Information Security
Description
Information Security: Principles and Practice is the must-have book for students, instructors, and early-stage professionals alike. Author Mark Stamp provides clear, accessible, and accurate information on the four critical components of information security: cryptography, access control, security protocols, and software. Readers are provided with a wealth of real-world examples that clarify complex topics, highlight important security issues, and demonstrate effective methods and strategies for protecting the confidentiality and integrity of data.
Fully revised and updated, the third edition of Information Security features a brand-new chapter on network security basics and expanded coverage of cross-site scripting (XSS) attacks, Stuxnet and other malware, the SSH protocol, secure software development, and security protocols. Fresh examples illustrate the Rivest-Shamir-Adleman (RSA) cryptosystem, Elliptic-curve cryptography (ECC), and hash functions based on bitcoin and blockchains. Updated problem sets, figures, tables, and graphs help readers develop a working knowledge of classic cryptosystems, symmetric and public key cryptography, cryptanalysis, simple authentication protocols, intrusion and malware detection systems, and more. Presenting a highly practical approach to information security, this popular textbook:
* Provides up-to-date coverage of the rapidly evolving field of information security
* Explains session keys, perfect forward secrecy, timestamps, SSH, SSL, IPSec, Kerberos, WEP, GSM, and other authentication protocols
* Addresses access control techniques including authentication and authorization, ACLs and capabilities, and multilevel security and compartments
* Discusses software tools used for malware detection, digital rights management, and operating systems security
* Includes an instructor's solution manual, PowerPoint slides, lecture videos, and additional teaching resources
Information Security: Principles and Practice, Third Edition is the perfect textbook for advanced undergraduate and graduate students in all Computer Science programs, and remains essential reading for professionals working in industrial or government security.
To request supplementary materials, please contact mark.stamp@sjsu.edu and visit the author-maintained website for more: https://www.cs.sjsu.edu/~stamp/infosec/.
More details
Other editions
Additional editions
Person
Mark Stamp, PhD, has more than 25 years of experience in the field of information security. He has worked in industry, in academia as Professor of Computer Science, and in government as a cryptologic scientist for the National Security Agency. He has written dozens of academic papers, numerous journal articles, and two books on the topic of information security.
Content
Preface xv
About The Author xix
Acknowledgments xxi
1 Introductions 1
1.1 The Cast of Characters 1
1.2 Alice's Online Bank 2
1.2.1 Confidentiality, Integrity, and Availability 2
1.2.2 Beyond CIA 2
1.3 About This Book 4
1.3.1 Cryptography 4
1.3.2 Access Control 5
1.3.3 Network Security 6
1.3.4 Software 6
1.4 The People Problem 7
1.5 Principles and Practice 7
1.6 Problems 8
I Crypto 13
2 Classic Cryptography 15
2.1 Introduction 15
2.2 How to Speak Crypto 15
2.3 Classic Crypto 17
2.3.1 Simple Substitution Cipher 18
2.3.2 Cryptanalysis of a Simple Substitution 20
2.3.3 Definition of Secure 21
2.3.4 Double Transposition Cipher 22
2.3.5 One-Time Pad 23
2.3.6 Codebook Cipher 27
viii CONTENTS
2.4 Classic Crypto in History 28
2.4.1 Ciphers of the Election of 1876 28
2.4.2 Zimmermann Telegram 30
2.4.3 Project VENONA 32
2.5 Modern Crypto History 33
2.6 A Taxonomy of Cryptography 36
2.7 A Taxonomy of Cryptanalysis 37
2.8 Summary 39
2.9 Problems 39
3 Symmetric Ciphers 45
3.1 Introduction 45
3.2 Stream Ciphers 46
3.2.1 A5/1 47
3.2.2 RC4 49
3.3 Block Ciphers 51
3.3.1 Feistel Cipher 51
3.3.2 DES 52
3.3.3 Triple DES 57
3.3.4 AES 59
3.3.5 TEA 62
3.3.6 Block Cipher Modes 64
3.4 Integrity 68
3.5 Quantum Computers and Symmetric Crypto 70
3.6 Summary 72
3.7 Problems 72
4 Public Key Crypto 79
4.1 Introduction 79
4.2 Knapsack 82
4.3 RSA 85
4.3.1 Textbook RSA Example 87
4.3.2 Repeated Squaring 88
4.3.3 Speeding Up RSA 90
4.4 Diffie-Hellman 91
4.5 Elliptic Curve Cryptography 93
4.5.1 Elliptic Curve Math 93
4.5.2 ECC Diffie-Hellman 95
4.5.3 Realistic Elliptic Curve Example 96
4.6 Public Key Notation 97
4.7 Uses for Public Key Crypto 98
4.7.1 Confidentiality in the Real World 98
4.7.2 Signatures and Non-repudiation 99
CONTENTS ix
4.7.3 Confidentiality and Non-repudiation 99
4.8 Certificates and PKI 102
4.9 Quantum Computers and Public Key 104
4.10 Summary 106
4.11 Problems 106
5 Crypto Hash Functions++ 115
5.1 Introduction 115
5.2 What is a Cryptographic Hash Function? 116
5.3 The Birthday Problem 117
5.4 A Birthday Attack 119
5.5 Non-Cryptographic Hashes 120
5.6 SHA-3 121
5.7 HMAC 124
5.8 Cryptographic Hash Applications 126
5.8.1 Online Bids 126
5.8.2 Blockchain 127
5.9 Miscellaneous Crypto-Related Topics 136
5.9.1 Secret Sharing 136
5.9.2 Random Numbers 140
5.9.3 Information Hiding 143
5.10 Summary 147
5.11 Problems 147
II Access Control 159
6 Authentication 161
6.1 Introduction 161
6.2 Authentication Methods 162
6.3 Passwords 163
6.3.1 Keys Versus Passwords 164
6.3.2 Choosing Passwords 164
6.3.3 Attacking Systems via Passwords 166
6.3.4 Password Verification 167
6.3.5 Math of Password Cracking 168
6.3.6 Other Password Issues 173
6.4 Biometrics 174
6.4.1 Types of Errors 176
6.4.2 Biometric Examples 176
6.4.3 Biometric Error Rates 181
6.4.4 Biometric Conclusions 182
6.5 Something You Have 182
x CONTENTS
6.6 Two-Factor Authentication 183
6.7 Single Sign-On and Web Cookies 183
6.8 Summary 184
6.9 Problems 185
7 Authorization 195
7.1 Introduction 195
7.2 A Brief History of Authorization 196
7.2.1 The Orange Book 196
7.2.2 The Common Criteria 199
7.3 Access Control Matrix 200
7.3.1 ACLs and Capabilities 201
7.3.2 Confused Deputy 202
7.4 Multilevel Security Models 204
7.4.1 Bell-LaPadula 206
7.4.2 Biba's Model 207
7.4.3 Compartments 208
7.5 Covert Channels 210
7.6 Inference Control 212
7.7 CAPTCHA 214
7.8 Summary 216
7.9 Problems 216
III Topics in Network Security 221
8 Network Security Basics 223
8.1 Introduction 223
8.2 Networking Basics 223
8.2.1 The Protocol Stack 225
8.2.2 Application Layer 226
8.2.3 Transport Layer 228
8.2.4 Network Layer 231
8.2.5 Link Layer 233
8.3 Cross-Site Scripting Attacks 235
8.4 Firewalls 236
8.4.1 Packet Filter 238
8.4.2 Stateful Packet Filter 240
8.4.3 Application Proxy 240
8.4.4 Defense in Depth 242
8.5 Intrusion Detection Systems 243
8.5.1 Signature-Based IDS 245
8.5.2 Anomaly-Based IDS 246
CONTENTS xi
8.6 Summary 250
8.7 Problems 250
9 Simple Authentication Protocols 257
9.1 Introduction 257
9.2 Simple Security Protocols 259
9.3 Authentication Protocols 261
9.3.1 Authentication Using Symmetric Keys 264
9.3.2 Authentication Using Public Keys 267
9.3.3 Session Keys 268
9.3.4 Perfect Forward Secrecy 270
9.3.5 Mutual Authentication, Session Key, and PFS 273
9.3.6 Timestamps 273
9.4 ``Authentication"" and TCP 275
9.5 Zero Knowledge Proofs 278
9.6 Tips for Analyzing Protocols 282
9.7 Summary 284
9.8 Problems 284
10 Real-World Security Protocols 293
10.1 Introduction 293
10.2 SSH 294
10.2.1 SSH and the Man-in-the-Middle 295
10.3 SSL 296
10.3.1 SSL and the Man-in-the-Middle 299
10.3.2 SSL Connections 300
10.3.3 SSL Versus IPsec 300
10.4 IPsec 301
10.4.1 IKE Phase 1 302
10.4.2 IKE Phase 2 309
10.4.3 IPsec and IP Datagrams 310
10.4.4 Transport and Tunnel Modes 311
10.4.5 ESP and AH 313
10.5 Kerberos 314
10.5.1 Kerberized Login 316
10.5.2 Kerberos Ticket 316
10.5.3 Security of Kerberos 318
10.6 WEP 319
10.6.1 WEP Authentication 319
10.6.2 WEP Encryption 320
10.6.3 WEP Non-Integrity 320
10.6.4 Other WEP Issues 321
10.6.5 WEP: The Bottom Line 322
xii CONTENTS
10.7 GSM 322
10.7.1 GSM Architecture 323
10.7.2 GSM Security Architecture 324
10.7.3 GSM Authentication Protocol 326
10.7.4 GSM Security Flaws 327
10.7.5 GSM Conclusions 329
10.7.6 3GPP 330
10.8 Summary 330
10.9 Problems 331
IV Software 339
11 Software Flaws and Malware 341
11.1 Introduction 341
11.2 Software Flaws 341
11.2.1 Buffer Overflow 345
11.2.2 Incomplete Mediation 356
11.2.3 Race Conditions 356
11.3 Malware 358
11.3.1 Malware Examples 359
11.3.2 Malware Detection 365
11.3.3 The Future of Malware 367
11.3.4 The Future of Malware Detection 369
11.4 Miscellaneous Software-Based Attacks 369
11.4.1 Salami Attacks 369
11.4.2 Linearization Attacks 370
11.4.3 Time Bombs 371
11.4.4 Trusting Software 372
11.5 Summary 373
11.6 Problems 373
12 Insecurity in Software 381
12.1 Introduction 381
12.2 Software Reverse Engineering 382
12.2.1 Reversing Java Bytecode 384
12.2.2 SRE Example 385
12.2.3 Anti-Disassembly Techniques 390
12.2.4 Anti-Debugging Techniques 391
12.2.5 Software Tamper Resistance 392
12.3 Software Development 393
12.3.1 Flaws and Testing 395
12.3.2 Secure Software Development? 396
CONTENTS xiii
12.4 Summary 396
12.5 Problems 397
Appendix 403
A-1 Modular Arithmetic 403
A-2 Permutations 405
A-3 Probability 406
A-4 DES Permutations 406
Index 418
Preface
Please sir or madam won't you read my book?
It took me years to write, won't you take a look?
- Lennon and McCartney
I hate black boxes. My primary goal in writing this book was to illuminate some of those black boxes that are popular in information security books today. On the other hand, I don't want to bore you to death with trivial details-if that's what you want, your can read RFCs. As a result, I'll often ignore details that I deem irrelevant to the point that I'm trying to make. You can judge whether I've struck the proper balance between these two competing goals.
I've strived to keep the presentation moving along so as to cover a broad selection of topics. My objective is to cover each item in just enough detail so that you can appreciate the security issue, while not getting too bogged down in details. I've also attempted to regularly emphasize and reiterate the main points so that crucial information doesn't slip by below the radar screen.
Another goal is to present the topic in a reasonably lively and interesting way. If any computing subject should be exciting and fun, it's information security. Security is happening now, and it's in the news-it's clearly alive and kicking.
I've also tried to inject a little humor. They say that humor is derived from pain, and judging by the quality of the jokes, I'd say that I've definitely led a charmed life. In any case, most of the bad jokes are in footnotes so they shouldn't be too distracting.
Some security textbooks offer a large dollop of dry theory. Reading one of those books is about as exciting as reading a calculus textbook. Other books offer a seemingly random collection of apparently unrelated facts, giving the impression that security is not really a coherent subject at all. Then there are books that present the topic as a bunch of high-level managerial platitudes. Finally, some texts focus on the human factors in security. While all of these approaches have their place, my bias is that, first and foremost, a security engineer must have a solid understanding of the inherent strengths and weaknesses of the underlying technology.
Information security is a huge topic, and unlike more established fields, it's not entirely clear what material should be included in a book like this, or how best to organize it. I've chosen to organize this book around four major themes:
- Cryptography
- Access Control
- Network Security
- Software
In my usage, these themes are fairly elastic. For example, under the heading of access control I've included the traditional topics of authentication and authorization, along with such nontraditional topics as CAPTCHAs. The software theme is particularly flexible, and includes such diverse topics as software development, malware, and reverse engineering.
Although this book is focused on practical issues, I've tried to cover enough of the fundamental principles so that you will be prepared for further study in the field. In addition, I've strived to minimize the background requirements as much as possible. In particular, the mathematical formalism has been kept to a bare minimum (the Appendix contains a review of a few essential math topics). Despite this self-imposed limitation, I believe this book contains more substantive cryptography than most security books out there. The required computer science background is also minimal-an introductory computer organization course (or comparable experience) is more than sufficient. Some programming experience is assumed and a rudimentary knowledge of assembly language would be helpful in a couple of sections, but is not mandatory. Networking basics are covered, so no previous knowledge or experience in that area is assumed.
If you are an information technology professional who's trying to learn more about security, I would suggest that you read the entire book. Most topics are interrelated, and skipping the few that are not would not save much time anyway. Even if are an expert in a particular area, it is worth at least skimming my presentation, as terminology is often used inconsistently in this field, and this book might provide a different perspective than you have seen elsewhere.
If you are teaching a security class, this book might contain slightly more material than can comfortably be covered in a one-semester course. The schedule that I generally follow in my undergraduate security class appears in Table 1.
Security is not a spectator sport-solving a large number of the homework problems is an essential aspect of learning the material in this book. Many topics are fleshed out in the problems and additional topics are sometimes introduced. The bottom line is that the more problems you solve, the more you'll learn.
Table 1 Suggested syllabus
Chapter Hours Suggested coverage 1. Introduction 1 All 2. Classic Cryptography 3 All 3. Symmetric Key Crypto 4 All 4. Public Key Crypto 4 All 5. Hash Functions++ 4 Omit attack details in Section 5.7 6. Authentication 4 All 7. Authorization 2 All 8. Networking Basics 3 Omit Section 8.5 9. Authentication Protocols 4 Omit Section 9.4 10. Real-World Protocols 4 Omit either WEP or GSM 11. Software Flaws and Malware 4 All 12. Insecurity in Software 3 All Total 40A security course based on this book is an ideal venue for individual or group projects. The textbook website includes a section on cryptanalysis, which is one possible source for crypto projects. In addition, many homework problems lend themselves well to class discussions or in-class assignments; see, for example, Problem 16 in Chapter 10 or Problem 17 in Chapter 11.
The textbook website is at
http://www.cs.sjsu.edu/~stamp/infosec/
where you'll find PowerPoint slides, all of the files mentioned in the homework problems, errata, and many other goodies. If I were teaching this class for the first time, I would particularly appreciate the PowerPoint slides, which have been thoroughly "battle tested" and improved over many iterations. In addition, a solutions manual is available to instructors (sorry, students) directly from your sentinel-like author.
How does the math found in the Appendix fit in? Elementary modular arithmetic arises in a few sections of Chapters 3 and 5, while the number theory results are needed in Chapter 4 and Section 9.5 of Chapter 9. I've found that the vast majority of my students need to brush up on modular arithmetic basics. It only takes about 20 to 30 minutes of class time to cover the material on modular arithmetic and that will be time well spent prior to diving into public key cryptography. Trust me.
Permutations, which are briefly discussed in the Appendix, are most prominent in Chapter 3. The material in the Appendix on discrete probability is needed in the password cracking section of Chapter 6, for example.
Just as any large and complex software project must have bugs, it is a metaphysical certitude that this book has errors. I would like to hear about any errors-large or small-that you find. I will strive to maintain an up-to-date errata list on the textbook website. Also, don't hesitate to provide any suggestions you might have for a future edition of this book.
What's New for the Third Edition?
Several sections of the book have been reorganized and expanded, while other sections (and two entire chapters) have been removed. The major section on Network Security covers a broader range of topics, including an introduction to networking, which makes a course based on this book more self-contained. Based on feedback from people who have used the book, there are additional examples in the crypto chapters, while the protocol chapters have been modified and expanded. The first and second edition included a chapter on modern cryptanalysis, which has been removed from this edition, but is still available on the textbook website-as are other topics that were deleted.
All figures have been reworked, making them clearer and (hopefully) better. And, of course, all known errors from the second edition have been fixed. The homework problems have been extensively modified throughout.
Information security is an evolving field and there have been some significant changes since this book was originally published in 2005. Nevertheless, the basic structure of that first edition remains essentially intact. I believe the organization and list of topics has held up well over the years. Consequently,...
