Preface

Today, the Internet has undoubtedly become the largest public data network that facilitates personal and business communications worldwide. The amount of traffic moving through the Internet as well as corporate networks is growing day by day. More and more people are communicating via e-mails, branch offices are using the Internet to remotely connect to their corporate networks and most commercial transactions such as shopping, bill payments and banking are also being done through the networks. Due to growing dependency of users, businesses and organizations on computer networks, it has become important to protect the information being exchanged from various security attacks. In addition, the confidentiality, authenticity and integrity of the messages moving across the networks must be ensured. This is where network security is important.

Network security is a set of protocols that facilitates the use of networks without any fear of security attacks. The most common and traditional technique used for providing network security is cryptography, which is a process of transforming messages into an unintelligible form before transmitting and converting them back to the original when received by the receiver. However, with the evolution of cryptography and network security disciplines, more practical and readily available applications such as Kerberos, Pretty Good Privacy (PGP), IPSec, Secure Socket Layer (SSL), Transport Layer Security (TLS) and firewalls have developed to implement the network security. Keeping in mind the importance of network security, almost all universities have integrated the study of cryptography and network security in B.Tech. (CSE and IT), MCA and MBA courses. The book in your hands, Cryptography and Network Security, in its unique easy-to-understand question-and-answer format directly addresses the need of students enrolled in these courses.

The book comprises questions and their corresponding answers on the basic issues to be addressed by cryptography and network security capability as well as practical applications that are being used for providing network security. The text has been designed to make it particularly easy for students to understand the principles and practice of cryptography and network security. An attempt has been made to make the book self-contained so that students can learn the subject by themselves. The organized and accessible format allows students to quickly find questions on specific topics.

The book Cryptography and Network Security is a part of series named Pearson Instant Learning Series (PILS), which has a number of books designed as quick reference guides.

Unique Features

1.   Designed as a student friendly self-learning guide, the book is written in a clear, concise and lucid manner.

2.   Easy-to-understand question-and-answer format.

3.   Includes previously asked as well as new questions organized in chapters.

4.   All types of questions including multiple-choice questions, short and long questions are covered.

5.   Solutions to numerical questions asked at examinations are provided.

6.   All ideas and concepts are presented with clear examples.

7.   Text is well structured and well supported with suitable diagrams.

8.   Inter-chapter dependencies are kept to a minimum.

9.   A comprehensive index at the end of the book for quick access to desired topics.

Chapter Organization

All the questions-answers are organized into ten chapters. A brief description of these chapters is as follows:

   Chapter 1 provides an overview of basic concepts of network security. It discusses the need, goals and principles of network security as well as different kinds of attacks on computer systems and network. It also gives a brief idea of security services and security mechanisms.

   Chapter 2 introduces the concept of cryptography, which is the most common technique used for providing network security. It describes important mathematical principles that are central to the design of ciphers. The chapter further discusses modular arithmetic, which is the fundamental concept to understand the working of ciphers. It also discusses the concept of cryptanalysis and various cryptanalysis attacks.

   Chapter 3 deals with symmetric-key ciphers. It starts with a discussion on traditional symmetric-key ciphers that include various substitution ciphers such as additive, shift, multiplicative, affine, autokey, Playfair, Vigenere and Hill cipher and transposition ciphers. Then, the discussion moves on to two important categories of ciphers, namely stream and block ciphers. The chapter also includes a brief discussion on Shannon's theory of diffusion and confusion. Finally, the chapter concludes with a discussion on product ciphers proposed by Shannon, and the two categories of product ciphers, namely Feistel and non-Feistel ciphers.

   Chapter 4 concentrates on the symmetric-key algorithms, which include Data Encryption Standard (DES) and Advanced Encryption Standard (AES). The chapter presents a detailed study on the design and analysis of DES. It also explains the general structure and the key expansion algorithm of AES.

   Chapter 5 is based on the number theory, which provides a mathematical background required to understand the asymmetric-key cryptography. It covers several important concepts related to prime numbers such as Fermat's theorem, Euler's totient function, Euler's theorem, Miller-Rabin algorithm and Chinese Remainder theorem.

   Chapter 6 deals with asymmetric-key algorithms, which include RSA, Diffie-Hellman algorithm, ElGamal encryption system and Elliptic curve cryptography (ECC).

   Chapter 7 focuses on message authentication mechanisms used to ensure that the integrity of the received message has been preserved. It explains various authentication functions and message authentication code (MAC). It also gives a detailed description of standard hash functions such as MD5, SHA-1 and Whirlpool. The chapter also spells out the concept of birthday attacks against hash functions.

   Chapter 8 familiarizes the reader with the concept of digital signatures, and presents the essential properties and requirements of digital signatures, possible attacks on digital signatures and various digital signature schemes including RSA, ElGamal and DSS. The chapter then shifts its focus on authentication protocol and discusses its two categories, namely mutual authentication and one-way authentication.

   Chapter 9 presents the working principle of Kerberos protocol, X.509 authentication service and its certificates. The chapter also describes the security at the application layer covering PGP and S/MIME, security at the transport layer covering SSL and TSL, and security at the network layer describing IPSec.

   Chapter 10 provides a description on system security, covering the concepts of intrusion prevention and detection, Honeypots, malicious software, viruses, digital immune system, behaviour-blocking software, firewalls and trusted systems.

Acknowledgements

   Our publisher Pearson Education, their editorial team and panel reviewers for their valuable contributions toward content enrichment.

   Our technical and editorial consultants for devoting their precious time to improve the quality of the book.

   Our entire research and development team who have put in their sincere efforts to bring out a high-quality book.

Feedback

For any suggestions and comments about this book, please feel free to send an e-mail to [email protected].

Hope you enjoy reading this book as much as we have enjoyed writing it.

ROHIT KHURANA
Founder and CEO
ITL ESL