Table of Contents

Title Page

Copyright

Dedication

Credits

About the Authors

Acknowledgments for Cryptography Engineering

Acknowledgments for Practical Cryptography (the 1st Edition)

Preface to Cryptography Engineering

History

Example Syllabi

Additional Information

Preface to Practical Cryptography (the 1st Edition)

How to Read this Book

Part I: Introduction

Chapter 1: The Context of Cryptography

1.1 The Role of Cryptography

1.2 The Weakest Link Property

1.3 The Adversarial Setting

1.4 Professional Paranoia

1.5 Threat Model

1.6 Cryptography Is Not the Solution

1.7 Cryptography Is Very Difficult

1.8 Cryptography Is the Easy Part

1.9 Generic Attacks

1.10 Security and Other Design Criteria

1.11 Further Reading

1.12 Exercises for Professional Paranoia

1.13 General Exercises

Chapter 2: Introduction to Cryptography

2.1 Encryption

2.2 Authentication

2.3 Public-Key Encryption

2.4 Digital Signatures

2.5 PKI

2.6 Attacks

2.7 Under the Hood

2.8 Security Level

2.9 Performance

2.10 Complexity

2.11 Exercises

Part II: Message Security

Chapter 3: Block Ciphers

3.1 What Is a Block Cipher?

3.2 Types of Attack

3.3 The Ideal Block Cipher

3.4 Definition of Block Cipher Security

3.5 Real Block Ciphers

3.6 Exercises

Chapter 4: Block Cipher Modes

4.1 Padding

4.2 ECB

4.3 CBC

4.4 OFB

4.5 CTR

4.6 Combined Encryption and Authentication

4.7 Which Mode Should I Use?

4.8 Information Leakage

4.9 Exercises

Chapter 5: Hash Functions

5.1 Security of Hash Functions

5.2 Real Hash Functions

5.3 Weaknesses of Hash Functions

5.4 Fixing the Weaknesses

5.5 Which Hash Function Should I Choose?

5.6 Exercises

Chapter 6: Message Authentication Codes

6.1 What a MAC Does

6.2 The Ideal MAC and MAC Security

6.3 CBC-MAC and CMAC

6.4 HMAC

6.5 GMAC

6.6 Which MAC to Choose?

6.7 Using a MAC

6.8 Exercises

Chapter 7: The Secure Channel

7.1 Properties of a Secure Channel

7.2 Order of Authentication and Encryption

7.3 Designing a Secure Channel: Overview

7.4 Design Details

7.5 Alternatives

7.6 Exercises

Chapter 8: Implementation Issues (I)

8.1 Creating Correct Programs

8.2 Creating Secure Software

8.3 Keeping Secrets

8.4 Quality of Code

8.5 Side-Channel Attacks

8.6 Beyond this Chapter

8.7 Exercises

Part III: Key Negotiation

Chapter 9: Generating Randomness

9.1 Real Random

9.2 Attack Models for a PRNG

9.3 Fortuna

9.4 The Generator

9.5 Accumulator

9.6 Seed File Management

9.7 Choosing Random Elements

9.8 Exercises

Chapter 10: Primes

10.1 Divisibility and Primes

10.2 Generating Small Primes

10.3 Computations Modulo a Prime

10.4 Large Primes

10.5 Exercises

Chapter 11: Diffie-Hellman

11.1 Groups

11.2 Basic DH

11.3 Man in the Middle

11.4 Pitfalls

11.5 Safe Primes

11.6 Using a Smaller Subgroup

11.7 The Size of p

11.8 Practical Rules

11.9 What Can Go Wrong?

11.10 Exercises

Chapter 12: RSA

12.1 Introduction

12.2 The Chinese Remainder Theorem

12.3 Multiplication Modulo n

12.4 RSA Defined

12.5 Pitfalls Using RSA

12.6 Encryption

12.7 Signatures

12.8 Exercises

Chapter 13: Introduction to Cryptographic Protocols

13.1 Roles

13.2 Trust

13.3 Incentive

13.4 Trust in Cryptographic Protocols

13.5 Messages and Steps

13.6 Exercises

Chapter 14: Key Negotiation

14.1 The Setting

14.2 A First Try

14.3 Protocols Live Forever

14.4 An Authentication Convention

14.5 A Second Attempt

14.6 A Third Attempt

14.7 The Final Protocol

14.8 Different Views of the Protocol

14.9 Computational Complexity of the Protocol

14.10 Protocol Complexity

14.11 A Gentle Warning

14.12 Key Negotiation from a Password

14.13 Exercises

Chapter 15: Implementation Issues (II)

15.1 Large Integer Arithmetic

15.2 Faster Multiplication

15.3 Side-Channel Attacks

15.4 Protocols

15.5 Exercises

Part IV: Key Management

Chapter 16: The Clock

16.1 Uses for a Clock

16.2 Using the Real-Time Clock Chip

16.3 Security Dangers

16.4 Creating a Reliable Clock

16.5 The Same-State Problem

16.6 Time

16.7 Closing Recommendations

16.8 Exercises

Chapter 17: Key Servers

17.1 Basics

17.2 Kerberos

17.3 Simpler Solutions

17.4 What to Choose

17.5 Exercises

Chapter 18: The Dream of PKI

18.1 A Very Short PKI Overview

18.2 PKI Examples

18.3 Additional Details

18.4 Summary

18.5 Exercises

Chapter 19: PKI Reality

19.1 Names

19.2 Authority

19.3 Trust

19.4 Indirect Authorization

19.5 Direct Authorization

19.6 Credential Systems

19.7 The Modified Dream

19.8 Revocation

19.9 So What Is a PKI Good For?

19.10 What to Choose

19.11 Exercises

Chapter 20: PKI Practicalities

20.1 Certificate Format

20.2 The Life of a Key

20.3 Why Keys Wear Out

20.4 Going Further

20.5 Exercises

Chapter 21: Storing Secrets

21.1 Disk

21.2 Human Memory

21.3 Portable Storage

21.4 Secure Token

21.5 Secure UI

21.6 Biometrics

21.7 Single Sign-On

21.8 Risk of Loss

21.9 Secret Sharing

21.10 Wiping Secrets

21.11 Exercises

Part V: Miscellaneous

Chapter 22: Standards and Patents

22.1 Standards

22.2 Patents

Chapter 23: Involving Experts

Bibliography

Index