public key encryption?
2.7 What is another name for common encryption?
2.8 The OSI security architecture focuses on three components, name and explain what each of them
does:
2.9 What is a threat?
2.10 What is an attack?
2.11 Name five security services, define what they are and what they provide.
2.12 Which four of five essential security services can be provided using cryptography
2.13 Define passive attack, give two type passive attacks and state how to counter them.
2.14 Define active attack , give six types of active attacks and state how to counter them.
2.15 What is the difference between an active attack and a passive attack, which one is easy to detect
and which is easy to defend against?
2.16 What is a protocol scan, a port scan and a ping scan and how do you use each scan?
2.17 What is an irreversible security mechanism and give examples and how they are used.
2.18 How are X.800 security mechanism divided?
2.19 Provide three X.800 security mechanism of each type and decribe what they are.
2.20 What is the meaning of the following terms
Encipherment Trusted Functionality Passive Attack
Digital Signature Security Label Active Attack
Access Control Event Detection X.800
Data Integrity Security Audit Trail Routing Control
Authentication Exchange Security Recovery Notarization
Traffic Padding
|Page 12 of 33
14. 3.6 Review Questions
3.1 What are the essential ingredients of a symmetric cipher?
3.2 What are the two basic functions used in encryption algorithms?
3.3 How many keys are required for two people to communicate via a cipher?
3.4 What are the two general approaches to attacking a cipher?
3.5 What is a transposition cipher?
3.6 What is a substituion cipher?
3.7 Briefly define the Caesar cipher.
3.8 Briefly define the Vigenere cipher.
3.9 What is the difference between a monoalphabetic cipher and a polyalphabetic cipher?
3.10 What is the meaning of the following terms:
block cipher brute-force attack Caesar cipher
cipher ciphertext conventional encryption
cryptanalysis cryptographic system cryptography
cryptology deciphering decryption
enciphering encryption monoalphabetic cipher
plaintext polyalphabetic cipher rail fence cipher
single-key encryption stream cipher symmetric encryption
transposition cipher Vigenère cipher
|Page 14 of 33
16. 4.6 Review Questions
4.1 What is triple encryption?
4.2 How many keys are used in triple encryption?
4.3 List important design considerations for a stream cipher.
4.4 Why is it not desirable to reuse a stream cipher key?
4.5 What primitive operations are used in RC4?
4.6 List 5 stream cipher operations modes that have been standardized.
4.7 What is the meaning of the following terms:
Block cipher modes of operation Electronic codebook mode (ECB) Stream cipher
Cipher block chaining mode (CBC) Output feedback mode (OFB) Triple DES (3DES)
Cipher feedback mode (CFB) RC4
|Page 16 of 33
17. Chapter Five – Asymmetric Encryption and Digital
Signatures
|Page 17 of 33
18. 5.7 Review Questions
5.1 What are the principal elements of a public key encryption scheme (public key cryptosystem)?
5.2 What are the roles of the public and private key?
5.3 What are three broad categories of applications of public key cryptosystems?
5.4 What is a one-way function?
5.5 What requirements must a public key cryptosystems fulfill to be a secure algorithm?
5.6 What are the benefits of public key infrastructure?
5.7 What is the meaning of the following terms:
digital signature private key public key cryptosystems
key exchange public key public key infrastructure
one-way function public key encryption RSA
|Page 18 of 33
19. Chapter Six – Hash Algorithms, Message Digest and
Authentication
|Page 19 of 33
20. 6.5 Review Questions
6.1 What is a one-way function?
6.2 What are the uses for hash algorithms?
6.3 What are the Cryptographic Requirements for hash algorithms?
6.4 What security services can Hash algorithms provides in a communication?
6.5 What security service do Hash algorithms not provide?
6.6 How does a Hash algorithm provide non-repudiation?
6.7 What is the meaning of the following terms:
hash nonce salt
message authentication code
(MAC)
one-way function SHA
message digest password
MD5 rainbow tables
|Page 20 of 33
22. 7.3 Review Questions
7.1 What are the advantages of each of the three approaches shown in Figure 17.1?
7.2 What protocols comprise SSL?
7.3 What is the difference between an SSL connection and an SSL session?
7.4 What steps are involved in the SSL Record Protocol transmission?
7.5 What is the meaning of the following terms:
SSL Web security
TSL
|Page 22 of 33
24. 8.3 Review Questions
8.1 Question for this section will be put in the book website page - https://msafirinet.net/the-
purple-book/
The topic of secure email will be enlarged and updated, current info is based on early 2018
status.
|Page 24 of 33
25. 9.5 Review Questions
9.1 Give examples of applications of IPSec.
9.2 What services are provided by IPSec?
9.3 What parameters identify an SA and what parameters characterize the nature of a
particular SA?16.4 What is the difference between transport mode and tunnel mode?
9.5 What is a replay attack?
9.6 Why does ESP include a padding field?
9.7 What are the basic approaches to bundling SAs?
9.8 What are the roles of the Oakley key determination protocol and ISAKMP in IPSec?
9.9 What is the meaning of the following terms:
Anti-Replay Service Authentication Header (AH)
Encapsulating Security Payload (ESP) Internet Security Association And Key
Management Protocol (ISAKMP)
IP Security (IPSec) IPV4
IPV6 Oakley Key Determination Protocol
Replay Attack Security Association (SA)
Transport Mode Tunnel Mode
|Page 25 of 33
26. Chapter Nine – Internet Protocol Security
|Page 26 of 33
27. 9.5 Review Questions
9.1 Give examples of applications of IPSec.
9.2 What services are provided by IPSec?
9.3 What parameters identify an SA and what parameters characterize the nature of a
particular SA?16.4 What is the difference between transport mode and tunnel mode?
9.5 What is a replay attack?
9.6 Why does ESP include a padding field?
9.7 What are the basic approaches to bundling SAs?
9.8 What are the roles of the Oakley key determination protocol and ISAKMP in IPSec?
9.9 What is the meaning of the following terms:
Anti-Replay Service Authentication Header (AH)
Encapsulating Security Payload (ESP) Internet Security Association And Key
Management Protocol (ISAKMP)
IP Security (IPSec) IPV4
IPV6 Oakley Key Determination Protocol
Replay Attack Security Association (SA)
Transport Mode Tunnel Mode
|Page 27 of 33
28. 10.10 Review Questions
10.1 Give examples of applications of IPSec.
10.2 What services are provided by IPSec?
10.3 What parameters identify an SA and what parameters characterize the nature of a
particular SA?16.4 What is the difference between transport mode and tunnel mode?
10.5 What is a replay attack?
10.6 Why does ESP include a padding field?
10.7 What are the basic approaches to bundling SAs?
10.8 What are the roles of the Oakley key determination protocol and ISAKMP in IPSec?
10.9 What is the meaning of the following terms:
Bot Zombie
Active attack DoS
DDoS ICMP Attack
ACK SYN Attack
Direct DDoS Attack Reflector DDoS Attack
Transport Mode Tunnel Mode
|Page 28 of 33
29. Glossary of Terms Used in Network Security
Some of the terms are from the Internet Security Glossary [RFC 2828], these terms are indicated by an
asterisk.
Asymmetric encryption
A form of cryptosystem in which encryption and decryption are performed
using two different keys, one of which is referred to as the public key and
one of which is referred to as the private key. Also known as public-key
encryption.
Zombie
A program that secretly takes over another Internet-attached computer and
then uses that computer to launch attacks that are difficult to trace to the
zombie's creator.
|Page 29 of 33
30. Recommended Further Reading
Aumasson , Jean-Philippe, Serious Cryptography, San Francisco, No Starch Press Inc., 2018.
Delfs Hans and Knebl Helmut, Information Security and Cryptography, Berlin, Springer-Verlag
GmbH, Third Edition, 2015.
Ferguson Niels, Schneier Bruce, and Kohno Tadayoshi, Cryptography Engineering, New Jersey, John
Wiley & Sons Inc.,First Edition, 2010.
Katz Jonathan and Lindell Yehuda, Introduction to Modern Cryptography, Taylor & Francis Group,
Boca Raton, 2008.
Koshy, Thomas, Elementary Number Theory with Applications, New York, Elsevier Inc., Second
Edition, 2007.
Martin , Keith M., Everyday Cryptography, Oxford, Oxford University Press, Second Edition, 2012.
Paar Christof and Pelzl Jan, Understanding Cryptography, Berlin, Springer-Verlag GmbH., 2010
Schneier Bruce, Applied Cryptography, New Jersey, John Wiley & Sons Inc., Second Edition, 1995,
20th
Anniversary Edition, 2015.
Silverman , Joseph H., A Friendly Introduction to Number Theory, London, Pearson, Fourth Edition,
2011.
Stallings , William, Cryptography and Network Security Principles and Practices, New Jersey, Prentice
Hall. Fourth Edition, 2005.
Tilborg, Henk C. A. van, ed. Berlin, Encyclopedia of Cryptography and Security, 2005.
|Page 30 of 33
31. Bibliography
Introduction
Bishop, M. Computer Security: Art and Science . Boston: Addison-Wesley, 2003.
Bishop, M. Introduction to Computer Security. Boston: Addison-Wesley, 2005.
Pfleeger, C. Security in Computing. Upper Saddle River, NJ: Prentice Hall, 2002.
Pieprzyk, J.; Hardjono, T.; and Seberry, J. Fundamentals of Computer Security. New York: Springer-
Verlag, 2003.
Schneier, B. Secrets and Lies: Digital Security in a Networked World . New York: Wiley 2000.
Classical Encryption Techniques
Barker, W. Introduction to the Analysis of the Data Encryption Standard (DES). Laguna Hills, CA:
Aegean Park Press, 1991.
Coppersmith, D. "The Data Encryption Standard (DES) and Its Strength Against Attacks." IBM Journal
of Research and Development, May 1994.
Electronic Frontier Foundation. Cracking DES: Secrets of Encryption Research, Wiretap Politics, and
Chip Design. Sebastopol, CA: O'Reilly, 1998
Menezes, A.; van Oorschot, P.; and Vanstone, S. Handbook of Applied Cryptography. Boca Raton, FL:
CRC Press, 1997.
Schneier, B. Applied Cryptography. New York: Wiley, 1996.
Simovits, M. The DES: An Extensive Documentation and Evaluation. Laguna Hills, CA: Aegean Park
Press, 1995.
Stinson, D. Cryptography: Theory and Practice. Boca Raton, FL: CRC Press, 2002.
Block Ciphers and the Data Encryption Standard
Barker, W. Introduction to the Analysis of the Data Encryption Standard (DES). Laguna Hills, CA:
Aegean Park Press, 1991.
Coppersmith, D. "The Data Encryption Standard (DES) and Its Strength Against Attacks." IBM Journal
of Research and Development, May 1994.
Electronic Frontier Foundation. Cracking DES: Secrets of Encryption Research, Wiretap Politics, and
Chip Design. Sebastopol, CA: O'Reilly, 1998
Menezes, A.; van Oorschot, P.; and Vanstone, S. Handbook of Applied Cryptography. Boca Raton, FL:
CRC Press, 1997.
Schneier, B. Applied Cryptography. New York: Wiley, 1996.
Simovits, M. The DES: An Extensive Documentation and Evaluation. Laguna Hills, CA: Aegean Park
Press, 1995.
Stinson, D. Cryptography: Theory and Practice. Boca Raton, FL: CRC Press, 2002.
Advanced Encryption Standard
Daemen, J., and Rijmen, V. "Rijndael: The Advanced Encryption Standard." Dr. Dobb's Journal, March
2001.
Daemen, J., and Rijmen, V. The Design of Rijndael: The Wide Trail Strategy Explained. New York,
Springer-Verlag, 2002.
Landau, S. "Polynomials in the Nation's Service: Using Algebra to Design the Advanced Encryption
Standard." American Mathematical Monthly, February 2004.
|Page 31 of 33
32. Symmetric Ciphers
Kumar, I. Cryptology. Laguna Hills, CA: Aegean Park Press, 1997.
Robshaw, M. Stream Ciphers. RSA Laboratories Technical Report TR-701, July 1995.
http://www.rsasecurity.com/rsalabs
Robshaw, M. Block Ciphers. RSA Laboratories Technical Report TR-601, August 1995.
http://www.rsasecurity.com/rsalabs
Schneier, B. Applied Cryptography. New York: Wiley, 1996.
Simmons, G., ed. Contemporary Cryptology: The Science of Information Integrity. Piscataway, NJ:
IEEE Press, 1992.
Introduction to Number Theory (Not Used)
Burn, R. A Pathway to Number Theory. Cambridge, England: Cambridge University Press, 1997.
Kumanduri, R., and Romero, C. Number Theory with Computer Applications. Upper Saddle River, NJ:
Prentice Hall, 1998.
Leveque, W. Elementary Theory of Numbers. New York: Dover, 1990.
Ore, O. Invitation to Number Theory. Washington, DC: The Mathematical Association of America,
1967,
Rosen, K. Elementary Number Theory and its Applications . Reading, MA: Addison-Wesley, 2000.
Public-Key Cryptography and RSA
Boneh, D. "Twenty Years of Attacks on the RSA Cryptosystem." Notices of the American
Mathematical Society, February 1999.
Cormen, T.; Leiserson, C.; Rivest, R.; and Stein, C. Introduction to Algorithms. Cambridge, MA: MIT
Press, 2001.
Diffie, W. "The First Ten Years of Public-Key Cryptography." Proceedings of the IEEE, May 1988.
Reprinted in [SIMM92].
Shamir, A., and Tromer, E. "On the Cost of Factoring RSA-1024." CryptoBytes, Summer 2003.
http://www.rsasecurity.com/rsalabs
Key Management; Other Public-Key Cryptosystems (Partial Used)
Blake, I.; Seroussi, G.; and Smart, N. Elliptic Curves in Cryptography. Cambridge: Cambridge
University Press, 1999.
Enge, A. Elliptic Curves and Their Applications to Cryptography. Norwell, MA: Kluwer Academic
Publishers, 1999.
Fernandes, A. "Elliptic Curve Cryptography." Dr. Dobb's Journal, December 1999.
Hankerson, D.; Menezes, A.; and Vanstone, S. Guide to Elliptic Curve Cryptography. New York:
Springer, 2004.
Jurisic, A., and Menezes, A. "Elliptic Curves and Cryptography." Dr. Dobb's Journal, April 1997.
Koblitz, N. A Course in Number Theory and Cryptography . New York: Springer-Verlag, 1994.
Kumanduri, R., and Romero, C. Number Theory with Computer Applications. Upper Saddle River, NJ:
Prentice Hall, 1998.
Rosing, M. Implementing Elliptic Curve Cryptography. Greeenwich, CT: Manning Publications, 1999.
Stinson, D. Cryptography: Theory and Practice. Boca Raton, FL: CRC Press, 2002.
Message Authentication and Hash Functions
Jueneman, R.; Matyas, S.; and Meyer, C. "Message Authentication." IEEE Communications Magazine,
September 1988.
Jueneman, R. "Electronic Document Authentication." IEEE Network Magazine, April 1987.
|Page 32 of 33
33. Menezes, A.; Oorshcot, P.; and Vanstone, S. Handbook of Applied Cryptography. Boca Raton, FL:
CRC Press, 1997.
Preneel, B. "The State of Cryptographic Hash Functions." Proceedings, EUROCRYPT '96, 1996;
published by Springer-Verlag.
Stinson, D. Cryptography: Theory and Practice. Boca Raton, FL: CRC Press, 2002.
Hash and MAC Algorithms
Bellare, M.; Canetti, R.; and Krawczyk, H. "Keying Hash Functions for Message Authentication."
Proceedings, CRYPTO '96, August 1996; published by Springer-Verlag. An expanded version is
available at http://www-cse.ucsd.edu/users/mihir.
Bellare, M.; Canetti, R.; and Krawczyk, H. "The HMAC Construction." CryptoBytes, Spring 1996.
Gilbert, H. and Handschuh, H. "Security Analysis of SHA-256 and Sisters." Proceedings, CRYPTO '03,
2003; published by Springer-Verlag.
Digital Signatures and Authentication Protocols
Akl, S. "Digital Signatures: A Tutorial Survey." Computer, February 1983.
Mitchell, C.; Piper, F. ; and Wild, P. "Digital Signatures." In SIMM92a].
Authentication Applications
Bryant, W. Designing an Authentication System: A Dialogue in Four Scenes. Project Athena
document, February 1988. Available at http://web.mit.edu/kerberos/www/dialogue.html.
Gutmann, P. "PKI: It's Not Dead, Just Resting." Computer, August 2002.
Kohl, J.; Neuman, B.; and Ts'o, T. "The Evolution of the Kerberos Authentication Service." in Brazier,
F., and Johansen, D. Distributed Open Systems. Los Alamitos, CA: IEEE Computer Society Press,
1994. Available at http://web.mit.edu/kerberos/www/papers.html.
Perlman, R. "An Overview of PKI Trust Models." IEEE Network, November/December 1999.
Tung, B. Kerberos: A Network Authentication System. Reading, MA: Addison-Wesley, 1999.
Electronic Mail Security
PGP Home Page: PGP Web site by PGP Corp., the leading PGP commercial vendor.
International PGP Home Page: Designed to promote worldwide use of PGP. Contains documents and
links of interest.
PGP MIT Distribution Site for PGP: Leading distributor of freeware PGP. Contains FAQ, other
information, and links to other
PGP sites.
PGP Charter: Latest RFCs and Internet drafts for Open Specification PGP.
PGP S/MIME Charter: Latest RFCs and Internet drafts for S/MIME.
IP Security
Cheng, P., et al. "A Security Architecture for the Internet Protocol." IBM Systems Journal, Number 1,
1998.
Doraswamy, N., and Harkins, D. IPSec. Upper Saddle River, NJ: Prentice Hall, 2003.
Frankel, S. Demystifying the IPSec Puzzle. Boston: Artech House, 2001.
Stallings, W. Computer Networking with Internet Protocols and Technology. Upper Saddle River, NJ:
Prentice Hall, 2004
Project: Contains papers, presentations, and reference implementations
|Page 33 of 33