TweetFollow Us on Twitter

Oct 99 Bookshelf

Volume Number: 15 (1999)
Issue Number: 10
Column Tag: Programmer's Bookshelf

Review: Cryptography and Network Security

by Paul E. Sevinc, Switzerland

Principles and Practice, 2nd edition

Cryptology is a topic more and more people in the IT business have to be familiar with. If you already know the basics and only need a reference manual so to speak, choosing the right book is easy: [Menezes et al. 1997]. But if you're looking for an introductory text book, you have an ordeal of choice. One book you'll often see recommended is [Schneier 1996]. In this article we're going to take a closer look at another one, namely the 2nd edition of Cryptography and Network Security: Principles and Practice [Stallings 1999].

The Big Picture

Cryptography and Network Security (CaNS for short) has been published by Prentice Hall and was written by William Stallings, an author with quite an impressive publication list (see <>). Besides, famous cryptographers like Xuejia Lai, Ron Rivest, Phil Zimmermann and many others reviewed Stallings' treatment of their special fields. In my opinion, this makes the book very trustworthy.

Between the introduction and the appendix (for teachers), CaNS is organized in four parts: Conventional Encryption, Public-Key Encryption and Hash Functions, Network Security Practice, and System Security. The introduction discusses network security models and computer security threats, thereby motivating the remainder of the text.

From the very beginning, it is obvious that CaNS is not intended to be a popular-science book but rather for (prospective) scientists and engineers.

Conventional Encryption

The first part, chapters 2 to 5, deals with symmetric cryptography, i.e. schemes in which the same key is used for both encryption and decryption. Actually, the main focus is on so-called block ciphers while stream ciphers are hardly an issue. (There are two ways how to use block ciphers as stream ciphers, though, and Stallings explains both when he treats the four block-cipher modes of operation.) The math used in this part ñmodular arithmetic, linear equations, matricesñ should be basic to most programmers.

Chapters 2 & 3 treat the building blocks of both classical and modern symmetric algorithms and show how these are used within DES, the Data Encryption Standard. With the exception of the one-time pad, the classical algorithms are nowadays insecure, but still interesting for more than just historical reasons. Chapter 3 ends with general design principles of and attacks on block ciphers. I find this to be useful to practitioners who have to decide on and implement an algorithm, not to hackers :-)

Unless interested in details of different algorithms currently in use, the reader can safely skip most of chapter 4. Nevertheless, the first section is important because it contains information about the Men-in-the-Middle attack, and the last section is a good summary of the rest of the chapter.

Most of us don't really need to know how exactly encryption works. But if we use it, we better use it right. In chapter 5, Stallings explains where and how symmetric schemes can be used in an internetwork, including the non-trivial task of key distribution. One problem in this context is generating good pseudo-random numbers. Different approaches are mentioned, but only very briefly.

Public-Key Encryption and Hash Functions

The second part, chapters 6 to 10, deals with functions that map variable-length data into a fixed-length value and with asymmetric cryptography, i.e. schemes in which different keys are used for encryption and decryption. This part is more mathematical than the last as public-key cryptosystems are heavily based on number theory, the subject of chapter 7. (Stallings only introduces what is necessary for understanding CaNS. If you're not familiar with number theory, I suggest you read this chapter before the 6th.)

Starting with the principles of public-key cryptography, chapter 6 presents RSA, the Rivest-Shamir-Adleman algorithm, the Diffie-Hellman key-exchange protocol, and key-management issues in general. At the end of this chapter, there's a short section about elliptic-curve cryptography, a hot topic of growing importance, which I highly appreciated.

Similar to chapters 3 & 4, chapter 8 first treats requirements and design principles of, as well as attacks on cryptographic hash functions and message authentication codes (key-dependent hash functions so to speak), and then chapter 9 describes four concrete algorithms in detail: MD5, SHA-1, RIPEMD-160 (that's what I call an acronym!), and HMAC.

Chapter 10 concludes the second part with a discussion of authentication protocols and digital signatures. The former include such based on symmetric cryptography, the latter DSS, the Digital Signature Standard.

Network Security Practice

The chapters in the third part (11-14) can be consulted in any order the reader likes. The prerequisites have been covered in the first two parts. This part is a nice add-on to older, in terms of IT years, computer-network books that don't cover network security (in enough detail). It includes sections on Kerberos, X.509, PGP, S/MIME, IPSec, SSL/TLS, and SET.

Kerberos and X.509 are for authentication purposes. PGP, Pretty Good Privacy, and S/MIME, Secure/Multipurpose Internet Mail Extensions, provide e-mail security. IPSec comprises the security features that have been defined for IPv6, but that can also be used with IPv4. (Those of you familiar with IP, the Internet Protocol, know that we're currently making the [slow] transition from IPv4 to IPv6.) SSL is Netscape's Secure Socket Layer which has become Transport Layer Security, an Internet standard. Finally, SET, Secure Electronic Transaction, is a specification initiated by MasterCard and Visa for credit-card payments over the internet.

By carefully reading several of these case studies, one gets a good idea of the trade-offs (e.g., security vs. complexity) involved in the design of cryptographic protocols. This is supported by Stallings' clear and concise writing and his judicious use of figures and tables.

System Security

The last part, chapters 15 & 16, is very high-level and easy to understand. However, it only provides an overview and can't replace an in-depth (and more technical) treatment of the same topics.

I was blown away by chapter 15. It is about intruders (i.e., hackers and crackers) and malicious programs, especially viruses. The many ñsometimes ingeniousñ ways of attacking a computer system and their countermeasures make for very exciting reading; look forward to a rainy Sunday!

Chapter 16 is a short chapter about the principles and goals underlying firewalls. It ends with a section on so-called trusted systems and how these can be used to defend against trojan horses.


CaNS is a very good introduction to cryptography, enabling you to understand and discuss the security of practical cryptosystems (e.g., the Mac OS keychain). But if you intend to develop or consult on cryptosystems yourself, you need to know more about number and information theory (see the seminal [Shannon 1948]) than is covered by Stallings. The parts about network and system security are good, too, even though they might not be applied enough for some readers (e.g., system administrators).

Every chapter ends with a set of non-trivial problems (the solutions are not part of the book). Some chapters additionally feature an appendix of their own, for example about ZIP's compression algorithm, the Birthday paradox, IPv4 and IPv6, etc. These appendices increase CaNS' usefulness and are thus worth being studied.

Finally, a five-page glossary and a one-page list of acronyms conclude this highly recommendable book.


I would like to thank Neso Atanasoski for his comments on this article and Andrew S. Downs for his editing of my Core Java review (May issue). Sorry for the delay, Andrew!


  • [Menezes et al. 1997] MENEZES, Alfred J., VAN OORSCHOT Paul C., VANSTONE, Scott A. ñ Handbook of Applied Cryptography, CRC Press, 1997.
  • [Schneier 1996] SCHNEIER, Bruce. ñ Applied Cryptography, Wiley, 2nd ed. 1996.
  • [Shannon 1948] SHANNON, Claude E. ñ A Mathematical Theory of Communication, pp. 379-423 (623-656) in: The Bell System Technical Journal, volume 27, July (October) 1948.
  • [Stallings 1999] STALLINGS, William. ñ Cryptography and Network Security: Principles and Practice, Prentice Hall, 2nd ed. 1999.

Paul is an EE student at the Swiss Federal Institute of Technology Zurich (ETHZ) where he might spend another three years if he accepts the Ph.D. position offered to him. But as he feels like living in the US for some time, he's wondering whether he should rather join a R&D department in Silicon Hills or Silicon Valley. While he's thinking about this, visit his homepage at


Community Search:
MacTech Search:

Software Updates via MacUpdate

Facility 47 (Games)
Facility 47 1.0.1 Device: iOS Universal Category: Games Price: $3.99, Version: 1.0.1 (iTunes) Description: You wake up alone and freezing in an icy cell. You try the cell door but it’s locked, it seems that you are stuck with no... | Read more »
The best Photoshop alternative on iPad
Instagram and Lightroom are great and all, but sometimes people need to get extra creative with their image editing.Like, Photoshop creative. If you're one of these people, take a look at our pick for the best mobile Photoshop experience on iPad... | Read more »
The Walking Dead: No Man’s Land guide -...
A new update for The Walking Dead: No Man’s Land was released last week, making it the perfect time for you to head back to your base and take out some walkers. Here’s the lowdown on what’s new to the game, and how to take advantage. [Read more] | Read more »
Goat Rider guide - Tips and tricks to st...
We've all been there. One second, we're riding high on a crazed goat, and the next, we've been tossed off it like someone who's no good at goat ridin'. [Read more] | Read more »
Real Boxing 2 CREED: How to become a gre...
Just in time for Rocky fans who can’t wait to see CREED, the latest movie, we have the official tie-in game,Real Boxing 2 CREED. It builds on the success of its predecessor and there’s lots to take in so we at 148apps thought we’d run you through... | Read more »
CoinOp Heroes 2 guide - How to build an...
CoinOp Heroes 2 justlaunched and, like all clickers, it's dangerously addictive stuff. You have to furiously tap your screen to defeat wave after wave of foes and earn an insane amount of cash to spend on character upgrades and an army of minions... | Read more »
Dr. Panda Firefighters (Education)
Dr. Panda Firefighters 1.0.1 Device: iOS Universal Category: Education Price: $2.99, Version: 1.0.1 (iTunes) Description: FIGHT FIRES AND SAVE THE DAY!Work together with Dr. Panda and his firefighting team to rescue his trapped... | Read more »
Puddle + (Games)
Puddle + 1.0 Device: iOS iPhone Category: Games Price: $2.99, Version: 1.0 (iTunes) Description: Puddle is back in a new "+" edition featuring enhanced graphics, new videos and Apple TV support ! No IAP and No Ads. Dive into Puddle... | Read more »
Football Manager Mobile 2016 (Games)
Football Manager Mobile 2016 7.0.0 Device: iOS Universal Category: Games Price: $8.99, Version: 7.0.0 (iTunes) Description: Football Manager Mobile 2016 is designed to be played on the move and is the quickest way to manage your... | Read more »
Kill Shot Bravo guide - How to become an...
Kill Shot Bravo is a disturbing amount of fun. No matter how many times I play a game that encourages me to snipe people in the head, I feel a little uneasy at how satisfying it is. Here are some useful tips to get you started on your path to... | Read more »

Price Scanner via

Adorama Black Friday deals: Up to $400 off Ma...
Adorama has released their Black Friday deals for 2015. Save up to $400 on MacBook Pros, $200 on MacBooks and MacBook Airs, and $270 on iMacs. Use code RYBFDEAL during checkout to see these prices.... Read more
B&H Photo Deals: $200 off 12-inch 1.2GHz...
In addition to the B&H Photo Black Friday week sales we posted yesterday, B&H has lowered their price on two products to $200 off MSRP: - 12″ 1.2GHz Gray Retina MacBook: $1399 save $200 - 13... Read more
Best Buy Early Access: Today only, Up to $125...
Best Buy has iPad Air 2s on sale for up to $125 off MSRP and Apple Watch models on sale on their online store for up to $100 off MSRP with special codes through midnight CT tonight. Choose free... Read more
UPPERCASE DESIGNS Premium Ultra Thin Keyboard...
UPPERCASE Designs today announced its new Premium Ultra Thin Keyboard Protector and its Palm Rest Protector Set for the 12-inch MacBook. The accessories provide durable protection for the 12-inch... Read more
Al Jazeera Launches New iOS And Android Mobil...
Doha, Qatar based Al Jazeera has launched new mobile and tablet apps on the iOS and Android systems bringing the latest Al Jazeera news and programmes live together with on-demand personalisation.... Read more
B&H Photo Holiday Sale: Up to $250 off Ma...
B&H Photo has all new Macs on sale for up to $500 off MSRP as part of their Holiday sale including free shipping plus NY sales tax only: - 15″ 2.2GHz Retina MacBook Pro: $1799 $200 off - 15″ 2.... Read more
Free Aura ‘Ultimate’ Mac App For Gmail Update...
Miami, Florida based Crosscoded has announced Aura 1.2.0, an update to the Mac app for Gmail. Aura mixes the power of a native client with the flexibility of the Gmail web app with support for up to... Read more
Apple Will Edge Closer to Samsung in Smartpho...
Total smartphone shipments for 2015 are projected to decline by 9.7% to 1.286 billion units, according to the latest report from global market research firm TrendForce. Though Chinese vendors have... Read more
Sidefari – Split Screen Multitasking In Safar...
Francisco Cantu’s Sidefari is a simple web browser designed to act as a companion to Safari on the iPad. With multitasking in iOS 9, Sidefari uses the new Safari View Controller to show an extra... Read more
12-inch MacBooks in stock for up to $120 off,...
Adorama has 12″ Retina MacBooks in stock for up to $120 off MSRP including free shipping plus NY & NJ sales tax only. For a limited time, Adorama will include a free Apple USB-C to USB Adapter,... Read more

Jobs Board

Merchant Operations Manager: *Apple* Pay -...
Changing the world is all in a day's work at Apple . If you love innovation, here's your chance to make a career of it. You'll work hard. But the job comes with more than Read more
*Apple* Pay QA Manager - Apple Inc. (United...
Changing the world is all in a day's work at Apple . If you love innovation, here's your chance to make a career of it. You'll work hard. But the job comes with more than Read more
Sr Software Engineer *Apple* Pay - Apple In...
Changing the world is all in a day's work at Apple . If you love innovation, here's your chance to make a career of it. You'll work hard. But the job comes with more than Read more
Hardware Systems Architect - *Apple* Watch...
# Hardware Systems Architect - Apple Watch Job Number: 38449977 Santa Clara Valley, Califo ia, United States Posted: Apr. 16, 2015 Weekly Hours: **Job Summary** The Read more
Software Engineer, *Apple* Watch - Apple (U...
# Software Engineer, Apple Watch Job Number: 38181776 Santa Clara Valley, Califo ia, United States Posted: Nov. 2, 2015 Weekly Hours: 40.00 **Job Summary** The Apple Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.