Security of information and communication networks

Preface

Acknowledgments

About the Author

1. Introduction

1.1. A Historical Perspective of Information and Network Security

1.1.1. Hidden Messages

1.1.2. Encoded Messages

1.2. Modern Cryptography, Watermarking, Steganography, Escrow and Cryptanalysis

1.2.1. Cryptography

1.2.1.1. Symmetric and Asymmetric Keys

1.2.1.2. Hash Functions

1.2.1.3. Security Services

1.2.2. Watermarking

1.2.3. Steganography

1.2.4. Escrow

1.2.5. Cryptanalysis

1.3. Network Security

1.3.1. ISO/OSI Reference Model and Security

1.4. Security Threatening Attacks and Actions

1.4.1. Information Security Attacks

1.4.1.1. Virus

1.4.1.2. Trojan Horses

1.4.1.3. Worms

1.4.1.4. Phishing and Pharming

1.4.1.5. Protecting the Computer from Viruses

1.4.2. VPN Networks

1.4.2.1. Tunneling

1.4.2.2. VPN Security

1.4.2.3. IPsec

1.4.3. Network Security Attacks

1.4.3.1. Network and Service Availability

1.4.3.2. Network Attacks

1.4.3.3. Counter-Attacking Intelligent Networks

References

2. Mathematical Foundations

2.1. Introduction

2.2. Logarithms

2.3. Prime Numbers

2.4. Modulus Arithmetic

2.5. Greatest Common Divisor

2.5.1. The Classical Euclidean Algorithm

2.5.2. The Binary GCD Algorithm

2.6. Groups

2.7. Rings

2.8. Fields

2.9. The Fermat's Theorem

2.10. The Euler's Theorem

2.11. Exclusive-Or

2.12. Random Numbers

References

3. Ciphers and Algorithms

3.1. Symmetric/Asymmetric Ciphers

3.2. Symmetric Ciphers

3.2.1. The Direct Substitution or Random Shift Cipher

3.2.2. Shift Cipher

3.2.3. The Permutation Cipher

3.2.4. Block Ciphers

3.2.5. The Data Encryption Standard (DES)

3.2.6. The Advanced Encryption Standard (AES)

3.2.7. The RC4 Algorithm

3.2.8. The RC5 and RC6 Algorithms

3.2.9. Other Well-Known Algorithms

3.3. Asymmetric Cipher Systems

3.3.1. Factorization Problems

3.3.2. The Race for Unbreakable Codes

3.4. Elliptic Curve Cryptosystems

3.4.1. A Primer on Elliptic Curves and Elliptic Curve Factorization

3.4.1.1. Elliptic Curves Over Real Numbers

3.4.1.2. Elliptic Curves Over Real and Prime Numbers

3.4.1.3. Elliptic Curves Over Binary Numbers

3.4.1.4. Cyclic Groups

3.4.2. Applicability of Elliptic Curves to Cryptography

3.4.2.1. ECC Procedures

3.4.2.2. Comparing ECC with DH and with RSA

3.5. The RSA Algorithm

3.6. Key Management

References

4. Cryptographic Key Distribution Systems

4.1. Key Distribution

4.1.1. Symmetric Key Distribution

4.1.1.1. Key Revocation

4.1.1.2. New Key Distribution

4.1.2. Asymmetric Key Distribution

4.1.3. Commuting Key Distribution

4.1.4. Shared Key Distribution

4.2. Merkle's Puzzle Method

4.3. Shamir's Key Distribution Method

4.4. Diffie-Hellman Key Exchange Distribution

4.5. Digital Signature Systems

4.6. The Trusted Third Party or Key Escrow Encryption System

References

5. Chaotic Cryptographic Systems

5.1. Fundamentals of Chaotic Processes

5.1.1. The Chaotic Regime

5.1.2. Chaos Annulling Traps

5.2. Application of Chaotic Systems to Communications

5.3. Application of Chaotic Systems to Cryptography

5.3.1. The Baptista Method

5.3.2. The Lorenz Method

5.3.3. Synchronization of Chaotic Processes

5.3.4. The Karalopoulos Method

References

6. Communication Security Layer Classifications

6.1. A Synergistic Security Framework

6.1.1. Information/Application Security Layer

6.1.2. MAC/Control Security Layer

6.1.3. Network Security Layer

6.1.4. Physical Layer Security

6.2. Firewalls and Gateways

6.3. Security Cross-Portfolio

6.4. Attacks and Security in the Internet

6.5. TACACS, SNMP and UDP

References

7. Network Security: Wireless Systems

7.1. Wireless Networks

7.2. WLAN

7.2.1. IEEE 802.11 WLAN

7.2.2. IEEE 802.11 WLAN Architecture

7.2.3. IEEE 802.11 Channel Allocation

7.2.4. IEEE 802.11 Advantages and Disadvantages

7.2.5. WLAN Security

7.3. Wi-Fi, WPA and WPA2

7.4. EAP, EAPOL and RADIUS

7.4.1. The IEEE 802.11i Robust Security Network

7.4.2. IEEE 802.11i Vulnerabilities

7.5. Wireless Mobile Access Networks

7.5.1. GSM

7.5.1.1. GSM Network Architecture

7.5.1.2. GSM Security

7.5.1.3. GSM Full Duplex Secure Data Transmission

7.6. B3G/4G

7.6.1. B3G/4G Security Concerns

7.7. WiMax

7.7.1. WiMax Security

7.8. IP Multimedia Subsystems

7.8.1. IMS Security

7.9. Bluetooth

7.9.1. Bluetooth Security

7.10. Wireless Personal Area Networks

7.10.1. Wireless Personal Area Networks Security

7.11. Communications Satellite Networks

7.11.1. Communications Satellite Networks Security

7.12. Wireless Ad-Hoc Networks

7.12.1. Wireless Ad-Hoc Network Security

References

8. Network Security: Wired Systems

8.1. Introduction

8.2. Wired Networks

8.2.1. The Loop Plant and the Trunk Plant

8.2.2. Analog Loops and Digital Loops

8.2.3. Signaling System 7

8.2.4. Getting Connected Across the Network

8.2.5. Network Synchronization

8.2.6. Signal Performance

8.3. Security Issues

8.4. Security Comparison Between PSDN and IP

References

9. Network Security: Optical Systems

9.1. Introduction

9.2. Layers of Network Security

9.3. Security of Optical Access Network

9.3.1. Passive Optical Networks and Fiber-to-the-Premises

9.3.2. Security and Vulnerabilities of PONs

9.3.3. Types of Attacks in Optical Access Networks

9.3.3.1. Interception of the Physical Plant

9.3.3.2. Eavesdropping

9.3.3.3. Source Mimicking and Theft of Service

9.3.3.4. Attacking the Supervisory Channel

9.3.3.5. Security Measures

9.3.4. Detecting Fiber Instruction and Countermeasure Strategies

9.3.5. Backbone Optical Networks

9.4. Cyber-Attack Detection Mechanisms

9.4.1. Channel Performance Vector as Channel Signature

9.4.2. Discriminating Between Faults and Attacks

9.4.3. Method for Estimating the Performance Vector and Channel ID

9.4.4. Architecting the Performance Vector Circuit

9.4.5. Self-Protecting Optical Links

9.4.5.1. Intrusion Detection and Reaction Scenarios

9.4.5.2. Self-Protecting with Countermeasure Intelligence Networks

9.4.5.3. Simultaneous Multiple Channel Protection

9.4.5.4. Simultaneous Multiple Channel Equalization

9.4.5.5. Intrusion Counter-Attacking Networks

9.5. A WDM Method Applicable to Link Security

9.5.1. The Wavelength-Bus

9.5.2. Bandwidth Capacity and Bandwidth Elasticity of the λ-Bus

9.5.3. Security Aspects with the λ-Bus Based on a Multi-Strand DNA Model

9.5.3.1. Multiplex Random Scheduler

9.5.3.2. Temporal Wavelength-Bus Randomizer

9.5.3.3. The Hybrid Method

9.6. Free Space Optical Networks

9.6.1. FSO Technology Overview

9.6.2. FSO Mesh Topology

9.6.3. FSO Protection Strategies and Fault Avoidance

9.6.4. FSO Security

9.7. Security Testing

9.7.1. RNG and PRNG Testing

9.7.2. Cryptographic Algorithm Testing

9.7.3. Cryptanalysis as a Security Testing Tool

References

10. Quantum Networks

10.1. Introduction

10.2. Quantum Mechanics Not-for-Dummies

10.2.1. Electron Interferometry

10.2.2. Photon Interferometry

10.2.3. Convergence of Two Radical Ideas in Quantum Mechanics

10.2.4. Superposition of States, Qubits and Qu-Registers

10.3. Quantum Cryptography

10.3.1. Pre-Quantum Cryptographic Era

10.3.2. Post-Classical Cryptographic Era

10.3.3. Photon Polarization States

10.3.3.1. Orthogonal States

10.3.3.2. Creating Orthogonal States

10.3.4. Photon Polarization States

10.3.4.1. The Poincaré Sphere

10.3.4.2. Rotating States of Polarization

10.3.4.3. Qubit Basis States

10.3.4.4. Rules of Quantum Cryptography Algorithms

10.3.5. The BB84 Protocol

10.3.6. The B92 Protocol

10.3.7. The K05 Protocol

10.3.8. The K08 Protocol

10.3.9. Entangled Photon Pairs and the Eckert Algorithm

10.3.10. Quantum Teleportation

10.3.11. Vulnerabilities of Pragmatic Quantum Cryptography

References

11. Next Generation Optical Network Security

11.1. Introduction

11.2. Standardized Protocols for Cost-Efficient Optical Networks

11.2.1. The Generic Framing Protocol

11.2.1.1. GFP Client Payload Multiplexing

11.2.1.2. GFP Frame Structure

11.2.1.3. GFP Header Error Control and Delineation

11.2.1.4. GFP Frame Structure

11.2.1.5. GFP Modes

11.2.2. The Link Capacity Adjustment Scheme LCAS

11.2.3. Concatenation Efficiency

11.3. Security in the Next Generation SONET/SDH

References

12. Biometrics in Communication Networks

12.1. Introduction

12.2. Biometric Types

12.3. Biometrics and Cryptography

12.4. Local and Remote Authentication

12.5. Biometrics Remote Authentication

References

Acronyms

Index