Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Title page
Copyright
Contents
Preface to the Second Edition
Preface
List of Figures
List of Tables
Part I Setting the Scene
1 Basic Principles
1.1 Why information security?
1.1.1 The rising profile of information security
1.1.2 Two very different office environments
An Old Office
A Modern Office
1.1.3 Differing perspectives
Individual Perspective
Business Perspective
Government Perspective
1.1.4 The importance of security infrastructure
1.2 Security risks
1.2.1 Types of attack
Passive Attacks
Active Attacks
1.2.2 Security risks for a simple scenario
1.2.3 Choosing security mechanisms
1.3 Security services
1.3.1 Basic definitions
1.3.2 Relationships between security services
Data Origin Authentication is a Stronger Notion than Data Integrity
Non-Repudiation of a Source is a Stronger Notion than Data Origin Authentication
Data Origin Authentication and Entity Authentication are Different
Data Origin Authentication Plus a Freshness Check can Provide Entity Authentication
Confidentiality Does Not Imply Data Origin Authentication
1.4 Fundamentals of cryptosystems
1.4.1 Different cryptographic concepts
1.4.2 Cryptographic primitives for security services
1.4.3 Basic model of a cryptosystem
1.4.4 Codes
1.4.5 Steganography
1.4.6 Access control
1.4.7 Two types of cryptosystem
1.4.8 Secrecy of the encryption key
1.5 Cryptosystem security assumptions
1.5.1 Standard assumptions
1.5.2 Theoretical attack models
1.5.3 Knowledge of the encryption algorithm
The Impact of Kerckhoffs’ Second Principle
The Case for Publicly Known Algorithms
What Happens in Practice?
1.5.4 Use of publicly known algorithms
1.6 Breaking cryptosystems
1.6.1 Some useful preliminaries
Binary Numbers
XOR
Exponentiation
Concatenation
1.6.2 Key lengths and keyspaces
1.6.3 Breaking encryption algorithms
1.6.4 Exhaustive key searches
Conducting an Exhaustive Key Search
Identifying Candidate Decryption Keys
Determining the Correct Decryption Key
Protecting Against Exhaustive Key Searches
1.6.5 Classes of attack
1.6.6 Academic attacks
1.7 Summary
1.8 Further reading
1.9 Activities
2 Historical Cryptosystems
2.1 Monoalphabetic ciphers
2.1.1 Caesar Cipher
Description of the Caesar Cipher
Fitting the Caesar Cipher to the Basic Model
Mathematical Description of the Caesar Cipher
Insecurity of the Caesar Cipher
2.1.2 Simple Substitution Cipher
Permutations
Description of the Simple Substitution Cipher
Fitting the Simple Substitution Cipher to the Basic Model
Keyspace of the Simple Substitution Cipher
Insecurity of the Simple Substitution Cipher
2.1.3 Frequency analysis
The Nature of Plaintexts
Letter Frequency Analysis
Limitations of Letter Frequency Analysis
Sufficiency of Keyspace Size
2.1.4 A study of theory versus practice
Theory: Uniqueness of the Plaintext
Practice: Statistical Information
The Gap Between Theory and Practice
2.2 Historical advances
2.2.1 Design improvements
2.2.2 Playfair Cipher
Preprocessing for the Playfair Cipher
Encryption Using the Playfair Cipher
Example of a Playfair Cipher
Cryptanalysis of the Playfair Cipher
Lessons from the Playfair Cipher
2.2.3 Homophonic encoding
Example of Homophonic Encoding
Single Letter Frequency Analysis of Homophonic Encoding
Problems with Homophonic Encoding
Lesson from Homophonic Encoding
2.2.4 Vigenère Cipher
Encryption Using the Vigenère Cipher
Cryptanalysis of the Vigenère Cipher
Lesson from the Vigenère Cipher
2.3 Summary
2.4 Further reading
2.5 Activities
3 Theoretical versus Practical Security
3.1 Theoretical security
3.1.1 Perfect secrecy
Motivating Perfect Secrecy
Defining Perfect Secrecy
3.1.2 A simple cryptosystem offering perfect secrecy
Description of the Cryptosystem
The Attacker’s View
Comments on the Simple Cryptosystem
3.1.3 One-time pads
Properties of a One-Time Pad
One-Time Pad from the Vigenère Cipher
Consequences of Key Reuse in a One-Time Pad
One-Time Pad from a Latin Square
Vernam Cipher
3.1.4 Theoretical security summary
3.2 Practical security
3.2.1 One-time pad in practice
Key Management Issues with a One-Time Pad
One-Time Pads in Practice
3.2.2 Cover time
3.2.3 Computational complexity
Complexity of Simple Processes
Polynomial and Exponential Time
Computing Real Attack Times
Limitations of Complexity
3.2.4 Design process of a cryptosystem
Selection or Design of a Primitive
Mode of Use
Implementation
Key Management
3.2.5 Evaluating security
Assessing the Security of a Cryptographic Algorithm
Assessing the Security of a Cryptographic Protocol
Assessing the Security of a Cryptosystem
3.2.6 Adequate security
3.2.7 Towards a notion of practical security
3.3 Summary
3.4 Further reading
3.5 Activities
Part II The Cryptographic Toolkit
4 Symmetric Encryption
4.1 Classification of symmetric encryption algorithms
4.2 Stream ciphers
4.2.1 Model of a stream cipher
4.2.2 Key management of stream ciphers
4.2.3 The impact of errors
4.2.4 Properties of stream ciphers
4.2.5 Examples of stream ciphers
4.3 Block ciphers
4.3.1 Model of a block cipher
4.3.2 Properties of block ciphers
4.3.3 Block cipher algorithms
4.4 The Data Encryption Standard
4.4.1 Feistel Cipher
Encryption Using a Feistel Cipher
Choosing the Round Function
Decryption Using a Feistel Cipher
Number of Rounds
4.4.2 Specification of DES
4.4.3 Brief history of DES
Milestones in the History of DES
Early Design Criticisms
DES Key Searches
4.4.4 Triple DES
3-Key Triple DES
2-Key Triple DES
Triple DES in Practice
4.5 The Advanced Encryption Standard
4.5.1 Development of AES
4.5.2 Design of AES
AES Encryption
AES Decryption
4.5.3 AES today
4.6 Modes of operation
4.6.1 Electronic Code Book mode
How ECB Mode Works
Problems with ECB Mode
4.6.2 Cipher Block Chaining mode
Encryption Using CBC Mode
Decryption Using CBC Mode
Impact of Transmission Errors in CBC Mode
Properties of CBC Mode
4.6.3 Cipher Feedback mode
Encryption Using CFB Mode
Decryption Using CFB Mode
Reduced Feedback CFB Mode
Properties of CFB Mode
4.6.4 Counter mode
Encryption and Decryption Using CTR Mode
Properties of CTR Mode
4.6.5 Comparing modes of operation
4.7 Use of symmetric encryption
4.7.1 Other types of symmetric encryption
4.7.2 The future for symmetric encryption
4.8 Summary
4.9 Further reading
4.10 Activities
5 Public-Key Encryption
5.1 Public-key cryptography
5.1.1 Motivation for public-key cryptography
Problems with Symmetric Cryptography
History of Public-Key Cryptography
5.1.2 Properties of public-key cryptosystems
The Briefcase Protocol
A Blueprint for a Public-Key Cryptosystem
A Better Briefcase Analogy?
5.1.3 Some mathematical preliminaries
Primes
Modular Arithmetic
Some Notation
5.1.4 One-way functions for public-key cryptography
Trapdoor One-Way Functions
Multiplication of Two Large Primes
Modular Exponentiation with a Large Modulus
Non-Modular Exponentiation
5.2 RSA
5.2.1 Setting up RSA
Generating an RSA Key Pair
5.2.2 Encryption and decryption using RSA
RSA Encryption
RSA Decryption
5.2.3 Security of RSA
Decrypting a Ciphertext Without Knowledge of the Private Key
Determining the Private Key Directly from the Public Key
Specific Instance Attacks on RSA
RSA Security Summary
5.2.4 RSA in practice
Probabilistic Encryption
RSA-OAEP
5.3 ElGamal and elliptic curve variants
5.3.1 Setting up ElGamal
5.3.2 Encryption and decryption using ElGamal
Elgamal Encryption
Elgamal Decryption
5.3.3 Security of ElGamal
Decrypting a Ciphertext Without Knowledge of the Private Key
Determining the Private Key Directly from the Public Key
Elgamal Security Summary
5.3.4 ElGamal in practice
Use of System-Wide Parameters
Probabilistic Encryption
Message Expansion
5.3.5 Elliptic Curve Cryptography
5.4 Comparison of RSA, ElGamal, and ECC
5.4.1 Popularity of RSA
5.4.2 Performance issues
5.4.3 Security issues
Key Lengths of Public-Key Cryptosystems
Comparing Security of Public-Key Cryptosystems
Exhaustive Key Searches for Private Keys
Relative Key Lengths
5.5 Use of public-key encryption
5.5.1 Limiting factors
5.5.2 Hybrid encryption
5.5.3 Other types of public-key cryptosystem
5.5.4 The future for public-key cryptosystems
5.6 Summary
5.7 Further reading
5.8 Activities
6 Data Integrity
6.1 Different levels of data integrity
6.2 Hash functions
6.2.1 Properties of a hash function
Practical Property 1: Compresses Arbitrary Long Inputs into a Fixed Length Output
Practical Property 2: Easy to Compute
Security Property 1: Preimage Resistance
Security Property 2: Second Preimage Resistance
Security Property 3: Collision Resistance
Relationships Between the Three Security Properties
6.2.2 Applications of hash functions
Application Requiring Preimage Resistance
Application Requiring Second Preimage Resistance
Application Requiring Collision Resistance
6.2.3 Attacking hash functions in theory
The Dangers of a Very Small Hash
The Dangers of a Small Hash
Birthday Attacks
6.2.4 Hash functions in practice
Hash Function Design
A Brief History of Modern Hash Functions
6.2.5 SHA-3
SHA-3 Design
SHA-3 Family
Use of SHA-3
6.3 Message authentication codes
6.3.1 Does symmetric encryption provide data origin authentication?
6.3.2 MAC properties
6.3.3 CBC-MAC
Computing CBC-MAC
Checking CBC-MAC
Security of CBC-MAC
CBC-MAC in Practice
6.3.4 HMAC
6.3.5 MACs and non-repudiation
6.3.6 Using MACs with encryption
Using Separate Primitives
Authenticated-Encryption Primitives
Galois Counter Mode
Other Authenticated-Encryption Modes
6.4 Summary
6.5 Further reading
6.6 Activities
7 Digital Signature Schemes
7.1 Digital signatures
7.1.1 The basic idea
7.1.2 Electronic signatures
7.1.3 Digital signature scheme fundamentals
Requirements for a Digital Signature Scheme
Basic Properties of a Digital Signature Scheme
7.2 Non-repudiation using symmetric techniques
7.2.1 Arbitrated digital signature schemes
7.2.2 Asymmetric trust relationships
7.2.3 Enforced trust
7.3 Digital signature schemes based on RSA
7.3.1 Complementary requirements
7.3.2 Basic model of a digital signature scheme
7.3.3 Two different approaches
7.3.4 RSA digital signature scheme with appendix
The Signing Process
The Verification Process
Reasons for Hashing
RSA is Special
7.3.5 RSA digital signature scheme with message recovery
Advantages of Digital Signature Schemes with Message Recovery
Signing and Verifying Using a Digital Signature Scheme with Message Recovery
Redundancy Techniques
Digital Signature Schemes with Message Recovery and Confidentiality
7.3.6 Other digital signature schemes
7.4 Digital signature schemes in practice
7.4.1 Security of digital signature schemes
Security of the Signature Key
Security of the Verification Key
Security of the Hash Function
7.4.2 Using digital signature schemes with encryption
7.4.3 Relationship with handwritten signatures
Environmental Differences
Security Differences
Practical Differences
Flexibility Differences
7.4.4 Relationship with advanced electronic signatures
7.5 Summary
7.6 Further reading
7.7 Activities
8 Entity Authentication
8.1 Random number generation
8.1.1 The need for randomness
8.1.2 What is randomness?
8.1.3 Non-deterministic generators
Hardware-Based Non-Deterministic Generators
Software-Based Non-Deterministic Generators
Non-Deterministic Generators in Practice
8.1.4 Deterministic generators
Basic Model of a Deterministic Generator
Deterministic Generators in Practice
8.2 Providing freshness
8.2.1 Clock-based mechanisms
8.2.2 Sequence numbers
8.2.3 Nonce-based mechanisms
8.2.4 Comparison of freshness mechanisms
8.3 Fundamentals of entity authentication
8.3.1 A problem with entity authentication
8.3.2 Applications of entity authentication
8.3.3 General categories of identification information
Something the Claimant Has
Something the Claimant Is
Something the Claimant Knows
8.4 Passwords
8.4.1 Problems with passwords
8.4.2 Cryptographic password protection
Traditional Approach to Unix Password Protection
Key Stretching
8.5 Dynamic password schemes
8.5.1 Idea behind dynamic password schemes
8.5.2 Example dynamic password scheme
Dynamic Password Scheme Description
Analysis of Dynamic Password Scheme
Dynamic Password Schemes in Practice
8.6 Zero-knowledge mechanisms
8.6.1 Motivation for zero-knowledge
8.6.2 Zero-knowledge analogy
8.6.3 Zero-knowledge in practice
8.7 Summary
8.8 Further reading
8.9 Activities
9 Cryptographic Protocols
9.1 Protocol basics
9.1.1 Operational motivation for protocols
9.1.2 Environmental motivation for protocols
9.1.3 Components of a cryptographic protocol
9.2 From objectives to a protocol
9.2.1 Stages of protocol design
9.2.2 Challenges of the stages of protocol design
Defining the Objectives
Determining the Protocol Goals
Specifying the Protocol
Standards for Cryptographic Protocols
9.2.3 Assumptions and actions
Assumptions
Actions
9.2.4 The wider protocol design process
9.3 Analysing a simple protocol
9.3.1 A simple application
The Objectives
The Protocol Goals
Candidate Protocols
9.3.2 Protocol 1
Protocol Assumptions
Protocol Description
Protocol Analysis
Remarks
9.3.3 Protocol 2
Protocol Assumptions
Protocol Description
Protocol Analysis
Remarks
9.3.4 Protocol 3
Protocol Assumptions
Protocol Description
Protocol Analysis
Remarks
9.3.5 Protocol 4
Protocol Assumptions
Protocol Description
Protocol Analysis
9.3.6 Protocol 5
Protocol Assumptions
Protocol Description
Protocol Analysis
Remarks
9.3.7 Protocol 6
Protocol Assumptions
Protocol Description
Protocol Analysis
Remarks
9.3.8 Protocol 7
Protocol Assumptions
Protocol Description
Protocol Analysis
Remarks
9.3.9 Simple protocol summary
9.4 Authentication and key establishment protocols
9.4.1 Typical AKE protocol goals
9.4.2 Diffie–Hellman key agreement protocol
Idea Behind the Diffie–Hellman Protocol
Instantiation of the Diffie–Hellman Protocol
Analysis of the Diffie–Hellman Protocol
Man-In-The-Middle Attack on the Diffie–Hellman Protocol
Ake Protocols Based on Diffie–Hellman
Versions of the Diffie–Hellman Protocol
9.4.3 An AKE protocol based on key distribution
Protocol Description
Protocol Analysis
9.4.4 Perfect forward secrecy
9.5 Summary
9.6 Further reading
9.7 Activities
Part III Key Management
10 Key Management
10.1 Key management fundamentals
10.1.1 What is key management?
10.1.2 The key lifecycle
10.1.3 Fundamental key management requirements
10.1.4 Key management systems
10.2 Key lengths and lifetimes
10.2.1 Key lifetimes
10.2.2 Choosing a key length
10.3 Key generation
10.3.1 Direct key generation
10.3.2 Key derivation
Advantages of Key Derivation
Key Derivation Functions
Key Derivation From Passwords
10.3.3 Key generation from components
10.3.4 Public-key pair generation
10.4 Key establishment
10.4.1 Key hierarchies
Philosophy Behind Key Hierarchies
A Simple Key Hierarchy
Managing the Top-Level Keys
Key Wrapping
Scalable Key Hierarchies
10.4.2 Unique key per transaction schemes
Motivation for UKPT Schemes
Application of UKPT Schemes
Example UKPT Schemes
10.4.3 Quantum key establishment
Motivation for Quantum Key Establishment
7.1.1 The Basic Idea
Quantum Key Establishment in Practice
10.5 Key storage
10.5.1 Avoiding key storage
10.5.2 Key storage in software
Storing Keys in the Clear
Storing Keys Using Cryptography
10.5.3 Key storage in hardware
Hardware Security Modules
Key Storage on an HSM
Other Types of Hardware
Communicating with Hardware
Evaluating Hardware
10.5.4 Key storage risk factors
10.5.5 Key backup, archival, and recovery
Key Backup
Key Archival
Key Recovery
10.6 Key usage
10.6.1 Key separation
The Need for Key Separation
Enforcing Key Separation
Key Separation in Practice
10.6.2 Key change
The Need for Key Change
Impact of Key Change
Mechanisms for Changing Keys
Changing Public-Key Pairs
10.6.3 Key activation
10.6.4 Key destruction
10.7 Governing key management
10.7.1 Key management policies, practices, and procedures
10.7.2 Example procedure: key generation ceremony
10.8 Summary
10.9 Further reading
10.10 Activities
11 Public-Key Management
11.1 Certification of public keys
11.1.1 Motivation for public-key certificates
A Scenario
Providing Assurance of Purpose
Providing a Point of Trust
Using a Trusted Directory
11.1.2 Public-key certificates
Contents of a Public-Key Certificate
Interpreting a Public-Key Certificate
Public-Key Certificate Creators
Relying on a Public-Key Certificate
Digital Certificates
11.2 The certificate lifecycle
11.2.1 Differences in the certificate lifecycle
11.2.2 Certificate creation
Location of Key Pair and Certificate Creation
Registration of Public Keys
Proof of Possession
Generating CA Public-Key Pairs
11.2.3 Key pair change
Revocation of Public-Key Certificates
Revocation Techniques
11.3 Public-key management models
11.3.1 Choosing a CA
11.3.2 Public-key certificate management models
CA-Free Certification Model
Reputation-Based Certification Model
Closed Certification Model
Connected Certification Model
11.3.3 Joining CA domains
Cross-Certification
Certification Hierarchies
Certificate Chains
Joining CA Domains in Practice
11.4 Alternative approaches
11.4.1 Webs of trust
11.4.2 Identity-based encryption
The Idea Behind Identity-Based Encryption
A Model for IBE
IBE Algorithms
Practical Issues with IBE
More General Notions of IBE
IBE in Practice
11.5 Summary
11.6 Further reading
11.7 Activities
Part IV Use of Cryptography
12 Cryptographic Applications
12.1 Cryptography for securing the Internet
12.1.1 TLS background
12.1.2 TLS security requirements
12.1.3 Cryptography used in TLS
12.1.4 TLS 1.2 and earlier versions
Handshake Protocol Description
Analysis of the Handshake Protocol
Handshake Protocol with Client Authentication
Record Protocol
12.1.5 TLS 1.3
Motivation for TLS 1.3
What is New in TLS 1.3
TLS 1.3 Handshake Protocol Description
Comments on the TLS 1.3 Handshake Protocol
12.1.6 TLS key management
Key Management System
Key Generation
Key Establishment
Key Storage
Key Usage
12.1.7 TLS security issues
12.1.8 TLS design considerations
12.2 Cryptography for wireless local area networks
12.2.1 WLAN background
12.2.2 WLAN security requirements
12.2.3 WEP
Confidentiality and Integrity Mechanisms in WEP
Entity Authentication in WEP
12.2.4 Attacks on WEP
WEP Key Management Weaknesses
WEP Entity Authentication Weaknesses
WEP Confidentiality and Integrity Weaknesses
WEP Design Flaws
12.2.5 WPA and WPA2
Mutual Entity Authentication and Key Establishment
Confidentiality and Data Origin Authentication in WPA
Confidentiality and Data Origin Authentication in WPA2
12.2.6 WLAN security issues
12.2.7 WLAN design considerations
12.3 Cryptography for mobile telecommunications
12.3.1 Mobile telecommunications background
12.3.2 GSM security requirements
12.3.3 Cryptography used in GSM
GSM Authentication
GSM Encryption
Facilitating GSM Roaming
Security of GSM Algorithms
12.3.4 UMTS
UMTS Security Protocols
UMTS Cryptographic Algorithms
12.3.5 LTE
LTE Key Hierarchy
LTE Cryptographic Algorithms
12.3.6 GSM, UMTS, and LTE key management
Key Management System
Key Generation
Key Establishment
Key Storage
Key Usage
12.3.7 Mobile telecommunications security issues
12.3.8 Mobile telecommuncations design considerations
12.4 Cryptography for secure payment card transactions
12.4.1 Background to payment card services
12.4.2 Magnetic stripe cards
PIN Protection
Card Verification Values
PIN Verification Value
Payment Card Authorisation
12.4.3 EMV cards
PIN Verification
Offline Data Authentication
Online Authentication
Transaction Certificates
Contactless Payments
Security of Management Functions
12.4.4 Using EMV cards for internet transactions
12.4.5 Using EMV cards for authentication
12.4.6 Using EMV cards for mobile payments
Mobile Payment Schemes
Tokenization
Apple Pay
12.4.7 Payment card key management
Key Management System
Key Generation
Key Establishment
Key Storage
Key Usage
12.4.8 Payment card security issues
12.4.9 Payment card cryptographic design considerations
12.5 Cryptography for video broadcasting
12.5.1 Video broadcasting background
12.5.2 Video broadcasting security requirements
12.5.3 Cryptography used in video broadcasting
12.5.4 Key management for video broadcasting
Video Broadcast Key Management System Design
Video Broadcast Key Establishment
Video Broadcast Access Control
Video Broadcast Key Storage
12.5.5 Video broadcast security issues
12.5.6 Video broadcast design considerations
12.6 Cryptography for identity cards
12.6.1 eID background
12.6.2 eID security requirements
12.6.3 Cryptography used in eID cards
12.6.4 Provision of the eID card core functions
Digital Data Presentation
Digital Card Holder Authentication
Digital Signature Creation
12.6.5 eID key management
eID Certificates
eID Card Issuing Process
eID Certificate Revocation
eID Signature Validity
12.6.6 eID security issues
12.6.7 eID design considerations
12.7 Cryptography for anonymity
12.7.1 Tor background
12.7.2 Tor security requirements
12.7.3 How Tor works
Cryptography Used in Tor
Onion Routing
Tor Key Establishment
Tor Integrity Checking
Tor Communication
Tor Key Management
12.7.4 Tor security issues
12.7.5 Tor design considerations
12.8 Cryptography for digital currency
12.8.1 Bitcoin background
12.8.2 Bitcoin security requirements
12.8.3 Bitcoin transactions
Bitcoin Addresses
Making a Bitcoin Payment
Bitcoin Key Management
12.8.4 Bitcoin blockchain
Bitcoin Blocks
Lightweight Transaction Verification
12.8.5 Bitcoin mining
The Need for Bitcoin Mining
The Bitcoin Mining Challenge
Creation of New Bitcoin Blocks
Impact of a Successful Bitcoin Mining Operation
12.8.6 Bitcoin security issues
12.8.7 Bitcoin design considerations
12.9 Summary
12.10 Further reading
12.11 Activities
13 Cryptography for Personal Devices
13.1 File protection
13.1.1 Full disk encryption
Cryptography for Full Disk Encryption
XTS Mode
Bitlocker
Full Disk Encryption Key Management
13.1.2 Virtual disk encryption
13.1.3 Individual file encryption
In-Built File Encryption
Encryption Software
Application File Encryption
13.2 Email security
13.2.1 The need for email security
Email Security Requirements
Issues with Email Security
13.2.2 Techniques for securing email
Email Security Standards
An Identity-Based Approach
Encrypting Attachments
Webmail Security
13.3 Messaging security
13.3.1 WhatsApp security requirements
13.3.2 Cryptography used in WhatsApp
Cryptographic Tools
Initialising a WhatsApp Session
Deriving Message Keys
Other Cryptographic Issues
13.4 Platform security
13.4.1 Cryptographic protection of iOS user data
Secure Enclave
iOS Key Hierarchy
13.4.2 Cryptographic protection of iOS internet services
iMessage Security
Facetime Security
iCloud Security
13.4.3 Further iOS cryptographic support
Code Signing
Secure Networking Support
Other Applications
13.5 Summary
13.6 Further reading
13.7 Activities
14 Control of Cryptography
14.1 The cryptography dilemma
14.1.1 The case for controlling the use of cryptography
14.1.2 The case against controlling the use of cryptography
14.1.3 Seeking a balance
14.1.4 Strategies for controlling the use of cryptography
14.2 Backdoors in algorithms
14.2.1 Use of backdoors
Historical Use of Backdoors
Modern Use of Backdoors
14.2.2 Dual_EC_DRBG
14.3 Legal mechanisms
14.3.1 Export restrictions
14.3.2 Key escrow
14.3.3 Legal requirements to access plaintext
14.4 Control of cryptography in an age of complexity
14.4.1 The Snowden revelations
14.4.2 Changes to the cryptographic environment
The World that was
The World that is
Consequences of the Changed Environment
14.4.3 Strategies for controlling ubiquitous cryptography
Just Looking
Exploiting Vulnerabilities
Targeting Flaws in Key Management
Infiltrating Manufacturing Processes
Advanced Data Analysis
14.5 Summary
14.6 Further reading
14.7 Activities
15 Closing Remarks
Mathematics Appendix
A.1 Decimal, binary, and hex
A.1.1 Decimal
Writing a Number in Decimal
Leading Zeros
A.1.2 Binary
Writing a Number in Binary
Converting Binary to Decimal
Converting Decimal to Binary
The 3.3 Trick
A.1.3 XOR
A.1.4 Hex
Writing a Number in Hex
Converting Hex to Decimal
Converting Between Binary and Hex
A.1.5 ASCII
A.2 Modular arithmetic
A.2.1 Motivation
Days of the Week
Months of the Year
A.2.2 Modular numbers
Adding Multiples of the Modulus
One Number Modulo Another
Terminology and Notation
Negative Modular Numbers
A.2.3 Modular arithmetic operations
Addition, Subtraction, and Multiplication
Modular Reduction: Before or After?
A.3 The mathematics of RSA
A.3.1 Primes and coprimes
Primes
Greatest Common Divisors
Coprimes
A.3.2 Multiplicative inverses
Definition of Multiplicative Inverse
Division Using Multiplicative Inverses
Modular Inverses
The Extended Euclidean Algorithm
A.3.3 RSA key pair setup
A.3.4 Why RSA works
A.4 The mathematics of ElGamal
A.4.1 ElGamal public keys
Primitive Elements
Importance of Primitive Elements to ElGamal
A.4.2 Why ElGamal works
A.5 Further reading
Bibliography
Index
← Prev
Back
Next →
← Prev
Back
Next →