Applied Cryptography ^{2^nd Ed.}

Protocols, Algorithms, and Source Code in C

Publisher: Wiley, 1996, 758 pages

ISBN: 0-471-11709-9

Last modified: May 22, 2021, 7:37 p.m.

Synopsis

This new edition of the cryptography classic provides you with a comprehensive survey of modern cryptography. The book details how programmers and electronic communications professionals can use cryptography — the technique of enciphering and deciphering messages — to maintain the privacy of computer data. It describes dozens of cryptography algorithms, gives practical advice on how to implement them into cryptographic software, and shows how they can be used to solve security problems. Covering the latest developments in practical cryptographic techniques, this new edition shows programmers who design computer applications, networks, and storage systems how they can build security into their software and systems.

What's new in the Second Edition?

New information on the Clipper Chip, including ways to defeat the key escrow mechanism.
New encryption algorithms, including algorithms from the former Soviet Union and South Africa, and the RC4 stream cipher.
The latest protocols for digital signatures, authentication, secure elections, digital cash, and more.
More detailed information on key management and cryptographic implementations.

Foundations

Terminology
Steganography
Substitution Ciphers and Transposition Ciphers
Simple XOR
One-Time Pads
Computer Algorithms
Large Numbers

Part I: Cryptographic Protocols

Protocol Building Blocks

Introduction to Protocols
Communications Using Symmetric Cryptography
One-Way Functions
One-Way Hash Functions
Communications Using Public-Key Cryptography
Digital Signatures
Digital Signatures with Encryption
Random and Pseudo-Random Sequence Generation

Basic Protocols

Key Exchange
Authentication
Authentication and Key Exchange
Formal Analysis of Authentication and Key-Exchange Protocols
Multiple-Key Public-Key Cryptography
Secret Splitting
Secret Sharing
Cryptographic Protection of Databases

Intermediate Protocols

Timestamping Services
Subliminal Channel
Undeniable Digital Signatures
Designated Confirmer Signatures
Proxy Signatures
Group Signatures
Fail-Stop Digital Signatures
Computing with Encrypted Data
Bit Commitment
Fair Coin Flips
Mental Poker
One-Way Accumulators
All-or-Nothing Disclosure of Secrets
Key Escrow

Advanced Protocols

Zero-Knowledge Proofs
Zero-Knowledge Proofs of Identity
Blind Signatures
Identity-Based Public-Key Cryptography
Oblivious Transfer
Oblivious Signatures
Simultaneous Contract Signing
Digital Certified Mail
Simultaneous Exchange of Secrets

Esoteric Protocols

Secure Elections
Secure Multiparty Computation
Anonymous Message Broadcast
Digital Cash

Part II: Cryptographic Techniques

Key Length

Symmetric Key Length
Public-Key Key Length
Comparing Symmetric and Public-Key Key Lengths
Birthday Attacks Against One-Way Hash Functions
How Long Should a Key Be?
Caveat Emptor

Key Management

Generating Keys
Nonlinear Keyspaces
Transferring Keys
Verifying Keys
Using Keys
Updating Keys
Storing Keys
Backup Keys
Compromised Keys
Lifetime of Keys
Destroying Keys
Public-Key Key Management

Algorithm Types and Modes

Electronic Codebook Mode
Block Replay
Cipher Block Chaining Mode
Stream Ciphers
Self-Synchronizing Stream Ciphers
Cipher-Feedback Mode
Synchronous Stream Ciphers
Output-Feedback Mode
Counter Mode
Other Block-Cipher Modes
Choosing a Cipher Mode
Interleaving
Block Ciphers versus Stream Ciphers

Using Algorithms

Choosing an Algorithm
Public-Key Cryptography vs. Symmetric Cryptography
Encrypting Communications Channels
Encrypting Data for Storage
Hardware Encryption versus Software Encryption
Compression, Encoding, and Encryption
Detecting Encryption
Hiding Ciphertext in Ciphertext
Destroying Information

Part III: Cryptographic Algorithms

Mathematical Background

Information Theory
Complexity Theory
Number Theory
Factoring
Prime Number Generation
Discrete Logarithms in a Finite Field

Data Encryption Standard

Background
Description of DES
Security of DES
Differential and Linear Cryptanalysis
The Real Design Criteria
DES Variants
How Secure is DES Today?

Other Block Algorithms

Lucifer
Madryga
NewDES
FEAL
REDOC
LOKI
Khufu and Khafre
RC2
IDEA
MMB
CA-1.1
Skipjack

Still Other Block Algorithms

GOST
CAST
Blowfish
SAFER
3-Way
Crab
SXAL8/MBAL
RC5
Other Block Algorithms
Theory of Block Cipher Design
Using One-Way Hash Functions
Choosing a Block Algorithm

Combining Block Algorithms

Double Encryption
Triple Encryption
Doubling the Block Length
Other Multiple Encryption Schemes
CDMF Key Shortening
Whitening
Cascading Multiple Block Algorithms
Combining Multiple Block Algorithms

Pseudo-Random-Sequence Generators and Stream

Linear Congruential Generators
Linear Feedback Shift Registers
Design and Analysis of Stream Ciphers
Stream Ciphers Using LFSRs
A5
Hughes XPD/KPD
Nanoteq
Rambutan
Additive Generators
Gifford
Algorithm M
PKZIP

Other Stream Ciphers and Real Random-Sequence Generators

RC4
SEAL
WAKE
Feedback with Carry Shift Registers
Stream Ciphers Using FCSRs
Nonlinear-Feedback Shift Registers
Other Stream Ciphers
System-Theoretic Approach to Stream-Cipher Design
Complexity-Theoretic Approach to Stream-Cipher Design
Other Approaches to Stream-Cipher Design
Cascading Multiple Stream Ciphers
Choosing a Stream Cipher
Generating Multiple Streams from a Single Pseudo-Random-Sequence Generator
Real Random-Sequence Generators

One-Way Hash Functions

Background
Snefru
N-Hash
MD4
MD5
MD2
Secure Hash Algorithm (SHA)
RIPE-MD
HAVAL
Other One-Way Hash Functions
One-Way Hash Functions Using Symmetric Block Algorithms
Using Public-key Algorithms
Choosing a One-Way Hash Function
Message Authentication Codes

Public-Key Algorithms

Background
Knapsack Algorithms
RSA
Pohlig-Hellman
Rabin
ElGamal
McEliece
Elliptic Curve Cryptosystems
LUC
Finite Automation Public-Key Cryptosystems

Public-Key Digital Signature Algorithms

Digital Signature Algorithm (DSA)
DSA Variants
GOST Digital Signature Algorithm
Discrete Logarithm Signature Schemes
Ong-Schnorr-Shamir
ESIGN
Cellular Automata
Other Public-Key Algorithms

Identification Schemes

Feige-Fiat-Shamir
Guillou-Quisquater
Schnorr
Converting Identification Schemes to Signature Schemes

Key-Exchange Algorithms

Diffie-Hellman
Station-to-Station Protocol
Shamir’s Three-Pass Protocol
COMSET
Encrypted Key Exchange
Fortified Key Negotiation
Conference Key Distribution and Secret Broadcasting

Special Algorithms for Protocols

Multiple-Key Public-Key Cryptography
Secret Sharing Algorithms
Subliminal Channel
Undeniable Digital Signatures
Designated Confirmer Signatures
Computing with Encrypted Data
Fair Coin Flips
One-Way Accumulators
All-or-Nothing Disclosure of Secrets
Fair and Failsafe Cryptosystems
Zero-Knowledge Proofs of Knowledge
Blind Signatures
Oblivious Transfer
Secure Multiparty Computation
Probabilistic Encryption
Quantum Cryptography

Part IV: The Real World

Example Implementations

IBM Secret-Key Management Protocol
MITRENET
ISDN
STU-III
Kerberos
KryptoKnight
SESAME
IBM Common Cryptographic Architecture
ISO Authentication Framework
Privacy-Enhanced Mail (PEM)
Message Security Protocol (MSP)
Pretty Good Privacy (PGP)
Smart Cards
Public-Key Cryptography Standards (PKCS)
Universal Electronic Payment System (UEPS)
Clipper
Capstone
AT&T Model 3600 Telephone Security Device (TSD)

Politics

National Security Agency (NSA)
National Computer Security Center (NCSC)
National Institute of Standards and Technology (NIST)
RSA Data Security, Inc.
Public Key Partners
International Association for Cryptologic Research (IACR)
RACE Integrity Primitives Evaluation (RIPE)
Conditional Access for Europe (CAFE)
ISO/IEC 9979
Professional, Civil Liberties, and Industry Groups
Sci.crypt
Cypherpunks
Patents
U.S. Export Rules
Foreign Import and Export of Cryptography
Legal Issues

Afterword By Matt Blaze

Part V: Source Code

Source Code

Reviews