Product Description

In this age of viruses and hackers, of electronic eavesdropping and electronic fraud, security is paramount. This solid, up-to-date tutorial is a comprehensive treatment of cryptography and network security is ideal for self-study. Explores the basic issues to be addressed by a network security capability through a tutorial and survey of cryptography and network security technology. Examines the practice of network security via practical applications that have been implemented and are in use today. Provides a simplified AES (Advanced Encryption Standard) that enables readers to grasp the essentials of AES more easily. Features block cipher modes of operation, including the CMAC mode for authentication and the CCM mode for authenticated encryption. Includes an expanded, updated treatment of intruders and malicious software. A useful reference for system engineers, programmers, system managers, network managers, product marketing personnel, and system support specialists.

Product Details

• Amazon Sales Rank: #251696 in Books
• Published on: 2005-11-26
• Original language: English
• Number of items: 1
• Binding: Hardcover
• 592 pages

About the Author

William Stallings has made a unique contribution to understanding the broad sweep of technical developments in computer networking and computer architecture. He has authored 18 titles, and counting revised editions, a total of 35 books on various aspects of these subjects. In over 20 years in the field, he has been a technical contributor, technical manager, and an executive with several high-technology firms. Currently he is an independent consultant whose clients have included computer and networking manufacturers and customers, software development firms, and leading-edge government research institutions.

He has received the prize for best Computer Science and Engineering textbook of the year from the Textbook and Academic Authors Association six times.

Bill has designed and implemented both TCP/IP-based and OSI-based protocol suites on a variety of computers and operating systems, ranging from microcomputers to mainframes. As a consultant, he has advised government agencies, computer and software vendors, and major users on the design, selection, and use of networking software and products.

Dr. Stallings holds a Ph.D. from M.I.T. in Computer Science and a B.S. from Notre Dame in Electrical Engineering.

Customer Reviews

up to date on using cryptography
Stallings presents an updated education on cryptography. With a secondary emphasis on network security. In the cryptographic sections, there is a strong mathematical flavour. The narrative is not a high level, management-type discussion. It favours the professional mathematician and programmer, and ideally the intersection of these two skill sets.

Unlike some other books on cryptography, here considerable space is also given to hash functions. These can sometimes be used as an alternative to a full encrypt/decrypt approach. If you are designing a system, you should ponder carefully whether a hashing approach might suffice. Usually if you only need to authenticate a message or item. Since, as the book relates, for all the complexity of the various hash algorithms, hashing is far simpler and faster than public key encryption. And there is no problem with key revocation. Another great simplification.

The book covers the latest work on hashing. It appears that the 160 bit hash methods, like SHA-1, can now have collisions induced, as found by researchers at Tsinghua University. (Though the text doesn't appear to credit them.) Suggesting a migration to longer bit methods or to a more intricate method.

One surprising feature of this 4th edition is that PKI is mentioned here, unlike earlier editions. PKI has been around long enough and is important enough that I would've thought the 3rd edition of the book would have covered it.

The last sections of the book, on network and system security, are less mathematical. But to offset this, as it were, they require somewhat of a background in understanding the Internet Protocol and in the systems administration of a subnet of computers. Maybe the simplest advice to understand and implement is for a sysadmin to install and regularly run a password checker against the users' passwords.

Not outstanding
OK, this book has received prizes and stellar reviews here and elsewhere but personally I didn't like it very much. First, the text and the exercises lack mathematical depth. There are entire chapters, such as the one on AES, which add hardly anything to the official standard, and the book explanation is often harder to understand, and especially more ambiguous than the official standard of the protocols it is supposed to explain.
On the other hand, it is a relatively "polished" book, without too many errors or typos. Most of the time, it gives gives enough information to implement the algorithms it talks about. But it certainly doesn't give you enough to become a cryptographer, or to evaluate the security of a new algorithm, or things like that.

Easy Read
An easy to read book on cryptography and security. Stallings illustrates concepts well, with lots of examples. If you're after mathematical depth, this book is not for you. This book is more about high level ideas and concepts.