From: danny@cs.su.oz.au (Danny Yee) Date: Sat, 13 May 1995 14:19:10 +1000 Subject: Book Review - Network Security title: Network Security : PRIVATE Communication in a PUBLIC World by: Charlie Kaufman + Radia Perlman + Mike Speciner publisher: Prentice Hall 1995 subjects: computing, networking other: 504 pages, exercises, bibliography, index The title of _Network Security_ is too broad and the subtitle too narrow: it hardly covers network security in general, but it does cover more than just secure communication. Part one is solid mathematical cryptography, explaining secret key cryptography, hashes and digests, and public key cryptography. Part two describes how these are used to build authentication protocols (with detailed discussion of Kerberos V4 and V5). Part three covers the standards for secure electronic mail (PGP, PEM and X400) and the final chapter covers a miscellany of different security systems: NetWare, KryptoKnight, DASS, Lotus Notes, DCE, Microsoft, and Clipper. _Network Security_ really does explain everything -- even what a modulus is! -- and avoids an overly mathematical approach (the more abstract number theory is consigned to a separate chapter). The authors have also done their best to make their book readable and to keep the reader entertained. Here is a fun quote: Humans are incapable of securely storing high-quality cryptographic keys, and they have unacceptable speed and accuracy when performing cryptographic operations. (They are also large, expensive to maintain, difficult to manage, and they pollute the environment. It is astonishing that these devices continue to be manufactured and deployed. But they are sufficiently pervasive that we must design our protocols around their limitations.) More importantly, the explanations are clear and well illustrated with diagrams. _Network Security_ is probably a bit much for the complete novice to distributed systems and cryptography, however. Much of the detail is likely to interest only protocol designers and implementors: complete descriptions of the MD5 digest algorithm (with all the constants!) and the El Gamal signature scheme are included, for example. It would be suitable as a text for graduates or higher undergraduates in mathematics or computer science (the exercises at the end of each chapter suggest this is its intended audience), and also for programmers or administrators who want to understand the security systems they are implementing or deploying. -- Disclaimer: I requested and received a review copy of _Network Security_ >from Prentice Hall but I have no stake, financial or otherwise, in its success. -- %T Network Security %S PRIVATE Communication in a PUBLIC World %A Charlie Kaufman %A Radia Perlman %A Mike Speciner %I Prentice Hall %C Englewood Cliffs, New Jersey %D 1995 %O hardcover, exercises, bibliography, index %G ISBN 0-13-061466-1 %P xx,504pp %K computing, networking Danny Yee (danny@cs.su.oz.au) 13 May 1995 ------------------------------------------------------------- Copyright (C) Danny Yee 1995 : Comments and criticism welcome ------------------------------------------------------------- URL http://www.anatomy.su.oz.au/danny/book-reviews/index.html -------------------------------------------------------------