The problems of network security are many and varied. It is to Stallings’s credit that he has attempted to cover such a broad and deep subject in one book. The result is wonderfully informative: it covers the nooks and crannies of modern cryptography; message and user authentication; digital signatures; compression; and the application of these in modern networking.
The book consists of an introduction and four major parts: “Conventional Encryption” (by which Stallings means modern techniques such as the Digital Encryption Standard and block ciphers in general), “Public-Key Encryption and Hash Functions,” “Network Security Practice,” and “System Security.”
Part 1, “Conventional Encryption,” covers classical techniques, modern techniques (block ciphers), algorithms, and confidentiality using conventional encryption.
Part 2, “Public-Key Encryption and Hash Functions,” includes “Public-Key Cryptography,” “Introduction to Number Theory,” “Message Authentication and Hash Functions,” “Hash and Mac Algorithms,” and “Digital Signatures and Authentication Protocols.”
Part 3, “Network Security Practice,” discusses “Authentication Applications,” “Electronic Mail Security,” “IP Security,” and “Web Security.”
Part 4, “System Security,” consists of two chapters, “Intruders, Viruses, and Worms” and “Firewalls.”
Each chapter concludes with a set of problems, and most chapters list recommended readings that amplify or explore aspects of the chapter’s subject that are not covered in great detail in the book.
For each of the cryptographic topics treated, such as key exchange, digital signatures, and authentication, the author gives a comprehensive list of the function’s objectives and what classes of attacks can be mounted against the function and need to be defeated. Then, in the detailed discussions of various protocols and functions, he explains how each protocol or function meets the requirements or defeats one or more of the attacks, and what residual (or newly discovered) vulnerabilities exist. This material is often the departure point for an improved algorithm or protocol, either one that fixes a vulnerability or a new creation that addresses the requirements and repairs known deficiencies in an earlier algorithm or protocol. This is an informative way to present the plethora of protocols and algorithms.
To casual readers, parts of the book will be confusing because so many of the algorithms are similar. However, as Stallings shows over and over, what appear to be minutiae are in fact key elements in defeating sometimes-simple attacks that can render an algorithm or protocol useless. Furthermore, the book discusses the strengths and weaknesses of specific algorithms and protocols with respect to a set of postulated requirements. Everything is spelled out and is easy to understand with a little effort. For some of the less obvious algorithms, such as the Digital Signature Standard, easily followed proofs are provided.
A thorough discussion of Kerberos 4 and 5 is presented. Stallings describes the development of elements of these protocols in terms of the (residual) vulnerabilities of earlier versions of Kerberos. The presentation begins with a simple authentication dialogue between a user and an authentication server. The dialogue is analyzed and augmented to overcome the need for users to enter a password many times and to eliminate plain-text transmission of the password. This interim design is examined in turn, the problems of ticket lifetime and server authentication to the user are introduced, and the design is modified to deal with them. This is essentially Kerberos 4. The pedagogical method mirrors development methods: make something work, discover additional requirements, modify the original design, discover new requirements, and so on. A short discussion of the requirements for multiple realms and of the technical deficiencies of Kerberos 4 acts as a bridge to the section on Kerberos 5.
I particularly appreciated the chapter on elementary number theory as used in modern cryptography. While I have gone over similar material in the past, I found this chapter easy to understand. This material does not, of course, substitute for a course in number theory, but it is enough to give casual readers a grasp of what is involved. The recommended reading section points interested readers to texts that will allow them to expand on the knowledge gleaned from this overview.
I found the book quite interesting. It covers topics that I had heard of or seen referred to, but about which I knew little. The amount of detail included on most subjects is such that one understands not only what the algorithm or protocol is, but what it is supposed to be. I wholeheartedly recommend this book to information security practitioners as a way of becoming informed about an increasingly important part of our business.
