Security in Fixed and Wireless Networks.

Format:

Book

Author/Creator:

Schäfer, Günter (Telecommunications engineer)

Contributor:

Rossberg, Michael.

Language:

English

Subjects (All):

Computer networks--Security measures.

Physical Description:

1 online resource (621 pages)

Edition:

2nd ed.

Place of Publication:

New York : John Wiley & Sons, Incorporated, 2016.

Contents:

Cover

Title Page

Copyright

Contents

About the authors

Preface to the second edition

Preface to the first edition

Part I Foundations of Data Security Technology

Chapter 1 Introduction

1.1 Content and Structure of this Book

1.2 Threats and Security Goals

1.3 Network Security Analysis

1.4 Information Security Measures

1.5 Important Terms Relating to Communication Security

Chapter 2 Fundamentals of Cryptology

2.1 Cryptology, Cryptography and Cryptanalysis

2.2 Classification of Cryptographic Algorithms

2.3 Cryptanalysis

2.4 Estimating the Effort Needed for Cryptographic Analysis

2.5 Characteristics and Classification of Encryption Algorithms

2.6 Key Management

2.7 Summary

2.8 Supplemental Reading

2.9 Questions

Chapter 3 Symmetric Cryptography

3.1 Encryption Modes of Block Ciphers

3.2 Data Encryption Standard

3.3 Advanced Encryption Standard

3.4 RC4 Algorithm

3.5 The KASUMI algorithm

3.6 Summary

3.7 Supplemental Reading

3.8 Questions

Chapter 4 Asymmetric Cryptography

4.1 Basic Idea of Asymmetric Cryptography

4.2 Mathematical Principles

4.3 The RSA Algorithm

4.4 The Problem of the Discrete Logarithm

4.5 The Diffie-Hellman Key Exchange Algorithm

4.6 The ElGamal Algorithm

4.7 Security of Conventional Asymmetric Cryptographic Schemes

4.8 Principles of Cryptography Based on Elliptic Curves

4.8.1 Elliptic Curves over R

4.8.2 Elliptic Curves over Zp

4.8.3 Elliptic Curves over GF(2n)

4.8.4 Cryptographic Protocols Based on Elliptic Curves

4.8.5 Security of cryptographic techniques over elliptic curves

4.8.6 Current Developments in EC Cryptography

4.9 Summary

4.10 Supplemental Reading

4.11 Questions

Chapter 5 Cryptographic Check Values

5.1 Requirements and Classification

5.2 Modification Detection Codes.

5.2.1 Attacks on Modification Detection Codes

5.2.2 General Structure of Cryptographic Hash Functions

5.2.3 MD5

5.2.4 SHA-1

5.2.5 The SHA-2 Family

5.2.6 SHA-3

5.3 Message Authentication Codes

5.3.1 Schemes for the Computation of Message Authentication Codes

5.3.2 Security of CBC-based Algorithms

5.3.3 The CMAC Method

5.4 Message Authentication Codes Based on MDCs

5.5 Authenticated Encryption

5.5.1 The Galois/Counter Mode (GCM)

5.5.2 The SpongeWrap Method

5.6 Summary

5.7 Supplemental Reading

5.8 Questions

Chapter 6 Random Number Generation

6.1 Random Numbers and Pseudo-Random Numbers

6.2 Cryptographically Secure Random Numbers

6.3 Statistical Tests for Random Numbers

6.4 Generation of Random Numbers

6.5 Generating Secure Pseudo-Random Numbers

6.6 Implementation Security

6.7 Summary

6.8 Supplemental Reading

6.9 Questions

Chapter 7 Cryptographic Protocols

7.1 Properties and Notation of Cryptographic Protocols

7.2 Data Origin and Entity Authentication

7.3 Needham-Schroeder Protocol

7.4 Kerberos

7.5 International Standard X.509

7.5.1 X.509 Key Certificates

7.5.2 Direct Authentication Protocols Based on X.509

7.6 Security of Negotiated Session Keys

7.7 Advanced Password Authentication Methods

7.8 Formal Validation of Cryptographic Protocols

7.8.1 Classification of Formal Validation Methods

7.8.2 GNY Logic*

7.8.3 An Example of GNY Logic*

7.9 Summary

7.10 Supplemental Reading

7.11 Questions

Chapter 8 Secure Group Communication*

8.1 Specific Requirements for Secure Group Communication

8.2 Negotiation of Group Keys

8.2.1 Centralised Key Management

8.2.2 Decentralised Key Management

8.2.3 Distributed Key Management

Group Diffie-Hellman

Tree-Based Group Diffie-Hellman

8.3 Source Authentication.

8.3.1 Block-by-block Authentication

8.3.2 Combinatorial Selection of Symmetric MACs

8.3.3 TESLA

8.4 Summary

8.5 Supplemental Reading

8.6 Questions

Chapter 9 Access Control

9.1 Definition of Terms and Concepts

9.2 Security Labels

9.3 Specification of Access Control Policies

9.4 Categories of Access Control Mechanisms

9.5 Summary

9.6 Supplemental Reading

9.7 Questions

Part II Network Security

Chapter 10 Integration of Security Services in Communication Architectures

10.1 Motivation

10.2 A Pragmatic Model

10.3 General Considerations for the Placement of Security Services

10.4 Integration in Lower Protocol Layers vs Applications

10.5 Integration into End Systems or Intermediate Systems

10.6 Summary

10.7 Supplemental Reading

10.8 Questions

Chapter 11 Link Layer Security Protocols

11.1 Virtual Separation of Data Traffic with IEEE 802.1Q

11.2 Securing a Local Network Infrastructure Using IEEE 802.1X

11.3 Encryption of Data Traffic with IEEE 802.1AE

11.4 Point-to-Point Protocol

11.4.1 Structure and Frame Formats

11.4.2 PPP Authentication Protocols

11.4.3 PPP Encryption

11.5 Point-to-Point Tunneling Protocol

11.5.1 Basic Versions of PPTP Packet Encapsulation

11.5.2 Development of PPTP and Alternative Approaches

11.6 Virtual Private Networks

11.7 Summary

11.8 Supplemental Reading

11.9 Questions

Chapter 12 IPsec Security Architecture

12.1 Short Introduction to the Internet Protocol Suite

12.2 Overview of the IPsec Architecture

12.3 Use of Transport and Tunnel Modes

12.4 IPsec Protocol Processing

12.5 The ESP Protocol

12.6 The AH Protocol

12.7 The ISAKMP Protocol

12.8 Internet Key Exchange Version 1

12.8.1 Negotiation of an ISAKMP-SA

12.8.2 Negotiation of IPsec SAs

12.9 Internet Key Exchange Version 2.

12.10 Other Aspects of IPsec

12.10.1 Interaction with Compression

12.10.2 Interaction with Firewalls and Intrusion Detection Systems

12.10.3 Handling of Network Address Translation

12.11 Summary

12.12 Supplemental Reading

12.13 Questions

Chapter 13 Transport Layer Security Protocols

13.1 Secure Socket Layer

13.1.1 Security Services and Protocol Architecture

13.1.2 The Record Protocol

13.1.3 The Handshake Protocol

13.1.4 Authentication and Negotiation of Session Keys

13.1.5 A Shortcoming in the Handshake Protocol

13.2 Transport Layer Security

13.2.1 Cryptographic Algorithms used in TLS

13.2.2 Attacks on Selectable Initialisation Vectors

13.2.3 Renegotiation Attack

13.2.4 Problems with Compression in TLS

13.2.5 Timing Attacks on the CBC Mode in TLS

13.3 Datagram Transport Layer Security

13.4 Secure Shell

13.4.1 SSH Transport Protocol

13.4.2 Parameter Negotiation and Server Authentication

13.4.3 Client Authentication

13.4.4 Connection Control Within A Session

13.5 Summary

13.6 Supplemental Reading

13.7 Questions

Part III Secure Wireless and Mobile Communications

Chapter 14 Security Aspects of Mobile Communication

14.1 Threats in Mobile Communication Networks

14.2 Protecting Location Confidentiality

14.2.1 Broadcast Communication

14.2.2 Temporary Pseudonyms

14.2.3 Communication Mixes

14.3 Summary

14.4 Supplemental Reading

14.5 Questions

Chapter 15 Security in Wireless Local Area Networks

15.1 The IEEE 802.11 Standard for WLANs

15.2 Entity Authentication

15.2.1 Shared Key Authentication

15.2.2 Simultaneous Authentication of Equals

15.3 Wired Equivalent Privacy

15.3.1 Operation and Linearity of CRC

15.3.2 Operation of the WEP Protocol

15.3.3 Flaws in the WEP Protocol

15.4 Robust Secure Networks.

15.4.1 Temporal Key Integrity Protocol

15.4.2 CTR with CBC-MAC Protocol

15.5 Security in Public WLANs

15.6 Summary

15.7 Supplemental Reading

15.8 Questions

Chapter 16 Security in Mobile Wide-Area Networks

16.1 Global System for Mobile Communication

16.2 Universal Mobile Telecommunications System

16.3 Long-Term Evolution

16.4 Summary

16.5 Supplemental Reading

16.6 Questions

Part IV Protecting Communications Infrastructures

Chapter 17 Protecting Communications and Infrastructure in Open Networks

17.1 Systematic Threat Analysis

17.2 Security of End Systems

17.2.1 Buffer Overflows

17.2.2 Format String Attacks

17.2.3 Exploiting Race Conditions and Confidence in the Operating System Environment

17.2.4 SQL Injections and Cross-site Scripting

17.2.5 Malware

17.3 Summary

17.4 Supplemental Reading

17.5 Questions

Chapter 18 Availability of Data Transport

18.1 Denial-of-Service Attacks

18.1.1 Denial-of-Service Attacks with Permanent Effects

Permanent Destruction and Reservation of Resources

Illegitimate Resource Reservation

18.1.2 Resource Exhaustion

Memory Exhaustion Attacks

Exhaustion of Computing Resources

Bandwidth Exhaustion

18.2 Distributed Denial-of-Service Attacks

18.3 Countermeasures

18.3.1 Cookies and Stateless Protocol Design

18.3.2 Client Puzzles

18.3.3 Filtering, Partitioning and Redundancy

18.3.4 IP Traceback*

Logging of Packets in Gateway Systems

Reconstruction of Network Paths by the Receiver

Conclusion Regarding IP Traceback

18.4 Summary

18.5 Supplemental Reading

18.6 Questions

Chapter 19 Routing Security

19.1 Cryptographic Protection of BGP

19.1.1 Authentication of Data Transmission

19.1.2 The Secure Border Gateway Protocol

19.1.3 The Secure Origin Border Gateway Protocol.

19.1.4 Interdomain Route Validation.

Notes:

Description based on publisher supplied metadata and other sources.

Other Format:

Print version: Schaefer, Guenter Security in Fixed and Wireless Networks

ISBN:

9781119040767

OCLC:

958554343