Bøger i Information Security and Cryptography serien

Signcryption schemes combine the features of digital signature schemes with those of public-key encryption schemes and aim to provide security guarantees in a way that is provably correct and significantly less computationally expensive than the "encrypt-then-sign" method most commonly adopted in public-key cryptography.

Protocols for authentication and key establishment are the foundation for security of communications. The range and diversity of these protocols is immense, while the properties and vulnerabilities of different protocols can be remarkably subtle.Here is a comprehensive and integrated treatment of protocols for authentication and key establishment. It allows researchers and practitioners to quickly access a protocol for their needs and become aware of existing protocols that have been broken in the literature.As well as a clear and uniform presentation of the protocols, this book includes a description of all the main attack types and classifies most protocols in terms of their properties and resource requirements. It also includes tutorial material suitable for graduate students.

Due to the rapid growth of digital communication and electronic data exchange, information security has become a crucial issue in industry, business, and administration. Modern cryptography provides essential techniques for securing information and protecting data.In the first part, this book covers the key concepts of cryptography on an undergraduate level, from encryption and digital signatures to cryptographic protocols. Essential techniques are demonstrated in protocols for key exchange, user identification, electronic elections and digital cash. In the second part, more advanced topics are addressed, such as the bit security of one-way functions and computationally perfect pseudorandom bit generators. The security of cryptographic schemes is a central topic. Typical examples of provably secure encryption and signature schemes and their security proofs are given. Though particular attention is given to the mathematical foundations, no special background in mathematics is presumed. The necessary algebra, number theory and probability theory are included in the appendix. Each chapter closes with a collection of exercises. The second edition contains corrections, revisions and new material, including a complete description of the AES, an extended section on cryptographic hash functions, a new section on random oracle proofs, and a new section on public-key encryption schemes that are provably secure against adaptively-chosen-ciphertext attacks.

An authoritative and comprehensive guide to the Rijndael algorithm and Advanced Encryption Standard (AES). AES is expected to gradually replace the present Data Encryption Standard (DES) as the most widely applied data encryption technology. This book, written by the designers of the block cipher, presents Rijndael from scratch.

To generate a precise CFI policy without the support of the source code, we systematically study two methods which recover CFI policy based on function signature matching at the binary level and propose our novel rule- and heuristic-based mechanism to more accurately recover function signature.

This book provides a concise yet comprehensive overview of computer and Internet security, suitable for a one-term introductory course for junior/senior undergrad or first-year graduate students.

In this book the author introduces a novel approach to securing exam systems. He describes the tasks that occur during an exam, taking account of the levels of detail and abstraction of an exam specification and the threats that arise out of the different exam roles.

This book is the most comprehensive and integrated treatment of the protocols required for authentication and key establishment. In a clear, uniform presentation the authors classify most protocols in terms of their properties and resource requirements, and describe all the main attack types, so the reader can quickly evaluate protocols for particular applications.In this edition the authors introduced new chapters and updated the text throughout in response to new developments and updated standards. The first chapter, an introduction to authentication and key establishment, provides the necessary background on cryptography, attack scenarios, and protocol goals. A new chapter, computational security models, describes computational models for key exchange and authentication and will help readers understand what a computational proof provides and how to compare the different computational models in use. In the subsequent chapters the authors explain protocols that use shared key cryptography, authentication and key transport using public key cryptography, key agreement protocols, the Transport Layer Security protocol, identity-based key agreement, password-based protocols, and group key establishment.The book is a suitable graduate-level introduction, and a reference and overview for researchers and practitioners with 225 concrete protocols described. In the appendices the authors list and summarize the relevant standards, linking them to the main book text when appropriate, and they offer a short tutorial on how to build a key establishment protocol. The book also includes a list of protocols, a list of attacks, a summary of the notation used in the book, general and protocol indexes, and an extensive bibliography.

In this book the author introduces a novel approach to securing exam systems. He describes the tasks that occur during an exam, taking account of the levels of detail and abstraction of an exam specification and the threats that arise out of the different exam roles.

This book describes the essential components of the SCION secure Internet architecture, the first architecture designed foremost for strong security and high availability.

This book is the first to develop a systematized approach for the comparison and evaluation of secure deletion solutions. The book focuses on novel secure deletion solutions targeting specific real-world environments where secure deletion is problematic: mobile storage and remote storage.

Hardware-intrinsic security is a young field dealing with secure secret key storage. By generating the secret keys from the intrinsic properties of the silicon, e.g., from intrinsic Physical Unclonable Functions (PUFs), no permanent secret key storage is required anymore, and the key is only present in the device for a minimal amount of time.

Part III deals with fault analysis in public key cryptography, with chapters dedicated to classical RSA and RSA-CRT implementations, elliptic curve cryptosystems and countermeasures using fault detection, devices resilient to fault injection attacks, lattice-based fault attacks on signatures, and fault attacks on pairing-based cryptography.

This book establishes, for the first time, the potential application of NCO implementations to cryptographic primitives such as one-way functions, pseudorandom generators, encryption schemes and digital signatures. The author explores numerous key issues.

Oded was instrumental in laying down the foundations of cryptography, and he inspired the contributing authors, Benny Applebaum, Boaz Barak, Andrej Bogdanov, Iftach Haitner, Shai Halevi, Yehuda Lindell, Alon Rosen, and Salil Vadhan, themselves leading researchers on the theory of cryptography and computational complexity.

Signcryption schemes combine the features of digital signature schemes with those of public-key encryption schemes and aim to provide security guarantees in a way that is provably correct and significantly less computationally expensive than the "encrypt-then-sign" method most commonly adopted in public-key cryptography.

Block ciphers encrypt blocks of plaintext, messages, into blocks of ciphertext under the action of a secret key, and the process of encryption is reversed by decryption which uses the same user-supplied key.

Hardware-intrinsic security is a young field dealing with secure secret key storage. By generating the secret keys from the intrinsic properties of the silicon, e.g., from intrinsic Physical Unclonable Functions (PUFs), no permanent secret key storage is required anymore, and the key is only present in the device for a minimal amount of time.

Protocols that remain zero-knowledge when many instances are executed concurrently are called concurrent zero-knowledge, and this book is devoted to their study.

The first book to offer a comprehensive view of the LLL algorithm, this text surveys computational aspects of Euclidean lattices and their main applications. It includes many detailed motivations, explanations and examples.

The first book to offer a comprehensive view of the LLL algorithm, this text surveys computational aspects of Euclidean lattices and their main applications. It includes many detailed motivations, explanations and examples.

Part III deals with fault analysis in public key cryptography, with chapters dedicated to classical RSA and RSA-CRT implementations, elliptic curve cryptosystems and countermeasures using fault detection, devices resilient to fault injection attacks, lattice-based fault attacks on signatures, and fault attacks on pairing-based cryptography.

It describes how BLAKE was designed and why BLAKE2 was developed, and it offers guidelines on implementing and using BLAKE, with a focus on software implementation.In the first two chapters, the authors offer a short introduction to cryptographic hashing, the SHA3 competition and BLAKE.

This book presents a comprehensive mathematical theory that explains precisely what information flow is, how it can be assessed quantitatively ¿ so bringing precise meaning to the intuition that certain information leaks are small enough to be tolerated ¿ and how systems can be constructed that achieve rigorous, quantitative information-flow guarantees in those terms. It addresses the fundamental challenge that functional and practical requirements frequently conflict with the goal of preserving confidentiality, making perfect security unattainable.Topics include: a systematic presentation of how unwanted information flow, i.e., "leaks", can be quantified in operationally significant ways and then bounded, both with respect to estimated benefit for an attacking adversary and by comparisons between alternative implementations; a detailed study of capacity, refinement, and Dalenius leakage, supporting robust leakage assessments; a unification of information-theoretic channels and information-leaking sequential programs within the same framework; and a collection of case studies, showing how the theory can be applied to interesting realistic scenarios.The text is unified, self-contained and comprehensive, accessible to students and researchers with some knowledge of discrete probability and undergraduate mathematics, and contains exercises to facilitate its use as a course textbook.

This is the first book dedicated to modern steganography and steganalysis. The author offers a proposal to structure approaches to provably secure steganography according to their implied assumptions on the limits of the adversary and on the nature of covers.

He takes a modern approach, where defining what is meant by "secure" is as important as creating something that achieves that goal, and security definitions are central to the discussion throughout. The author balances a largely non-rigorous style - many proofs are sketched only - with appropriate formality and depth.

The authors present a comprehensive study of efficient protocols and techniques for secure two-party computation. They study both general constructions that can be used to securely compute any functionality, and protocols for specific problems of interest.

An authoritative and comprehensive guide to the Rijndael algorithm and Advanced Encryption Standard (AES). AES is expected to gradually replace the present Data Encryption Standard (DES) as the most widely applied data encryption technology. This book, written by the designers of the block cipher, presents Rijndael from scratch.