Cryptography and Network Security: Principles and Practice (2nd Edition) [Hardcover]

William Stallings (Author)

Book Description

Publication Date: July 15, 1998

Appropriate for undergraduate and graduate level courses in Cryptography and Computer security. Best-selling author and two-time winner of the TEXTY award for the best Computer Science and Engineering text, William Stallings provides a practical survey of both the principles and practice of cryptography and network security. This text, which won the 1999 TAA Award for the best computer science and engineering textbook of the year, has been completely updated to reflect the latest developments in the field. It has also been extensively reorganized to provide the optimal sequence for classroom instruction and self-study.

Editorial Reviews

From the Back Cover

As we enter the age of universal electronic connectivity in which viruses, hackers, electronic eavesdropping, and electronic fraud can threaten the prosperity and productivity of corporations and individuals, security is increasingly important. Fortunately, the disciplines of cryptography and network security have matured, leading to the development of practical, available applications to enforce network security.

Best-selling author and two-time winner of the TEXTY award for the best computer science and engineering text, William Stallings provides a practical survey of both the principles and practice of cryptography and network security.

Extensively reorganized to provide the optimal sequence for classroom instruction and self-study, the second edition includes these key features.

* Looks at system-level security issues, including the threat of and countermeasures for intruders and viruses, and the use of firewalls and trusted systems.
* NEW - Discussion of block cipher design principles, plus coverage of Blowfish, CAST-128, Triple DES, and other algorithms
* NEW - Chapters on IP security and Web security
* Expanded coverage of public-key encryption algorithms and design principles, including RSA and elliptic curve cryptography
* Covers important network security tools and applications, including Kerberos, X.509v3, PGP, S/MIME, IP security, SSL/TLS, and SET
* On-line transparency masters, an Internet mailing list, and links to relevant web sites are available to shore/~ws/Security2e.html

About the Author

WILLIAM STALLINGS has made a unique contribution to understanding the broad sweep of technical developments in computer networking and computer architecture. He has authored 17 titles, and counting revised editions, a total of 37 books on various aspects of these subjects. He is an independent consultant whose clients have included computer and networking manufacturers and customers, software development firms, and leading-edge government research institutions. Dr. Stallings holds a Ph.D. from M.I.T. in Computer Science and a B.S. from Notre Dame in electrical engineering. All of his Prentice Hall titles can be found at the Prentice Hall web site http://www.prenhall.com.

See all Editorial Reviews

Product Details

• Hardcover: 569 pages
• Publisher: Prentice Hall; 2nd edition (July 15, 1998)
• Language: English
• ISBN-10: 0138690170
• ISBN-13: 978-0138690175
• Product Dimensions: 9.1 x 7 x 1.1 inches
• Shipping Weight: 2.2 pounds
• Average Customer Review: 4.3 out of 5 stars  See all reviews (14 customer reviews)
• Amazon Best Sellers Rank: #947,623 in Books (See Top 100 in Books)
  • #26 in Books > Computers & Technology > Programming > Software Design, Testing & Engineering > Coding Theory

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

49 of 51 people found the following review helpful:

5.0 out of 5 stars Solid coverage for professionals, students and instructors, November 27, 1998

By A Customer

This review is from: Cryptography and Network Security: Principles and Practice (2nd Edition) (Hardcover)

This book is intended to serve both as a textbook for an academic course of study, and as a self-study and reference guide for practicing professionals. The material has been extended to emphasize encryption and its central position in network protection. The structure and flow have been reorganized with both classroom use and solo instruction in mind, and additional teaching material, such as additional problems, have been added.

Chapter one is an introduction to the topics to be covered. In a practical way it outlines the concerns involved in the phrase computer security, and the priorities occasioned by the networked nature of modern computing. There is also an outline of the chapters and sequence in the rest of the book. While the text does note that cryptographic techniques underlie most of current security technologies this is only done briefly. Examples in the major categories listed would help explain this primary position.

Part one deals with conventional, symmetric, encryption and the various methods of attacking it. Chapter two covers the historical substitution and transposition ciphers. Symmetric block ciphers are discussed in chapter three, illustrated by an explanation of DES (Data Encryption Standard). The additional conventional algorithms of triple DES, IDEA (International Data Encryption Algorithm), and RC5 are reviewed in chapter four. The use of conventional encryption for confidentiality is outlined in chapter five.

Part three looks at public-key encryption and hash functions. Chapter six introduces public-key encryption and its uses in confidentiality, authentication, and key management and exchange. Number theory is the basis of these modern algorithms, so some basic mathematical concepts are outlined in chapter seven. Digital signatures and message authentication is introduced in some detail in chapter eight. The algorithms themselves are explained in chapter nine, including MD5 (Message Digest algorithm), SHA (Secure Hash Algorithm), and others. Protocols using digital signatures are described in chapter ten.

Part three takes this background material and relates its use in security practice. Chapter eleven looks at authentication, concentrating on Kerberos and X.509. The examples of e-mail security systems given in chapter twelve are PGP (Pretty Good Privacy) and S/MIME (Secure/Multipurpose Internet Mail Extension). Security provisions for the Internet Protocol (IP) itself are reviewed in chapter thirteen. Web security, in chapter fourteen, again concentrates on protocol level matters, but also discusses the SET (Secure Electronic Transaction) standard at the application level.

Part four outlines general system security. To the general public the primary concern of security is to deal with intruders and malicious software, so it may seem odd to the uninitiated to find that both of these subjects are lumped together in chapter fifteen. Chapter sixteen finishes off the book with a description of firewalls and the concept of trusted systems that they rely on.

Each chapter ends with a set of recommended readings and problems. Many chapters also have appendices giving additional details of specific topics related to the subject just discussed.

6 of 6 people found the following review helpful:

5.0 out of 5 stars Meat and Potatoes, December 21, 2003

By 

Stephen Mathews "busysteve" (Sunrise, FL United States) - See all my reviews
(REAL NAME)   

This review is from: Cryptography and Network Security: Principles and Practice (3rd Edition) (Hardcover)

This review is for the 3rd edition -
I'm not a cryptographer by any means. I've owned Applied Cryptography(AC) for 4 years. It's been quite helpful but leans farther into theory (not covered in it) than I was willing or able to research at the time. I often found myself needing to refer to other resources over the years. I purchased this book after thumbing through it a few times at the bookstore. I'm not one to run out and spend $80 on a book in haste. After a couple of collective hours in it at the store I bought it with the intention of returning it in the 30 allotted days for a full refund. That date comes tomorrow and I have no intention on returning it.

I would describe it as a self-contained reference. It covers cryptography principles and practices as the title implies. When discussing the algorithms it covers them with roughly the same notation and detail as AC. However, I found the explained examples to be clearer. When I found myself getting lost I took the text's advice and referred to the chapters on mathematics and number theory. Not only did it clear the fog it also bit me with the math bug. Leading me to buy another great book, Prime Obsession (nothing to do with crypto). I should mention that this book is void of code. I didn't find this to be a problem because if I'm not using a crypto lib I usually have to implement the crypto code from scratch. With the knowledge presented in this book I can do it better. FYI: The OpenSSL lib offers a bunch of implemented algorithims.

16 of 20 people found the following review helpful:

5.0 out of 5 stars The all in one overview, May 9, 2000

By 

John Lebourgeois "jleb" (tucson, az) - See all my reviews
(REAL NAME)   

This review is from: Cryptography and Network Security: Principles and Practice (2nd Edition) (Hardcover)

As CTO of an internet security company I am often required to locate information or explain concepts to people regarding network security and the Public Key Infrastructure. Having a ready reference with excellent drawings has made the communication of key concepts easy. For details of implementations, I send the engineers to Applied Cryptography, but for the overview of the Net protocols, I bought everyone in the company this book.