Home > Store > Security > Network Security

larger cover

Add To My Wish List

Share|

Network Security: Private Communication in a Public World, 2nd Edition

Register your product to gain access to bonus material or receive a coupon.

  • Description
  • Reviews
  • Sample Content

The classic guide to network security—now fully updated!"Bob and Alice are back!"

Widely regarded as the most comprehensive yet comprehensible guide to network security, the first edition of Network Security received critical acclaim for its lucid and witty explanations of the inner workings of network security protocols. In the second edition, this most distinguished of author teams draws on hard-won experience to explain the latest developments in this field that has become so critical to our global network-dependent society.

Network Security, Second Edition brings together clear, insightful, and clever explanations of every key facet of information security, from the basics to advanced cryptography and authentication, secure Web and email services, and emerging security standards. Coverage includes:

  • All-new discussions of the Advanced Encryption Standard (AES), IPsec, SSL, and Web security
  • Cryptography: In-depth, exceptionally clear introductions to secret and public keys, hashes, message digests, and other crucial concepts
  • Authentication: Proving identity across networks, common attacks against authentication systems, authenticating people, and avoiding the pitfalls of authentication handshakes
  • Core Internet security standards: Kerberos 4/5, IPsec, SSL, PKIX, and X.509
  • Email security: Key elements of a secure email system-plus detailed coverage of PEM, S/MIME, and PGP
  • Web security: Security issues associated with URLs, HTTP, HTML, and cookies
  • Security implementations in diverse platforms, including Windows, NetWare, and Lotus Notes

The authors go far beyond documenting standards and technology: They contrast competing schemes, explain strengths and weaknesses, and identify the crucial errors most likely to compromise secure systems. Network Security will appeal to a wide range of professionals, from those who design or evaluate security systems to system administrators and programmers who want a better understanding of this important field. It can also be used as a textbook at the graduate or advanced undergraduate level.

Prentice Hall Series in Computer Networking and Distributed Systems

Customer Reviews

36 of 38 people found the following review helpful
4.0 out of 5 stars Some great stuff, but narrowly focused, October 25, 2003
By 
Mark Stamp (cupertino, ca USA) - See all my reviews
(REAL NAME)   
This review is from: Network Security: Private Communication in a Public World (2nd Edition) (Hardcover)
I worked for 10 years in computer and network security, including many years as a cryptanalyst and a couple of years at a startup company. I now teach at San Jose State University, where I'm using this book as the primary textbook for a graduate class in computer security. The strengths of the the book are its coverage of basic cryptography (chapters 2 thru 6), "security handshake pitfalls" (chapter 11) and "security folklore" (chapter 26).

Chapter 11 alone is worth the (high) price of the book. It is absolutely the best introduction to the subtle issues that arise with network protocols you are likely to ever find. And Chapters 2 through 6 do a better job of covering cryptography (with particular emphasis on some of the not-so-obvious issues) than many books devoted solely to cryptography. And chapter 26 makes some nice points.

One criticism I have is that---with few exceptions---the rest of the book does not come close to the standard achieved in the... Read more

Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


15 of 15 people found the following review helpful
4.0 out of 5 stars A witty and authoritative introduction to network security, September 22, 1998
This review is from: Network Security: Private Communication in a Public World (Textbook Binding)
Who would have thought that a detailed technical book on network security would be fun to read? I wouldn't have, but this one is highly technical and also lots of fun to read. As the fundamental tenet of cryptography, instead of some abstract mathematical theorem about something or other being NP complete we get "If lots of smart people have failed to solve a problem, then it probably won't be solved (soon)". But don't get me wrong, this is not a content-free book for top management, it is highly technical, with long chapters on secret-key cryptography, hashes and message digests, public-key cryptography, number theory, authentication and much more. Unlike Bruce Schneier's book, Applied Cryptography, which is more like an encylopedia than a book, this one is enjoyable to read while still carefully explaining state-of-the-art cryptographic protocols--not an easy feat to pull off. For anyone with a university degree in engineering, the sciences, or... Read more
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


14 of 14 people found the following review helpful
5.0 out of 5 stars Explains tedious theory in an understandable way, February 22, 2000
This review is from: Network Security: Private Communication in a Public World (Textbook Binding)
I took this book along on a business trip with the expectation that it would work better than chamomile tea before bed -- instead it kept me up well into the night. It turns a, necessarily, tedious subject into compelling reading. A "must-read" and "must-have" reference for any person charged with managing a distributed computing environment.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


Share your thoughts with other customers:
 See all 18 customer reviews...

Online Sample Chapter

Communicating Securely in an Insecure Medium

Table of Contents



Acknowledgments.


1. Introduction.

Roadmap to the Book. What Type of Book Is This? Terminology. Notation. Primer on Networking. Active vs. Passive Attackc. Layers and Cryptography. Authorization. Tempest. Key Escrow for Law Enforcement. Key Escrow for Careless Users. Viruses, Worms, Trojan Horses. The Multi-level Model of Security. Legal Issues.

I. CRYPTOGRAPHY.

2. Introduction to Cryptography.

What Is Cryptography? Breaking an Encryption Scheme. Types of Cryptographic Functions. Secret Key Cryptography. Public Key Cryptography. Hash Algorithms. Homework.

3. Secret Key Cryptography.

Introduction. Generic Block Encryption. Data Encryption Standard (DES). International Data Encryption Algorithm (IDEA). Advanced Encryption Standard (AES). RC4. Homework.

4. Modes of Operation.

Introduction. Encrypting a Large Message. Generating MACs. Multiple Encryption DES. CBC Outside vs. Inside. Homework.

5. Hashes and Message Digests.

Introduction. Nifty Things to Do with a Hash. MD2. MD4. MD5. SHA-1. HMAC. Homework.

6. Public Key Algorithms.

Introduction. Modular Arithmetic. RSA. Diffie-Hellman. Digital Signature Standard (DSS). How Secure Are RSA and Diffie-Hellman? Elliptic Curve Cryptography (ECC). Zero Knowledge Proof Systems. Homework Problems.

7. Number Theory.

Introduction. Modular Arithmetic. Primes. Euclid's Algorithm. Chinese Remainder Theorem. Zn. Euler's Totient Function. Euler's Theorem. Homework Problems.

8. Math with AES and Elliptic Curves.

Introduction. Notation. Groups. Fields. Mathematics of Rijndael. Elliptic Curve Cryptography. Homework.

II. AUTHENTICATION.

9. Overview of Authentication Systems.

Password-Based Authentication. Address-Based Authentication. Cryptographic Authentication Protocols. Who Is Being Authenticated? Passwords as Cryptographic Keys. Eavesdropping and Server Database Reading. Trusted Intermediaries. Session Key Establishment. Delegation. Homework.

10. Authentication of People.

Passwords. On-Line Password Guessing. Off-Line Password Guessing. How Big Should a Secret Be? Eavesdropping. Passwords and Careless Users. Initial Password Distribution. Authentication Tokens. Physical Access. Biometrics. Homework.

11. Security Handshake Pitfalls.

Login Only. Mutual Authentication. Integrity/Encryption for Data. Mediated Authentication (with KDC). Nonce Types. Picking Random Numbers. Performance Considerations. Authentication Protocol Checklist. Homework.

12. Strong Password Protocols.

Introduction. Lamport's Hash. Strong Password Protocols. Strong Password Credentials. Strong Password Credentials Download Protocols. Homework.

III. STANDARDS.

13. Kerberos V4.

Introduction. Tickets and Ticket-Granting Tickets. Configuration. Logging Into the Network. Replicated KDC's. Realms. Interrealm Authentication. Key Version Numbers. Encryption for Privacy and Integrity. Encryption for Integrity Only. Network Layer Addresses in Tickets. Message Formats. Homework.

14. Kerberos V5.

ASN.1. Names. Delegation of Rights. Ticket Lifetimes. Key Versions. Making Master Keys in Different Realms Different. Optimizations. Cryptographic Algorithms. Hierarchy of Realms. Evading Password-Guessing Attacks. Key Inside Authenticator. Double TGT Authentication. PKINIT-Public Keys for Users. KDC Database. Kerberos V5 Messages. Homework.

15. PKI (Public Key Infrastructure).

Introduction. Some Terminology. PKI Trust Models. Revocation. Directories and PKI. PKIX and X.509. X.509 and PKIX Certificates. Authorization Futures. Homework.

16. Real-time Communication Security.

What Layer? Session Key Establishment. Perfect Forward Secrecy. PFS-Foilage. Denial-of-Service/Clogging Protection. Endpoint Identifier Hiding. Live Partner Reassurance. Arranging for Parallel Computation. Session Resumption. Plausible Deniability. Data Stream Protection. Negotiating Crypto Parameters. Easy Homework. Homework.

17. IPsec: AH and ESP.

Overview of Ipsec. IP and Ipv6. AH (Authentication Header). ESP (Encapsulating Security Payload). So, Do We Need AH? Comparison of Encodings. Easy Homework. Homework.

18. IPsec: IKE.

Photuris. SKIP. History of IKE. IKE Phases. Phase 1 IKE. Phase - 2 IKE: Setting up Ipsec Sas. ISAKMP/IKE Encoding. Homework.

19. SSL/TLS.

Introduction. Using TCP. Quick TCP. Quick History. SSL/TLS Basic Protocol. Session Resumption. Computing the Keys. Client Authentication. PKI as Deployed by SSL. Version Numbers. Negotiating Cipher Suites. Negotiating Compression Method. Attacks Fixed in v3. Exportability. Encoding. Further Reading. Easy Homework. Homework.

IV. ELECTRONIC MAIL.

20. Electronic Mail Security.

Distribution Lists. Store and Forward. Security Services for Electronic Mail. Establishing Keys. Privacy. Authentication of the Source. Message Integrity. Non-Repudiation. Proof of Submission. Proof of Delivery. Message Flow Confidentiality. Anonymity. Containment. Annoying Text Format Issues. Names and Addresses. Verifying When a Message Was Really Sent. Homework.

21. PEM & S/MIME.

Introduction. Structure of a PEM Message. Establishing Keys. Some PEM History. PEM Certificate Hierarchy. Certificate Revocation Lists (CRLs). Reformatting Data to Get Through Mailers. General Structure of a PEM Message. Encryption. Source Authentication and Integrity Protection. Multiple Recipients. Bracketing PEM Messages. Forwarding and Enclosures. Unprotected Information. Message Formats. DES-CBC as MIC Doesn't Work. Differences in S/MIME. S/MIME Certificate Hierarchy. Homework.

22. PGP (Pretty Good Privacy).

Introduction. Overview. Key Distribution. Efficient Encoding. Certificate and Key Revocation. Signature Types. Your Private Key. Key Rings. Anomalies. Object Formats.

V. LEFTOVERS.

23. Firewalls.

Packet Filters. Application Level Gateway. Encrypted Tunnels. Comparisons. Why Firewalls Don't Work. Denial-of-Service Attacks. Should Firewalls Go Away?

24. More Security Systems.

NetWare V3. NetWare V4. KryptoKnight. DASS/SPX. Lotus Notes Security. DCE Security. Microsoft Windows Security. Network Denial of Service. Clipper. Homework.

25. Web Issues.

Introduction. URLs/URIs. HTTP. HTTP Digest Authentication. Cookies. Other Web Security Problems. Homework.

26. Folklore.

Perfect Forward Secrecy. Change Keys Periodically. Multiplexing Flows over a Single SA. Use Different Keys in the Two Directions. Use Different Secret Keys for Encryption vs. Integrity Protection. Use Different Keys for Different Purposes. Use Different Keys for Signing vs. Encryption. Have Both Sides Contribute to the Master Key. Don't Let One Side Determine the Key. Hash in a Constant When Hashing a Password. HMAC Rather than Simple MD. Key Expansion. Randomly Chosen Ivs. Use of Nonces in Protocols. Don't Let Encrypted Data Begin with a Constant. Don't Let Encrypted Data Begin with a Predictable Value. Compress Data Before Encrypting It. Don't Do Encryption Only. Avoiding Weak Keys. Minimal vs. Redundant Designs. Overestimate the Size of Key. Hardware Random Number Generators. Timing Attacks. Put Checksums at the End of Data. Forward Compatibility. Negotiating Parameters. Homework.

Bibliography.

Glossary.

Index.

 
Best Value

Book + eBook Bundle  $152.98  $91.79

Book Price: $67.99
eBook Price: $23.80

Add To Cart

This book includes free shipping!

Add To Cart

Book  $84.99  $67.99

Usually ships in 24 hours.

This book includes free shipping!

Add To Cart

eBook (Adobe DRM)  $67.99  $54.39

About Adobe DRM eBooks

Information This eBook requires the free Adobe® Digital Editions software.

Before downloading this DRM-encrypted PDF, be sure to:


  • Install the free Adobe Digital Editions software on your machine. Adobe Digital Editions only works on Macintosh and Windows, and requires the Adobe Flash Player. Please see the official system requirements.
  • Authorize your copy of Adobe Digital Editions using your Adobe ID. If you don't already have an Adobe ID, you can create one here.
  • Visit our eBook FAQ page for more information.
Purchase Reward: One Month Free Subscription
By completing any purchase on InformIT, you become eligible for an unlimited access one-month subscription to Safari Books Online.

Get access to thousands of books and training videos about technology, professional development and digital media from more than 40 leading publishers, including Addison-Wesley, Prentice Hall, Cisco Press, IBM Press, O'Reilly Media, Wrox, Apress, and many more. If you continue your subscription after your 30-day trial, you can receive 30% off a monthly subscription to the Safari Library for up to 12 months. That's a total savings of $199.

Other Things You Might Like

Email Security with Cisco IronPort
Email Security with Cisco IronPort
By Chris Porter
Apr 23, 2012
$51.99
Email Security with Cisco IronPort
Email Security with Cisco IronPort
By Chris Porter
Apr 12, 2012
$41.59
Network Forensics: Tracking Hackers through Cyberspace, Rough Cuts
Network Forensics: Tracking Hackers through Cyberspace, Rough Cuts
By Sherri Davidoff, Jonathan Ham
Apr 2, 2012
$55.99