Cryptography Algorithms, Protocols, and Standards for Computer Security

An introduction to one of the backbones of the digital world

Cryptography is one of the most important aspects of information technology security, central to the protection of digital assets and the mitigation of risks that come with increased global connectivity. The digital world is wholly reliant on secure algorithms and protocols for establishing identity, protecting user data, and more. Groundbreaking recent developments in network communication and a changing digital landscape have been accompanied by similar advances in cryptography, which is more central to digital life than ever before.

This book constitutes a comprehensive yet accessible introduction to the algorithms, protocols, and standards which protect the modern internet. Built around both foundational theories and hundreds of specific algorithms, it also incorporates the required skills in complex mathematics. The result is an indispensable introduction to the protocols and systems which should define cryptography for decades to come.

Readers will also find:

• Over 450 problems with accompanying solutions to reinforce key concepts and test retention
• Detailed discussion of topics including symmetric and asymmetric algorithms, random number generation, user authentication, and many more
• Over 200 figures and tables that provide rich detail to the content

Cryptography: Algorithms, Protocols, and Standards for Computer Security is ideal for undergraduate and graduate students in cryptography and information technology subjects, as well as for researchers looking for a working reference on existing cryptographic algorithms and protocols.

Preface xviii

1 Introduction to Computer Security 1

1.1 Introduction 1

1.2 Security Terms and Definitions 4

1.3 Security Services 6

1.4 Attacks 8

1.5 Countermeasures/Defenses 16

1.6 Overview of Defense Systems 20

1.7 Introduction to Privacy Protection 26

1.8 Concluding Remarks 29

1.9 Exercises and Solutions 29

2 Introduction to Cryptography 33

2.1 Definitions of Basic Terms 33

2.2 Cryptographic Primitives 39

2.3 Fundamental Properties of Cryptographic Algorithms 43

2.4 Attacks Against Cryptographic Algorithms 45

2.5 Steganography 51

2.6 Exercises and Problems 52

3 Mathematical Basics and Computation Algorithms for Cryptography 59

3.1 Number Theory Notations, Definitions, and Theorems 59

3.2 Basic Algebraic Structures 66

3.3 Computation Algorithms 80

3.4 Birthday Paradox and Its Generalization 92

3.5 Solutions to Exercises and Problems 93

4 Symmetric Ciphering: Historical Ciphers 117

4.1 Definitions 117

4.2 Caesar’s Cipher 117

4.3 Affine Ciphers 118

4.4 Vigenere’s Cipher 120

4.5 Enigma Machine 122

4.6 One-time Pad 133

4.7 Exercises and Problems 133

5 Hash Functions, Message Authentication Codes, and Digital Signature 142

5.1 Hash Functions 142

5.2 Secure Hash Algorithms (SHA) 146

5.3 Message Authentication Codes 157

5.4 Digital Signature 161

5.5 Concluding Remarks 163

5.6 Problems 163

6 Stream Ciphers 173

6.1 Stream Ciphers 173

6.2 Examples of Standard Keystream Generators 182

6.3 Exercises and Problems 197

7 Block Ciphers: Basics, TDEA, and AES 207

7.1 Construction Principles for Block Cipher Design 207

7.2 Triple Data Encryption Algorithm (TDEA) 211

7.3 Advanced Encryption System (AES) 222

7.4 Exercises and Problems 235

8 Block Cipher Modes of Operation for Confidentiality 247

8.1 Introduction 247

8.2 ECB Mode of Operation 249

8.3 CBC Modes of Operation 250

8.4 OFB Mode of Operation 253

8.5 CTR Mode of Operation 253

8.6 CFB Mode of Operation 255

8.7 Format-Preserving Encryption Modes of Operation 256

8.8 XTS-AES Mode of Operation 264

8.9 Comparison of Design Features of Modes for Confidentiality 269

8.10 Security of Modes of Operation for Confidentiality 269

8.11 Exercises and Problems 273

9 Block Cipher Modes of Operation for Authentication and Confidentiality 281

9.1 Introduction 281

9.2 Block Cipher Modes of Operation for Confidentiality and Authentication 282

9.3 Exercises and Problems 306

10 Introduction to Security Analysis of Block Ciphers 314

10.1 Pseudorandom Functions and Permutations 314

10.2 Security of TDEA and AES 320

10.3 Security Analysis Modes of Operation of BC for Confidentiality 322

10.4 Security Analysis of Authenticity-only Schemes 326

10.5 Generic Models for Security Analysis of Authenticated-Encryption Modes 329

10.6 Problems and Solutions 332

11 Introduction to Cryptanalysis Attacks on Symmetric Ciphers 338

11.1 Memory-Time Trade-off Attacks 339

11.2 Linear Cryptanalysis 347

11.3 Differential Cryptanalysis 360

11.4 Algebraic Cryptanalysis 366

11.5 Cube Attack 368

11.6 Other Attacks Against Stream Ciphers 372

11.7 Problems and Solutions 374

12 Public-Key Cryptosystems 381

12.1 Introduction to Public-Key Cryptosystems 381

12.2 RSA Cryptosystem 383

12.3 Finite Field-based Cryptography 394

12.4 Digital Signature Algorithm (DSA) 400

12.5 Exercises and Problems 401

13 Public-Key Cryptosystems: Elliptic Curve Cryptography 424

13.1 Introduction 424

13.2 Elliptic Curve Cryptography over Prime Field Fp 426

13.3 Elliptic Curve Cryptography over Extension Fields 431

13.4 Security of EC Cryptosystems 436

13.5 Elliptic Curve-based Algorithms 437

13.6 Exercises and Problems 451

14 Key Management 465

14.1 Key-Management-related Notions 465

14.2 Key-Generation Schemes 469

14.3 Key-Establishment Schemes 482

14.4.1 List of Problems 501

14.4.2 Solutions to Problems 503

15 Digital Certificate, Public-Key Infrastructure, TLS, and Kerberos 509

15.1 Digital Certificate: Notion and X.509 Format 509

15.2 Public-Key Infrastructure 511

15.3 Transport Layer Security (TLS 1.3) 517

15.4 Kerberos 521

15.5 Exercises and Problems 527

16 Generation of Pseudorandom and Prime Numbers for Cryptographic Applications 531

16.1 Introduction to Pseudorandom Number Generation 531

16.2 Pseudorandom Bit Generators Recommended for Cryptography 541

16.3 Prime Number Generation 549

16.4 Exercises and Problems 561

Notes 565

References 565

Appendix: Multiple Choice Questions and Answers 566

Index 580

Zoubir Mammeri, PhD, is a Full Professor at Paul Sabatier University in Toulouse, France. He teaches a variety of computer science subjects. He has published extensively on cybersecurity and related subjects, and has served as expert and evaluator in research programs of the European Commission and the French National Research Agency on communication networks and their security.