skip to main content
Skip header Section
Modern Cryptography: Theory and PracticeJuly 2003
Publisher:
  • Prentice Hall Professional Technical Reference
ISBN:978-0-13-066943-8
Published:01 July 2003
Pages:
740
Skip Bibliometrics Section
Reflects downloads up to 06 Jan 2025Bibliometrics
Skip Abstract Section
Abstract

Many cryptographic schemes and protocols, especially those based on public-keycryptography, have basic or so-called "textbook crypto" versions, as these versionsare usually the subjects for many textbooks on cryptography. This book takes adifferent approach to introducing cryptography: it pays much more attention tofit-for-application aspects of cryptography. It explains why "textbook crypto" isonly good in an ideal world where data are random and bad guys behave nicely.It reveals the general unfitness of "textbook crypto" for the real world by demonstratingnumerous attacks on such schemes, protocols and systems under variousreal-world application scenarios. This book chooses to introduce a set of practicalcryptographic schemes, protocols and systems, many of them standards or de factoones, studies them closely, explains their working principles, discusses their practicalusages, and examines their strong (i.e., fit-for-application) security properties, oftenwith security evidence formally established. The book also includes self-containedtheoretical background material that is the foundation for modern cryptography.

Cited By

  1. ACM
    Ahmed A, Peltonen A, Sethi M and Aura T (2024). Security Analysis of the Consumer Remote SIM Provisioning Protocol, ACM Transactions on Privacy and Security, 27:3, (1-36), Online publication date: 31-Aug-2024.
  2. Dong S, Su H, Xia Y, Zhu F, Hu X and Wang B (2023). A Comprehensive Survey on Authentication and Attack Detection Schemes That Threaten It in Vehicular Ad-Hoc Networks, IEEE Transactions on Intelligent Transportation Systems, 24:12, (13573-13602), Online publication date: 1-Dec-2023.
  3. ACM
    Zhao Y Practical Aggregate Signature from General Elliptic Curves, and Applications to Blockchain Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, (529-538)
  4. Zhao H, Yao X, Zheng X, Qiu T and Ning H (2019). User stateless privacy-preserving TPA auditing scheme for cloud storage, Journal of Network and Computer Applications, 129:C, (62-70), Online publication date: 1-Mar-2019.
  5. Kryukov A and Demichev A (2018). Decentralized Data Storages, Programming and Computing Software, 44:5, (303-315), Online publication date: 1-Sep-2018.
  6. ACM
    Ramdani M, Benmohammed M and Benblidia N Distributed solution of scalar multiplication on elliptic curves over F for resource-constrained networks Proceedings of the 2nd International Conference on Future Networks and Distributed Systems, (1-6)
  7. Pournaghi S, Zahednejad B, Bayat M and Farjami Y (2019). NECPPA, Computer Networks: The International Journal of Computer and Telecommunications Networking, 134:C, (78-92), Online publication date: 7-Apr-2018.
  8. ACM
    Yoo S Cryptanalysis of Several Authentication Schemes for Healthcare Applications Using Wireless Medical Sensor Networks Proceedings of the Fifth International Conference on Network, Communication and Computing, (282-286)
  9. ACM
    Grochol D and Sekanina L Evolutionary Design of Fast High-quality Hash Functions for Network Applications Proceedings of the Genetic and Evolutionary Computation Conference 2016, (901-908)
  10. ACM
    Ahmed S, Guha S, Rifat M, Shezan F and Dell N Privacy in Repair Proceedings of the Eighth International Conference on Information and Communication Technologies and Development, (1-10)
  11. Zhao X, Zhu J and Yu H (2016). On More Paradigms of Steganalysis, International Journal of Digital Crime and Forensics, 8:2, (1-15), Online publication date: 1-Apr-2016.
  12. Wang C, Ma M and Zhao Z (2015). An enhanced authentication protocol for WRANs in TV white space, Security and Communication Networks, 8:13, (2267-2278), Online publication date: 10-Sep-2015.
  13. Lian Y, Huang X and Mu Y (2014). SA3, Future Generation Computer Systems, 30:C, (133-139), Online publication date: 1-Jan-2014.
  14. ACM
    Hableel E, Byon Y and Beak J Public key infrastructure for UAE Proceedings of the 6th International Conference on Security of Information and Networks, (336-340)
  15. Selvi S, Vivek S, Vinayagamurthy D and Rangan C ID based signcryption scheme in standard model Proceedings of the 6th international conference on Provable Security, (35-52)
  16. Kumari S, Khan M and Kumar R (2018). Cryptanalysis and Improvement of `A Privacy Enhanced Scheme for Telecare Medical Information Systems', Journal of Medical Systems, 37:4, (1-11), Online publication date: 1-Aug-2012.
  17. Ma C, Wang D, Zhao P and Wang Y A new dynamic ID-Based remote user authentication scheme with forward secrecy Proceedings of the 14th international conference on Web Technologies and Applications, (199-211)
  18. Tian H, Chen X, Jiang Z and Du Y Non-delegatable strong designated verifier signature on elliptic curves Proceedings of the 14th international conference on Information Security and Cryptology, (219-234)
  19. Lin X, Lu R, Kwan D and Shen X (2010). REACT, Computer Networks: The International Journal of Computer and Telecommunications Networking, 54:15, (2744-2755), Online publication date: 1-Oct-2010.
  20. Di Pietro R, Mancini L and Mei A (2018). Hierarchies of keys in secure multicast communications, Journal of Computer Security, 18:5, (839-860), Online publication date: 1-Sep-2010.
  21. Chen W, Zhang X, Tian D and Fu Z An identity-based authentication protocol for clustered ZigBee network Proceedings of the Advanced intelligent computing theories and applications, and 6th international conference on Intelligent computing, (503-510)
  22. Westermann B and Kesdogan D Introducing perfect forward secrecy for AN.ON Proceedings of the 16th EUNICE/IFIP WG 6.6 conference on Networked services and applications: engineering, control and management, (132-142)
  23. ACM
    Guo H, Yu F, Wong W, Suhendra V and Wu Y Secure wireless communication platform for EV-to-Grid research Proceedings of the 6th International Wireless Communications and Mobile Computing Conference, (21-25)
  24. Yao A and Zhao Y Deniable internet key exchange Proceedings of the 8th international conference on Applied cryptography and network security, (329-348)
  25. Dang L, Kou W, Li H, Zhang J, Cao X, Zhao B and Fan K (2010). Efficient ID-based registration protocol featured with user anonymity in mobile IP networks, IEEE Transactions on Wireless Communications, 9:2, (594-604), Online publication date: 1-Feb-2010.
  26. Stefan D Hardware framework for the rabbit stream cipher Proceedings of the 5th international conference on Information security and cryptology, (230-247)
  27. Cagalj M, Saxena N and Uzun E On the Usability of Secure Association of Wireless Devices Based on Distance Bounding Proceedings of the 8th International Conference on Cryptology and Network Security, (443-462)
  28. Lory P Reducing the Complexity in the Distributed Computation of Private RSA Keys Proceedings of the 14th Australasian Conference on Information Security and Privacy, (250-263)
  29. Fabian B Implementing secure P2P-ONS Proceedings of the 2009 IEEE international conference on Communications, (988-992)
  30. ACM
    Olagunju A, Cameron M and Mowe R Graduate follow up as a vehicle for CSIT curriculum assessment and improvement Proceedings of the 14th Western Canadian Conference on Computing Education, (96-102)
  31. Lin X, Lu R, Shen X, Nemoto Y and Kato N (2009). SAGE, IEEE Journal on Selected Areas in Communications, 27:4, (365-378), Online publication date: 1-May-2009.
  32. Song J, Yang F, Wang M and Zhang H Cryptanalysis of Transposition Cipher Using Simulated Annealing Genetic Algorithm Proceedings of the 3rd International Symposium on Advances in Computation and Intelligence, (795-802)
  33. Hasan O and Tahar S (2008). Using Theorem Proving to Verify Expectation and Variance for Discrete Random Variables, Journal of Automated Reasoning, 41:3-4, (295-323), Online publication date: 1-Nov-2008.
  34. Ha J, Moon S, Zhou J and Ha J A New Formal Proof Model for RFID Location Privacy Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security, (267-281)
  35. Chang T (2008). A Convertible Multi-Authenticated Encryption scheme for group communications, Information Sciences: an International Journal, 178:17, (3426-3434), Online publication date: 1-Sep-2008.
  36. Yu P and Tate S Online/offline signature schemes for devices with limited computing capabilities Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology, (301-317)
  37. ACM
    Nilsson D, Roosta T, Lindqvist U and Valdes A Key management and secure software updates in wireless process control environments Proceedings of the first ACM conference on Wireless network security, (100-108)
  38. Yin Y, Li X and Hu Y (2008). Fast S-box security mechanism research based on the polymorphic cipher, Information Sciences: an International Journal, 178:6, (1603-1610), Online publication date: 20-Mar-2008.
  39. ACM
    Fournet C and Rezk T (2008). Cryptographically sound implementations for typed information-flow security, ACM SIGPLAN Notices, 43:1, (323-335), Online publication date: 14-Jan-2008.
  40. ACM
    Fournet C and Rezk T Cryptographically sound implementations for typed information-flow security Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages, (323-335)
  41. Yoon E and Yoo K Token-based authenticated key establishment protocols for three-party communication Proceedings of the 2007 conference on Emerging direction in embedded and ubiquitous computing, (758-769)
  42. Li X, Ma J and Moon S Security analysis of the authentication modules of Chinese WLAN standard and its implementation plan Proceedings of the 2007 IFIP international conference on Network and parallel computing, (306-314)
  43. Hasan O and Tahar S Verification of expectation properties for discrete random variables in HOL Proceedings of the 20th international conference on Theorem proving in higher order logics, (119-134)
  44. Lee B, Choo K, Yang J and Yoo S Secret signatures Proceedings of the 8th international conference on Information security applications, (30-47)
  45. Liu S, Chen K and Qiu W Identity-based threshold decryption revisited Proceedings of the 3rd international conference on Information security practice and experience, (329-343)
  46. Ge H and Tate S A direct anonymous attestation scheme for embedded devices Proceedings of the 10th international conference on Practice and theory in public-key cryptography, (16-30)
  47. Wen M, Dong L, Zheng Y and Chen K A framework for proving the security of data transmission protocols in sensor network Proceedings of the 2007 Pacific Asia conference on Intelligence and security informatics, (288-294)
  48. Xiaodong Lin , Rongxing Lu , Pin-Han Ho , Xuemin Shen and Zhenfu Cao A Novel Compromise-Resilient Authentication System for Wireless Mesh Networks Proceedings of the 2007 IEEE Wireless Communications and Networking Conference, (3541-3546)
  49. Tian H, Sun X and Wang Y (2007). A new public-key encryption scheme, Journal of Computer Science and Technology, 22:1, (95-102), Online publication date: 1-Jan-2007.
  50. Acs G, Buttyan L and Vajda I (2006). Provably Secure On-Demand Source Routing in Mobile Ad Hoc Networks, IEEE Transactions on Mobile Computing, 5:11, (1533-1546), Online publication date: 1-Nov-2006.
  51. Lei F, Chen W and Chen K A non-committing encryption scheme based on quadratic residue Proceedings of the 21st international conference on Computer and Information Sciences, (972-980)
  52. ACM
    Čapkun S and Čagalj M Integrity regions Proceedings of the 5th ACM workshop on Wireless security, (1-10)
  53. Gu J, Nah J, Chae C, Lee J and Jang J Random visitor Proceedings of the 7th international conference on Information security applications: PartI, (282-296)
  54. Yuan Z, Wen Q, Wu W and Zhang Q An ID-based watermarking scheme for java programs Proceedings of the 2006 international conference on Emerging Directions in Embedded and Ubiquitous Computing, (848-857)
  55. Li X, Moon S and Ma J On the security of the authentication module of chinese WLAN standard implementation plan Proceedings of the 4th international conference on Applied Cryptography and Network Security, (340-348)
  56. ACM
    Naedele M and Koch T Trust and tamper-proof software delivery Proceedings of the 2006 international workshop on Software engineering for secure systems, (51-58)
  57. Chan Y, Fleissner S, Liu J and Li J Single sign-on and key establishment for ubiquitous smart environments Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part IV, (406-415)
  58. ACM
    Xu S, Matthews M and Huang C Security issues in privacy and key management protocols of IEEE 802.16 Proceedings of the 44th annual ACM Southeast Conference, (113-118)
  59. ACM
    Kang K and Son S (2006). Towards security and QoS optimization in real-time embedded systems, ACM SIGBED Review, 3:1, (29-34), Online publication date: 1-Jan-2006.
  60. ACM
    Michiels S, Verslype K, Joosen W and De Decker B Towards a software architecture for DRM Proceedings of the 5th ACM workshop on Digital rights management, (65-74)
  61. ACM
    Leung S and Johnson C Computational concepts in IT Proceedings of the 6th conference on Information technology education, (37-42)
  62. ACM
    Srinivasan S and Kumar A Database security curriculum in InfoSec program Proceedings of the 2nd annual conference on Information security curriculum development, (79-83)
  63. ACM
    Al-Hamdani W and Griskell I A proposed curriculum of cryptography courses Proceedings of the 2nd annual conference on Information security curriculum development, (4-11)
  64. ACM
    Muresan R, Vahedi H, Zhanrong Y and Gregori S Power-smart system-on-chip architecture for embedded cryptosystems Proceedings of the 3rd IEEE/ACM/IFIP international conference on Hardware/software codesign and system synthesis, (184-189)
  65. Ács G, Buttyán L and Vajda I Provable security of on-demand distance vector routing in wireless ad hoc networks Proceedings of the Second European conference on Security and Privacy in Ad-Hoc and Sensor Networks, (113-127)
  66. Rhee K, Kwak J, Kim S and Won D Challenge-eesponse based RFID authentication protocol for distributed database environment Proceedings of the Second international conference on Security in Pervasive Computing, (70-84)
  67. Laszewski G and Sosonkin M A Grid Certificate Authority for Community and Ad-Hoc Grids Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 5 - Volume 06
  68. ACM
    Buttyán L and Vajda I Towards provable security for ad hoc routing protocols Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networks, (94-105)
  69. ACM
    Shaikh S Information security education in the UK Proceedings of the 1st annual conference on Information security curriculum development, (53-58)
Contributors

Reviews

Ghita Kouadri Mostéfaoui

Ancient cryptography was mainly based on substitution; the normal letters of a clear text were replaced by other letters, following a predefined key. Cryptography evolved over the centuries, and the current state of the science is mainly based on a strong mathematical background. Interested readers are, however, very often confused by the information available, which (most of the time) supposes that the reader is already familiar with the underlying mathematical theories. This book provides comprehensive coverage of current cryptographic protocols and techniques. It clearly explains all the needed material to go ahead with more complex concepts. The book is made up of 21 chapters, structured into six parts. Part 1 (chapters 1 and 2) is an introduction. In chapter 1, the author presents a pedagogical example (a simple communication game), with the goal of introducing the primordial concepts behind cryptography. The author states that cryptographic protocols readily contain security flaws. In chapter 2, he details this real phenomenon: the continuous battle between safeguards and attacks. Part 2 (chapters 3, 4, 5, and 6) covers the mathematical foundations of cryptography, including probabilities, computational complexity, algebraic foundations, and number theory. Each chapter begins with an introduction to its subject, helping the reader get the details of the whole subject without relying on an external reference. Part 3 (chapters 7, 8, 9, and 10) covers basic cryptographic algorithms, including symmetric and asymmetric algorithms, and data integrity techniques. Part 4 (chapters 11, 12, and 13) covers the theory of authentication protocols, and its realization in real cases, such as for Internet security, the kerberos protocol, secure sockets layer (SSL), and transport layer security (TLS). Part 5 (chapters 14, 15, 16, and 17) discusses formal techniques for authentication protocol correctness. Part 6 (chapters 18, 19, and 20) addresses a class of cryptographic protocols called zero-knowledge protocols, which support proving a claimed property without disclosing a secret. The author succeeds in providing a pedagogical reference for the difficult subject of cryptography. Each chapter begins with introductory material, and ends with a set of exercises, covering important concepts in an easy style. I highly recommend this book for classroom use, and as general introductory material on the science of cryptography. The work may also help Ph.D. students identify potential research directions in cryptography, and in security in general.

James Speybroeck

At first glance, this book appeared to be similar to others of its type, despite the fact that there is a transposition of letters at the top of its cover ("maunscript" instead of "manuscript"). However, irrespective of the spelling error, this is a major contribution to the field of cryptography. It is not so much that the material is new, but that the presentation and content are written in an innovative way. The book is divided into six parts. Part 1 is the obligatory introduction to the pillars of cryptography and information security. Part 2 covers the mathematical background essential for an understanding of the field of cryptography. Part 3 explains basic cryptographic algorithms. Part 4 addresses authentication. Part 5 is a sophisticated treatment of security notions for public key cryptographic techniques. The book concludes with Part 6, which addresses zero-knowledge protocols. Part 1 consists of two chapters. Both chapters are elementary, and provide an informal, but serious introduction to cryptography and cryptography protocols. Part 2 consists of four chapters, which provide a mathematical foundation for the text material. While these four chapters could also be considered introductory, the material is sophisticated and appropriate for the cryptographic professional. Part 3 might be considered to be the beginning of the book. This part consists of four chapters. The material is principally concerned with those algorithms that concern themselves with security, privacy, and data integrity. Part 4 contains four chapters, which meld to provide an in-depth coverage of authentication. Part 5, also four chapters, is a thorough treatment of the required rigorous techniques for implementation of strong security notions. Part 6, with two chapters, concludes the text. Chapter 19 is devoted to the topic of zero-knowledge protocols, while chapter 20 is both a summary of the text and a short history of its evolution. An interesting feature in the text is the enormous number of protocols laid out and explained. It is probably not fair to call the book a definitive source of all protocols for cryptography, but there certainly are a significant number of protocols. The serious student, and dedicated professional, will find this book a work of merit. Online Computing Reviews Service

Access critical reviews of Computing literature here

Become a reviewer for Computing Reviews.

Recommendations