Customer Reviews

Network Security: Private Communication in a Public World

5 star:		(11)
4 star:		(6)
3 star:		(1)
2 star:		(0)
1 star:		(0)

 

 

I worked for 10 years in computer and network security, including many years as a cryptanalyst and a couple of years at a startup company. I now teach at San Jose State University, where I'm using this book as the primary textbook for a graduate class in computer security. The strengths of the the book are its coverage of basic cryptography (chapters 2 thru 6), "security handshake pitfalls" (chapter 11) and "security folklore" (chapter 26).

Chapter 11 alone is worth the (high) price of the book. It is absolutely the best introduction to the subtle issues that arise with network protocols you are likely to ever find. And Chapters 2 through 6 do a better job of covering cryptography (with particular emphasis on some of the not-so-obvious issues) than many books devoted solely to cryptography. And chapter 26 makes some nice points.

One criticism I have is that---with few exceptions---the rest of the book does not come close to the standard achieved in the chapters mentioned above. The chapter on SSL/TLS is OK and the chapter on Kerberos is passable (if dull), but the remaining chapters are relatively weak. Another criticism is that the title of the book is misleading. Outside of the cryptography chapters, the book is very narrowly focused on networking protocols. In my opinion, there is far more to network security than cryptography and protocols. Take a look at Ross Anderson's book, Security Engineering, to get a nice broad overview of security. Finally, the chapters related to IPsec are really poor. The author(s) seems to be so peeved with the standards committee for doing some stupid things that he/she/they do more carping than describing.

In summary, I highly recommend chapters 2 thru 6, 11 and 26. But you'll need to look elsewhere if you want to learn about more than protocols and cryptography.

Who would have thought that a detailed technical book on network security would be fun to read? I wouldn't have, but this one is highly technical and also lots of fun to read. As the fundamental tenet of cryptography, instead of some abstract mathematical theorem about something or other being NP complete we get "If lots of smart people have failed to solve a problem, then it probably won't be solved (soon)". But don't get me wrong, this is not a content-free book for top management, it is highly technical, with long chapters on secret-key cryptography, hashes and message digests, public-key cryptography, number theory, authentication and much more. Unlike Bruce Schneier's book, Applied Cryptography, which is more like an encylopedia than a book, this one is enjoyable to read while still carefully explaining state-of-the-art cryptographic protocols--not an easy feat to pull off. For anyone with a university degree in engineering, the sciences, or mathematics who wants to learn a lot about network security and be entertained while doing so, this book can't be beat.

I took this book along on a business trip with the expectation that it would work better than chamomile tea before bed -- instead it kept me up well into the night. It turns a, necessarily, tedious subject into compelling reading. A "must-read" and "must-have" reference for any person charged with managing a distributed computing environment.

The second edition of this witty and informative book on network security is even better than the first edition and is clearly the best book on the subject currently available. Secret and public key algorithms and protocols, message hashes, authentication, Kerberos, PKI, IPsec, SSL/TLS, and e-mail security are all explained at length. Chapter 26 on security folklore is a real gem. In security, the devil is in the details. For anyone planning to design a security system that is actually supposed to work, this chapter is must reading. The book is aimed at readers with a university degree in the sciences, engineering, or mathematics. If you want to learn everything there is to know about network security, look no further.

Far and away the best book on network security and basic cryptography. This book is very well written and contains a number of simple examples to explain even the most complex theory. This is so far the only crypto book I've been able to read cover-to-cover more than once without pulling my hair out. Its not as deep on many topics as the Schneier or Stallings books. But if you buy one security/crypto book, buy this one.

This book has one of the most comprehensible explanations of network authentication protocols (including Kerberos V) that I've seen. The authors demonstrate intimate knowledge of the subject material, but they restrain themselves from simply performing a brain dump on the reader. Rather they include historical and personal footnotes that make the story witty and memorable, and give context to the topic at hand. Definitely add this book to your collection.

This book should appeal to both the beginner and the professional in network security. The book starts with very few assumptions about the existing security knowledge of the reader yet still manages to explain, in considerable depth, encryption and security protocols.

Best of all, it's extremely well written, well illustrated and peppered with some good humour. A topic like this could be tedious to read, but this book isn't (although I have to admit, the chapter on Kerberos didn't quite spark me up the way the rest of it did!).

The book has some excellent mathematical background for those who want to understand public key cryptography but aren't that familiar with modular exponentiation and the like. It also has detailed descriptions of a number of algorithms.

In summary, an excellent all-rounder on this extremely important topic.

As electronic commerce, home banking, and similar network applications become commonplace, network security will be absolutely essential to ensuring the privacy of all the users. In this book the authors explain how network security works, starting with the basic ideas and working up to numerous state-of-the-art subjects. For readers who want to know all about the mathematical fundementals of cryptography, there is a chapter on mathematics, but it is not necessary to understand the book. Many protocols and real-world examples are given. The book is very well written and easy to read. I recommend it most highly.

Focused, Concise, Organized, Easy to read - - 5 Stars

I found the second edition an excellent piece of work. The content is focused, consise, and easy to ready. This is the case, even though the complex subject matters could easily have been made more difficult and confusing. This was well organized. Not just a list of facts. The diagrams are very helpful. This book does not include alot of fluff and delivers the content in a personal and pertinent manner.

Great book for learning cryptography, authentication, or about Internet Standards such as PKI and Kerberos. It is heavy on the math and theory aspects, the book actually includes an interesting chapter on Number Theory. The last chapter entitled Folklore is a refreshing way to cap off the book. The one catch is that there is little to no pseudo-code included with the examples, so you code junkies will have to start from scratch. Overall the author's attempt at a light approach to dense material helps ease the fact that it really is dense material. It covers the bases and has some nice extra material.