本书语言表达流畅、简洁，使本书的阅读不再枯燥。全书多达425幅插图，极大地方便了读者的学习和理解。全书提供了丰富的多项选择题、练习题、设计与编程题，有利于加深读者对所学知识的理解和掌握。全书系统地介绍了各种加密技术、网络安全协议与实现技术等内容，包括各种对称密钥算法与AES，非对称密钥算法等。

本书以清晰的脉络、简洁的语言，介绍了各种加密技术、网络安全协议与实现技术等内容，包括各种对称密钥算法与AES，非对称密钥算法、数字签名与RSA，数字证书与公钥基础设施，Internet安全协议，用户认证与Kerberos，Java、.NET和操作系统的加密实现，网络安全、防火墙与VPN，并给出了具体的加密与安全的案例实现分析，是一本关于密码学与网络安全的理论结合实践的优秀教材。

Preface to the Second Editon xi

Preface to the First Editon xv

Important Terms andAbbreviations xvii

1.Attacks on Computers and Computer Security

 1.1 intfoduction 1

 1.2 The Need for Security 1

 1.3 SecuritV Approaches 4

 1.4 Principles of Security 7

 1.5 TVves of Attacks 12

 Summary 33

 Multiple-choice Ouestions 34

 pie-choice Questions 34

 Exercises 36

 Design/Programming Exercises 37

2.Cryptography：Concepts and Techniques 38

 2.1 Intfoduction 38

 2.2 Plain Text and Cipher Text 40

 2.3 Substitution Techniques 41

 2.4 Transposition Techniques 54

 2.5 EncrVption and DecrVption 59

 2.6 Symmetric and AsVmmetric Key Cryptography 62

 2.7 Steganography 73

 2.8 Key Range and Key Size 74

 2.9 Possible TVves of Attacks 77

 Summary 81

 Multiple-choice Ouestions 83

 pie-choice Questions 83

 Exercises 85

 Design/Programming Exercises 85

3.Symmetric Key Algorithms and AES 87

 3.1 Introduction 87

 3.2 Algorithm Types and Modes 87

 3.3 An Overview of Symmetric Key Cryptography 98

 3.4 Data Encryption Standard (DES) 100

 3.5 International Data Encryption Algorithm (IDEA) 115

 3.6 RC4 123

 3.7 RCS 125

 3.8 Blowfish 131

 3.9 Advanced Encryption Standard (AES) 137

 Summary 148

 Multiple-choice Questions 150

 Exercises 152

 Design/Programming Exercises 152

4.Asymmetric Key Algorithms，Digital Signatures and RSA 153

 4.1 Introduction 153

 4.2 Brief History of Asymmetric Key Cryptography 153

 4.3 An Overview of Asymmetric Key Cryptography 154

 4.4 The RSA Algorithm 156

 4.5 Symmetric and Asymmetric Key Cryptography Together 160

 4.6 Digital Signatures 165

 4.7 KnapsackAlgorithm 197

 4.8 Some Other Algorithms 198

 Summary 201

 Multiple—choice Questions 201

 Exercises 203

 Design/Programming Exercises 203

5.Digital Certificates and Public Key infrastructure (PKI) 205

 5.1 Introduction 205

 5.2 Digital Certificates 206

 5.3 Private Key Management 237

 5.4 The PKIX Model 239

 5.5 Public Key Cryptography Standards (PKCS) 241

 5.6 XML，PKI and Security 247

 5.7 Creating Digital Certificates Using Java 252

 Summary 260

 Multiple-choice Questions 262

 Exercises 263

 Design/Programming Exercises 263

6.Internet Security Protocols 265

 6.1 Introduction 265

 6.2 Basic Concepts 265

 6.3 Secure Socket Layer (SSL) 272

 6.4 Transport Layer Security (TLS) 284

 6.5 Secure Hyper Text Transfer Protocol (SHTTP) 284

 6.6 Time Stamping Protocol (TSP) 285

 6.7 Secure Electronic Transaction (SET) 286

 6.8 SSL Versus SET 298

 6.9 3-D Secure Protocol 299

 6.10 Electronic Money 302

 6.if Email Security 307

 6.12 Wireless Application Protocol (WAP) Security 327

 6.13 Security in GSM 330

 6.14 Security in 3G 332

 Summary 335

 Multiple-choice Questions 337

 Exercises 338

 Design/Programming Exercises 339

7.User Authentication and Kerberos 340

 7.1 Intfoduction 340

 7.2 Authentication Basics 340

 7.3 Passwords 341

 7.4 Authentication Tokens 354

 7.5 Certificate-based Authentication 365

 7.6 Biometric Authentication 371

 7.7 Kerberos 372

 7.8 Key Distribution Center (KDC) 378

 7.9 Security Handshake Pitfalls 379

 7.10 Single Sign On (SSO) Approaches 387

 Summary 388

 Multiple-choice Questions 390

 Exercises 391

 Design/Programming Exercises 391

8.Cryptography in lava，.NET and Operating Systems 393

 8.1 Intfoduction 393

 8.2 Cryptographic Solutions Using Java 393

 8.3 Cryptographic Solutions Using Microsoft .NET Framework 400

 8.4 Cryptographic Toolkits 403

 8.5 Security and Operating Systems 404

 8.6 Database Security 409

 Summary 426

 Multiple-choice Questions 427

 Exercises 428

 Design/Programming Exercises 428

9.Network Security，Firewalls and Virtual Private Networks (VPN) 430

 9.1 Intfoduction 430

 9.2 Brief introduction to TCP/IP 430

 9.3 Firewalls 435

 9.4 lP Security 452

 9.5 Virtual Private Networks (VPN) 469

 9.6 Intrusion 472

 Summary 476

 Multiple-choice Questions 478

 Exercises 479

 Design/Programming Exercises 480

10.Case Studies on Cryptography and Security 481

 10.1 Introduction 481

 10.2 Cryptographic Solutions—A Case Study 481

 10.3 Single Sign On (SSO) 488

 10.4 Secure inter-branch Payment Transactions 491

 10.5 Denial Of Service (DOS) Attacks 496

 10.6 lP Spoofing Attacks 498

 10.7 Cross Site Scripting Vulnerability (CSSV) 499

 10.8 Contract Signing 501

 10.9 Secret Splitting 501

 10.10 Virtual Elections 502

 10.11 Secure Multiparty Calculation 504

 10.12 Creating a VPN 505

 10.13 Cookies and Privacy 506

Appendix A：Mathematical Background 507

Appendix B：Number Systems 516

Appendix C：Information Theory 521

Appendix D：Real-ide TOols 523

Appendix E：Web Resources 524

Appendix F：A Brief introduction to ASN，BER，DER 527

References 533