Applied Cryptography and Network Security

Table of Contents Preface * 1. Introduction * 1.1 Electronic commerce * 1.1.1 Mobile commerce * 1.2 Scope of Secure E-Commerce * 1.3 Attack and Defense Approaches * 1.3.1 Passive vs. active attacks * 2 Security Requirements, Threats and Tools * 2.1 System Integrity Security Against Penetrations * 2.1.1 Trojan horse, trapdoor, timebomb * 2.1.2 Propogating Malicious Software: Virus, Worm, Vandal * 2.1.3 Preventing Penetrations * 2.2 Confidentiality and Privacy * 2.2.1 Confidential communication * 2.2.2 Preventing Dictionary Attack * 2.2.3 Traffic analysis * 2.2.4 Privacy * 2.2.5 Location privacy * 2.2.6 Anonymity * 2.2.7 Ethical and Legal issues * 2.3 Authentication, Identification, Integrity * 2.3.1 Entity Authentication and Identification * 2.3.2 Message Authentication and Integrity * 2.3.3 Protection against Messages Replay * 2.3.4 Non-repudiation of Origin * 2.3.5 Non-repudiation of Receipt * 2.3.6 Legal Standing of Non-Repudiation * 2.4 Denial of service * 2.4.1 Clogging * 2.4.2 Detection of Disconnection * 2.5 Key Separation * 2.6 Establishing and sharing keys * 3 Cryptographic Functions * 3.1 Principles of modern cryptography * 3.1.1 Kerckhoffs principle * 3.1.2 Clarity and prudence principle * 3.1.3 Unconditional security * 3.1.4 Computational security * 3.1.5 Proofs of security * 3.2 Shared key encryption * 3.2.1 Substitution ciphers * 3.2.2 One-time-pad * 3.2.3 Pseudo-random generators * 3.2.4 Block ciphers * 3.2.5 Types of attacks * 3.3 Message authentication, hashing and random functions * 3.3.1 Cryptographic one-way hash functions * 3.3.2 Message Authentication Code * 3.3.3 HMAC MAC built from Hash functions * 3.3.4 Pseudo-Random Functions * 3.4 Public key cryptography * 3.4.1 Diffie-Hellman key exchange protocol * 3.4.2 Public key encryption * 3.4.3 Public key signatures * 3.4.4 RSA * 3.4.5 PKCS 1 * 4 Certificates, Credentials, PKI and Trust * 4.1 Public key certificates * 4.1.1 X.509 Certificate format * 4.1.2 Certificate authorities * 4.1.3 Registration authorities * 4.1.4 Certificate Revocation * 4.1.5 Certificate Extensions * 4.2 Attribute certificate and authorities * 4.3 Public Key Infrastructure * 4.3.1 X.500 and X.509 * 4.3.2 PKIX * 4.3.3 Directories - LDAP * 4.3.4 Identrus * 4.4 Credentials Manager Framework * 4.5 KeyNote * 4.6 Trust Establishment * 5 Secure Communication * 5.1 Authentication and Key Establishment Protocols * 5.1.1 Two-Parties Shared Key Protocols * 5.1.2 Key Distribution