Inhaltsverzeichnis

Alle Kapitel aufklappen

Alle Kapitel zuklappen

Foreword

Acknowledgments

Preface

Who This Book Is For

Why Another Book on Cryptography?

How This Book Is Organized

Conclusion

PART I Foundations of Modern Cryptography

1 Fundamentals of Cryptography

1.1 History of Cryptography

1.1.1 Historical Development of Cryptography

1.1.2 Why Is Cryptography Required?

1.2 Introduction to Cryptography

1.2.1 Definitions

1.2.2 Classical versus Modern Cryptography

1.2.3 Encoding, Hashing, and Encryption

1.2.4 Security Concepts

1.2.5 Types of Modern Cryptography

1.2.6 Steganography

1.2.7 Additional Techniques

1.2.8 Confusion and Diffusion

1.2.9 Refresher on Mathematics

1.3 Primer on Ciphers

1.3.1 Substitution Cipher

1.3.2 Transposition Ciphers

1.3.3 Stream Ciphers

1.3.4 Block Ciphers

1.4 Summary

2 Symmetric Cryptography

2.1 Primer on Symmetric Cryptography

2.2 Symmetric Key Algorithms

2.2.1 Data Encryption Standard

2.2.2 Triple DES and DES Variants

2.2.3 International Data Encryption Algorithm

2.2.4 Advanced Encryption Standard

2.2.5 AES Finalists

107

2.3 Summary

110

3 Asymmetric Cryptography

113

3.1 Primer on Asymmetric Cryptography

114

3.1.1 Properties of Asymmetric Cryptography

115

3.1.2 Introductory Mathematics

119

3.2 Asymmetric Cryptography Algorithms

124

3.2.1 RSA Algorithm

124

3.2.2 Diffie–Hellman–Merkle Key Exchange Algorithm

130

3.2.3 Elgamal Cryptosystem

136

3.2.4 Elliptic Curve Cryptography

139

3.3 Summary

144

4 Cryptography Services

147

4.1 Hash Functions and Algorithms

148

4.1.1 Primer on Cryptographic Hash Functions

148

4.1.2 Message Digest Algorithms

153

4.1.3 SHA Family of Algorithms

157

4.1.4 SHA-3 Algorithm

161

4.2 Message Authentication Codes

168

4.3 Digital Signature

169

4.3.1 Primer on Digital Signatures

169

4.3.2 Digital Signature Standard

170

4.4 Merkle Trees

172

4.5 Summary

173

PART II Modern Cryptography in Practice

175

5 Storage Security: Data Encryption at Rest

177

5.1 Primer on Data Security

178

5.1.1 Understanding the Data to Be Protected

178

5.1.2 Understanding Data Security

181

5.2 Data-at-Rest Encryption Methods

183

5.2.1 Disk Encryption

184

5.2.2 Volume Encryption

186

5.2.3 File Encryption

188

5.2.4 Database Encryption

190

5.2.5 Application Encryption

194

5.3 Summary

196

6 Web Security: Data Encryption in Transit

199

6.1 Primer on Web Security

200

6.2 Web Security Protocols

209

6.2.1 Implementing the TLS Protocol

209

6.2.2 Implementing VPNs Using IPS

222

6.3 Securing Web-Based Applications

227

6.3.1 Securing Email Communication

227

6.3.2 Securing Streaming and Downloading

230

6.4 Public Key Infrastructure

232

6.5 Summary

236

7 Cloud and Connected Device Cryptography

237

7.1 Primer on Cloud Cryptography

238

7.1.1 Securing Infrastructure in the Cloud

240

7.1.2 Securing Data in the Cloud

243

7.1.3 Securing Applications in the Cloud

247

7.2 Encryption Key Management

248

7.2.1 Cloud Service Provider-Managed Key

251

7.2.2 Customer-Managed Key

252

7.2.3 Bring Your Own Key

253

7.3 Cryptography as a Service by Major Cloud Service Providers

254

7.3.1 Amazon Web Services

255

7.3.2 Microsoft Azure

257

7.3.3 Google Cloud Platform

258

7.3.4 Cryptography Services by Other Cloud Service Providers

259

7.4 Lightweight Cryptography and the Internet of Things

259

7.4.1 The IoT Concept

260

7.4.2 Risks and Attacks Associated with IoT

261

7.4.3 Securing Connected Devices with Lightweight Cryptography

263

7.4.4 Cryptography in Cars

266

7.5 Summary

268

8 Cryptography in Cryptocurrency

271

8.1 Primer on Cryptocurrency

272

8.1.1 History of Money

272

8.1.2 Introduction to Cryptocurrency

275

8.1.3 Primer on Blockchain

278

8.2 The “Crypto” in Cryptocurrency

282

8.2.1 Cryptographic Transactions

282

8.2.2 Cryptography Algorithms Used in Cryptocurrency

287

8.2.3 Cryptocurrency Wallets

290

8.3 Outlook: Cautiously Optimistic

293

8.4 Summary

296

9 Cryptography and Artificial Intelligence

297

9.1 Primer on AI

298

9.2 AI for Cryptography

303

9.2.1 Role of AI in Cryptography

303

9.2.2 AI Algorithms for Cryptography

305

9.3 Cryptography for AI

309

9.3.1 Security Risks of AI

310

9.3.2 Securing AI Models with Cryptography

313

9.4 Best Practices and Ethical Use of AI

315

9.5 Summary

316

10 Post-Quantum Cryptography

317

10.1 Primer on Quantum Computing

317

10.1.1 History of Quantum Mechanics

318

10.1.2 Quantum Computing 101

319

10.1.3 Quantum Computing Technologies

323

10.2 Quantum Computing and Cryptography

325

10.2.1 The Risk of Quantum Computing

325

10.2.2 Quantum Cryptography

328

10.2.3 Quantum-Resistant Cryptography Algorithms

331

10.3 Preparing for Post-Quantum Cryptography

336

10.3.1 NIST: Initiative on Post-Quantum Cryptography

336

10.3.2 Preparing and Implementing Post-Quantum Cryptography

338

10.4 Future of Cryptography in Post-Quantum Computing

341

10.5 Summary

344

11 Homomorphic Encryption

345

11.1 Primer on Homomorphic Encryption

346

11.1.1 History of Homomorphic Encryption

346

11.1.2 Understanding Homomorphic Encryption

348

11.1.3 Types of Homomorphic Encryption

351

11.1.4 Homomorphic Encryption Using a Symmetric Key

353

11.2 Practical Applications of Homomorphic Encryption

354

11.2.1 Healthcare

354

11.2.2 Electronic Voting System

357

11.2.3 Artificial Intelligence and Other Use Cases

360

11.3 Advantages, Challenges, and the Future

361

11.3.1 Advantages

361

11.3.2 Challenges

362

11.3.3 Future of Homomorphic Encryption

364

11.4 Summary

365

12 Cryptography Attacks and Ransomware

367

12.1 Primer on Cryptography Attacks

368

12.1.1 Cryptanalytic Attacks

368

12.1.2 Man-in-the-Middle Attacks

374

12.1.3 Other Cryptography Attacks

377

12.1.4 Cryptography Attacks in a Nutshell

378

12.2 Ransomware Attacks

379

12.2.1 Anatomy of Ransomware

380

12.2.2 Ransomware as a Service

384

12.2.3 Protecting Against Ransomware Attacks

386

12.3 Summary

387

13 Cryptography Standards and Resources

389

13.1 Government Standards for Cryptography

389

13.1.1 National Institute of Standards and Technology

390

13.1.2 European Standards and Regulations for Cryptography

391

13.2 Other Standards for Cryptography

392

13.3 Best Practices and Other Resources

392

13.3.1 Best Practices for Cryptography

393

13.3.2 Other Resources

394

13.4 Further Reading

396

13.5 Summary

397

14 Future Trends and Concluding Remarks

399

14.1 Future Trends in Cryptography

399

14.2 Concluding Remarks

401

14.3 Summary

403

A Bibliography

405

B The Author

415

Index

417