Cryptography and Network Security: Principles and Practice / Edition 6

Paperback (Print)
Rent from
(Save 75%)
Est. Return Date: 08/01/2015
Used and New from Other Sellers
Used and New from Other Sellers
from $83.69
Usually ships in 1-2 business days
(Save 46%)
Other sellers (Paperback)
  • All (24) from $83.69   
  • New (18) from $106.11   
  • Used (6) from $83.69   


For one-semester, undergraduate- or graduate-level courses in Cryptography, Computer Security, and Network Security. The book is suitable for self-study and so provides a solid and up-to-date tutorial. The book is also a comprehensive treatment of cryptography and network security and so is suitable as a reference for a system engineer, programmer, system manager, network manager, product marketing personnel, or system support specialist.

A practical survey of cryptography and network security with unmatched support for instructors and students

In this age of universal electronic connectivity, viruses and hackers, electronic eavesdropping, and electronic fraud, security is paramount. This text provides a practical survey of both the principles and practice of cryptography and network security. First, the basic issues to be addressed by a network security capability are explored through a tutorial and survey of cryptography and network security technology. Then, the practice of network security is explored via practical applications that have been implemented and are in use today. An unparalleled support package for instructors and students ensures a successful teaching and learning experience.

This text provides a practical survey of the principles and practice of cryptography and network security. Author William Stallings assumes readers are familiar with this field and have a reasonable mathematical background. The publication is akin to a concise university text.

Read More Show Less

Editorial Reviews

From Barnes & Noble

Fatbrain Review

This text provides a practical survey of the principles and practice of cryptography and network security. Author William Stallings assumes readers are familiar with this field and have a reasonable mathematical background. The publication is akin to a concise university text.

Stallings discusses the principles and major issues involving conventional encryption, public-key encryption, network security practice and system security. He discusses classical and modern encryption techniques, and he then reviews conventional algorithms. He continues with examinations and discussions of message authentication, hash algorithms and digital signature authentication protocols. With a focus on security, he overviews authentication applications, Kerberos, X.509 directory authentication service, mail, IP Web security and system security issues. The chapters include problems and recommended reading lists.

New edition of a practical survey intended for both classroom use and self study. Coverage includes conventional encryption<-- >classical and modern techniques, and algorithms; public-key encryption and hash functions; network security, with regard to e-mail, IP, and the Web; and system security<-->intruders, viruses, worms, and firewalls. The appendix contains research and programming projects, and reading/report assignments for teaching the subject. Annotation c. by Book News, Inc., Portland, Or.
From the Publisher
“Coverage and clarity of material are excellent in this book [Stallings]. This is an appropriate level for first-year graduate students.” — Shambhu Upadhyaya, University at Buffalo

“Bill Stallings has long been known as someone who can explain complicated topics well. I’ve been reading his books since the mid-80’s and they are always well done.” — Mike Kain, Drexel University

“The text [Stallings] compares well to other texts in both theory and application…Stallings’ problems are the best that I’ve seen.” — William Bard, University of Texas

“This is one of the best textbooks [Stallings] designed for a combined introduction to cryptology and network security for computer scientists and engineers that I have seen. Mathematics coverage is adequate…virtually no mathematical background is expected.” — David Arnold, Baylor University

“The text [Stallings] does a very good job of giving a subject overview while including details of various algorithms.” — Edward Allen, Wake Forest University

Read More Show Less

Product Details

  • ISBN-13: 9780133354690
  • Publisher: Pearson
  • Publication date: 3/20/2013
  • Edition description: New Edition
  • Edition number: 6
  • Pages: 752
  • Sales rank: 367,267
  • Product dimensions: 7.20 (w) x 9.20 (h) x 1.20 (d)

Meet the Author

Dr. William Stallings has authored 17 titles, and counting revised editions, over 40 books on computer security, computer networking, and computer architecture. His writings have appeared in numerous publications, including the Proceedings of the IEEE, ACM Computing Reviews and Cryptologia.

He has 11 times received the award for the best Computer Science textbook of the year from the Text and Academic Authors Association.

In over 30 years in the field, he has been a technical contributor, technical manager, and an executive with several high-technology firms. He has designed and implemented both TCP/IP-based and OSI-based protocol suites on a variety of computers and operating systems, ranging from microcomputers to mainframes. As a consultant, he has advised government agencies, computer and software vendors, and major users on the design, selection, and use of networking software and products.

He created and maintains the Computer Science Student Resource Site at This site provides documents and links on a variety of subjects of general interest to computer science students (and professionals). He is a member of the editorial board of Cryptologia, a scholarly journal devoted to all aspects of cryptology.

Dr. Stallings holds a PhD from M.I.T. in Computer Science and a B.S. from Notre Dame in electrical engineering.

Read More Show Less

Read an Excerpt

From Chapter 11: Authentication Applications

1. ...The Subject filed is inadequate to convey the identity of a key owner to a public key user. X.509 names may be relatively short and lacking in obvious identification details that may be needed by the user.

2.The Subject field is also inadequate for many applications, which typically recognize entities by an Internet e-mail address, a URL, or some other Internet-related identification.

3. There is a need to indicate security policy information. This enables a security application or function, such as IPSec, to relate an X.509 certificate to a given policy.

4. There is a need to limit the damage that can result from a faulty or malicious CA by settings constraints on the applicability of a particular certificate.

5. It is important to be able to identify separately different keys used by the same owner at different times. This feature supports key life cycle management--in particular, the ability to update key pairs for users and CAs on a regular basis or under exceptional circumstances.

Rather than continue to add fields to a fixed format, standards developers felt that a more flexible approach was needed. Thus, version 3 includes a number of optional extensions that may be added to the version 2 format. Each extension consists of an extension identifier, a criticality indicator indicates whether an extension can be safely ignored. If the indicator has a value of TRUE and an implementation does not recognize the extension, it must treat the certificate as invalid.

The certificate extensions fall into three main categories: key and policy information,subject and issuer attributes, and certification path constraints.

Key and Policy Information

These extensions convey additional information about the subject and issuer keys, plus indicators of certificate policy. A certificate policy is a named set of rules that indicates the applicability of a certificate to a particular community and/or class of application with common security requirements. For example, a policy might be applicable to the authentication of electronic data interchange (EDI) transactions for the trading of goods within a given price range.

This area includes the following:

  • Authority key identifier: Identifies the public key to be used to verify the signature on this certificate or CRL. Enables distinct keys of the same CA to be differentiated. One use of this field is to handle CA key pair updating.
  • Subject key identifier: Identifies the public key being certified. Useful for subject key pair updating. Also, a subject may have multiple key pairs and, correspondingly, different certificates for different purposes (e.g., digital signature and encryption key agreement).
  • Key usage: Indicates a restriction imposed as to the purposes for which, and the policies under which, the certified public key may be used. May indicate one or more of the following: digital signature, nonrepudiation, key encryption, data encryption, key agreement, CA signature verification on certificates, CA signature verification on CRLs.
  • Private-key usage period: Indicates the period of use of the private key corresponding to the public key. Typically, the private key is used over a different period from the validity of the public key. For example, with digital signature keys, the usage period for the signing private key is typically shorter than that for the verifying public key.
  • Certificate policies: Certificates may be used in environments where multiple policies apply. This extension lists policies that the certificate is recognized as supporting, together with optional qualifier information.
  • Policy mappings: Used only in certificates for CAs issued by other CAs. Policy mappings allow an issuing CA to indicate that one or more of that issuer's policies can be considered equivalent to another policy used in the subject CA's domain.
Certificate Subject and Issuer Attributes

These extensions support alternative names, in alternative formats, for a certificate subject or certificate issuer and can convey additional information about the certificate subject, to increase a certificate user's confidence that the certificate subject is a particular person or entity. For example, information such as postal address, position within a corporation, or picture image may be required.

The extension fields in this area include the following:

  • Subject alternative name: Contains one or more alternative names, using any of a variety of forms. This field is important for supporting certain applications, such as electronic mail, EDI, and IPSec, which may employ their own name forms.
  • Issuer alternative name: Contains one or more alternative names, using any of a variety of forms.
  • Subject directory attributes: Conveys any desired X.500 directory attribute values for the subject of this certificate.
Certification Path Constraints

These extensions allow constraint specifications to be included in certificates issued for CAs by other CAs. The constraints may restrict the types of certificates that can be issued by the subject CA or that may occur subsequently in a certification chain.

The extension fields in this area include the following:

  • Basic constraints:Indicates if the subject may act as a CA. If so, a certification path length constraint may be specified.
  • Name constraints: Indicates a name space within which all subject names in subsequent certificates in a certification path must be located.
  • Policy constraints: Specifies constraints that may require explicit certificate policy identification or inhibit policy mapping for the remainder of the certification path...
Read More Show Less

Table of Contents

Preface xiii

Chapter 0 Guide for Readers and Instructors 1

0.1 Outline of This Book 2

0.2 A Roadmap for Readers and Instructors 3

0.3 Internet and Web Resources 4

0.4 Standards 5

Chapter 1 Overview 7

1.1 Computer Security Concepts 9

1.2 The OSI Security Architecture 14

1.3 Security Attacks 15

1.4 Security Services 17

1.5 Security Mechanisms 20

1.6 A Model for Network Security 22

1.7 Recommended Reading 24

1.8 Key Terms, Review Questions, and Problems 25

Part One Symmetric Ciphers 27

Chapter 2 Classical Encryption Techniques 27

2.1 Symmetric Cipher Model 28

2.2 Substitution Techniques 34

2.3 Transposition Techniques 49

2.4 Rotor Machines 50

2.5 Steganography 52

2.6 Recommended Reading 54

2.7 Key Terms, Review Questions, and Problems 55

Chapter 3 Block Ciphers and the Data Encryption Standard 61

3.1 Traditional Block Cipher Structure 63

3.2 The Data Encryption Standard 72

3.3 A DES Example 74

3.4 The Strength of DES 77

3.5 Block Cipher Design Principles 78

3.6 Recommended Reading 80

3.7 Key Terms, Review Questions, and Problems 81

Chapter 4 Basic Concepts in Number Theory and Finite Fields 85

4.1 Divisibility and the Division Algorithm 87

4.2 The Euclidean Algorithm 88

4.3 Modular Arithmetic 91

4.4 Groups, Rings, and Fields 99

4.5 Finite Fields of the Form GF( p) 102

4.6 Polynomial Arithmetic 106

4.7 Finite Fields of the Form GF(2n) 112

4.8 Recommended Reading 124

4.9 Key Terms, Review Questions, and Problems 124

Appendix 4A The Meaning of mod 127

Chapter 5 Advanced Encryption Standard 129

5.1 Finite Field Arithmetic 130

5.2 AES Structure 132

5.3 AES Transformation Functions 137

5.4 AES Key Expansion 148

5.5 An AES Example 151

5.6 AES Implementation 155

5.7 Recommended Reading 159

5.8 Key Terms, Review Questions, and Problems 160

Appendix 5A Polynomials with Coefficients in GF(28) 162

Appendix 5B Simplified AES 164

Chapter 6 Block Cipher Operation 174

6.1 Multiple Encryption and Triple DES 175

6.2 Electronic Code book 180

6.3 Cipher Block Chaining Mode 183

6.4 Cipher Feedback Mode 185

6.5 Output Feedback Mode 187

6.6 Counter Mode 189

6.7 XTS-AES Mode for Block-Oriented Storage Devices 191

6.8 Recommended Reading 198

6.9 Key Terms, Review Questions, and Problems 198

Chapter 7 Pseudorandom Number Generation and Stream Ciphers 202

7.1 Principles of Pseudorandom Number Generation 203

7.2 Pseudorandom Number Generators 210

7.3 Pseudorandom Number Generation Using a Block Cipher 213

7.4 Stream Ciphers 219

7.5 RC4 221

7.6 True Random Number Generators 223

7.7 Recommended Reading 227

7.8 Key Terms, Review Questions, and Problems 228

Part Two Asymmetric Ciphers 231

Chapter 8 More Number Theory 231

8.1 Prime Numbers 232

8.2 Fermat’s and Euler’s Theorems 236

8.3 Testing for Primality 239

8.4 The Chinese Remainder Theorem 242

8.5 Discrete Logarithms 244

8.6 Recommended Reading 249

8.7 Key Terms, Review Questions, and Problems 250

Chapter 9 Public-Key Cryptography and RSA 253

9.1 Principles of Public-Key Cryptosystems 256

9.2 The RSA Algorithm 264

9.3 Recommended Reading 278

9.4 Key Terms, Review Questions, and Problems 279

Appendix 9A The Complexity of Algorithms 283

Chapter 10 Other Public-Key Cryptosystems 286

10.1 Diffie-Hellman Key Exchange 287

10.2 Elgamal Cryptographic System 292

10.3 Elliptic Curve Arithmetic 295

10.4 Elliptic Curve Cryptography 303

10.5 Pseudorandom Number Generation Based on an Asymmetric Cipher 306

10.6 Recommended Reading 309

10.7 Key Terms, Review Questions, and Problems 309

Part Three Cryptographic Data Integrity Algorithms 313

Chapter 11 Cryptographic Hash Functions 313

11.1 Applications of Cryptographic Hash Functions 315

11.2 Two Simple Hash Functions 320

11.3 Requirements and Security 322

11.4 Hash Functions Based on Cipher Block Chaining 328

11.5 Secure Hash Algorithm (SHA) 329

11.6 SHA-3 339

11.7 Recommended Reading 351

11.8 Key Terms, Review Questions, and Problems 351

Chapter 12 Message Authentication Codes 355

12.1 Message Authentication Requirements 357

12.2 Message Authentication Functions 357

12.3 Requirements for Message Authentication Codes 365

12.4 Security of MACs 367

12.5 MACs Based on Hash Functions: HMAC 368

12.6 MACs Based on Block Ciphers: DAA and CMAC 373

12.7 Authenticated Encryption: CCM and GCM 376

12.8 Key Wrapping 382

12.9 Pseudorandom Number Generation using Hash Functions and MACs 387

12.10 Recommended Reading 390

12.11 Key Terms, Review Questions, and Problems 390

Chapter 13 Digital Signatures 393

13.1 Digital Signatures 395

13.2 Elgamal Digital Signature Scheme 398

13.3 Schnorr Digital Signature Scheme 400

13.4 NIST Digital Signature Algorithm 401

13.5 Elliptic Curve Digital Signature Algorithm 404

13.6 RSA-PSS Digital Signature Algorithm 407

13.7 Recommended Reading 412

13.8 Key Terms, Review Questions, and Problems 412

Part Four Mutual Trust 417

Chapter 14 Key Management and Distribution 417

14.1 Symmetric Key Distribution Using Symmetric Encryption 418

14.2 Symmetric Key Distribution Using Asymmetric Encryption 427

14.3 Distribution of Public Keys 430

14.4 X.509 Certificates 435

14.5 Public-Key Infrastructure 443

14.6 Recommended Reading 445

14.7 Key Terms, Review Questions, and Problems 446

Chapter 15 User Authentication 450

15.1 Remote User-Authentication Principles 451

15.2 Remote User-Authentication Using Symmetric Encryption 454

15.3 Kerberos 458

15.4 Remote User Authentication Using Asymmetric Encryption 476

15.5 Federated Identity Management 478

15.6 Personal Identity Verification 484

15.7 Recommended Reading 491

15.8 Key Terms, Review Questions, and Problems 491

Part Five Network And Internet Security 495

Chapter 16 Network Access Control and Cloud Security 495

16.1 Network Access Control 496

16.2 Extensible Authentication Protocol 499

16.3 IEEE 802.1X Port-Based Network Access Control 503

16.4 Cloud Computing 505

16.5 Cloud Security Risks and Countermeasures 512

16.6 Data Protection in the Cloud 514

16.7 Cloud Security as a Service 517

16.8 Recommended Reading 520

16.9 Key Terms, Review Questions, and Problems 521

Chapter 17 Transport-Level Security 522

17.1 Web Security Considerations 523

17.2 Secure Sockets Layer 525

17.3 Transport Layer Security 539

17.4 HTTPS 543

17.5 Secure Shell (SSH) 544

17.6 Recommended Reading 555

17.7 Key Terms, Review Questions, and Problems 556

Chapter 18 Wireless Network Security 558

18.1 Wireless Security 559

18.2 Mobile Device Security 562

18.3 IEEE 802.11 Wireless LAN Overview 566

18.4 IEEE 802.11i Wireless LAN Security 572

18.5 Recommended Reading 586

18.6 Key Terms, Review Questions, and Problems 587

Chapter 19 Electronic Mail Security 590

19.1 Pretty Good Privacy 591

19.2 S/MIME 599

19.3 DomainKeys Identified Mail 615

19.4 Recommended Reading 622

19.5 Key Terms, Review Questions, and Problems 622

Appendix 19A Radix-64 Conversion 623

Chapter 20 IP Security 626

20.1 IP Security Overview 628

20.2 IP Security Policy 632

20.3 Encapsulating Security Payload 638

20.4 Combining Security Associations 645

20.5 Internet Key Exchange 649

20.6 Cryptographic Suites 657

20.7 Recommended Reading 659

20.8 Key Terms, Review Questions, and Problems 659

Appendices 661

Appendix A Projects for Teaching Cryptography and Network Security 661

A.1 Sage Computer Algebra Projects 662

A.2 Hacking Project 663

A.3 Block Cipher Projects 664

A.4 Laboratory Exercises 664

A.5 Research Projects 664

A.6 Programming Projects 665

A.7 Practical Security Assessments 665

A.8 Firewall Projects 666

A.9 Case Studies 666

A.10 Writing Assignments 666

A.11 Reading/Report Assignments 667

A.12 Discussion Topics 667

Appendix B Sage Examples 668

B.1 Linear Algebra and Matrix Functionality 669

B.2 Chapter 2: Classical Encryption 670

B.3 Chapter 3: Block Ciphers and the Data Encryption Standard 673

B.4 Chapter 4: Basic Concepts in Number Theory and Finite Fields 677

B.5 Chapter 5: Advanced Encryption Standard 684

viii Contents

B.6 Chapter 6: Pseudorandom Number Generation and Stream Ciphers 689

B.7 Chapter 8: Number Theory 691

B.8 Chapter 9: Public-Key Cryptography and RSA 696

B.9 Chapter 10: Other Public-Key Cryptosystems 699

B.10 Chapter 11: Cryptographic Hash Functions 704

B.11 Chapter 13: Digital Signatures 706

References 710

Credits 720

Index 723

Online Chapters and Appendices1

Part Six System Security

Chapter 21 Malicious Software

21.1 Types of Malicious Software

21.2 Propagation — Infected Content - Viruses

21.3 Propagation — Vulnerability Exploit - Worms

21.4 Propagation — Social Engineering — SPAM, Trojans

21.5 Payload — System Corruption

21.6 Payload — Attack Agent — Zombie, Bots

21.7 Payload — Information Theft — Keyloggers, Phishing, Spyware

21.8 Payload — Stealthing — Backdoors, Rootkits

21.9 Countermeasures

21.10 Distributed Denial of Service Attacks

21.11 Recommended Reading

21.12 Key Terms, Review Questions, and Problems

Chapter 22 Intruders

22.1 Intruders

22.2 Intrusion Detection

22.3 Password Management

22.4 Recommended Reading

22.5 Key Terms, Review Questions, and Problems

Appendix 22A The Base-Rate Fallacy

Chapter 23 Firewalls

23.1 The Need for Firewalls

23.2 Firewall Characteristics

23.3 Types of Firewalls

23.4 Firewall Basing

23.5 Firewall Location and Configurations

23.6 Recommended Reading

23.7 Key Terms, Review Questions, and Problems

Part seven Legal And Ethical Issues

Chapter 24 Legal and Ethical Issues

24.1 Cybercrime and Computer Crime

24.2 Intellectual Property

24.3 Privacy

24.4 Ethical Issues

24.5 Recommended Reading

24.6 Key Terms, Review Questions, and Problems

Appendix C Sage Exercises

Appendix D Standards and Standards-Setting Organizations

Appendix E Basic Concepts from Linear Algebra

Appendix F Measures of Security and Secrecy

Appendix G Simplified DES

Appendix H Evaluation Criteria for AES

Appendix I More on Simplified AES

Appendix J Knapsack Public-Key Algorithm

Appendix K Proof of the Digital Signature Algorithm

Appendix L TCP/IP and OSI

Appendix M Java Cryptographic APIs

Appendix N MD5 and Whirlpool Hash Functions

Appendix O Data Compression Using ZIP

Appendix P More on PGP

Appendix Q The International Reference Alphabet

Appendix R Proof of the RSA Algorithm

Appendix S Data Encryption Standard (DES)

Appendix T Kerberos Encryption Techniques

Appendix U Mathematical Basis of the Birthday Attack

Appendix V Evaluation Criteria for SHA-3

Read More Show Less


PREFACE "The tie, if I might suggest it, sir, a shade more tightly knotted. One aims at the perfect butterfly effect. If you will permit me—"

"What does it matter, Jeeves, at a time like this? Do you realize that Mr. Little's domestic happiness is hanging in the scale?"
"There is no time, sir, at which ties do not matter."

Very Good Jeeves! P. G. Wodehouse

In this age of universal electronic connectivity, of viruses and hackers, of electronic eavesdropping and electronic fraud, there is indeed no time at which security does not matter. Two trends have come together to make the topic of this book of vital interest. First, the explosive growth in computer systems and their interconnections via networks has increased the dependence of both organizations and individuals on the information stored and communicated using these systems. This, in turn, has led to a heightened awareness of the need to protect data and resources from disclosure, to guarantee the authenticity of data and messages, and to protect systems from network-based attacks. Second, the disciplines of cryptography and network security have matured, leading to the development of practical, readily available applications to enforce network security.


It is the purpose of this book to provide a practical survey of both the principles and practice of cryptography and network security. In the first two parts of the book, the basic issues to be addressed by a network security capability are explored by providing a tutorial and survey of cryptography and network security technology. The latter part of the book deals with the practice of networksecurity: practical applications that have been implemented and are in use to provide network security.

The subject, and therefore this book, draws on a variety of disciplines. In particular, it is impossible to appreciate the significance of some of the techniques discussed in this book without a basic understanding of number theory and some results from probability theory. Nevertheless, an attempt has been made to make the book self-contained. The book presents not only the basic mathematical results that are needed but provides the reader with an intuitive understanding of those results. Such background material is introduced as needed. This approach helps to motivate the material that is introduced, and the author considers this preferable to simply presenting all of the mathematical material in a lump at the beginning of the book.


The book is intended for both an academic and a professional audience. As a textbook, it is intended as a one-semester undergraduate course in cryptography and network security for computer science, computer engineering, and electrical engineering majors. The book also serves as a basic reference volume and is suitable for self-study.


The book is organized in four parts:

Part One. Conventional Encryption: A detailed examination of conventional encryption algorithms and design principles, including a discussion of the use of conventional encryption for confidentiality.

Part Two. Public-Key Encryption and Hash Functions: A detailed examination of public-key encryption algorithms and design principles. This part also examines the use of message authentication codes and hash functions, as well as digital signatures and public-key certificates.

Part Three. Network Security Practice: Covers important network security tools and applications, including Kerberos, X.509v3 certificates, PGP, S/MIME, IP Security, SSL/TLS, and SET.

Part Four. System Security: Looks at system-level security issues, including the threat of and countermeasures for intruders and viruses, and the use of firewalls and trusted systems.

In addition, the book includes an extensive glossary, a list of frequently used acronyms, and a bibliography. Each chapter includes homework problems, review questions, a list of key words. suggestions for further reading, and recommended Web sites.

A more detailed, chapter-by-chapter summary of each part appears at the beginning of that part.


There is a Web page for this book that provides support for students and instructors. The site includes links to other relevant sites, copies of the figures and tables from the book in PDF (Adobe Acrobat) format, and sign-up information for the book's Internet mailing list. The Web page is at An Internet mailing list has been set up so that instructors using this book can exchange information, suggestions, and questions with each other and with the author. As soon as typos or other errors are discovered, an errata list for this book will be available at In addition, the Computer Science Student Resource site, at, provides documents, information, and useful links for computer science students and professionals.


For many instructors, an important component of a cryptography or security course is a project or set of projects by which the student gets hands-on experience to reinforce concepts from the text. This book provides an unparalleled degree of support for including a projects component in the course. The instructor's manual not only includes guidance on how to assign and structure the projects, but also includes a set of suggested projects that covers a broad range of topics from the text:

  • Research Projects: A series of research assignments that instruct the student to research a particular topic on the Internet and write a report
  • Programming Projects: A series of programming projects that cover a broad range of topics and that can be implemented in any suitable language on any platform
  • Reading/Report Assignments: A list of papers in the literature, one for each chapter, that can be assigned for the student to read and then write a short report

See Appendix B for details.


In the four years since the second edition of this book was published, the field has seen continued innovations and improvements. In this new edition, I try to capture these changes while maintaining a broad and comprehensive coverage of the entire field. To begin this process of revision, the second edition was extensively reviewed by a number of professors who teach the subject. In addition, a number of professionals working in the field reviewed individual chapters. The result is that, in many places, the narrative has been clarified and tightened, and illustrations have been improved. Also, a number of new "field-tested" problems have been added.

Beyond these refinements to improve pedagogy and user friendliness, there have been major substantive changes throughout the book. Highlights include the following:

  • New—Advanced Encryption Standard: The most important event in this field in the past four years is the adoption of the Advanced Encryption Standard (AES). This conventional encryption algorithm is designed to replace DES and triple DES and is likely to soon become the most widely used conventional encryption algorithm. A detailed discussion of AES has been added.
  • New—Finite Fields: Both AES and elliptic curve cryptography rely, on the use of finite fields. A new chapter provides a clear, succinct description of the necessary concepts in this area.
  • New—RC4: RC4 is the most widely used stream cipher. It is part of the SSL/TLS (Secure Sockets Layer/Transport Layer Security) standards that have been defined for communication between web browsers and servers. It is also used in the WEP (Wired Equivalent Privacy) protocol that is part of the IEEE 802.11 wireless LAN standard.
  • New—CTR Mode: NIST has recently approved the counter (CTR) mode for block cipher encryption, intended for high-speed applications.
  • Expanded—Treatment of Elliptic Curve Cryptography: ECC is a public-key technique that is becoming increasingly important and widespread. Reflecting this, the coverage of ECC has been expanded considerably.
Read More Show Less

Customer Reviews

Average Rating 5
( 2 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing 1 Customer Reviews
  • Anonymous

    Posted October 4, 2013

    This is an excellent book that provides both a basic tutorial of

    This is an excellent book that provides both a basic tutorial of cryptography and network security principles as well as a very detailed reference. The book is readable at multiple levels with figures and tables that provide a visual explanation of how the cryptography takes place. If you just want to get a basic understanding of cyphers and algorithms, it is an easy read through the chapters (skipping the heavy details) to obtain that base level of knowledge. When you want to dive in deeper, the information is present to truly understand each of the cyphers and algorithms. This is definitely a book that can be used as a simple tutorial or a classroom text – and then kept long term as a much more detailed reference.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing 1 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)