Description
Taylor & Francis Ltd Introduction To Modern Cryptography 2Nd Edition 2014 by Jonathan Katz, Yehuda Lindell
Cryptography is ubiquitous and plays a key role in ensuring data secrecy and integrity as well as in securing computer systems more broadly. Introduction to Modern Cryptography provides a rigorous yet accessible treatment of this fascinating subject. The authors introduce the core principles of modern cryptography, with an emphasis on formal definitions, clear assumptions, and rigorous proofs of security. The book begins by focusing on private-key cryptography, including an extensive treatment of private-key encryption, message authentication codes, and hash functions. The authors also present design principles for widely used stream ciphers and block ciphers including RC4, DES, and AES, plus provide provable constructions of stream ciphers and block ciphers from lower-level primitives. The second half of the book covers public-key cryptography, beginning with a self-contained introduction to the number theory needed to understand the RSA, Diffie-Hellman, and El Gamal cryptosystems (and others), followed by a thorough treatment of several standardized public-key encryption and digital signature schemes. Integrating a more practical perspective without sacrificing rigor, this widely anticipated Second Edition offers improved treatment of:Stream ciphers and block ciphers, including modes of operation and design principlesAuthenticated encryption and secure communication sessionsHash functions, including hash-function applications and design principles Attacks on poorly implemented cryptography, including attacks on chained-CBC encryption, padding-oracle attacks, and timing attacksThe random-oracle model and its application to several standardized, widely used public-key encryption and signature schemesElliptic-curve cryptography and associated standards such as DSA/ECDSA and DHIES/ECIESContaining updated exercises and worked examples, Introduction to Modern Cryptography, Second Edition can serve as a textbook for undergraduate- or graduate-level courses in cryptography, a valuable reference for researchers and practitioners, or a general introduction suitable for self-study. PrefaceI. Introduction and Classical CryptographyIntroductionCryptography and Modern CryptographyThe Setting of Private-Key EncryptionHistorical Ciphers and Their CryptanalysisPrinciples of Modern CryptographyPrinciple 1 - Formal DefinitionsPrinciple 2 - Precise AssumptionsPrinciple 3 - Proofs of SecurityProvable Security and Real-World SecurityReferences and Additional ReadingExercisesPerfectly Secret EncryptionDefinitionsThe One-Time PadLimitations of Perfect SecrecyShannon's TheoremReferences and Additional ReadingExercisesII. Private-Key (Symmetric) CryptographyPrivate-Key EncryptionComputational SecurityThe Concrete ApproachThe Asymptotic ApproachDefining Computationally Secure EncryptionThe Basic Definition of SecuritySemantic SecurityConstructing Secure Encryption SchemesPseudorandom Generators and Stream CiphersProofs by ReductionA Secure Fixed-Length Encryption SchemeStronger Security NotionsSecurity for Multiple EncryptionsChosen-Plaintext Attacks and CPA-SecurityConstructing CPA-Secure Encryption SchemesPseudorandom Functions and Block CiphersCPA-Secure Encryption from Pseudorandom FunctionsModes of OperationStream-Cipher Modes of OperationBlock-Cipher Modes of OperationChosen-Ciphertext AttacksDefining CCA-SecurityPadding-Oracle AttacksReferences and Additional ReadingExercisesMessage Authentication CodesMessage IntegritySecrecy vs. IntegrityEncryption vs. Message AuthenticationMessage Authentication Codes - DefinitionsConstructing Secure Message Authentication CodesA Fixed-Length MACDomain Extension for MACsCBC-MACThe Basic ConstructionProof of SecurityAuthenticated EncryptionDefinitionsGeneric ConstructionsSecure Communication SessionsCCA-Secure EncryptionInformation-Theoretic MACsConstructing Information-Theoretic MACsLimitations on Information-Theoretic MACsReferences and Additional ReadingExercisesHash Functions and ApplicationsDefinitionsCollision ResistanceWeaker Notions of SecurityDomain Extension: The Merkle-Damgard TransformMessage Authentication Using Hash FunctionsHash-and-MACHMACGeneric Attacks on Hash FunctionsBirthday Attacks for Finding CollisionsSmall-Space Birthday AttacksTime/Space Tradeoffs for Inverting FunctionsThe Random-Oracle ModelThe Random-Oracle Model in DetailIs the Random-Oracle Methodology Sound?Additional Applications of Hash FunctionsFingerprinting and DeduplicationMerkle TreesPassword HashingKey DerivationCommitment SchemesReferences and Additional ReadingExercisesPractical Constructions of Symmetric-Key PrimitivesStream CiphersLinear-Feedback Shift RegistersAdding NonlinearityTriviumRC4Block CiphersSubstitution-Permutation NetworksFeistel NetworksDES - The Data Encryption Standard3DES: Increasing the Key Length of a Block CipherAES - The Advanced Encryption StandardDifferential and Linear CryptanalysisHash FunctionsHash Functions from Block CiphersMD5SHA-0, SHA-1, and SHA-2SHA-3 (Keccak)References and Additional ReadingExercisesTheoretical Constructions of Symmetric-Key PrimitivesOne-Way FunctionsDefinitionsCandidate One-Way FunctionsHard-Core PredicatesFrom One-Way Functions to PseudorandomnessHard-Core Predicates from One-Way FunctionsA Simple CaseA More Involved CaseThe Full ProofConstructing Pseudorandom GeneratorsPseudorandom Generators with Minimal ExpansionIncreasing the Expansion FactorConstructing Pseudorandom FunctionsConstructing (Strong) Pseudorandom PermutationsAssumptions for Private-Key CryptographyComputational IndistinguishabilityReferences and Additional ReadingExercisesIII. Public-Key (Asymmetric) CryptographyNumber Theory and Cryptographic Hardness AssumptionsPreliminaries and Basic Group TheoryPrimes and DivisibilityModular ArithmeticGroupsThe Group ZNIsomorphisms and the Chinese Remainder Theorem Primes, Factoring, and RSAGenerating Random PrimesPrimality TestingThe Factoring AssumptionThe RSA AssumptionRelating the RSA and Factoring AssumptionsCryptographic Assumptions in Cyclic GroupsCyclic Groups and GeneratorsThe Discrete-Logarithm/Diffie-Hellman AssumptionsWorking in (Subgroups of) ZpElliptic CurvesCryptographic ApplicationsOne-Way Functions and PermutationsConstructing Collision-Resistant Hash FunctionsReferences and Additional ReadingExercisesAlgorithms for Factoring and Computing Discrete LogarithmsAlgorithms for FactoringPollard's p 1 AlgorithmPollard's Rho AlgorithmThe Quadratic Sieve AlgorithmAlgorithms for Computing Discrete LogarithmsThe Pohlig-Hellman AlgorithmThe Baby-Step/Giant-Step AlgorithmDiscrete Logarithms from CollisionsThe Index Calculus AlgorithmRecommended Key LengthsReferences and Additional ReadingExercisesKey Management and the Public-Key RevolutionKey Distribution and Key ManagementA Partial Solution: Key-Distribution CentersKey Exchange and the Diffie-Hellman ProtocolThe Public-Key RevolutionReferences and Additional ReadingExercisesPublic-Key EncryptionPublic-Key Encryption - An OverviewDefinitionsSecurity against Chosen-Plaintext AttacksMultiple EncryptionsSecurity against Chosen-Ciphertext AttacksHybrid Encryption and the KEM/DEM ParadigmCPA-SecurityCCA-SecurityCDH/DDH-Based EncryptionEl Gamal EncryptionDDH-Based Key EncapsulationA CDH-Based KEM in the Random-Oracle ModelChosen-Ciphertext Security and DHIES/ECIESRSA EncryptionPlain RSAPadded RSA and PKCS #1 v1.5CPA-Secure Encryption without Random Oracles OAEP and RSA PKCS #1 vA CCA-Secure KEM in the Random-Oracle Model RSA Implementation Issues and PitfallsReferences and Additional ReadingExercisesDigital Signature SchemesDigital Signatures - An OverviewDefinitionsThe Hash-and-Sign ParadigmRSA SignaturesPlain RSARSA-FDH and PKCS #1 vSignatures from the Discrete-Logarithm ProblemThe Schnorr Signature SchemeDSA and ECDSASignatures from Hash FunctionsLamport's Signature SchemeChain-Based SignaturesTree-Based SignaturesCertificates and Public-Key InfrastructuresPutting It All Together - SSL/TLSSigncryptionReferences and Additional ReadingExercisesAdvanced Topics in Public-Key EncryptionPublic-Key Encryption from Trapdoor PermutationsTrapdoor PermutationsPublic-Key Encryption from Trapdoor PermutationsThe Paillier Encryption SchemeThe Structure of ZN2The Paillier Encryption SchemeHomomorphic EncryptionSecret Sharing and Threshold EncryptionSecret SharingVerifiable Secret SharingThreshold Encryption and Electronic VotingThe Goldwasser-Micali Encryption SchemeQuadratic Residues Modulo a PrimeQuadratic Residues Modulo a CompositeThe Quadratic Residuosity AssumptionThe Goldwasser-Micali Encryption SchemeThe Rabin Encryption SchemeComputing Modular Square RootsA Trapdoor Permutation Based on FactoringThe Rabin Encryption SchemeReferences and Additional ReadingExercisesIndex of Common NotationAppendix A: Mathematical BackgroundIdentities and InequalitiesAsymptotic NotationBasic ProbabilityThe "Birthday" ProblemFinite FieldsAppendix B: Basic Algorithmic Number TheoryInteger ArithmeticBasic OperationsThe Euclidean and Extended Euclidean AlgorithmsModular ArithmeticBasic OperationsComputing Modular InversesModular ExponentiationMontgomery MultiplicationChoosing a Uniform Group ElementFinding a Generator of a Cyclic GroupGroup-Theoretic BackgroundEfficient AlgorithmsReferences and Additional ReadingExercisesReferencesIndexshow more