Cryptography for Developers

By: Tom St Denis

Write A Review

Paperback | 1 November 2006

At a Glance

Paperback
400 Pages

Dimensions(cm)
22.23 x 17.78 x 3.18

Paperback

$176.99

or 4 interest-free payments of $44.25 with

Ships in 15 to 25 business days

The only guide for software developers who must learn and implement cryptography safely and cost effectively.

The book begins with a chapter that introduces the subject of cryptography to the reader. The second chapter discusses how to implement large integer arithmetic as required by RSA and ECC public key algorithms The subsequent chapters discuss the implementation of symmetric ciphers, one-way hashes, message authentication codes, combined authentication and encryption modes, public key cryptography and finally portable coding practices. Each chapter includes in-depth discussion on memory/size/speed performance trade-offs as well as what cryptographic problems are solved with the specific topics at hand.

* The author is the developer of the industry standard cryptographic suite of tools called LibTom
* A regular expert speaker at industry conferences and events on this development
* The book has a companion Web site with over 300-pages of text on implementing multiple precision arithmetic

Shipping

	Standard Shipping	Express Shipping
Metro postcodes:	$9.99	$14.95
Regional postcodes:	$9.99	$14.95
Rural postcodes:	$9.99	$14.95

Orders over $79.00 qualify for free shipping.

How to return your order

At Booktopia, we offer hassle-free returns in accordance with our returns policy. If you wish to return an item, please get in touch with Booktopia Customer Care.

Additional postage charges may be applicable.

Defective items

If there is a problem with any of the items received for your order then the Booktopia Customer Care team is ready to assist you.

For more info please visit our Help Centre.

You Can Find This Book In

Non-Fiction Reference, Information & Interdisciplinary Subjects Interdisciplinary Studies Communication Studies Engineering & Technology Technology in General Computing & I.T.Computer Security Data Encryption Computer Programming & Software Development Software Engineering

Preface	p. xix
Introduction	p. 1
Introduction	p. 2
Threat Models	p. 3
What Is Cryptography?	p. 4
Cryptographic Goals	p. 4
Privacy	p. 4
Integrity	p. 6
Authentication	p. 8
Nonrepudiation	p. 10
Goals in a Nutshell	p. 10
Asset Management	p. 11
Privacy and Authentication	p. 12
Life of Data	p. 12
Common Wisdom	p. 13
Developer Tools	p. 15
Summary	p. 16
Organization	p. 16
Frequently Asked Questions	p. 18
ASN.1 Encoding	p. 21
Overview of ASN.1	p. 22
ASN.1 Syntax	p. 23
ASN.1 Explicit Values	p. 24
ASN.1 Containers	p. 24
ASN.1 Modifiers	p. 26
Optional	p. 26
Default	p. 26
Choice	p. 27
ASN.1 Data Types	p. 28
ASN.1 Header Byte	p. 28
Classification Bits	p. 29
Constructed Bit	p. 29
Primitive Types	p. 30
ASN.1 Length Encodings	p. 31
Short Encodings	p. 31
Long Encodings	p. 31
ASN.1 Boolean Type	p. 32
ASN.1 Integer Type	p. 33
ASN.1 Bit String Type	p. 34
ASN.1 Octet String Type	p. 35
ASN.1 Null Type	p. 35
ASN.1 Object Identifier Type	p. 36
ASN.1 Sequence and Set Types	p. 37
Sequence of	p. 39
Set	p. 39
Set of	p. 40
ASN.1 PrintableString and IA5STRINGTypes	p. 41
ASN.1 UTCTIME Type	p. 41
Implementation	p. 42
ASN.1 Length Routines	p. 42
ASN.1 Primitive Encoders	p. 45
Boolean Encoding	p. 46
Integer Encoding	p. 48
Bit String Encoding	p. 52
Octet String Encodings	p. 55
Null Encoding	p. 57
Object Identifier Encodings	p. 58
Printable and IA5 String Encodings	p. 63
UTCTime Encodings	p. 67
Sequence Encodings	p. 71
ASN.1 Flexi Decoder	p. 78
Putting It All Together	p. 83
Building Lists	p. 83
Nested Lists	p. 85
Decoding Lists	p. 86
FlexiLists	p. 87
Other Providers	p. 89
Frequently Asked Questions	p. 90
Random Number Generation	p. 91
Introduction	p. 92
Concept of Random	p. 92
Measuring Entropy	p. 94
Bit Count	p. 95
Word Count	p. 95
Gap Space Count	p. 95
Autocorrelation Test	p. 95
How Bad Can It Be?	p. 98
RNG Design	p. 98
RNG Events	p. 99
Hardware Interrupts	p. 99
Timer Skew	p. 101
Analogue to Digital Errors	p. 103
RNG Data Gathering	p. 104
LFSR Basics	p. 105
Table-based LFSRs	p. 105
Large LFSR Implementation	p. 107
RNG Processing and Output	p. 107
RNG Estimation	p. 112
Keyboard and Mouse	p. 113
Timer	p. 114
Generic Devices	p. 114
RNG Setup	p. 115
PRNG Algorithms	p. 115
PRNG Design	p. 115
Bit Extractors	p. 116
Seeding and Lifetime	p. 116
PRNG Attacks	p. 117
Input Control	p. 117
Malleability Attacks	p. 118
Backtracking Attacks	p. 118
Yarrow PRNG	p. 118
Design	p. 119
Reseeding	p. 120
Statefulness	p. 121
Pros and Cons	p. 121
Fortuna PRNG	p. 122
Design	p. 122
Reseeding	p. 126
Statefulness	p. 126
Pros and Cons	p. 126
NIST Hash Based DRBG	p. 127
Design	p. 127
Reseeding	p. 131
Statefulness	p. 131
Pros and Cons	p. 131
Putting It All Together	p. 131
RNG versus PRNG	p. 131
Fuse Bits	p. 132
Use of PRNGs	p. 132
Example Platforms	p. 133
Desktop and Server	p. 133
Consoles	p. 134
Network Appliances	p. 135
Frequently Asked Questions	p. 136
Advanced Encryption Standard	p. 139
Introduction	p. 140
Block Ciphers	p. 140
AES Design	p. 142
Finite Field Math	p. 144
AddRoundKey	p. 146
SubBytes	p. 146
Hardware Friendly SubBytes	p. 149
ShiftRows	p. 150
MixColumns	p. 151
Last Round	p. 155
Inverse Cipher	p. 155
Key Schedule	p. 155
Implementation	p. 156
An Eight-Bit Implementation	p. 157
Optimized Eight-Bit Implementation	p. 162
Key Schedule Changes	p. 165
Optimized 32-Bit Implementation	p. 165
Precomputed Tables	p. 165
Decryption Tables	p. 167
Macros	p. 168
Key Schedule	p. 169
Performance	p. 174
x86 Performance	p. 174
ARM Performance	p. 176
Performance of the Small Variant	p. 178
Inverse Key Schedule	p. 180
Practical Attacks	p. 181
Side Channels	p. 182
Processor Caches	p. 182
Associative Caches	p. 182
Cache Organization	p. 183
Bernstein Attack	p. 183
Osvik Attack	p. 184
Defeating Side Channels	p. 185
Little Help From the Kernel	p. 185
Chaining Modes	p. 186
Cipher Block Chaining	p. 187
What's in an IV?	p. 187
Message Lengths	p. 188
Decryption	p. 188
Performance Downsides	p. 189
Implementation	p. 189
Counter Mode	p. 190
Message Lengths	p. 191
Decryption	p. 191
Performance	p. 191
Security	p. 191
Implementation	p. 192
Choosing a Chaining Mode	p. 192
Putting It All Together	p. 193
Keying Your Cipher	p. 193
Rekeying Your Cipher	p. 194
Bi-Directional Channels	p. 195
Lossy Channels	p. 195
Myths	p. 196
Providers	p. 197
Frequently Asked Questions	p. 200
Hash Functions	p. 203
Introduction	p. 204
Hash Digests Lengths	p. 205
Designs of SHS and Implementation	p. 207
MD Strengthening	p. 208
SHA-1 Design	p. 209
SHA-1 State	p. 209
SHA-1 Expansion	p. 209
SHA-1 Compression	p. 210
SHA-1 Implementation	p. 211
SHA-256 Design	p. 217
SHA-256 State	p. 219
SHA-256 Expansion	p. 219
SHA-256 Compression	p. 219
SHA-256 Implementation	p. 220
SHA-512 Design	p. 225
SHA-512 State	p. 226
SHA-512 Expansion	p. 226
SHA-512 Compression	p. 226
SHA-512 Implementation	p. 226
SHA-224 Design	p. 232
SHA-384 Design	p. 233
Zero-Copying Hashing	p. 234
PKCS #5 Key Derivation	p. 236
Putting It All Together	p. 238
What Hashes Are For	p. 238
One-Wayness	p. 238
Passwords	p. 238
Random Number Generators	p. 238
Collision Resistance	p. 239
File Manifests	p. 239
Intrusion Detection	p. 239
What Hashes Are Not For	p. 240
Unsalted Passwords	p. 240
Hashes Make Bad Ciphers	p. 240
Hashes Are Not MACs	p. 240
Hashes Don't Double	p. 241
Hashes Don't Mingle	p. 241
Working with Passwords	p. 242
Offline Passwords	p. 242
Salts	p. 242
Salt Sizes	p. 242
Rehash	p. 243
Online Passwords	p. 243
Two-Factor Authentication	p. 243
Performance Considerations	p. 244
Inline Expansion	p. 244
Compression Unrolling	p. 244
Zero-Copy Hashing	p. 245
PKCS #5 Example	p. 245
Frequently Asked Questions	p. 248
Message-Authentication Code Algorithms	p. 251
Introduction	p. 252
Purpose of A MAC Function	p. 252
Security Guidelines	p. 253
MAC Key Lifespan	p. 254
Standards	p. 254
Cipher Message Authentication Code	p. 255
Security of CMAC	p. 257
CMAC Design	p. 258
CMAC Initialization	p. 259
CMAC Processing	p. 259
CMAC Implementation	p. 260
CMAC Performance	p. 267
Hash Message Authentication Code	p. 267
HMAC Design	p. 268
HMAC Implementation	p. 270
Putting It All Together	p. 275
What MAC Functions Are For?	p. 276
Consequences	p. 276
What MAC Functions Are Not For?	p. 278
CMAC versus HMAC	p. 279
Replay Protection	p. 279
Timestamps	p. 280
Counters	p. 280
Encrypt then MAC?	p. 281
Encrypt then MAC	p. 281
MAC then Encrypt	p. 281
Encryption and Authentication	p. 282
Frequently Asked Questions	p. 293
Encrypt and Authenticate Modes	p. 297
Introduction	p. 298
Encrypt and Authenticate Modes	p. 298
Security Goals	p. 298
Standards	p. 299
Design and Implementation	p. 299
Additional Authentication Data	p. 299
Design of GCM	p. 300
GCM GF(2) Mathematics	p. 300
Universal Hashing	p. 302
GCM Definitions	p. 302
Implementation of GCM	p. 304
Interface	p. 304
GCM Generic Multiplication	p. 306
GCM Optimized Multiplication	p. 311
GCM Initialization	p. 312
GCM IV Processing	p. 314
GCM AAD Processing	p. 316
GCM Plaintext Processing	p. 319
Terminating the GCM State	p. 323
GCM Optimizations	p. 324
Use of SIMD Instructions	p. 325
Design of CCM	p. 326
CCM B[subscript 0] Generation	p. 327
CCM MAC Tag Generation	p. 327
CCM Encryption	p. 328
CCM Implementation	p. 328
Putting It All Together	p. 338
What Are These Modes For?	p. 339
Choosing a Nonce	p. 340
GCM Nonces	p. 340
CCM Nonces	p. 340
Additional Authentication Data	p. 340
MAC Tag Data	p. 341
Example Construction	p. 341
Frequently Asked Questions	p. 346
Large Integer Arithmetic	p. 349
Introduction	p. 350
What Are BigNums?	p. 350
Further Resources	p. 351
Key Algorithms	p. 351
The Algorithms	p. 351
Represent!	p. 351
Multiplication	p. 352
Multiplication Macros	p. 355
Code Unrolling	p. 359
Squaring	p. 362
Squaring Macros	p. 367
Montgomery Reduction	p. 369
Montgomery Reduction Unrolling	p. 371
Montgomery Macros	p. 371
Putting It All Together	p. 374
Core Algorithms	p. 374
Size versus Speed	p. 375
Performance BigNum Libraries	p. 376
GNU Multiple Precision Library	p. 376
LibTomMath Library	p. 376
TomsFastMath Library	p. 377
Frequently Asked Questions	p. 378
Public Key Algorithms	p. 379
Introduction	p. 380
Goals of Public Key Cryptography	p. 380
Privacy	p. 381
Nonrepudiation and Authenticity	p. 381
RSA Public Key Cryptography	p. 382
RSA in a Nutshell	p. 383
Key Generation	p. 383
RSA Transform	p. 384
PKCS #1	p. 384
PKCS #1 Data Conversion	p. 384
PKCS #1 Cryptographic Primitives	p. 384
PKCS #1 Encryption Scheme	p. 385
PKCS #1 Signature Scheme	p. 386
PKCS #1 Key Format	p. 388
RSA Security	p. 389
RSA References	p. 390
Elliptic Curve Cryptography	p. 391
What Are Elliptic Curves?	p. 392
Elliptic Curve Algebra	p. 392
Point Addition	p. 392
Point Doubling	p. 393
Point Multiplication	p. 393
Elliptic Curve Cryptosystems	p. 394
Elliptic Curve Parameters	p. 394
Key Generation	p. 395
ANSI X9.63 Key Storage	p. 395
Elliptic Curve Encryption	p. 397
Elliptic Curve Signatures	p. 398
Elliptic Curve Performance	p. 400
Jacobian Projective Points	p. 400
Point Multiplication Algorithms	p. 401
Putting It All Together	p. 402
ECC versus RSA	p. 402
Speed	p. 402
Size	p. 404
Security	p. 404
Standards	p. 404
References	p. 405
Text References	p. 405
Source Code References	p. 405
Frequently Asked Questions	p. 406
Index	p. 409
Table of Contents provided by Ingram. All Rights Reserved.

Cryptography for Developers

At a Glance

Paperback

Shipping

How to return your order

Defective items

You Can Find This Book In

More in Data Encryption

The New Age of Sexism

How the AI Revolution is Reinventing Misogyny

Computer Security

Art and Science

Foundations of Information Security

Cybersecurity All-in-One For Dummies

For Dummies

Rinsed

From Cartels to Crypto: How the Tech Industry Washes Money for the World's Deadliest Crooks

Supremacy

AI, ChatGPT and the Race that Will Change the World

Quantum Leaps

How Maths is Shaping the Future

Black Hat Python, 2nd Edition

Python Programming for Hackers and Pentesters

Crafting an Information Security Playbook

Principles of Information Security

7th edition

Security Risk Management Body of Knowledge

Wiley Series in Systems Engineering and Management

Cryptography and Network Security

8th Edition - Principles and Practice, Global Edition

CompTIA Security+

8th Edition - Guide to Network Security Fundamentals

The Web Application Hacker's Handbook

Finding and Exploiting Security Flaws 2E

Cloud Native Application Protection Platforms

A Guide to CNAPPs and the Foundations of Comprehensive Cloud Security

Container Security

Fundamental Technology Concepts That Protect Containerized Applications

Hackers & Painters

Beyond The Invisible Nexus

Dark Web, Dark AI and Offensive Security

Beyond The Invisible Nexus

Dark Web, Dark AI and Offensive Security

Modern Benford's Law

State of the Art Techniques for Audit and Compliance Professionals

Modern Benford's Law

State of the Art Techniques for Audit and Compliance Professionals

Comprehensive Primer on Privacy Management

Five-Book Bundle

Mitigating the Risks of AI Deepfakes

Systematic Security: Building Quantum Security

Preparing for Q-Day and Beyond

This product is categorised by