From Book News, Inc.
New edition of a practical survey intended for both classroom use and self study. Coverage includes conventional encryption classical and modern techniques, and algorithms; public-key encryption and hash functions; network security, with regard to e-mail, IP, and the Web; and system security intruders, viruses, worms, and firewalls. The appendix contains research and programming projects, and reading/report assignments for teaching the subject. Book News, Inc.®, Portland, OR

Book Info
Provides a practical survey of both the principles & practice of cryptography & network security, organized to provide the optimal sequence for classroom instruction & self-study. DLC: Computer networks - Security measures.

From the Back Cover
William Stallings' book provides comprehensive and completely up-to-date coverage of computer organization and architecture including memory, I/O, and parallel systems. The text covers leading-edge areas, including superscalar design, IA-64 design features, and parallel processor organization trends. It meets students' needs by addressing both the fundamental principles as well as the critical role of performance in driving computer design. Providing an unparalleled degree of instructor and student support, including supplements and on-line resources through the book's website, the sixth edition is in the forefront in its field. New Material IA-64/Itanium architecture: The chapter-length description and analysis includes predicated execution and speculative loading. Cache memory: The new edition devotes an entire chapter to this central element in the design of high-performance processors. Optical memory: Coverage is expanded and updated. Advanced DRAM architecture: More material has been added to cover this topic, including an updated discussion of SDRAM and RDRAM. SMPs, clusters, and NUMA systems: The chapter on parallel organization has been expanded and updated. Expanded instructor support: The book now provides extensive support for projects with its new website. Pedagogy: Each chapter now includes a list of review questions (as well as homework problems) and a list of key words. Distinguishing Treatment Bus organization: detailed treatment and evaluation of key design issues. RISC: broad, unified presentation Microprogrammed implementation: full treatment for a firm grasp I/O functions and structures: full coverage, including interaction of I/O modules with the outside world and the CPU. Pedagogical Features Running examples: Provides numerous concrete examples, especially Pentium 4 and Power PC G4 Unified instructional approach: Enables student to evaluate instruction set design issues. Instructors Resource CD-ROM: Includes solutions to homework problems, list of research projects, and list of simulation projects, plus student manual for both SimpleScalar and SMPCache, and a list of suggested reading assignments. The author's website: http://www.WilliamStallings.com/COA6e provides support for students, instructors and professionals: Links to important up-to-date site-related text materials Provides transparency masters of figures and tables from the book in PDF format Offers course notes in PDF for handouts Includes a set of PowerPoint slides for lecturing

About the Author
William Stallings has made a unique contribution to understanding the broad sweep of technical developments in computer networking and computer architecture. He has authored 18 titles, and counting revised editions, a total of 48 books on various aspects of this subject. 1 lc has won the annual Text and Academic Authors Association award five times for the best computer science and engineering text. He is an independent consultant whose clients have included computer and networking manufacturers and customers, software development firms, and leading-edge government research institutions. He maintains the Computer Science Technical Resciurce site at http://www.WilliamStallings.com/StudentSupport.html. Dr. Stallings holds a Ph.D. degree in Computer Science from M.LT. All of his Prentice Hall title's can he found at the Prentice Hall web site http://www.prenhall.com/stallings.

Excerpt. © Reprinted by permission. All rights reserved.
PREFACE "The tie, if I might suggest it, sir, a shade more tightly knotted. One aims at the perfect butterfly effect. If you will permit me—" "What does it matter, Jeeves, at a time like this? Do you realize that Mr. Little's domestic happiness is hanging in the scale?" "There is no time, sir, at which ties do not matter." — Very Good Jeeves! P. G. Wodehouse In this age of universal electronic connectivity, of viruses and hackers, of electronic eavesdropping and electronic fraud, there is indeed no time at which security does not matter. Two trends have come together to make the topic of this book of vital interest. First, the explosive growth in computer systems and their interconnections via networks has increased the dependence of both organizations and individuals on the information stored and communicated using these systems. This, in turn, has led to a heightened awareness of the need to protect data and resources from disclosure, to guarantee the authenticity of data and messages, and to protect systems from network-based attacks. Second, the disciplines of cryptography and network security have matured, leading to the development of practical, readily available applications to enforce network security. OBJECTIVES It is the purpose of this book to provide a practical survey of both the principles and practice of cryptography and network security. In the first two parts of the book, the basic issues to be addressed by a network security capability are explored by providing a tutorial and survey of cryptography and network security technology. The latter part of the book deals with the practice of network security: practical applications that have been implemented and are in use to provide network security. The subject, and therefore this book, draws on a variety of disciplines. In particular, it is impossible to appreciate the significance of some of the techniques discussed in this book without a basic understanding of number theory and some results from probability theory. Nevertheless, an attempt has been made to make the book self-contained. The book presents not only the basic mathematical results that are needed but provides the reader with an intuitive understanding of those results. Such background material is introduced as needed. This approach helps to motivate the material that is introduced, and the author considers this preferable to simply presenting all of the mathematical material in a lump at the beginning of the book. INTENDED AUDIENCE The book is intended for both an academic and a professional audience. As a textbook, it is intended as a one-semester undergraduate course in cryptography and network security for computer science, computer engineering, and electrical engineering majors. The book also serves as a basic reference volume and is suitable for self-study. PLAN OF THE BOOK The book is organized in four parts: Part One. Conventional Encryption: A detailed examination of conventional encryption algorithms and design principles, including a discussion of the use of conventional encryption for confidentiality. Part Two. Public-Key Encryption and Hash Functions: A detailed examination of public-key encryption algorithms and design principles. This part also examines the use of message authentication codes and hash functions, as well as digital signatures and public-key certificates. Part Three. Network Security Practice: Covers important network security tools and applications, including Kerberos, X.509v3 certificates, PGP, S/MIME, IP Security, SSL/TLS, and SET. Part Four. System Security: Looks at system-level security issues, including the threat of and countermeasures for intruders and viruses, and the use of firewalls and trusted systems. In addition, the book includes an extensive glossary, a list of frequently used acronyms, and a bibliography. Each chapter includes homework problems, review questions, a list of key words. suggestions for further reading, and recommended Web sites. A more detailed, chapter-by-chapter summary of each part appears at the beginning of that part. INTERNET SERVICES FOR INSRUCTORS AND STUDENTS There is a Web page for this book that provides support for students and instructors. The site includes links to other relevant sites, copies of the figures and tables from the book in PDF (Adobe Acrobat) format, and sign-up information for the book's Internet mailing list. The Web page is at WilliamStallings.com/Crypto3e.html. An Internet mailing list has been set up so that instructors using this book can exchange information, suggestions, and questions with each other and with the author. As soon as typos or other errors are discovered, an errata list for this book will be available at WilliamStallings.com. In addition, the Computer Science Student Resource site, at WilliamStallings.com/StudentSupport.html, provides documents, information, and useful links for computer science students and professionals. PROJECTS FOR TEACHING CRYPTOGRAPHY AND NETWORK SECURITY For many instructors, an important component of a cryptography or security course is a project or set of projects by which the student gets hands-on experience to reinforce concepts from the text. This book provides an unparalleled degree of support for including a projects component in the course. The instructor's manual not only includes guidance on how to assign and structure the projects, but also includes a set of suggested projects that covers a broad range of topics from the text: Research Projects: A series of research assignments that instruct the student to research a particular topic on the Internet and write a report Programming Projects: A series of programming projects that cover a broad range of topics and that can be implemented in any suitable language on any platform Reading/Report Assignments: A list of papers in the literature, one for each chapter, that can be assigned for the student to read and then write a short report See Appendix B for details. WHAT"S NEW IN THE THIRD EDITION In the four years since the second edition of this book was published, the field has seen continued innovations and improvements. In this new edition, I try to capture these changes while maintaining a broad and comprehensive coverage of the entire field. To begin this process of revision, the second edition was extensively reviewed by a number of professors who teach the subject. In addition, a number of professionals working in the field reviewed individual chapters. The result is that, in many places, the narrative has been clarified and tightened, and illustrations have been improved. Also, a number of new "field-tested" problems have been added. Beyond these refinements to improve pedagogy and user friendliness, there have been major substantive changes throughout the book. Highlights include the following: New—Advanced Encryption Standard: The most important event in this field in the past four years is the adoption of the Advanced Encryption Standard (AES). This conventional encryption algorithm is designed to replace DES and triple DES and is likely to soon become the most widely used conventional encryption algorithm. A detailed discussion of AES has been added. New—Finite Fields: Both AES and elliptic curve cryptography rely, on the use of finite fields. A new chapter provides a clear, succinct description of the necessary concepts in this area. New—RC4: RC4 is the most widely used stream cipher. It is part of the SSL/TLS (Secure Sockets Layer/Transport Layer Security) standards that have been defined for communication between web browsers and servers. It is also used in the WEP (Wired Equivalent Privacy) protocol that is part of the IEEE 802.11 wireless LAN standard. New—CTR Mode: NIST has recently approved the counter (CTR) mode for block cipher encryption, intended for high-speed applications. Expanded—Treatment of Elliptic Curve Cryptography: ECC is a public-key technique that is becoming increasingly important and widespread. Reflecting this, the coverage of ECC has been expanded considerably.

FROM OUR EDITORS

Fatbrain ReviewThis text provides a practical survey of the principles and practice of cryptography and network security. Author William Stallings assumes readers are familiar with this field and have a reasonable mathematical background. The publication is akin to a concise university text.

Stallings discusses the principles and major issues involving conventional encryption, public-key encryption, network security practice and system security. He discusses classical and modern encryption techniques, and he then reviews conventional algorithms. He continues with examinations and discussions of message authentication, hash algorithms and digital signature authentication protocols. With a focus on security, he overviews authentication applications, Kerberos, X.509 directory authentication service, mail, IP Web security and system security issues. The chapters include problems and recommended reading lists.

ANNOTATION

This text provides a practical survey of the principles and practice of cryptography and network security. Author William Stallings assumes readers are familiar with this field and have a reasonable mathematical background. The publication is akin to a concise university text.

FROM THE PUBLISHER

Stallings has provided a state-of-the-art text covering the basic issues and principles and surveying cryptographic and network security techniques. The later part of the book deals with the real-world practice of network security: practical applications that have been implemented and are in use to provide network security. This book is intended for both an academic and a professional audience.

FROM THE CRITICS

Booknews