Cryptography and Network Security: Principles and Practice

Stallings presents an updated education on cryptography. With a secondary emphasis on network security. In the cryptographic sections, there is a strong mathematical flavour. The narrative is not a high level, management-type discussion. It favours the professional mathematician and programmer, and ideally the intersection of these two skill sets. Unlike some other books on cryptography, here considerable space is also given to hash functions. These can sometimes be used as an alternative to a full encrypt/decrypt approach. If you are designing a system, you should ponder carefully whether a hashing approach might suffice. Usually if you only need to authenticate a message or item. Since, as the book relates, for all the complexity of the various hash algorithms, hashing is far simpler and faster than public key encryption. And there is no problem with key revocation. Another great simplification. The book covers the latest work on hashing. It appears that the 160 bit hash methods, like SHA-1, can now have collisions induced, as found by researchers at Tsinghua University. (Though the text doesn't appear to credit them.) Suggesting a migration to longer bit methods or to a more intricate method. One surprising feature of this 4th edition is that PKI is mentioned here, unlike earlier editions. PKI has been around long enough and is important enough that I would've thought the 3rd edition of the book would have covered it. The last sections of the book, on network and system security, are less mathematical. But to offset this, as it were, they require somewhat of a background in understanding the Internet Protocol and in the systems administration of a subnet of computers. Maybe the simplest advice to understand and implement is for a sysadmin to install and regularly run a password checker against the users' passwords.

This review is for the 3rd edition -I'm not a cryptographer by any means. I've owned Applied Cryptography(AC) for 4 years. It's been quite helpful but leans farther into theory (not covered in it) than I was willing or able to research at the time. I often found myself needing to refer to other resources over the years. I purchased this book after thumbing through it a few times at the bookstore. I'm not one to run out and spend $80 on a book in haste. After a couple of collective hours in it at the store I bought it with the intention of returning it in the 30 allotted days for a full refund. That date comes tomorrow and I have no intention on returning it.I would describe it as a self-contained reference. It covers cryptography principles and practices as the title implies. When discussing the algorithms it covers them with roughly the same notation and detail as AC. However, I found the explained examples to be clearer. When I found myself getting lost I took the text's advice and referred to the chapters on mathematics and number theory. Not only did it clear the fog it also bit me with the math bug. Leading me to buy another great book, Prime Obsession (nothing to do with crypto). I should mention that this book is void of code. I didn't find this to be a problem because if I'm not using a crypto lib I usually have to implement the crypto code from scratch. With the knowledge presented in this book I can do it better. FYI: The OpenSSL lib offers a bunch of implemented algorithims.

One of the better books in Security, concentrating on algorithms, rather than stopping at attack descriptions. Very detailed coverage of converntional and public-key encryption. I recommend this book to anyone interested in Security and has some knowledge on algorithms.

This is a good solid book that attempts and succeeds at covering a very large field in a few hundred pages. It goes into depth on key concepts, and explains those well, but for the most part stays at an abstract or theoretical level. I've read it cover to cover and am buying copies for co-workers.

This book is intended to serve both as a textbook for an academic course of study, and as a self-study and reference guide for practicing professionals. The material has been extended to emphasize encryption and its central position in network protection. The structure and flow have been reorganized with both classroom use and solo instruction in mind, and additional teaching material, such as additional problems, have been added.Chapter one is an introduction to the topics to be covered. In a practical way it outlines the concerns involved in the phrase computer security, and the priorities occasioned by the networked nature of modern computing. There is also an outline of the chapters and sequence in the rest of the book. While the text does note that cryptographic techniques underlie most of current security technologies this is only done briefly. Examples in the major categories listed would help explain this primary position.Part one deals with conventional, symmetric, encryption and the various methods of attacking it. Chapter two covers the historical substitution and transposition ciphers. Symmetric block ciphers are discussed in chapter three, illustrated by an explanation of DES (Data Encryption Standard). The additional conventional algorithms of triple DES, IDEA (International Data Encryption Algorithm), and RC5 are reviewed in chapter four. The use of conventional encryption for confidentiality is outlined in chapter five.Part three looks at public-key encryption and hash functions. Chapter six introduces public-key encryption and its uses in confidentiality, authentication, and key management and exchange. Number theory is the basis of these modern algorithms, so some basic mathematical concepts are outlined in chapter seven. Digital signatures and message authentication is introduced in some detail in chapter eight. The algorithms themselves are explained in chapter nine, including MD5 (Message Digest algorithm), SHA (Secure Hash Algorithm), and others. Protocols using digital signatures are described in chapter ten.Part three takes this background material and relates its use in security practice. Chapter eleven looks at authentication, concentrating on Kerberos and X.509. The examples of e-mail security systems given in chapter twelve are PGP (Pretty Good Privacy) and S/MIME (Secure/Multipurpose Internet Mail Extension). Security provisions for the Internet Protocol (IP) itself are reviewed in chapter thirteen. Web security, in chapter fourteen, again concentrates on protocol level matters, but also discusses the SET (Secure Electronic Transaction) standard at the application level.Part four outlines general system security. To the general public the primary concern of security is to deal with intruders and malicious software, so it may seem odd to the uninitiated to find that both of these subjects are lumped together in chapter fifteen. Chapter sixteen finishes off the b