Charles Kaufman, Lotus, MA
Radia Perlman, Novell, MA
Michael Speciner, ColorAge, MA

Published March, 1995 by Prentice Hall PTR (ECS Professional)

Copyright 1995, 640 pp.
Cloth
ISBN 0-13-061466-1
$63.00

Sign up for future
mailings on this subject.

See other books about:
    Computer & Networking Security

A witty, concisely written guide to the latest advances in network security protocols by an author team which includes Charles Kaufman, the Network Security Architect at Digital, and bestselling author Radia Perlman, whose work covers the development of sabotage-proof networks. Perlman is the Series Editor of the new Prentice Hall Series in Computer Networking and Distributed Systems of which this is the first title.

Provides a critical (and sometimes humorous) assessment of the state of network security protocols and mechanisms (what works, what doesn't and why). Explains clearly the cryptographic algorithms on which most security systems depend. Includes the first comprehensive description of the Kerberos authentication system used in UNIX networks. Also describes secure electronic mail standards including the Internet's Privacy Enhanced Mail (PEM). Covers these issues in real systems, including Novell, Sun, OSF DCE-based systems. The book goes beyond explaining the technology; it contrasts competing schemes, explains weaknesses and strengths, and describes common mistakes people make when designing such systems. professionals from those who have to build secure enterprise-wide internets to the system admilnistrator or programemr who wants a better understanding of this important field.

Acknowledgments.
1. Introduction.

Roadmap the Book. What Type of Book is This? Terminology. Notation. Primer on Networking. OSI Reference Model. Directory Service. Replicated Services. Packet Switching. Network Components. Destinations: Ultimate and Intermediate. Address Structure. Tempest. Firewalls/Security Gatesway. Packet Filters. Application Level Getaway. Encrypted Tunnels. Key Escrow for Law Enforcement. Key Escrow for Careless Users. Viruses, Worms, Trojan Horses. Where Do They Come From? Spreading Pests from Machine to Machine. Virus Checkers. What Can We Do Today? Wish List for the Future. The Military Model of Security. Mandatory (Nondiscretionary) Access Controls. Levels of Security. Mandatory Access Control Rules. Covert Channels. The Orange Book. Legal Issues. Patents. Export Controls.

2. Introduction to Cryptography.

What Is Cryptography? Computational Difficulty. To Publish or Not to Publish. Secret Codes. Breaking an Encryption Scheme. Ciphertext Only. Known Plaintext. Chosen Plaintext. Types of Cryptographic Functions. Secret Key Cryptography. Security Uses of Secret Key Cryptography. Transmitting Over an Insecure Channel. Secure Storage on Insecure Media. Authentication. Integrity Check. Public Key Cryptography. Security Uses of Public Key Cryptography. Transmitting Over an Insecure Channel. Secure Storage on Insecure Media. Authentication. Digital Signatures. Hash Algorithms. Password Hashing. Message Integrity. Message Fingerprint. Downline Load Security. Digital Signature Efficiency. Homework.

3. Secret Key Cryptography.

Introduction. Generic Block Encryption. Data Encryption Standard (DES). DES Overview. The Permutations of the Data. Generating the Per- Round Keys. A DES Round. The Mangler Function. Weak and Semi-Weak Keys. What's So Special About DES? International Data Encryption Algorithm (IDEA). Primitive Operations. Key Expansion. One Round. Odd Round. Even Round. Inverse Keys for Decryption. Does IDEA Work? Using Secret Key Cryptography in Protocols. Encrypting a Large Message. Electronic Code Book (ECB). Cipher Block Chaining (CBC). CBC Threat 1—Modifying Ciphertext Blocks. CBC Threat 2—Rearranging Ciphertext Blocks. Output Feedback Mode (OFB). Cipher Feedback Mode (CFB). Generating MIC's. Ensuring Privacy and Integrity Together. CBC with a Weak Cryptographic Checksum. CBC with a Cryptographic Hash. CBC Encryption and CBC Residue with Related Keys. Multiple Encryption DES. How Many Encryptions? Encrypting Twice with the Same Key. Encrypting Twice with Two Keys. Triple Encryption. CBC Outside vs Inside. Homework.

4. Hashes and Message Digests.

Introduction. Nifty Things to Do with a Hash. Authentication. Computing an MIC with a Hash. Encryption with a Message Digest. Generating a One-Time Pad. Mixing in the Plaintext. Using Secret Key for a Hash. UNIX Password Hash. Hashing Large Messages. MD2. MD2 Padding.2 MD2 Checksum Computation. MD2 Final Pass. MD4. MD4 Message Padding. Overview of MD4 Message Digest Computation. MD4 Message Digest Pass 1. MD4 Message Digest Pass 2. MD4 Message Digest Pass 3. MD5. MD5 Message Padding. Overview of MD5 Message Digest Computation. MD5 Message Digest Pass 1. MD5 Message Digest Pass 2. MD5 Message Digest Pass 3. MD5 Message Digest Pass 4. SHS. SHS Message Padding. Overview of SHS Message Digest Computation. SHS Operation on a 512-bit Block. Homework.

5. Public Key Algorithms.

Introduction. Modular Arithmetic. Modular Addition. Modular Multiplication. Modular Exponentitation. RSA. RSA Algorithm. Why Does RSA Work. Why is RSA Secure? How Efficient Are the RSA Operations? Exponentiating With Big Numbers. Generating RSA Keys. Finding Big Primes p and q. Finding d and e. Having a Small Constant e. Optimizing RSA Private Key Operations. Arcane RSA Threats. Smooth Numbers. The Cube Root Problem. Public-Key Cryptography Standard (PKCS). Encryption. Signing. Diffie- Hellman. The Bucket Brigade Attack. Diffie-Hellman with Published Public Papers. Encryption with Diffie-Hellman. El Gamal Signatures. Diffie- Hellman Details—Strong Primes. Digital Signature Standard (DSS). The DSS Algorithm. Why Does the Verification Procedure Work? Why is This Secure? Per-Message Secret Number. Zero Knowledge Proof Systems. Zero Knowledge Signatures. Homework Problems.

6. Number Theory.

Introduction. Modular Arithmetic. Primes. Euclid's Algorithm. Finding Multiplicative Inverses in Modular Arithmetic. Chinese Remainder Theorem. Zn*. Euler's Totient Function. Euler's Theorem. A Generalization on Euler's Theorem. Homework Problems.

7. Authentication Systems.

Password-Based Authentication. Off- vs. On-Line Password Guessing. Storing User Passwords. Address-Based Authentication. Network Address Impersonation. Cryptographic Authentication Protocols. Who Is Being Authenticated? Passwords as Cryptographic Keys. Eavesdropping and Server Database Reading. Trusted Intermediaries. KDCs. Certification Authorities (CAs). Certificate Revocation. Multiple Trusted Intermediaries. Multiple KDC Domains. Multiple CA Domains. Session Key Establishment. Authorization. Groups. Hierarchial Groups. Delegation. Homework.

8. Authentication of People.

Passwords. On-Line Password Guessing. Off-Line Password Guessing. How Big Should a Secret Be? Eavesdropping. Passwords and Careless Users. Using a Password in Multiple Places. Requiring Frequent Password Changes. A Login Trojan Horse to Capture Passwords. Non-Login Use of Passwords. Initial Password Distribution. Authentication Tokens. Physical Access. Biometrics. Homework.

9. Security Handshake Pitfalls.

Login Only. Shared Secret. One-Way Public Key. Lamport's Hash. Mutual Authentication. Reflection Attack. Password Guessing. Public Keys. Timestamps. Integrity/Encryption for Data. Shared Secret. Two-Way Public Key Based Authentication. One-Way Public Key Based Authentication. Lamport Hash. Privacy and Integrity. Meditated Authentication (with KDC). Needham- Schroeder. Expanded Needham-Schroeder. Otway-Rees. Bellovin-Merritt. Network Login and Password Guessing. Nonce Types. Picking Random Numbers. X.609 Problem. Performance Considerations. Authentication Protocol Checklist. Homework.

10. Kerberos V4.

Introduction. Tickets and Ticket-Granting Tickets. Configuration. Logging into the Network. Obtaining a Session Key and TGT. Alice Asks to Talk to a Remote Node. Replicated KDC's. Realms. Interrealm Authentication. Key Version Numbers. Encryption for Privacy and Integrity. Encryption for Integrity Only. Network Layer Addresses in Tickets. Message Formats. Tickets. Authenticators. Credentials. AS_REQ. TGS_REQ. AS_REP and TGS_REP. Error Reply from KDC. AP_REQ. AP_REP. Encrypted Data (KRB_PRV). Integrity-Checked Data (SAFE). AP_ERR. Homework.

11. Kerberos V5.

ASN. Names. Delegation of Rights. Ticket Lifetimes. Renewable Tickets. Postdated Tickets. Key Versions. Making Master Keys in Different Realms Different. Optimizations. Cryptographic Algorithms. Integrity-Only Algorithms. rsa-md5-des. des-mac. des-mac-k. rsa-md4-des. rsa-md4-des-k. Encryption for Privacy and Integrity. Hierarchy of Realms. Evading Password-Guessing Attacks. Key Inside Authenticator. Double TGT Authentication. KDC Database. Kerberos V5 Messages. Authenticator. Ticket. AS_REQ. TGS_REQ. AS_REP. TGS_REP. AP_REQ. AP-REP. KRB_SAFE. KRB_PRIV. KRB_CRED. KRB_ERROR. Homework.

12. Electronic Mail Security.

Distribution Lists. Store and Forward. Security Services for Electronic Mail. Establishing Keys. Establishing Public Keys. Establishing Secret Keys. Privacy. End-to-End Privacy. Privacy with Distribution List Exploders. Authentication of the Source. Source Authentication Based on Public Key Technology. Source Authentication Based on Secret Keys. Source Authentication with Distribution Lists. Message Integrity. Message Integrity Without Source Authentication. Non-Repudiation. Non-Repudiation Based on Public Key Technology. Plausible Deniability Based on Public Key Technology. Non-Repudiation with Secret Keys. Proof of Submission. Proof of Delivery. Message Flow Confidentiality. Anonymity. Containment. Annoying Text Format Issues. Disguising Data as Text. Names and Addresses. Old Messages. Case 1: The Dishonest Buyer. Case 2: The Solution Looking for a Problem. Homework.

13. Privacy Enhanced Mail (PEM).

Introduction. Structure of a PEM Message. Establishing Keys. Some PEM History. Certificate Hierarchy. Certificate Revocation Lists (CRLs). X.509 Certificates and CRLs. Reformatting Data to Get Through Mailers. General Structure of a PEM Message. Encryption. Source Authentication and Integrity Protection. Multiple Recipients. Bracketing PEM Messages. Remote Distribution List Exploders. Remote Exploding Using Public Keys. Remote Exploding Using Secret Keys. Mixing Key Types. Forwarding and Enclosures. Forwarding a Message. Canonicalization. Unprotected Information. Message Formats. ENCRYPTED, Public Key Variant. ENCRYPTED, Secret Key Variant. MIC-ONLY or MIC-CLEAR, Public Variant Key. MIC-ONLY or MIC-CLEAR, Secret Variant Key. CRL-RETRIEVAL-REQUEST. CRL. DES-CBC as MIC Doesn't Work. Homework.

14. PGP (Pretty Good Privacy).

Introduction. Overview. Key Distribution. Efficient Encoding. Certificate and Key Revocation. Signature Types. Your Private Key. Key Rings. Anomalies. File Name. People Names. Object Formats. Message Formats. Primitive Object Formats.

15. X.400.

Overview of X.400. Security Functions Possible with X.400. Structure of X.400 Message. Per-Message Security Fields. Per-Recipient Security Fields. Security Fields in the Token. Unencrypted Part of the Token. Encrypted Part of the Token. Fields for Probe Messages. Fields for Proof of Delivery. Fields for Proof of Submission. Security Fields for X.420.

16. A Comparison of PEM, PGP, and X.400.

Introduction. Certification Hierarchy. Certificate Distribution. Encryption. Encoding of Transmitted Messages. Cryptographic Algorithms Supported. Recipients with Multiple Keys. Mail-Intermediary-Provided Functions.

17. More Security Systems.

NetWare V3. NetWare V4. NetWare's Gillou-Quisquater Authentication Scheme. KryptoKnight. KryptoKnight Tickets. Authenticators. Nonces vs. Timestamps. Data Encryption. SNMP. DASS/SPX. DASS Certification Hierarchy. Obtaining the User's Private Key. DASS Authentication Handshake. DASS Authenticators. DADD Delegation. Saving Bits. Lotus Notes Security. ID Files. Coping with Export Controls. Certificates for Flat Names. Certificates for Hierarchical Names. Lotus Notes Authentication. Authentication Long-Term Secret. Mail. Certification Revocation. DCE Security. Microsoft Security. Network Denial of Service. Robust Broadcast. Robust Packet Delivery. Clipper. Key Escrow. Homework.

Bibliography.
Glossary.
Index.