Cryptography and Network Security : Principles and Practice / Edition 3

Hardcover (Print)
Used and New from Other Sellers
Used and New from Other Sellers
from $1.99
Usually ships in 1-2 business days
(Save 97%)
Other sellers (Hardcover)
  • All (23) from $1.99   
  • New (2) from $17.88   
  • Used (21) from $1.99   
Sort by
Page 1 of 1
Showing All
Note: Marketplace items are not eligible for any coupons and promotions
Seller since 2015

Feedback rating:



New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.

2002-08-27 Hardcover New New, We ship one business day with tracking number. We do not ship to CANADA, GU, PR, Hawaii and Alaska.

Ships from: hayward, CA

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
Seller since 2008

Feedback rating:


Condition: New

Ships from: Chicago, IL

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
Page 1 of 1
Showing All
Sort by


Stallings has provided a state-of-the-art text covering the basic issues and principles and surveying cryptographic and network security techniques. The later part of the book deals with the real-world practice of network security: practical applications that have been implemented and are in use to provide network security. This book is intended for both an academic and a professional audience.

This text provides a practical survey of the principles and practice of cryptography and network security. Author William Stallings assumes readers are familiar with this field and have a reasonable mathematical background. The publication is akin to a concise university text.

Read More Show Less

Editorial Reviews

From Barnes & Noble

Fatbrain Review

This text provides a practical survey of the principles and practice of cryptography and network security. Author William Stallings assumes readers are familiar with this field and have a reasonable mathematical background. The publication is akin to a concise university text.

Stallings discusses the principles and major issues involving conventional encryption, public-key encryption, network security practice and system security. He discusses classical and modern encryption techniques, and he then reviews conventional algorithms. He continues with examinations and discussions of message authentication, hash algorithms and digital signature authentication protocols. With a focus on security, he overviews authentication applications, Kerberos, X.509 directory authentication service, mail, IP Web security and system security issues. The chapters include problems and recommended reading lists.

New edition of a practical survey intended for both classroom use and self study. Coverage includes conventional encryption<-- >classical and modern techniques, and algorithms; public-key encryption and hash functions; network security, with regard to e-mail, IP, and the Web; and system security<-->intruders, viruses, worms, and firewalls. The appendix contains research and programming projects, and reading/report assignments for teaching the subject. Annotation c. by Book News, Inc., Portland, Or.
Read More Show Less

Product Details

  • ISBN-13: 9780130914293
  • Publisher: Pearson
  • Publication date: 9/28/2002
  • Edition description: Older Edition
  • Edition number: 3
  • Pages: 696
  • Product dimensions: 7.20 (w) x 9.32 (h) x 1.20 (d)

Meet the Author

William Stallings has made a unique contribution to understanding the broad sweep of technical developments in computer networking and computer architecture. He has authored 17 titles, and counting revised editions, a total of 37 books on various aspects of these subjects. He is an independent consultant whose clients have included computer and networking manufacturers and customers, software development firms, and leading-edge governement research institutions. Dr. Stallings holds a Ph.D. from M.I.T. in Computer Science and a B.S. from Notre Dame in electrical engineering. All of his Prentice Hall titles can be found at the Prentice Hall web site
Read More Show Less

Read an Excerpt

From Chapter 11: Authentication Applications

1. ...The Subject filed is inadequate to convey the identity of a key owner to a public key user. X.509 names may be relatively short and lacking in obvious identification details that may be needed by the user.

2.The Subject field is also inadequate for many applications, which typically recognize entities by an Internet e-mail address, a URL, or some other Internet-related identification.

3. There is a need to indicate security policy information. This enables a security application or function, such as IPSec, to relate an X.509 certificate to a given policy.

4. There is a need to limit the damage that can result from a faulty or malicious CA by settings constraints on the applicability of a particular certificate.

5. It is important to be able to identify separately different keys used by the same owner at different times. This feature supports key life cycle management--in particular, the ability to update key pairs for users and CAs on a regular basis or under exceptional circumstances.

Rather than continue to add fields to a fixed format, standards developers felt that a more flexible approach was needed. Thus, version 3 includes a number of optional extensions that may be added to the version 2 format. Each extension consists of an extension identifier, a criticality indicator indicates whether an extension can be safely ignored. If the indicator has a value of TRUE and an implementation does not recognize the extension, it must treat the certificate as invalid.

The certificate extensions fall into three main categories: key and policy information,subject and issuer attributes, and certification path constraints.

Key and Policy Information

These extensions convey additional information about the subject and issuer keys, plus indicators of certificate policy. A certificate policy is a named set of rules that indicates the applicability of a certificate to a particular community and/or class of application with common security requirements. For example, a policy might be applicable to the authentication of electronic data interchange (EDI) transactions for the trading of goods within a given price range.

This area includes the following:

  • Authority key identifier: Identifies the public key to be used to verify the signature on this certificate or CRL. Enables distinct keys of the same CA to be differentiated. One use of this field is to handle CA key pair updating.
  • Subject key identifier: Identifies the public key being certified. Useful for subject key pair updating. Also, a subject may have multiple key pairs and, correspondingly, different certificates for different purposes (e.g., digital signature and encryption key agreement).
  • Key usage: Indicates a restriction imposed as to the purposes for which, and the policies under which, the certified public key may be used. May indicate one or more of the following: digital signature, nonrepudiation, key encryption, data encryption, key agreement, CA signature verification on certificates, CA signature verification on CRLs.
  • Private-key usage period: Indicates the period of use of the private key corresponding to the public key. Typically, the private key is used over a different period from the validity of the public key. For example, with digital signature keys, the usage period for the signing private key is typically shorter than that for the verifying public key.
  • Certificate policies: Certificates may be used in environments where multiple policies apply. This extension lists policies that the certificate is recognized as supporting, together with optional qualifier information.
  • Policy mappings: Used only in certificates for CAs issued by other CAs. Policy mappings allow an issuing CA to indicate that one or more of that issuer's policies can be considered equivalent to another policy used in the subject CA's domain.
Certificate Subject and Issuer Attributes

These extensions support alternative names, in alternative formats, for a certificate subject or certificate issuer and can convey additional information about the certificate subject, to increase a certificate user's confidence that the certificate subject is a particular person or entity. For example, information such as postal address, position within a corporation, or picture image may be required.

The extension fields in this area include the following:

  • Subject alternative name: Contains one or more alternative names, using any of a variety of forms. This field is important for supporting certain applications, such as electronic mail, EDI, and IPSec, which may employ their own name forms.
  • Issuer alternative name: Contains one or more alternative names, using any of a variety of forms.
  • Subject directory attributes: Conveys any desired X.500 directory attribute values for the subject of this certificate.
Certification Path Constraints

These extensions allow constraint specifications to be included in certificates issued for CAs by other CAs. The constraints may restrict the types of certificates that can be issued by the subject CA or that may occur subsequently in a certification chain.

The extension fields in this area include the following:

  • Basic constraints:Indicates if the subject may act as a CA. If so, a certification path length constraint may be specified.
  • Name constraints: Indicates a name space within which all subject names in subsequent certificates in a certification path must be located.
  • Policy constraints: Specifies constraints that may require explicit certificate policy identification or inhibit policy mapping for the remainder of the certification path...
Read More Show Less

Table of Contents

Ch. 1 Overview 1
Pt. 1 Symmetric Ciphers 21
Ch. 2 Classical Encryption Techniques 23
Ch. 3 Block Ciphers and the Data Encryption Standard 55
Ch. 4 Introduction to Finite Fields 103
Ch. 5 Advanced Encryption Standard 139
Ch. 6 Contemporary Symmetric Ciphers 173
Ch. 7 Confidentiality Using Symmetric Encryption 201
Pt. 2 Public-Key Encryption and Hash Functions 233
Ch. 8 Introduction to Number Theory 235
Ch. 9 Public-Key Cryptography and RSA 257
Ch. 10 Key Management; Other Public-Key Cryptosystems 285
Ch. 11 Message Authentication and Hash Functions 311
Ch. 12 Hash Algorithms 347
Ch. 13 Digital Signatures and Authentication Protocols 379
Pt. 3 Network Security Practice 399
Ch. 14 Authentication Applications 401
Ch. 15 Electronic Mail Security 435
Ch. 16 IP Security 481
Ch. 17 Web Security 527
Pt. 4 System Security 563
Ch. 18 Intruders 565
Ch. 19 Malicious Software 597
Ch. 20 Firewalls 615
App. A: Standards and Standards-Setting Organizations 637
App. B Projects for Teaching Cryptography and Network Security 647
Glossary 651
References 657
Index 670
Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)