




























































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
notes about java, syntaxes, comments, other details
Typology: Exercises
1 / 758
This page cannot be seen from the preview
Don't miss anything!





























































































Thank you for purchasing a new copy of Cryptography and Network Security: Principles and Practice, Sixth Edition. Your textbook includes six months of prepaid access to the book’s Premium Web site. This prepaid subscription provides you with full access to the following student support areas:
Note that this prepaid subscription does not include access to MyProgrammingLab, which is available at http://www.myprogramminglab.com for purchase.
Use a coin to scratch off the coating and reveal your student access code. Do not use a knife or other sharp object as it may damage the code.
To access the Cryptography and Network Security: Principles and Practice, Sixth Edition, Premium Web site for the first time, you will need to register online using a computer with an Internet connection and a web browser. The process takes just a couple of minutes and only needs to be completed once.
1. Go to http://www.pearsonhighered.com/stallings/ 2. Click on Premium Web site. 3. Click on the Register button. 4. On the registration page, enter your student access code* found beneath the scratch-off panel. Do not type the dashes. You can use lower- or uppercase. 5. Follow the on-screen instructions. If you need help at any time during the online registration process, simply click the Need Help? icon. 6. Once your personal Login Name and Password are confirmed, you can begin using the Cryptography and Network Security: Principles and Practice, Sixth Edition Premium Web site!
To log in after you have registered:
You only need to register for this Premium Web site once. After that, you can log in any time at http://www.pearsonhighered.com/stallings/ by providing your Login Name and Password when prompted.
*Important: The access code can only be used once. This subscription is valid for six months upon activation and is not transferable. If this access code has already been revealed, it may�no longer be valid. If this is the case, you can purchase a subscription by going to http://www.pearsonhighered.com/stallings/ and following the on-screen instructions.
Boston Columbus Indianapolis New York San Francisco Upper Saddle River Amsterdam Cape Town Dubai London Madrid Milan Munich Paris Montréal Toronto Delhi Mexico City São Paulo Sydney Hong Kong Seoul Singapore Taipei Tokyo
ISBN 10: 0-13-335469- ISBN 13: 978-0-13-335469-
10 9 8 7 6 5 4 3 2 1
Editorial Director, ECS: Marcia Horton Executive Editor: Tracy Johnson Associate Editor: Carole Snyder Director of Marketing: Christy Lesko Marketing Manager: Yez Alayan Director of Production: Erin Gregg Managing Editor: Scott Disanno Associate Managing Editor: Robert Engelhardt Production Manager: Pat Brown Art Director: Jayne Conte Cover Designer: Bruce Kenselaar
Permissions Supervisor: Michael Joyce Permissions Administrator: Jenell Forschler Director, Image Asset Services: Annie Atherton Manager, Visual Research: Karen Sanatar Cover Photo: © Valery Sibrikov/Fotolia Media Project Manager: Renata Butera Full-Service Project Management: Shiny Rajesh/ Integra Software Services Pvt. Ltd. Composition: Integra Software Services Pvt. Ltd. Printer/Binder: Courier Westford Cover Printer: Lehigh-Phoenix
Credits and acknowledgments borrowed from other sources and reproduced, with permission, in this textbook appear in the Credits section in the end matter of this text.
Copyright © 2014, 2011, 2006 Pearson Education, Inc., All rights reserved. Printed in the United States of America. This publication is protected by Copyright, and permission should be obtained from the publisher prior to any prohibited reproduction, storage in a retrieval system, or transmission in any form or by any means, electronic, mechanical, photocopying, recording, or likewise. To obtain permission(s) to use material from this work, please submit a written request to Pearson Education, Inc., Permissions Department, One Lake Street, Upper Saddle River, New Jersey 07458, or you may fax your request to 201-236-3290.
Many of the designations by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and the publisher was aware of a trademark claim, the designations have been printed in initial caps or all caps.
Library of Congress Cataloging-in-Publication Data on file.
For Tricia never dull never boring
the smartest and bravest
person I know
B.6 Chapter 6: Pseudorandom Number Generation and Stream Ciphers 689 B.7 Chapter 8: Number Theory 691 B.8 Chapter 9: Public-Key Cryptography and RSA 696 B.9 Chapter 10: Other Public-Key Cryptosystems 699 B.10 Chapter 11: Cryptographic Hash Functions 704 B.11 Chapter 13: Digital Signatures 706
References 710
Credits 720
Index 723
Online chaPterS anD aPPenDiceS^1
Part Six SyStem Security
Chapter 21 Malicious Software
21.1 Types of Malicious Software 21.2 Propagation – Infected Content - Viruses 21.3 Propagation – Vulnerability Exploit - Worms 21.4 Propagation – Social Engineering – SPAM, Trojans 21.5 Payload – System Corruption 21.6 Payload – Attack Agent – Zombie, Bots 21.7 Payload – Information Theft – Keyloggers, Phishing, Spyware 21.8 Payload – Stealthing – Backdoors, Rootkits 21.9 Countermeasures 21.10 Distributed Denial of Service Attacks 21.11 Recommended Reading 21.12 Key Terms, Review Questions, and Problems
Chapter 22 Intruders
22.1 Intruders 22.2 Intrusion Detection 22.3 Password Management 22.4 Recommended Reading 22.5 Key Terms, Review Questions, and Problems Appendix 22A The Base-Rate Fallacy
Chapter 23 Firewalls
23.1 The Need for Firewalls 23.2 Firewall Characteristics 23.3 Types of Firewalls 23.4 Firewall Basing 23.5 Firewall Location and Configurations 23.6 Recommended Reading 23.7 Key Terms, Review Questions, and Problems
(^1) Online chapters, appendices, and other documents are Premium Content, available via the access card at the front of this book.
notation
Even the natives have difficulty mastering this peculiar vocabulary. —The Golden Bough , Sir James George Frazer
Symbol Expression Meaning D , K D( K, Y ) Symmetric decryption of ciphertext Y using secret key K D , PRa D( PRa , Y ) Asymmetric decryption of ciphertext Y using A’s private key PRa D, PUa D( PUa , Y ) Asymmetric decryption of ciphertext Y using A’s public key PUa E, K E( K , X ) Symmetric encryption of plaintext X using secret key K E, PRa E( PRa , X ) Asymmetric encryption of plaintext X using A’s private key PRa E, PUa E( PUa , X ) Asymmetric encryption of plaintext X using A’s public key PUa K Secret key PRa Private key of user A PUa Public key of user A MAC, K MAC( K, X ) Message authentication code of message X using secret key K GF( p ) The finite field of order p , where p is prime.The field is defined as the set Z p together with the arithmetic operations modulo p. GF(2 n ) The finite field of order 2 n Zn Set of nonnegative integers less than n
gcd gcd( i , j ) Greatest common divisor; the largest positive integer that dividesboth i and j with no remainder on division.
mod a mod m Remainder after division of a by m mod, K a K b (mod m ) a mod m = b mod m mod, [ a [ b (mod m ) a mod m b mod m dlog dlog a , p ( b ) Discrete logarithm of the number b for the base a (mod p )
w f( n ) The number of positive integers less thanThis is Euler’s totient function.^ n^ and relatively prime to^ n.
Σ (^) a
n i = 1
ai a 1 + a 2 + c^ + an
Π Π
n i = 1 ai^ a^1 *^ a^2 *^
c (^) * an
prefaCe
“There is the book, Inspector. I leave it with you, and you cannot doubt that it contains a full explanation.” —The Adventure of the Lion’s Mane , Sir Arthur Conan Doyle
what’S new in the Sixth eDitiOn
In the four years since the fifth edition of this book was published, the field has seen contin- ued innovations and improvements. In this new edition, I try to capture these changes while maintaining a broad and comprehensive coverage of the entire field. To begin this process of revision, the fifth edition of this book was extensively reviewed by a number of professors who teach the subject and by professionals working in the field. The result is that, in many places, the narrative has been clarified and tightened, and illustrations have been improved. Beyond these refinements to improve pedagogy and user-friendliness, there have been substantive changes throughout the book. Roughly the same chapter organization has been retained, but much of the material has been revised and new material has been added. The most noteworthy changes are as follows:
ObjectiveS
It is the purpose of this book to provide a practical survey of both the principles and practice of cryptography and network security. In the first part of the book, the basic issues to be addressed by a network security capability are explored by providing a tutorial and survey of cryptography and network security technology. The latter part of the book deals with the practice of network security: practical applications that have been implemented and are in use to provide network security. The subject, and therefore this book, draws on a variety of disciplines. In particular, it is impossible to appreciate the significance of some of the techniques discussed in this book without a basic understanding of number theory and some results from probability theory. Nevertheless, an attempt has been made to make the book self-contained. The book not only presents the basic mathematical results that are needed but provides the reader with an intuitive understanding of those results. Such background material is introduced as needed. This approach helps to motivate the material that is introduced, and the author considers this preferable to simply presenting all of the mathematical material in a lump at the begin- ning of the book.
SuPPOrt OF acm/ieee cOmPuter Science curricula 2013
The book is intended for both academic and professional audiences. As a textbook, it is intended as a one-semester undergraduate course in cryptography and network security for computer science, computer engineering, and electrical engineering majors. The changes to this edition are intended to provide support of the current draft version of the ACM/ IEEE Computer Science Curricula 2013 (CS2013). CS2013 adds Information Assurance and Security (IAS) to the curriculum recommendation as one of the Knowledge Areas in the Computer Science Body of Knowledge. The document states that IAS is now part of the curriculum recommendation because of the critical role of IAS in computer science educa- tion. CS2013 divides all course work into three categories: Core-Tier 1 (all topics should be included in the curriculum), Core-Tier-2 (all or almost all topics should be included), and
Companion Web site at WilliamStallings.com/Cryptography. To gain access to the IRC, please contact your local Pearson sales representative via pearsonhighered.com/educator/replocator/ requestSalesRep.page or call Pearson Faculty Services at 1-800-526-0485. The Companion Web site , at WilliamStallings.com/Cryptography (click on Instructor Resources link), includes the following:
PrOjectS anD Other StuDent exerciSeS
For many instructors, an important component of a cryptography or network security course is a project or set of projects by which the student gets hands-on experience to reinforce concepts from the text. This book provides an unparalleled degree of support, including a projects component in the course. The IRC not only includes guidance on how to assign and structure the projects, but also includes a set of project assignments that covers a broad range of topics from the text:
the Sage cOmPuter algebra SyStem
One of the most important features of this book is the use of Sage for cryptographic exam- ples and homework assignments. Sage is an open-source, multiplatform, freeware package that implements a very powerful, flexible, and easily learned mathematics and computer algebra system. Unlike competing systems (such as Mathematica, Maple, and MATLAB), there are no licensing agreements or fees involved. Thus, Sage can be made available on computers and networks at school, and students can individually download the software to their own personal computers for use at home. Another advantage of using Sage is that students learn a powerful, flexible tool that can be used for virtually any mathematical application, not just cryptography. The use of Sage can make a significant difference to the teaching of the mathematics of cryptographic algorithms. This book provides a large number of examples of the use of Sage covering many cryptographic concepts in Appendix B, which is included in this book. Appendix C lists exercises in each of these topic areas to enable the student to gain hands-on experience with cryptographic algorithms. This appendix is available to instruc- tors at the IRC for this book. Appendix C includes a section on how to download and get started with Sage, a section on programming with Sage, and exercises that can be assigned to students in the following categories:
Online DOcumentS FOr StuDentS
For this new edition, a tremendous amount of original supporting material for students has been made available online, at two Web locations. The Companion Web site , at WilliamStallings.com/Cryptography (click on Student Resources link), includes a list of rel- evant links organized by chapter and an errata sheet for the book. Purchasing this textbook new also grants the reader six months of access to the Premium Content site , which includes the following materials: