Cryptography and Network Security: Techniques and Tools

Preface

An Overview of Network and Information Security

• Introduction
• Why security is complex
• Security goals
• Different views on security
• Information security
• The relevance of security measures in the modern era
• Threats to information
• The security architecture
• The network security model
• Security service requirements
• Prerequisites to the application of security service
• Recapitulation
• Exercises

Introduction to Cryptography

• Introduction
• Difference between classic and modern ciphers
• Kerckhoffs’s principle
• Ingredients to a symmetric cipher
• Cryptography
• The Conventional Security Model
• Substitution and transposition
• Monoalphabetic substitution cipher
• Playfair cipher
• Hill cipher
• Vigenere cipher
• Vernam cipher and Onetime pads
• Transposition cipher
• Substitution cipher and S-box
• Transposition cipher and P-box
• Rotor Machines
• Recapitulation
• Exercises

Block Ciphers and Attacks

• Introduction
• Cryptographic systems
• Symmetric key algorithms
• Block ciphers
• Attacks
• Points to remember
• Excercises

Number Theory Fundamentals 

•  Divisibility
• Prime numbers
• Greatest common divisor
• Congruences
• Fermat’s little theorem and Euler’s theorem
• Generating large primes: primality tests
• Modular exponentiation (Exponentiation modular arithmetic)
• Discrete logarithms
• Additional reading 
• Recommended reading/references 
• Recapitulation 
• Exercises

Algebraic Structures

• Algebraic structure
• Groups
• Algebraic systems with two binary operations
• Algebraic operations on polynomials
• Galois Field GF(pn)
• Recapitulation
• Exercises

Stream Ciphers and Cipher Modes

• Introduction
• Cypher feedback mode
• Output Feedback Mode
• Counter Mode
• IEEE XTS-AES mode
• IEEE XTS encryption process
• Recapitulation
• Exercises

Secure Hash Functions

• Introduction
• A simple hash function
• Secure hash functions using block ciphers and CBC
• Why a unique hash value is possible
• Applying a hash function for authentication
• Characteristics of the cryptographic hash function
• Security requirements attacks and countermeasures
• Folding
• Why simple folding fails
• Secure Hash Algorithm (SHA)
• Processing of each round
• The round function Rf ()
• Avalanche effect with SHA-512
• SHA-3
• Iteration function Keccak-f
• Theta Step function
• Rho step function
• Pi step function
• Chi step function
• Iota step function
• Applications of Cryptographic Hash Functions
• Recapitulatin
• Exercises

Message Authentication using MAC

• Introduction
• Integrity check
• Other security needs for a message
• Meet in the middle attack
• Factors deciding the security of MAC
• Order of encryption and authentication
• HMAC
• Conventional message digest vs. HMAC
• Authenticated Encryption with Associated Data (AEAD)
• Counter with Cipher Block Chaining Message Authentication Code (CCM)
• GCM-GMAC (Galois Counter Mode-Galois Counter Message Authentication Code)
• Key wrapping (KW)
• Recapitulation
• Exercises

Authentication and Message Integrity Using Digital Signatures

• Introduction
• What is a digital signature
• Attacks on DS
• Why a digital signature
• Different DS schemes
• Improving the process of digital signature
• Recapitulation
• Exercises

Advanced Encryption Standard

• Introduction
• AES characteristics
• Prerequisites to AES
• AES architecture
• AES processing
• Substitute byte matrix generation
• Key expansion process
• Inverse operations
• Implementation and motivation
• Recapitulation
• Exercises

Pseudo-Random Numbers

• Introduction
• PRN, TRN, and PRF
• PRN for solving security problems
• Pseudo random number generators (PRNGs)
• Using a cipher-based PRNG
• Real-world PRNGs
• True Random Numbers (TRNs)
• Other methods
• Recapitulation
• Exercises

Public Key Algorithms and RSA

• Introduction
• The need for public-key systems
• How it works
• The prerequisites to understand RSA
• RSA and processing in RSA
• Improving efficiency
• Cryptanalysis and attacks on RSA
• Countermeasures
• Difference: symmetric and asymmetric encryption
• Recapitulation
• Exercises

Other Public Key Algorithms

• Introduction
• Introduction to Elliptic Curves
• Elliptic curve cryptography
• Recapitulation
• Exercises

Key Management and Exchange

• Introduction
• Key management
• Need for key management
• Encryption location
• The public key distribution
• Randomness and unpredictability of keys
• Symmetric key exchange for authentication
• Public key exchange using certificates
• Recapitulation
• Exercises

User Authentication Using Kerberos

• Introduction
• The authentication process in Kerberos
• Kerberos protocol overview
• The challenges and solutions in building a protocol
• Multiple Kerberos realms
• Kerberos version V protocol
• Kerberos limitations
• Recapitulation
• Exercises

User Authentication Using Public Key Certificates

• Introduction
• Using public-key cryptography for authentication
• X.509 certificate structure
• Authentication procedures
• Extensions in version 3
• Public key infrastructure
• Certificate Management Protocol
• XML key management protocol
• Recapitulation
• Exercises

Email Security: PGP and SMIME

• Introduction
• PGP (Pretty good privacy)
• PGP goals
• The reasons behind the success
• PGP services
• SMIME functionality
• Recapitulation
• Exercises

Transport Layer Security (TLS) and SSL

• Introduction
• Need for securing web transactions
• Different ways to secure web traffic
• TLS and SSL
• Connections and sessions
• TLS record protocol
• TLS handshake protocol
• Cryptographic computations
• Recapitulation
• Exercises

IP Security (IPsec)

• Introduction
• Need
• IPsec functionality
• Using IPsec
• IPsec functioning
• IPsec benefits
• IPsec components
• Why IKE
• IPsec services
• IPsec transport and tunnel modes
• Deploying the security policy
• Traffic processing
• Encapsulating Security Payload (ESP)
• ESP header design
• Encryption and ICV calculation
• Combining SAs
• Recapitulation
• Exercises

Wireless Security

• Introduction
• A brief about 802.11
• Why wireless devices need higher security
• Introduction 802.11i
• Security services in Wi-Fi (802.11i)
• 802.11i phases of operation
• Discovery
• Authentication phase
• Key management
• Secure data transfer
• WPA3
•  Wireless security for mobile phones
• Recapitulation
• Exercises