Leading HP security expert Wenbo Mao explains why "textbook" crypto schemes, protocols, and systems are profoundly vulnerable by revealing real-world-scenario attacks. Next, he shows how to realize cryptographic systems and protocols that are truly "fit for application"--and formally demonstrates their fitness. Mao presents practical examples throughout and provides all the mathematical background you'll need.
- Crypto foundations: probability, information theory, computational complexity, number theory, algebraic techniques, and more
- Authentication: basic techniques and principles vs. misconceptions and consequential attacks
- Evaluating real-world protocol standards including IPSec, IKE, SSH, TLS (SSL), and Kerberos
Mao introduces formal and reductionist methodologies to prove the "fit-for-application" security of practical encryption, signature, signcryption, and authentication schemes. He gives detailed explanations for zero-knowledge protocols: definition, zero-knowledge properties, equatability vs. simulatability, argument vs. proof, round-efficiency, and non-interactive versions.
About the Author
WENBO MAO, PhD, is a Technical Contributor to the Trusted Systems Lab at Hewlett-Packard Laboratories, Bristol, UK. Mao leads HP's participation and research activities in Computer Aided Solutions to Secure Electronic Commerce Transactions (CASENET), a research project funded by the European Union. His research interests include cryptography, computer security, and formal methods. He is a member of the International Association for Cryptographic Research (IACR), the Institute of Electrical and Electronics Engineers (IEEE), and the British Computer Society (BCS).