Modern Cryptography - The Practical Guide

Mehr lesen

Security professionals, you know encryption is essential to protect your data. In this book, learn about the fundamental concepts of cryptography-and then apply them! Explore algorithms for symmetric and asymmetric cryptography and see how to use encryption strategies to enforce storage and network security. Put modern cryptography principles to work in real-world scenarios: cloud environments, cryptocurrency, artificial intelligence, quantum computing, and more. Build the cryptography skills you need to manage today's security threats!

In this book, you'll learn about:

a. Cryptography Concepts
Master the theory behind cryptography. Walk through the principles, methods, and algorithms that are used to protect your data. Ensure data confidentiality, integrity, and authenticity using techniques such as hash functions, digital signatures, and MAC.

b. Practical Applications
Learn about modern cryptography in practice. From managing encryption keys in the cloud, to securing AI systems and machine learning models, to developing quantum-resistant cryptography algorithms, see how cryptography is used to protect data.

c. Expert Tips, Examples, and Best Practices
Unravel cryptography topics with guidance from an experienced security professional. Practical demonstrations, detailed formulas, and tips and tricks will help you navigate the complex world of data encryption.

Highlights include:
1) Symmetric and asymmetric encryption
2) Hash functions
3) Digital signatures
4) Message authentication codes (MAC)
5) Storage and network security
6) Encryption key management
7) Cloud cryptography
8) Lightweight cryptography
9) Cryptocurrencies
10) Artificial intelligence and IoT
11) Quantum computing
12) Homomorphic encryption
13) Standards and best practices

Inhaltsverzeichnis

... Foreword ... 15

... Acknowledgments ... 19

... Preface ... 21

... Who This Book Is For ... 21

... Why Another Book on Cryptography? ... 22

... How This Book Is Organized ... 22

... Conclusion ... 24

PART I ... Foundations of Modern Cryptography ... 25

1 ... Fundamentals of Cryptography ... 27

1.1 ... History of Cryptography ... 27

1.2 ... Introduction to Cryptography ... 34

1.3 ... Primer on Ciphers ... 57

1.4 ... Summary ... 78

2 ... Symmetric Cryptography ... 79

2.1 ... Primer on Symmetric Cryptography ... 79

2.2 ... Symmetric Key Algorithms ... 83

2.3 ... Summary ... 110

3 ... Asymmetric Cryptography ... 113

3.1 ... Primer on Asymmetric Cryptography ... 114

3.2 ... Asymmetric Cryptography Algorithms ... 124

3.3 ... Summary ... 144

4 ... Cryptography Services ... 147

4.1 ... Hash Functions and Algorithms ... 148

4.2 ... Message Authentication Codes ... 168

4.3 ... Digital Signature ... 169

4.4 ... Merkle Trees ... 172

4.5 ... Summary ... 173

PART II ... Modern Cryptography in Practice ... 175

5 ... Storage Security: Data Encryption at Rest ... 177

5.1 ... Primer on Data Security ... 178

5.2 ... Data-at-Rest Encryption Methods ... 183

5.3 ... Summary ... 196

6 ... Web Security: Data Encryption in Transit ... 199

6.1 ... Primer on Web Security ... 200

6.2 ... Web Security Protocols ... 209

6.3 ... Securing Web-Based Applications ... 227

6.4 ... Public Key Infrastructure ... 232

6.5 ... Summary ... 236

7 ... Cloud and Connected Device Cryptography ... 237

7.1 ... Primer on Cloud Cryptography ... 238

7.2 ... Encryption Key Management ... 248

7.3 ... Cryptography as a Service by Major Cloud Service Providers ... 254

7.4 ... Lightweight Cryptography and the Internet of Things ... 259

7.5 ... Summary ... 268

8 ... Cryptography in Cryptocurrency ... 271

8.1 ... Primer on Cryptocurrency ... 272

8.2 ... The "Crypto" in Cryptocurrency ... 282

8.3 ... Outlook: Cautiously Optimistic ... 293

8.4 ... Summary ... 296

9 ... Cryptography and Artificial Intelligence ... 297

9.1 ... Primer on AI ... 298

9.2 ... AI for Cryptography ... 303

9.3 ... Cryptography for AI ... 309

9.4 ... Best Practices and Ethical Use of AI ... 315

9.5 ... Summary ... 316

10 ... Post-Quantum Cryptography ... 317

10.1 ... Primer on Quantum Computing ... 317

10.2 ... Quantum Computing and Cryptography ... 325

10.3 ... Preparing for Post-Quantum Cryptography ... 336

10.4 ... Future of Cryptography in Post-Quantum Computing ... 341

10.5 ... Summary ... 344

11 ... Homomorphic Encryption ... 345

11.1 ... Primer on Homomorphic Encryption ... 346

11.2 ... Practical Applications of Homomorphic Encryption ... 354

11.3 ... Advantages, Challenges, and the Future ... 361

11.4 ... Summary ... 365

12 ... Cryptography Attacks and Ransomware ... 367

12.1 ... Primer on Cryptography Attacks ... 368

12.2 ... Ransomware Attacks ... 379

12.3 ... Summary ... 387

13 ... Cryptography Standards and Resources ... 389

13.1 ... Government Standards for Cryptography ... 389

13.2 ... Other Standards for Cryptography ... 392

13.3 ... Best Practices and Other Resources ... 392

13.4 ... Further Reading ... 396

13.5 ... Summary ... 397

14 ... Future Trends and Concluding Remarks ... 399

14.1 ... Future Trends in Cryptography ... 399

14.2 ... Concluding Remarks ... 401

14.3 ... Summary ... 403

A ... Bibliography ... 405

B ... The Author ... 415

... Index ... 417

Über den Autor / die Autorin

Sandip Dholakia is an author, cryptographer, and information security professional. He works as a principal security architect within the Global Security and Compliance group at SAP America. Sandip is a co-chair of the Cryptography Center of Excellence (CoE) and a core member of the AI for Security task force at SAP. As a co-chair of Cryptography CoE, he is actively engaged in developing an enterprise-wide cryptoagility program, focusing on post-quantum cryptography strategies. Before joining SAP, Sandip was an information security architect at Cisco and a security architect and compliance leader at General Motors.

Sandip holds a US patent and defensive publication for designing and developing a cryptography-based antitheft algorithm. He has also published a book and papers about various security topics, including log management, zero-trust architecture, encryption, and security configuration. Sandip graduated from Carnegie Mellon University with dual master’s degrees in software engineering and information systems management. He holds CISSP, CCSP, CCSK, GWAPT, and AWS security certifications. Please visit Google Scholar for the complete list of his publications.

Zusammenfassung

Security professionals, you know encryption is essential to protect your data. In this book, learn about the fundamental concepts of cryptography—and then apply them! Explore algorithms for symmetric and asymmetric cryptography and see how to use encryption strategies to enforce storage and network security. Put modern cryptography principles to work in real-world scenarios: cloud environments, cryptocurrency, artificial intelligence, quantum computing, and more. Build the cryptography skills you need to manage today’s security threats!

In this book, you’ll learn about:

a. Cryptography Concepts
Master the theory behind cryptography. Walk through the principles, methods, and algorithms that are used to protect your data. Ensure data confidentiality, integrity, and authenticity using techniques such as hash functions, digital signatures, and MAC.

b. Practical Applications
Learn about modern cryptography in practice. From managing encryption keys in the cloud, to securing AI systems and machine learning models, to developing quantum-resistant cryptography algorithms, see how cryptography is used to protect data.

c. Expert Tips, Examples, and Best Practices
Unravel cryptography topics with guidance from an experienced security professional. Practical demonstrations, detailed formulas, and tips and tricks will help you navigate the complex world of data encryption.

Highlights include:
1) Symmetric and asymmetric encryption
2) Hash functions
3) Digital signatures
4) Message authentication codes (MAC)
5) Storage and network security
6) Encryption key management
7) Cloud cryptography
8) Lightweight cryptography
9) Cryptocurrencies
10) Artificial intelligence and IoT
11) Quantum computing
12) Homomorphic encryption
13) Standards and best practices