Internet Cryptography
Addison Wesley (Verlag)
978-0-201-92480-0 (ISBN)
- Titel ist leider vergriffen;
keine Neuauflage - Artikel merken
"This book provides an excellent overview of how encryption is used, its strengths and weaknesses, and what to look for when building or choosing real-world solutions. This is a must-have book for anyone considering the deployment of an important system relying on modern cryptography." - Marcus J. Ranum Chief Scientist, V-ONE Corporation Here, in one comprehensive, soup-to-nuts book, is the solution for Internet security: modern-day cryptography. Written by a security expert with a wealth of practical experience, this book covers network and Internet security in terms that are easy to understand, using proven technology, systems, and solutions. From the client workstation to the Web host to the e-mail server, every aspect of this important topic is examined and explained. The once-daunting subject of cryptography is demystified and applied to today's security challenges.
Topics include: *Essentials of cryptography *Networking and Internet fundamentals *Encryption building blocks *Virtual private networks *Legal considerations *Setting realistic security objectives *Secured electronic mail *World Wide Web transaction security *Internet Firewalls This book is written for people who want to move data safely across the Internet and protect corporate resources from unauthorized access. Using real-life case studies, examples, and commercially available software products, cryptography is presented as a practical solution to specific, everyday security challenges. 0201924803B04062001
Richard E. Smith works for Secure Computing Corporation where he provides consulting services in network security to commercial and government organizations, including the National Security Agency. He has also served as principal systems engineer for military network guard systems and the Sidewinder Internet Firewall. He frequently lectures, writes, and conducts seminars on cryptography and computer security. He holds an M.S. and Ph.D. in computer science from the University of Minnesota and a B.S. in engineering from Boston University. 0201924803AB06252001
(NOTE: Each chapter concludes with For Further Information.)
Preface.
Who This Book Is For.
How This Book Is Organized.
Crypto Today and Tomorrow.
Comments and Questions.
Acknowledgments.
1. Introduction.
The Basic Problem.
Essentials of Crypto.
Crypto Is Hard to Use.
Balancing Crypto Use with Your Objectives.
Essentials of Networking and the Internet.
Protocol Layers and Network Products.
Internet Technology.
Internet Protocols in Your Host.
The Internet Security Problem.
An Internet Rogue's Gallery.
Setting Realistic Security Objectives.
Appropriate Communications Security.
Communications Security Goals.
Internet Crypto Techniques.
Legal Restrictions.
2. Encryption Basics.
Encryption Building Blocks.
Stream Ciphers.
Block Ciphers.
How Crypto Systems Fail.
Cryptanalysis and Modern Codes.
Brute Force Cracking of Secret Keys.
Attacks on Improper Crypto Use.
Choosing Between Strong and Weak Crypto.
Properties of Good Crypto Algorithms.
Crypto Algorithms to Consider.
Selecting a Block Cipher Mode.
Identifying a Safe Key Length.
Levels of Risk for Different Applications.
3. Link Encryption.
Security Objectives.
Product Example: In-line Encryptor.
Red/Black Separation.
Crypto Algorithm and Keying.
Encryptor Vulnerabilities.
Product Security Requirements.
Deployment Example: Point-to-Point Encryption.
Point-to-Point Practical Limitations.
Physical Protection and Control.
Deployment Security Requirements.
Deployment Example: IP-routed Configuration.
Site Protection.
Networkwide Security.
Deployment Security Requirements.
Key Recovery and Escrowed Encryption.
4. Managing Secret Keys.
Security Objectives.
Basic Issues in Secret Key Management.
Technology: Random Key Generation.
Random Seeding.
Pseudorandom Number Generators.
Technical Security Requirements.
Deployment Example: Manual Key Distribution.
Preparing Secret Keys for Delivery.
Batch Generation of Keys.
Printing Keys on Paper.
Key Packaging and Delivery.
Key Splitting for Safer Delivery.
Deployment Security Requirements.
Technology: Automatic Rekeying.
ANSI X9.17 Point-to-Point Rekeying.
Variations of X9.17.
Technical Security Requirements.
Key Distribution Centers (KDCs).
Maintaining Keys and System Security.
5. Security at the IP Layer.
Security Objectives.
Basic Issues with Using IPSEC.
Technology: Cryptographic Checksums.
One-way Hash Functions.
Technical Security Requirements.
IPSEC: IP Security Protocol.
IPSEC Authentication.
IPSEC Encryption.
IPSEC Key Management.
Other TCP/IP Network Security Protocols.
6. Virtual Private Networks.
Security Objectives.
Basic Issues with VPNs.
Technology: IPSEC Proxy Cryptography.
ESP Tunnel Mode.
ESP Transport Mode.
Product Example: IPSEC Encrypting Router.
Blocking Classic Internet Attacks.
Product Security Requirements.
Deployment Example: Site-to-Site Encryption.
Header Usage and Security.
Deployment Security Requirements.
7. Remote Access with IPSEC.
Security Objectives.
Basic Issues with IPSEC Clients.
Product Example: IPSEC Client.
Client Security Associations.
Client Self-Defense on the Internet.
Client Theft and Key Protection.
Product Security Requirements.
Deployment Example: Client-to-Server Site Access.
Remote Access Security Issues.
Deployment Security Requirements.
8. IPSEC and Firewalls.
Security Objectives.
Basic Issues with IPSEC and Firewalls.
Internet Firewalls.
What Firewalls Control.
How Firewalls Control Access.
Firewall Control Mechanisms.
Product Example: IPSEC Firewall.
Administering Multiple Sites.
Product Security Requirements.
Deployment Example: A VPN with a Firewall.
Establishing a Site Security Policy.
Chosen Plaintext Attack on a Firewall.
Deployment Security Requirements.
9. Public Key Crypto and SSL.
Public Key Cryptography.
Evolution of Public Key Crypto.
Diffie-Hellman Public Key Technique.
Brute Force Attacks on RSA.
Other RSA Vulnerabilities.
Technical Security Requirements.
Technology: Secret Key Exchange with RSA Crypto.
Attacking Public Key Distribution.
Public Key versus Secret Key Exchange.
Technical Security Requirements.
Secure Sockets Layer.
Other SSL Properties.
Basic Attacks Against SSL.
SSL Security Evolution.
10. World Wide Web Transaction Security.
Security Objectives.
Basic Issues in Internet Transaction Security.
Transactions on the World Wide Web.
Transactions with Web Forms.
Web Form Security Services.
Security Alternatives for Web Forms.
Password Protection.
Network-level Security (IPSEC).
Transport-level Security (SSL).
Application-level Security (SHTTP).
Client Authentication Alternatives.
Product Example: Web Browser with SSL.
Browser Cryptographic Services.
Authentication Capabilities.
Client Security and Executable Contents.
Product Security Requirements.
Product Example: Web Server with SSL.
Web Server Vulnerabilities.
Mandatory Protection.
Product Security Requirements.
Deployment Example: Vending with Exportable Encryption.
Export Restrictions and Transaction Security.
Site Configuration.
Deployment Security Requirements.
11. Secured Electronic Mail.
Security Objectives.
Basic Issues with E-Mail Security.
Basics of Internet Electronic Mail.
Internet E-Mail Software Architecture.
E-Mail Security Problems.
Technology: Off-line Message Keying.
Encryption Tokens.
Technical Security Requirements.
Technology: Digital Signatures.
Attacks on Digital Signatures.
The Digital Signature Standard.
Technical Security Requirements.
Product Example: Secure E-Mail Client.
Basic Secure Client Features.
E-Mail Client Security Issues.
Product Security Requirements.
E-Mail Deployment.
12. Public Key Cerificates.
Security Objectives.
Distributing Public Keys.
Technology: Public Key Certificates.
Generating Public Key Pairs.
Certificate Revocation.
Certification Authority Workstation.
Technical Security Requirements.
Certificate Distribution.
Transparent Distribution.
Interactive Distribution.
Centralized Certification Authority.
Netscape Server Authentication.
Handling Multiple Certification Authorities.
Hierarchical Certification Authority.
PEM Internet Certification Hierarchy.
Private Trees.
PGP “Web of Trust”.
For Further Information.
Appendix A: Glossary.
Appendix B: Bibliography.
Index. 0201924803T01282002
Erscheint lt. Verlag | 30.10.1997 |
---|---|
Verlagsort | Boston |
Sprache | englisch |
Maße | 234 x 186 mm |
Gewicht | 658 g |
Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
Informatik ► Theorie / Studium ► Kryptologie | |
Mathematik / Informatik ► Informatik ► Web / Internet | |
ISBN-10 | 0-201-92480-3 / 0201924803 |
ISBN-13 | 978-0-201-92480-0 / 9780201924800 |
Zustand | Neuware |
Haben Sie eine Frage zum Produkt? |
aus dem Bereich