Modern Cryptography: Theory and Practice

Hardcover (Print)
Used and New from Other Sellers
Used and New from Other Sellers
from $1.99
Usually ships in 1-2 business days
(Save 97%)
Other sellers (Hardcover)
  • All (6) from $1.99   
  • New (1) from $215.00   
  • Used (5) from $1.99   
Close
Sort by
Page 1 of 1
Showing All
Note: Marketplace items are not eligible for any BN.com coupons and promotions
$215.00
Seller since 2014

Feedback rating:

(113)

Condition:

New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.

New
Brand new.

Ships from: acton, MA

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
Page 1 of 1
Showing All
Close
Sort by

Overview

"This book would be a good addition to any cryptographer's bookshelf. The book is self-contained; it presents all the background material to understand an algorithm and all the development to prove its security. I'm not aware of another book that's as complete as this one."

—Christian Paquin, Cryptographic/Security Developer, Silanis Technology Inc. "The book is both complete, and extraordinarily technically accurate. It would certainly be a useful addition to any cryptographer's or crypto-engineer's library."

—Marcus Leech, Advisor, Security Architecture and Planning, Nortel Networks Build more secure crypto systems—and prove their trustworthiness Modern Cryptography is the indispensable resource for every technical professional who needs to implement strong security in real-world applications.

Leading HP security expert Wenbo Mao explains why "textbook" crypto schemes, protocols, and systems are profoundly vulnerable by revealing real-world-scenario attacks. Next, he shows how to realize cryptographic systems and protocols that are truly "fit for application"—and formally demonstrates their fitness. Mao presents practical examples throughout and provides all the mathematical background you'll need.

Coverage includes:

  • Crypto foundations: probability, information theory, computational complexity, number theory, algebraic techniques, and more
  • Authentication: basic techniques and principles vs. misconceptions and consequential attacks
  • Evaluating real-world protocol standards including IPSec, IKE, SSH, TLS (SSL), and Kerberos
  • Developing progressively stronger security notions and finally reaching "fit-for-application"use
  • Designing stronger counterparts to vulnerable "textbook" crypto schemes

Mao introduces formal and reductionist methodologies to prove the "fit-for-application" security of practical encryption, signature, signcryption, and authentication schemes. He gives detailed explanations for zero-knowledge protocols: definition, zero-knowledge properties, equatability vs. simulatability, argument vs. proof, round-efficiency, and non-interactive versions.

Read More Show Less

Product Details

  • ISBN-13: 9780130669438
  • Publisher: Prentice Hall
  • Publication date: 7/25/2003
  • Series: HP Professional Series
  • Pages: 707
  • Product dimensions: 7.10 (w) x 9.50 (h) x 1.55 (d)

Meet the Author

WENBO MAO, PhD, is a Technical Contributor to the Trusted Systems Lab at Hewlett-Packard Laboratories, Bristol, UK. Mao leads HP's participation and research activities in Computer Aided Solutions to Secure Electronic Commerce Transactions (CASENET), a research project funded by the European Union. His research interests include cryptography, computer security, and formal methods. He is a member of the International Association for Cryptographic Research (IACR), the Institute of Electrical and Electronics Engineers (IEEE), and the British Computer Society (BCS).

Read More Show Less

Read an Excerpt

Preface

Our society has entered an era where commerce activities, business transactionsand government services have been, and more and more of them will be, conductedand offered over open computer and communications networks such as the Internet,in particular, via WorldWideWeb-based tools. Doing things online has a greatadvantage of an always-on availability to people in any corner of the world. Hereare a few examples of things that have been, can or will be done online:

Banking, bill payment, home shopping, stock trading, auctions, taxation,gambling, micro-payment (e.g., pay-per-downloading), electronicidentity, online access to medical records, virtual private networking, securedata archival and retrieval, certified delivery of documents, fair exchangeof sensitive documents, fair signing of contracts, time-stamping,notarization, voting, advertising, licensing, ticket booking, interactivegames, digital libraries, digital rights management, pirate tracing, . . .

And more can be imagined.

Fascinating commerce activities, transactions and services like these are onlypossible if communications over open networks can be conducted in a secure manner.An effective solution to securing communications over open networks is to applycryptography. Encryption, digital signatures, password-based user authentication,are some of the most basic cryptographic techniques for securing communications.However, as we shall witness many times in this book, there are surprising subtletiesand serious security consequences in the applications of even the most basiccryptographic techniques. Moreover, for many "fancier" applications, such as manylisted in the preceding paragraph, the basiccryptographic techniques are no longeradequate.

With an increasingly large demand for safeguarding communications over opennetworks for more and more sophisticated forms of electronic commerce, businessand servicesa, an increasingly large number of information security professionalsaGartner Group forecasts that total electronic business revenues for business to business (B2B)and business to consumer (B2C) in the European Union will reach a projected US $2.6trillion inwill be needed for designing, developing, analyzing and maintaining informationsecurity systems and cryptographic protocols. These professionals may range fromIT systems administrators, information security engineers and software/hardwaresystems developers whose products have security requirements, to cryptographers.

In the past few years, the author, a technical consultant on information securityand cryptographic systems at Hewlett-Packard Laboratories in Bristol, haswitnessed the phenomenon of a progressively increased demand for information securityprofessionals unmatched by an evident shortage of them. As a result, manyengineers, who are oriented to application problems and may have little propertraining in cryptography and information security have become "roll-up-sleeves"designers and developers for information security systems or cryptographic protocols.This is in spite of the fact that designing cryptographic systems and protocolsis a diffcult job even for an expert cryptographer.

The author's job has granted him privileged opportunities to review many informationsecurity systems and cryptographic protocols, some of them proposedand designed by "roll-up-sleeves" engineers and are for uses in serious applications.In several occasions, the author observed so-called "textbook crypto" features insuch systems, which are the result of applications of cryptographic algorithms andschemes in ways they are usually introduced in many cryptographic textbooks. Directencryption of a password (a secret number of a small magnitude) under abasic public-key encryption algorithm (e.g., "RSA") is a typical example of textbookcrypto. The appearances of textbook crypto in serious applications with a"non-negligible probability" have caused a concern for the author to realize thatthe general danger of textbook crypto is not widely known to many people whodesign and develop information security systems for serious real-world applications.

Motivated by an increasing demand for information security professionals anda belief that their knowledge in cryptography should not be limited to textbookcrypto, the author has written this book as a textbook on non-textbook cryptography.This book endeavors to:


  • Introduce a wide range of cryptographic algorithms, schemes and protocols
  • with a particular emphasis on their non-textbook versions.
  • Reveal general insecurity of textbook crypto by demonstrating a large number
  • of attacks on and summarizing typical attacking techniques for such systems.
  • Provide principles and guidelines for the design, analysis and implementation
  • of cryptographic systems and protocols with a focus on standards.
  • Study formalism techniques and methodologies for a rigorous establishment of strong and fit-for-application security notions for cryptographic systems and
  • protocols.
  • Include self-contained and elaborated material as theoretical foundations of
  • modern cryptography for readers who desire a systematic understanding of
  • the subject.
Scope

Modern cryptography is a vast area of study as a result of fast advances made in thepast thirty years. This book focuses on one aspect:in troducing fit-for-applicationcryptographic schemes and protocols with their strong security properties evidentlyestablished.

The book is organized into the following six parts:

Part I This part contains two chapters (1—2) and serves an elementary-level introductionfor the book and the areas of cryptography and information security.Chapter 1 begins with a demonstration on the effectiveness of cryptographyin solving a subtle communication problem. A simple cryptographic protocol(first protocol of the book) for achieving "fair coin tossing over telephone"will be presented and discussed. This chapter then carries on to conduct acultural and "trade" introduction to the areas of study. Chapter 2 uses aseries of simple authentication protocols to manifest an unfortunate fact inthe areas:pitfalls are everywhere.As an elementary-level introduction, this part is intended for newcomers tothe areas.

Part II This part contains four chapters (3—6) as a set of mathematical backgroundknowledge, facts and basis to serve as a self-contained mathematicalreference guide for the book. Readers who only intend to "knowhow," i.e.,know how to use the fit-for-application crypto schemes and protocols, mayskip this part yet still be able to follow most contents of the rest of the book.Readers who also want to "know-why," i.e., know why these schemes andprotocols have strong security properties, may find that this self-containedmathematical part is a suffcient reference material. When we present workingprinciples of cryptographic schemes and protocols, reveal insecurity forsome of them and reason about security for the rest, it will always be possiblefor us to refer to a precise point in this part of the book for supportingmathematical foundations.This part can also be used to conduct a systematic background study of thetheoretical foundations for modern cryptography.

Part III This part contains four chapters (7—10) introducing the most basic cryptographicalgorithms and techniques for providing privacy and data integrity protections. Chapter 7 is for symmetric encryption schemes, Chapter 8, asymmetrictechniques. Chapter 9 considers an important security quality possessedby the basic and popular asymmetric cryptographic functions whenthey are used in an ideal world in which data are random. Finally, Chapter10 covers data integrity techniques.Since the schemes and techniques introduced here are the most basic ones,many of them are in fact in the textbook crypto category and are consequentlyinsecure. While the schemes are introduced, abundant attacks onmany schemes will be demonstrated with warning remarks explicitly stated.For practitioners who do not plan to proceed with an in-depth study of fitfor-application crypto and their strong security notions, this textbook cryptopart will still provide these readers with explicit early warning signals on thegeneral insecurity of textbook crypto.

Part IV This part contains three chapters (11—13) introducing an important notionin applied cryptography and information security:authen tication. Thesechapters provide a wide coverage of the topic. Chapter 11 includes technicalbackground, principles, a series of basic protocols and standards, common attackingtricks and prevention measures. Chapter 12 is a case study for fourwell-known authentication protocol systems for real world applications. Chapter13 introduces techniques which are particularly suitable for open systemswhich cover up-to-date and novel techniques.Practitioners, such as information security systems administration staff in anenterprise and software/hardware developers whose products have securityconsequences may find this part helpful.

Part V This part contains four chapters (14—17) which provide formalism andrigorous treatments for strong (i.e., fit-for-application) security notions forpublic-key cryptographic techniques (encryption, signature and signcryption)and formal methodologies for the analysis of authentication protocols. Chapter14 introduces formal definitions of strong security notions. The next twochapters are fit-for-application counterparts to textbook crypto schemes introducedin Part III, with strong security properties formally established (i.e.,evidently reasoned). Finally, Chapter 17 introduces formal analysis methodologiesand techniques for the analysis of authentication protocols, which wehave not been able to deal with in Part IV.

Part VI This is the final part of the book. It contains two technical chapters (18—19) and a short final remark (Chapter 20). The main technical content of thispart, Chapter 18, introduces a class of cryptographic protocols called zeroknowledgeprotocols. These protocols provide an important security service claimant. Zero-knowledge protocols to be introduced in this part exemplifythe diversity of special security needs in various real world applications, whichare beyond confidentiality, integrity, authentication and non-repudiation. Inthe final technical chapter of the book (Chapter 19) we will complete ourjob which has been left over from the first protocol of the book:to realize"fair coin tossing over telephone." That final realization will achieve a protocolwhich has evidently-established strong security properties yet with aneffciency suitable for practical applications.

Needless to say, a description for each fit-for-application crypto scheme or protocolhas to begin with a reason why the textbook crypto counterpart is unfit forapplication. Invariably, these reasons are demonstrated by attacks on these schemesor protocols, which, by the nature of attacks, often contain a certain degree of subtleties.In addition, a description of a fit-for-application scheme or protocol mustalso end at an analysis that the strong (i.e., fit-for-application) security propertiesdo hold as claimed. Consequently, some parts of this book inevitably containmathematical and logical reasonings, deductions and transformations in order tomanifest attacks and fixes.

While admittedly fit-for-application cryptography is not a topic for quick masteryor that can be mastered via light reading, this book, nonetheless, is not one forin-depth research topics which will only be of interest to specialist cryptographers.The things reported and explained in it are well-known and quite elementary tocryptographers. The author believes that they can also be comprehended by nonspecialistsif the introduction to the subject is provided with plenty of explanationsand examples and is supported by self-contained mathematical background andreference material.Who Should Read This Book

Students who have completed, or are near to completion of, first degree courses in computer, information science or applied mathematics, and plan to pursue a career in information security. For them, this book may serve as an advanced course in applied cryptography.

Security engineers in high-tech companies who are responsible for the design and development of information security systems. If we say that the consequence of textbook crypto appearing in an academic research proposal may not be too harmful since the worst case of the consequence would be an embarrassment, then the use of textbook crypto in an information security product may lead to a serious loss. Therefore, knowing the unfitness of textbook crypto for real world applications is necessary for these readers. Moreover, these readers should have a good understanding of the security principles behind the fit-for-application schemes and protocols and so they can apply the schemes and the principles correctly. The self-contained mathematical foundations material in Part II makes the book a suitable self-teaching text for which is needed in various "fancy" electronic commerce and business applications: v erification of a claimed property of secret data (e.g., in conforming with a business requirement) while preserving a strict privacy quality for the these readers.

Information security systems administration staff in an enterprise and software/ hardware systems developers whose products have security consequences. For these readers, Part I is a simple and essential course for cultural and "trade" training; Parts III and IV form a suitable cut-down set of knowledge in cryptography and information security. These three parts contain many basic crypto schemes and protocols accompanied with plenty of attacking tricks and prevention measures which should be known to and can be grasped by this population of readers without demanding them to be burdened by theoretical foundations.

New Ph.D. candidates beginning their research in cryptography or computer security. These readers will appreciate a single-point reference book which covers formal treatment of strong security notions and elaborates these notions adequately. Such a book can help them to quickly enter into the vast area of study. For them, Parts II, IV, V and VI constitute a suitable level of literature survey material which can lead them to find further literatures, and can help them to shape and specialize their own research topics.

A cut-down subset of the book (e.g., Part I, II, III and VI) also form a suitable course in applied cryptography for undergraduate students in computer science, information science and applied mathematics courses.

Read More Show Less

Table of Contents

A Short Description of the Book
Preface
List of Figures
List of Algorithms, Protocols and Attacks
I Introduction 1
1 Beginning with a Simple Communication Game 3
2 Wrestling Between Safeguard and Attack 23
II Mathematical Foundations 55
Standard Notation 57
3 Probability and Information Theory 61
4 Computational Complexity 85
5 Algebraic Foundations 139
6 Number Theory 175
III Basic Cryptographic Techniques 203
7 Encryption - Symmetric Techniques 205
8 Encryption - Asymmetric Techniques 245
9 In an Ideal World: Bit Security of the Basic Public-Key Cryptographic Functions 285
10 Data Integrity Techniques 297
IV Authentication 327
11 Authentication Protocols - Principles 329
12 Authentication Protocols - The Real World 387
13 Authentication Framework for Public-Key Cryptography 427
V Formal Approaches to Security Establishment 459
14 Formal and Strong Security Definitions for Public-Key Cryptosystems 461
15 Provably Secure and Efficient Public-Key Cryptosystems 501
16 Strong and Provable Security for Digital Signatures 545
17 Formal Methods for Authentication Protocols Analysis 577
VI Cryptographic Protocols 617
18 Zero-Knowledge Protocols 619
19 Returning to "Coin Flipping Over Telephone" 665
20 Afterremark 671
Bibliography 673
Subject Index 699
Read More Show Less

Preface

Preface

Our society has entered an era where commerce activities, business transactionsand government services have been, and more and more of them will be, conductedand offered over open computer and communications networks such as the Internet,in particular, via WorldWideWeb-based tools. Doing things online has a greatadvantage of an always-on availability to people in any corner of the world. Hereare a few examples of things that have been, can or will be done online:

Banking, bill payment, home shopping, stock trading, auctions, taxation,gambling, micro-payment (e.g., pay-per-downloading), electronicidentity, online access to medical records, virtual private networking, securedata archival and retrieval, certified delivery of documents, fair exchangeof sensitive documents, fair signing of contracts, time-stamping,notarization, voting, advertising, licensing, ticket booking, interactivegames, digital libraries, digital rights management, pirate tracing, . . .

And more can be imagined.

Fascinating commerce activities, transactions and services like these are onlypossible if communications over open networks can be conducted in a secure manner.An effective solution to securing communications over open networks is to applycryptography. Encryption, digital signatures, password-based user authentication,are some of the most basic cryptographic techniques for securing communications.However, as we shall witness many times in this book, there are surprising subtletiesand serious security consequences in the applications of even the most basiccryptographic techniques. Moreover, for many "fancier" applications, such as manylisted in the preceding paragraph, the basic cryptographic techniques are no longeradequate.

With an increasingly large demand for safeguarding communications over opennetworks for more and more sophisticated forms of electronic commerce, businessand servicesa, an increasingly large number of information security professionalsaGartner Group forecasts that total electronic business revenues for business to business (B2B)and business to consumer (B2C) in the European Union will reach a projected US $2.6trillion inwill be needed for designing, developing, analyzing and maintaining informationsecurity systems and cryptographic protocols. These professionals may range fromIT systems administrators, information security engineers and software/hardwaresystems developers whose products have security requirements, to cryptographers.

In the past few years, the author, a technical consultant on information securityand cryptographic systems at Hewlett-Packard Laboratories in Bristol, haswitnessed the phenomenon of a progressively increased demand for information securityprofessionals unmatched by an evident shortage of them. As a result, manyengineers, who are oriented to application problems and may have little propertraining in cryptography and information security have become "roll-up-sleeves"designers and developers for information security systems or cryptographic protocols.This is in spite of the fact that designing cryptographic systems and protocolsis a diffcult job even for an expert cryptographer.

The author's job has granted him privileged opportunities to review many informationsecurity systems and cryptographic protocols, some of them proposedand designed by "roll-up-sleeves" engineers and are for uses in serious applications.In several occasions, the author observed so-called "textbook crypto" features insuch systems, which are the result of applications of cryptographic algorithms andschemes in ways they are usually introduced in many cryptographic textbooks. Directencryption of a password (a secret number of a small magnitude) under abasic public-key encryption algorithm (e.g., "RSA") is a typical example of textbookcrypto. The appearances of textbook crypto in serious applications with a"non-negligible probability" have caused a concern for the author to realize thatthe general danger of textbook crypto is not widely known to many people whodesign and develop information security systems for serious real-world applications.

Motivated by an increasing demand for information security professionals anda belief that their knowledge in cryptography should not be limited to textbookcrypto, the author has written this book as a textbook on non-textbook cryptography.This book endeavors to:

  • Introduce a wide range of cryptographic algorithms, schemes and protocols
  • with a particular emphasis on their non-textbook versions.
  • Reveal general insecurity of textbook crypto by demonstrating a large number
  • of attacks on and summarizing typical attacking techniques for such systems.
  • Provide principles and guidelines for the design, analysis and implementation
  • of cryptographic systems and protocols with a focus on standards.
  • Study formalism techniques and methodologies for a rigorous establishment of strong and fit-for-application security notions for cryptographic systems and
  • protocols.
  • Include self-contained and elaborated material as theoretical foundations of
  • modern cryptography for readers who desire a systematic understanding of
  • the subject.

Scope

Modern cryptography is a vast area of study as a result of fast advances made in thepast thirty years. This book focuses on one aspect:in troducing fit-for-applicationcryptographic schemes and protocols with their strong security properties evidentlyestablished.

The book is organized into the following six parts:

Part I This part contains two chapters (1--2) and serves an elementary-level introductionfor the book and the areas of cryptography and information security.Chapter 1 begins with a demonstration on the effectiveness of cryptographyin solving a subtle communication problem. A simple cryptographic protocol(first protocol of the book) for achieving "fair coin tossing over telephone"will be presented and discussed. This chapter then carries on to conduct acultural and "trade" introduction to the areas of study. Chapter 2 uses aseries of simple authentication protocols to manifest an unfortunate fact inthe areas:pitfalls are everywhere.As an elementary-level introduction, this part is intended for newcomers tothe areas.

Part II This part contains four chapters (3--6) as a set of mathematical backgroundknowledge, facts and basis to serve as a self-contained mathematicalreference guide for the book. Readers who only intend to "knowhow," i.e.,know how to use the fit-for-application crypto schemes and protocols, mayskip this part yet still be able to follow most contents of the rest of the book.Readers who also want to "know-why," i.e., know why these schemes andprotocols have strong security properties, may find that this self-containedmathematical part is a suffcient reference material. When we present workingprinciples of cryptographic schemes and protocols, reveal insecurity forsome of them and reason about security for the rest, it will always be possiblefor us to refer to a precise point in this part of the book for supportingmathematical foundations.This part can also be used to conduct a systematic background study of thetheoretical foundations for modern cryptography.

Part III This part contains four chapters (7--10) introducing the most basic cryptographicalgorithms and techniques for providing privacy and data integrity protections. Chapter 7 is for symmetric encryption schemes, Chapter 8, asymmetrictechniques. Chapter 9 considers an important security quality possessedby the basic and popular asymmetric cryptographic functions whenthey are used in an ideal world in which data are random. Finally, Chapter10 covers data integrity techniques.Since the schemes and techniques introduced here are the most basic ones,many of them are in fact in the textbook crypto category and are consequentlyinsecure. While the schemes are introduced, abundant attacks onmany schemes will be demonstrated with warning remarks explicitly stated.For practitioners who do not plan to proceed with an in-depth study of fitfor-application crypto and their strong security notions, this textbook cryptopart will still provide these readers with explicit early warning signals on thegeneral insecurity of textbook crypto.

Part IV This part contains three chapters (11--13) introducing an important notionin applied cryptography and information security:authen tication. Thesechapters provide a wide coverage of the topic. Chapter 11 includes technicalbackground, principles, a series of basic protocols and standards, common attackingtricks and prevention measures. Chapter 12 is a case study for fourwell-known authentication protocol systems for real world applications. Chapter13 introduces techniques which are particularly suitable for open systemswhich cover up-to-date and novel techniques.Practitioners, such as information security systems administration staff in anenterprise and software/hardware developers whose products have securityconsequences may find this part helpful.

Part V This part contains four chapters (14--17) which provide formalism andrigorous treatments for strong (i.e., fit-for-application) security notions forpublic-key cryptographic techniques (encryption, signature and signcryption)and formal methodologies for the analysis of authentication protocols. Chapter14 introduces formal definitions of strong security notions. The next twochapters are fit-for-application counterparts to textbook crypto schemes introducedin Part III, with strong security properties formally established (i.e.,evidently reasoned). Finally, Chapter 17 introduces formal analysis methodologiesand techniques for the analysis of authentication protocols, which wehave not been able to deal with in Part IV.

Part VI This is the final part of the book. It contains two technical chapters (18--19) and a short final remark (Chapter 20). The main technical content of thispart, Chapter 18, introduces a class of cryptographic protocols called zeroknowledgeprotocols. These protocols provide an important security service claimant. Zero-knowledge protocols to be introduced in this part exemplifythe diversity of special security needs in various real world applications, whichare beyond confidentiality, integrity, authentication and non-repudiation. Inthe final technical chapter of the book (Chapter 19) we will complete ourjob which has been left over from the first protocol of the book:to realize"fair coin tossing over telephone." That final realization will achieve a protocolwhich has evidently-established strong security properties yet with aneffciency suitable for practical applications.

Needless to say, a description for each fit-for-application crypto scheme or protocolhas to begin with a reason why the textbook crypto counterpart is unfit forapplication. Invariably, these reasons are demonstrated by attacks on these schemesor protocols, which, by the nature of attacks, often contain a certain degree of subtleties.In addition, a description of a fit-for-application scheme or protocol mustalso end at an analysis that the strong (i.e., fit-for-application) security propertiesdo hold as claimed. Consequently, some parts of this book inevitably containmathematical and logical reasonings, deductions and transformations in order tomanifest attacks and fixes.

While admittedly fit-for-application cryptography is not a topic for quick masteryor that can be mastered via light reading, this book, nonetheless, is not one forin-depth research topics which will only be of interest to specialist cryptographers.The things reported and explained in it are well-known and quite elementary tocryptographers. The author believes that they can also be comprehended by nonspecialistsif the introduction to the subject is provided with plenty of explanationsand examples and is supported by self-contained mathematical background andreference material.

Who Should Read This Book

Students who have completed, or are near to completion of, first degree courses in computer, information science or applied mathematics, and plan to pursue a career in information security. For them, this book may serve as an advanced course in applied cryptography.

Security engineers in high-tech companies who are responsible for the design and development of information security systems. If we say that the consequence of textbook crypto appearing in an academic research proposal may not be too harmful since the worst case of the consequence would be an embarrassment, then the use of textbook crypto in an information security product may lead to a serious loss. Therefore, knowing the unfitness of textbook crypto for real world applications is necessary for these readers. Moreover, these readers should have a good understanding of the security principles behind the fit-for-application schemes and protocols and so they can apply the schemes and the principles correctly. The self-contained mathematical foundations material in Part II makes the book a suitable self-teaching text for which is needed in various "fancy" electronic commerce and business applications: v erification of a claimed property of secret data (e.g., in conforming with a business requirement) while preserving a strict privacy quality for the these readers.

Information security systems administration staff in an enterprise and software/ hardware systems developers whose products have security consequences. For these readers, Part I is a simple and essential course for cultural and "trade" training; Parts III and IV form a suitable cut-down set of knowledge in cryptography and information security. These three parts contain many basic crypto schemes and protocols accompanied with plenty of attacking tricks and prevention measures which should be known to and can be grasped by this population of readers without demanding them to be burdened by theoretical foundations.

New Ph.D. candidates beginning their research in cryptography or computer security. These readers will appreciate a single-point reference book which covers formal treatment of strong security notions and elaborates these notions adequately. Such a book can help them to quickly enter into the vast area of study. For them, Parts II, IV, V and VI constitute a suitable level of literature survey material which can lead them to find further literatures, and can help them to shape and specialize their own research topics.

A cut-down subset of the book (e.g., Part I, II, III and VI) also form a suitable course in applied cryptography for undergraduate students in computer science, information science and applied mathematics courses.

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)