Practical Cryptography
Security is the number one concern for businesses worldwide. The gold standard for attaining security is cryptography because it provides the most reliable tools for storing or transmitting digital information. Written by Niels Ferguson, lead cryptographer for Counterpane, Bruce Schneier's security company, and Bruce Schneier himself, this is the much anticipated follow-up book to Schneier's seminal encyclopedic reference, Applied Cryptography, Second Edition (0-471-11709-9), which has sold...
Search in google:
Security is the number one concern for businesses worldwide. The gold standard for attaining security is cryptography because it provides the most reliable tools for storing or transmitting digital information. Written by Niels Ferguson, lead cryptographer for Counterpane, Bruce Schneier's security company, and Bruce Schneier himself, this is the much anticipated follow-up book to Schneier's seminal encyclopedic reference, Applied Cryptography, Second Edition (0-471-11709-9), which has sold more than 150,000 copies. Niels Ferguson (Amsterdam, Netherlands) is a cryptographic engineer and consultant at Counterpane Internet Security. He has extensive experience in the creation and design of security algorithms, protocols, and multinational security infrastructures. Previously, Ferguson was a cryptographer for DigiCash and CWI. At CWI he developed the first generation of off-line payment protocols. He has published numerous scientific papers. Bruce Schneier (Minneapolis, MN) is Founder and Chief Technical Officer at Counterpane Internet Security, a managed-security monitoring company. He is also the author of Secrets and Lies: Digital Security in a Networked World (0-471-25311-1).
Preface1Our Design Philosophy12The Context of Cryptography73Introduction to Cryptography21IMessage Security414Block Ciphers435Block Cipher Modes676Hash Functions837Message Authentication Codes978The Secure Channel1119Implementation Issues (I)129IIKey Negotiation15310Generating Randomness15511Primes18512Diffie-Hellman20713RSA22314Introduction to Cryptographic Protocols24515Key Negotiation Protocol26116Implementation Issues (II)279IIIKey Management29517The Clock29718Key Servers30919The Dream of PKI31520PKI Reality32321PKI Practicalities33922Storing Secrets347IVMiscellaneous36323Standards36524Patents37325Involving Experts381Acknowledgments385Bibliography387Index397
\ From Barnes & NobleThe Barnes & Noble Review\ Cryptography, as Bruce Schneier keeps pointing out to anyone who’ll listen, is even harder than it looks. Of course, it doesn’t help that many books on the subject are intensely academic. Such books do little for folks who actually have to implement crypto-based security. No wonder so many implementations are so poor. \ Schneier, president of Counterpane Internet Security, Inc., is arguably the world’s leading crypto expert. His firm’s lead cryptographer, Niels Ferguson, isn’t far behind. Together, they’ve written Practical Cryptography to give implementers what they need to do the job right.\ As Schneier often notes, excellent algorithms and protocols do exist: The devil’s in the implementation details, and plenty of companies get them wrong. Worse, the algorithms and protocols are the “easy” part. Once you get people into the loop -- as with key management -- things get really tough. Still worse, nonspecialists often treat crypto as an afterthought, to be bolted on once everything else is done. That’s a recipe for failure, considering that you have to secure your entire system: Your adversary need only find one weak link.\ These are the types of issues Practical Cryptography takes on.\ Schneier and Ferguson begin with some serious attitude adjustment. To build secure systems, security must come first, with other priorities (like performance or new features) way down the list. “If you are ever tempted to cut a security corner in the name of efficiency, just repeat to yourself: ‘We already have enough fast, insecure systems. We don’t need another one.’ ”\ They also focus on keeping things simple -- which means lots of modularization. To that end, they present (and in some cases, create) simple interfaces for cryptographic primitives: “No features, no options, no special cases, no extra things to remember, just the simplest definition we could come up with.”\ After introducing cryptography from the implementer’s standpoint, they present several key elements of cryptography systems. In two full chapters on block ciphers, they help you compare and choose amongst solutions like AES, Serpent, and Twofish; then cover block cipher modes, and help you limit the risks of information leakage. There’s a full chapter on hash functions, their weaknesses, solutions -- and tradeoffs.\ Next, the authors move on to solving real-world problems, starting with one of the most common: creating secure connections. There’s detailed coverage of secure software development: everything from wiping state to handling swap files and caches -- not to mention buffer overflows, side-channel attacks, and the like.\ A section on key negotiation addresses everything from generating randomness to working with primes; using Diffie-Hellman and RSA algorithms to handling crypto protocols. The authors cover key management in comparable depth: implementing reliable clocks; Kerberos and its alternatives; and the practical realities of PKI implementation (for example, why keys “wear out.”)\ Practical Cryptography reaches far and wide, from algorithms and protocols to standards and patents -- with plenty of cautions to make sure you never get overconfident. Because, when it comes to security, overconfidence is fatal. Bill Camarda\ Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks for Dummies, Second Edition.\ \ \
