Cryptography and network security

Front Cover
Cryptography and Network Security
Dedication
Contents
Preface
Acknowledgements
List of Figures
List of Tables
1 Introduction
1.1 Information on the Network
1.2 The Internet of Things
1.3 Network Security
1.4 Network Encryption
1.5 Electronic Voting
1.6 Security with Biometrics
1.7 How to Understand Recognition
1.8 Blockchain and Cryptocurrency
1.8.1 Enterprises Can Profit from Blockchain
1.8.2 The Cryptocurrency Frenzy
2 Main Definitions
2.1 Criteria for a Security System
2.2 Security Aspects to Consider
2.3 Malicious Codes
2.3.1 Virus
2.3.2 Worms
2.3.3 Robots
2.3.4 Spy Programs
2.3.5 Backdoor Program
2.3.6 Trojan Horse
2.3.7 Rootkit
2.4 Internet Scams
2.4.1 Identity Theft
2.4.2 Resource Anticipation Fraud
2.4.3 Phishing
2.4.4 Pharming
2.4.5 E-commerce Scams
2.4.6 Hoax
2.5 Internet Attacks
2.5.1 Vulnerability Exploitation
2.5.2 Network Scan
2.5.3 Fake E-mail Address
2.5.4 Traffic Interception
2.5.5 Brute Force Attack
2.5.6 Page Defacement
2.5.7 Denial of Service
2.6 Cryptography
2.6.1 Symmetric Key and Asymmetric Key Cryptography
2.6.2 Hash Function
2.6.3 Digital Signature
2.6.4 Digital Certificate
2.6.5 Cryptography Programs
3 Information Theory
3.1 Information Measurement
3.2 Requirements for an Information Metric
3.3 Source Coding
3.4 Extension of a Memoryless Discrete Source
3.4.1 Improving the Coding Efficiency
3.5 Prefix Codes
3.6 The Information Unit
4 Source Coding
4.1 Types of Source Codes
4.1.1 Block Codes
4.1.2 Non-Singular Codes
4.1.3 Uniquely Decodable Codes
4.1.4 Instantaneous Codes
4.2 Construction of Instantaneous Codes
4.3 Kraft Inequality
4.4 Huffman Code
4.4.1 Constructing a Binary Huffman Code
5 Information Transmission and Channel Capacity
5.1 The Concept of Information Theory
5.2 Joint Information Measurement
5.3 Conditional Entropy
5.4 Model for a Communication Channel
5.5 Noiseless Channel
5.6 Channel with Independent Output and Input
5.7 Relations Between the Entropies
5.8 Mutual Information
5.9 Channel Capacity
5.9.1 Capacity of the Memoryless Discrete Channel
5.9.2 Relative Redundancy and Efficiency
6 Computer Networks
6.1 Data Flow in Networks
6.1.1 Capacity of a Channel Composition
6.1.2 Stationary Data Flow
6.2 Queue Models
6.2.1 Markov Model
6.2.2 Solution for a Stable Network
6.2.3 Constant Arrival Rate System
6.2.4 Efficient Server Model
6.2.5 Model with Discouraged Arrivals
6.2.6 Models of Queues M/G/1, M/M/1, and M/D/1
6.3 Local Area Networks
6.3.1 Definitions and Functions
6.3.2 Applications for Local Area Networks
6.3.3 Network Structure and Topology
6.3.4 Channel Access Techniques
6.3.5 Traffic on the Network
6.3.6 Performance Measures
7 Network Protocols and Architecture
7.1 What the World Was Like Without the Internet
7.2 Layer Architecture
7.2.1 The ISO Reference Model
7.2.2 Reference Model layers
7.2.3 IEEE 802 Standards for Computer Networks
8 The TCP/IP Protocol
8.1 TCP/IP Protocol History
8.2 Internet Coordination
8.3 Types of Networks
8.4 Transmission Protocols
8.5 Interconnection Equipment
8.6 Interconnection Protocols
8.6.1 Other TCP Services
8.6.2 TCP Header Structure
8.7 The IP Protocol
8.7.1 IP Addresses
8.7.2 Example of a DNS
8.7.3 Datagram Fragmentation
8.7.4 IP Routing
8.7.5 IP Address Resolution
8.7.6 User Datagram Protocol
8.7.7 Applications that Use TCP and UDP
8.7.8 Applications that Use TCP and UDP
8.8 The TCP/IP Protocol
8.8.1 Application Layer
8.8.2 Transport Layer
8.8.3 Internet Layer
8.9 Security Protocols for TCP/IP
8.9.1 IP Security Protocol
8.9.2 Vulnerabilities and Precautions Regarding TCP/IP
8.9.3 Vulnerabilities and Precautions Regarding TCP/IP Services
9 Network Security
9.1 Cryptography Applied to Computer Networks
9.1.1 Potential Network Vulnerabilities
9.1.2 Listening, Data Change, Forged Identity
9.1.3 Password-Based Attacks
9.1.4 Denial of Service
9.1.5 Password Break Attack
9.1.6 Sniffer Attack
9.1.7 Attack to the Application Layer
9.2 Alternatives to Prevent Attacks
9.2.1 Security Technologies
9.2.2 Security Mechanisms for the Application Layer
9.2.3 Security Mechanisms for the Transport Layer
9.2.4 Security Mechanisms for the Network Layer
9.3 Secure Sockets Layer Protocol
9.3.1 Encryption Used with SSL
9.4 Exchange of Information for the Safe Sockets Layer
9.4.1 Server Authentication
9.4.2 Attack of the Man in the Middle
9.4.3 Client Authentication
9.5 Data Protection with IPsec
9.5.1 Security Associations
9.5.2 Tunneling
9.5.3 Authentication Header
9.5.4 Authentication Header Format
9.5.5 Authentication Header in Transport and Tunnel Modes
9.5.6 AH in Tunnel Mode
9.6 Encapsulated Security Load
9.6.1 ESP Package Format
9.6.2 ESP in Transport Mode
9.6.3 ESP in Tunnel Mode
9.7 Espionage Between Countries
10 Theoretical Cryptography
10.1 Introduction
10.2 Cryptographic Aspects of Computer Networks
10.2.1 Potential Vulnerabilities of Computer Networks
10.3 Principles of Cryptography
10.4 Information Theoretical Aspects of Cryptography
10.4.1 Relations Between the Entropies
10.5 Mutual Information for Cryptosystems
11 The Hash Function
11.1 Introduction to Network Security
11.2 Hash Functions
11.3 Objectives of the Hash Function
11.4 Mathematical Preliminaries
11.5 Privacy Amplification
11.6 Conclusion
12 Criminal Cases
12.1 Introduction to Cybercrimes
12.2 Types of Cybercrimes
12.3 Famous Cybercrimes
12.3.1 The Mythical Pegasus
12.3.2 Hackers' Attack to Colonial and JBS
12.3.3 The Biggest Ransomware Attack Ever
12.3.4 Credit Cards Data Stolen from Home Depot's System
12.3.5 Largest Theft of Customer Data
12.3.6 Yahoo Data Breach
12.3.7 Customer's Data Stolen from Healthcare Companies
12.3.8 Social Security Numbers Stolen from IRS
12.3.9 Government Data Breach Due to Outdated Technology
12.3.10 Google Corporate Servers Hacked in China
12.3.11 Sony Pictures Hacked
12.3.12 Wikileaks Obtained Sensitive Information from the Democratic National Committee
12.3.13 A DDoS Attack that Took Down Twitter, PayPal, and Netflix
12.3.14 MafiaBoy's Teenage Crimes
12.3.15 Epsilon Attacked by Hackers
12.3.16 NHS Patients Had Their Computers Infected
12.3.17 When the United States Department of Defense was Attacked
12.3.18 The Ashley Madison Hack
12.3.19 The Stuxnet Worm Attack
12.3.20 The Iceman Attack
12.3.21 Bitcoin Stolen from Bitfinex Exchange in Hong Kong
12.3.22 Crypto Exchange Bithumb Hacked
12.3.23 Espionage Between Partners
Appendix A Probability Theory
A.1 Set Theory and Measure
A.1.1 Basic Set Theory
A.1.2 Some Operations on Sets
A.1.3 Families of Sets
A.1.4 Indexing of Sets
A.1.5 An Algebra of Sets
A.1.6 The Borel Algebra
A.2 Basic Probability Theory
A.2.1 The Axioms of Probability
A.2.2 Bayes' Rule
A.3 Random Variables
A.3.1 Expected Value of a Random Variable
A.3.2 Moments of a Random Variable
A.3.3 Variance of a Random Variable
A.3.4 Characteristic Function
A.3.4.1 Two Important Distributions
A.3.5 Joint Random Variables
Appendix B Cryptoalgorithms and Cryptosystems
Appendix C Glossary of Information Security Terms
References
Index
About the Author
Back Cover