Serious cryptography : a practical introduction to modern encryption

Serious cryptography A practical introduction to modern encryption

Jean-Philippe Aumasson

Book - 2017

Saved in:
Place a Hold Save to List Email this

2nd Floor Show me where

005.824/Aumasson
0 / 1 copies available
Location Call Number   Status
2nd Floor 005.824/Aumasson Due Feb 10, 2025
Subjects
Data encryption (Computer science)
Published
San Francisco : No Starch Press [2017]
Language
English
Main Author
Jean-Philippe Aumasson (author)
Other Authors
Matthew D. Green (writer of foreword)
Physical Description
xxii, 282 pages : illustrations ; 24 cm
Bibliography
Includes bibliographical references and index.
ISBN
9781593278267
  • Foreword
  • Preface
  • This Book's Approach
  • Who This Book Is For
  • How This Book Is Organized
  • Fundamentals
  • Symmetric Crypto
  • Asymmetric Crypto
  • Applications
  • Acknowledgments
  • Abbreviations
  • 1. Encryption
  • The Basics
  • Classical Ciphers
  • The Caesar Cipher
  • The Vigenère Cipher
  • How Ciphers Work
  • The Permutation
  • The Mode of Operation
  • Why Classical Ciphers Are Insecure
  • Perfect Encryption: The One-Time Pad
  • Encrypting with the One-Time Pad
  • Why Is the One-Time Pad Secure?
  • Encryption Security
  • Attack Models
  • Security Goals
  • Security Notions
  • Asymmetric Encryption
  • When Ciphers Do More Than Encryption
  • Authenticated Encryption
  • Format-Preserving Encryption
  • Fully Homomorphic Encryption
  • Searchable Encryption
  • Tweakable Encryption
  • How Things Can Go Wrong
  • Weak Cipher
  • Wrong Model
  • Further Reading
  • 2. Randomness
  • Random or Non-Random?
  • Randomness as a Probability Distribution
  • Entropy: A Measure of Uncertainty
  • Random Number Generators (RNGs) and Pseudorandom Number Generators (PRNGs)
  • How PRNGs Work
  • Security Concerns
  • The PRNG Fortuna
  • Cryptographic vs. Non-Cryptographic PRNGs
  • The Uselessness of Statistical Tests
  • Real-World PRNGs
  • Generating Random Bits in Unix-Based Systems
  • The CryptGenRandom() Function in Windows
  • A Hardware-Based PRNG: RDRAND in Intel Microprocessors
  • How Things Can Go Wrong
  • Poor Entropy Sources
  • Insufficient Entropy at Boot Time
  • Non-cryptographic PRNG
  • Sampling Bug with Strong Randomness
  • Further Reading
  • 3. Cryptographic Security
  • Defining the Impossible
  • Security in Theory: Informational Security
  • Security in Practice: Computational Security
  • Quantifying Security
  • Measuring Security in Bits
  • Full Attack Cost
  • Choosing and Evaluating Security Levels
  • Achieving Security
  • Provable Security
  • Heuristic Security
  • Generating Keys
  • Generating Symmetric Keys
  • Generating Asymmetric Keys
  • Protecting Keys
  • How Things Can Go Wrong
  • Incorrect Security Proof
  • Short Keys for Legacy Support
  • Further Reading
  • 4. Block Ciphers
  • What Is a Block Cipher?
  • Security Goals
  • Block Size
  • The Codebook Attack
  • How to Construct Block Ciphers
  • A Block Cipher's Rounds
  • The Slide Attack and Round Keys
  • Substitution-Permutation Networks
  • Feistel Schemes
  • The Advanced Encryption Standard (AES)
  • AES Internals
  • AES in Action
  • Implementing AES
  • Table-Based Implementations
  • Native Instructions
  • Is AES Secure?
  • Modes of Operation
  • The Electronic Codebook (ECB) Mode
  • The Cipher Block Chaining (CBC) Mode
  • How to Encrypt Any Message in CBC Mode
  • The Counter (CTR) Mode
  • How Things Can Go Wrong
  • Meet-in-the-Middle Attacks
  • Padding Oracle Attacks
  • Further Reading
  • 5. Stream Ciphers
  • How Stream Ciphers Work
  • Stateful and Counter-Based Stream Ciphers
  • Hardware-Oriented Stream Ciphers
  • Feedback Shift Registers
  • Grain-128a
  • A5/1
  • Software-Oriented Stream Ciphers
  • RC4
  • Salsa20
  • How Things Can Go Wrong
  • Nonce Reuse
  • Broken RC4 Implementation
  • Weak Ciphers Baked Into Hardware
  • Further Reading
  • 6. Hash Functions
  • Secure Hash Functions
  • Unpredictability Again
  • Preimage Resistance
  • Collision Resistance
  • Finding Collisions
  • Building Hash Functions
  • Compression-Based Hash Functions: The Merkle-Damgard Construction
  • Permutation-Based Hash Functions: Sponge Functions
  • The SHA Family of Hash Functions
  • SHA-1
  • SHA-2
  • The SHA-3 Competition
  • Keccak (SHA-3)
  • The BLAKE2 Hash Function
  • How Things Can Go Wrong
  • The Length-Extension Attack
  • Fooling Proof-of-Storage Protocols
  • Further Reading
  • 7. Keyed Hashing
  • Message Authentication Codes (MACs)
  • MACs in Secure Communication
  • Forgery and Chosen-Message Attacks
  • Replay Attacks
  • Pseudorandom Functions (PRFs)
  • PRF Security
  • Why PRFs Are Stronger Than MACs
  • Creating Keyed Hashes from Unkeyed Hashes
  • The Secret-Prefix Construction
  • The Secret-Suffix Construction
  • The HMAC Construction
  • A Generic Attack Against Hash-Based MACs
  • Creating Keyed Hashes from Block Ciphers: CMAC
  • Breaking CBC-MAC
  • Fixing CBC-MAC
  • Dedicated MAC Designs
  • Poly1305
  • SipHash
  • How Things Can Go Wrong
  • Timing Attacks on MAC Verification
  • When Sponges Leak
  • Further Reading
  • 8. Authenticated Encryption
  • Authenticated Encryption Using MACs
  • Encrypt-and-MAC
  • MAC-then-Encrypt
  • Encrypt-then-MAC
  • Authenticated Ciphers
  • Authenticated Encryption with Associated Data
  • Avoiding Predictability with Nonces
  • What Makes a Good Authenticated Cipher?
  • AES-GCM: The Authenticated Cipher Standard
  • GCM Internals: CTR and GHASH
  • GCM Security
  • GCM Efficiency
  • OCB: An Authenticated Cipher Faster than GCM
  • OCB Internals
  • OCB Security
  • OCB Efficiency
  • SIV: The Safest Authenticated Cipher?
  • Permutation-Based AEAD
  • How Things Can Go Wrong
  • AES-GCM and Weak Hash Keys
  • AES-GCM and Small Tags
  • Further Reading
  • 9. Hard Problems
  • Computational Hardness
  • Measuring Running Time
  • Polynomial vs. Superpolynomial Time
  • Complexity Classes
  • Nondeterministic Polynomial Time
  • NP-Complete Problems
  • The P vs. NP Problem
  • The Factoring Problem
  • Factoring Large Numbers in Practice
  • Is Factoring NP-Complete?
  • The Discrete Logarithm Problem
  • What Is a Group?
  • The Hard Thing
  • How Things Can Go Wrong
  • When Factoring Is Easy
  • Small Hard Problems Aren't Hard
  • Further Reading
  • 10. RSA
  • The Math Behind RSA
  • The RSA Trapdoor Permutation
  • RSA Key Generation and Security
  • Encrypting with RSA
  • Breaking Textbook RSA Encryption's Malleability
  • Strong RSA Encryption: OAEP
  • Signing with RSA
  • Breaking Textbook RSA Signatures
  • The PSS Signature Standard
  • Full Domain Hash Signatures
  • RSA Implementations
  • Fast Exponentiation Algorithm: Square-and-Multiply
  • Small Exponents for Faster Public-Key Operations
  • The Chinese Remainder Theorem
  • How Things Can Go Wrong
  • The Bellcore Attack on RSA-CRT
  • Sharing Private Exponents or Moduli
  • Further Reading
  • 11. Diffie-Hellman
  • The Diffie-Hellman Function
  • The Diffie-Hellman Problems
  • The Computational Diffie-Hellman Problem
  • The Decisional Diffie-Hellman Problem
  • More Diffie-Hellman Problems
  • Key Agreement Protocols
  • An Example of Non-DH Key Agreement
  • Attack Models for Key Agreement Protocols
  • Performance
  • Diffie-Hellman Protocols
  • Anonymous Diffie-Hellman
  • Authenticated Diffie-Hellman
  • Menezes-Qu-Vanstone (MQV)
  • How Things Can Go Wrong
  • Not Hashing the Shared Secret
  • Legacy Diffie-Hellman in TLS
  • Unsafe Group Parameters
  • Further Reading
  • 12. Elliptic Curves
  • What Is an Elliptic Curve?
  • Elliptic Curves over Integers
  • Adding and Multiplying Points
  • Elliptic Curve Groups
  • The ECDLP Problem
  • Diffie-Hellman Key Agreement over Elliptic Curves
  • Signing with Elliptic Curves
  • Encrypting with Elliptic Curves
  • Choosing a Curve
  • NIST Curves
  • Curve25519
  • Other Curves
  • How Things Can Go Wrong
  • ECDSA with Bad Randomness
  • Breaking ECDH Using Another Curve
  • Further Reading
  • 13. TLS
  • Target Applications and Requirements
  • The TLS Protocol Suite
  • The TLS and SSL Family of Protocols: A Brief History
  • TLS in a Nutshell
  • Certificates and Certificate Authorities
  • The Record Protocol
  • The TLS Handshake Protocol
  • TLS 1.3 Cryptographic Algorithms
  • TLS 1.3 Improvements over TLS 1.2
  • Downgrade Protection
  • Single Round-Trip Handshake
  • Session Resumption
  • The Strengths of TLS Security
  • Authentication
  • Forward Secrecy
  • How Things Can Go Wrong
  • Compromised Certificate Authority
  • Compromised Server
  • Compromised Client
  • Bugs in Implementations
  • Further Reading
  • 14. Quantum and Post-Quantum
  • How Quantum Computers Work
  • Quantum Bits
  • Quantum Gates
  • Quantum Speed-Up
  • Exponential Speed-Up and Simon's Problem
  • The Threat of Shor's Algorithm
  • Shor's Algorithm Solves the Factoring Problem
  • Shor's Algorithm and the Discrete Logarithm Problem
  • Grover's Algorithm
  • Why Is It So Hard to Build a Quantum Computer?
  • Post-Quantum Cryptographic Algorithms
  • Code-Based Cryptography
  • Lattice-Based Cryptography
  • Multivariate Cryptography
  • Hash-Based Cryptography
  • How Things Can Go Wrong
  • Unclear Security Level
  • Fast Forward: What Happens if It's Too Late?
  • Implementation Issues
  • Further Reading
  • Index

Similar Items