The mobile industry for wireless cellular services has grown at a rapid pace over the past decade. Similarly, Internet service technology has also made dramatic growth through the World Wide Web with a wire line infrastructure. Realization for complete wired/wireless mobile Internet technologies will become the future objectives for convergence of these technologies through multiple enhancements of both cellular mobile systems and Internet interoperability. Flawless integration between these two wired/wireless networks will enable subscribers to not only roam worldwide, but also to solve the ever increasing demand for data/Internet services. In order to keep up with this noteworthy growth in the demand for wireless broadband, new technologies and structural architectures are needed to greatly improve system performance and network scalability while significantly reducing the cost of equipment and deployment. Dr. Rhee covers the technological development of wired/wireless internet communications in compliance with each iterative generation up to 4G systems, with emphasis on wireless security aspects. By progressing in a systematic matter, presenting the theory and practice of wired/wireless mobile technologies along with various security problems, readers will gain an intimate sense of how mobile internet systems operate and how to address complex security issues. Features: Written by a top expert in information security Gives a clear understanding of wired/wireless mobile internet technologies Presents complete coverage of various cryptographic protocols and specifications needed for 3GPP: AES, KASUMI, Public–key and Elliptic curve cryptography Forecast new features and promising 4G packet–switched wireless internet technologies for voice and data communications Provides MIMO/OFDMA–based for 4G systems such as Long Term Evolution (LTE), Ultra Mobile Broadband (UMB), Mobile WiMax or Wireless Broadband (WiBro) Deals with Intrusion Detection System against worm/virus cyber attacks The book ideal for advanced undergraduate and postgraduate students enrolled in courses such as Wireless Access Networking, Mobile Internet Radio Communications. Practicing engineers in industry and research scientists can use the book as a reference to get reacquainted with mobile radio fundamentals or to gain deeper understanding of complex security issues. INDICE: Preface xiii About the Author xxi Acknowledgments xxiii 1 Internetworking and Layered Models 1 1.1 Networking Technology 2 1.1.1 Local Area Networks (LANs) 2 1.1.2 Wide Area Networks (WANs) 3 1.2 Connecting Devices 5 1.2.1 Switches 5 1.2.2 Repeaters 6 1.2.3 Bridges 7 1.2.4 Routers 7 1.2.5 Gateways 8 1.3 The OSI Model 8 1.4 TCP/IP Model 12 1.4.1 Network Access Layer 13 1.4.2 Internet Layer 14 1.4.3 Transport Layer 14 1.4.4 Application Layer 14 2 TCP/IP Suite and Internet Stack Protocols 15 2.1 Network Layer Protocols 15 2.1.1 Internet Protocol (IP) 15 2.1.2 Address Resolution Protocol (ARP) 28 2.1.3 Reverse Address Resolution Protocol (RARP) 31 2.1.4 Classless Interdomain Routing (CIDR) 31 2.1.5 IP Version 6 (IPv6 or IPng) 32 2.1.6 Internet Control Message Protocol (ICMP) 40 2.1.7 Internet Group Management Protocol (IGMP) 41 2.2 Transport Layer Protocols 41 2.2.1 Transmission Control Protocol (TCP) 41 2.2.2 User Datagram Protocol (UDP) 44 2.3 World Wide Web 47 2.3.1 Hypertext Transfer Protocol (HTTP) 47 2.3.2 Hypertext Markup Language (HTML) 47 2.3.3 Common Gateway Interface (CGI) 48 2.3.4 Java 49 2.4 File Transfer 49 2.4.1 File Transfer Protocol (FTP) 49 2.4.2 Trivial File Transfer Protocol (TFTP) 49 2.4.3 Network File System (NFS) 50 2.5 E–Mail 50 2.5.1 Simple Mail Transfer Protocol (SMTP) 50 2.5.2 Post Office Protocol Version 3 (POP3) 51 2.5.3 Internet Message Access Protocol (IMAP) 51 2.5.4 Multipurpose Internet Mail Extension (MIME) 52 2.6 Network Management Service 52 2.6.1 Simple Network Management Protocol (SNMP) 52 2.7 Converting IP Addresses 53 2.7.1 Domain Name System (DNS) 53 2.8 Routing Protocols 54 2.8.1 Routing Information Protocol (RIP) 54 2.8.2 Open Shortest Path First (OSPF) 54 2.8.3 Border Gateway Protocol (BGP) 55 2.9 Remote System Programs 55 2.9.1 TELNET 55 2.9.2 Remote Login (Rlogin) 56 2.10 Social Networking Services 56 2.10.1 Facebook 56 2.10.2 Twitter 56 2.10.3 Linkedin 57 2.10.4 Groupon 57 2.11 Smart IT Devices 57 2.11.1 Smartphones 57 2.11.2 Smart TV 57 2.11.3 Video Game Console 58 2.12 Network Security Threats 58 2.12.1 Worm 58 2.12.2 Virus 58 2.12.3 DDoS 58 2.13 Internet Security Threats 58 2.13.1 Phishing 58 2.13.2 SNS Security Threats 59 2.14 Computer Security Threats 59 2.14.1 Exploit 59 2.14.2 Password Cracking 60 2.14.3 Rootkit 60 2.14.4 Trojan Horse 60 2.14.5 Keylogging 61 2.14.6 Spoofing Attack 61 2.14.7 Packet Sniffer 62 2.14.8 Session Hijacking 62 3 Global Trend of Mobile Wireless Technology 63 3.1 1G Cellular Technology 63 3.1.1 AMPS (Advanced Mobile Phone System) 64 3.1.2 NMT (Nordic Mobile Telephone) 64 3.1.3 TACS (Total Access Communications System) 64 3.2 2G Mobile Radio Technology 64 3.2.1 CDPD (Cellular Digital Packet Data), North American Protocol 65 3.2.2 GSM (Global System for Mobile Communications) 65 3.2.3 TDMA–136 or IS–54 66 3.2.4 iDEN (Integrated Digital Enhanced Network) 66 3.2.5 cdmaOne IS–95A 67 3.2.6 PDC (Personal Digital Cellular) 67 3.2.7 i–mode 67 3.2.8 WAP (Wireless Application Protocol) 67 3.3 2.5G Mobile Radio Technology 67 3.3.1 ECSD (Enhanced Circuit–Switched Data) 69 3.3.2 HSCSD (High–Speed Circuit–Switched Data) 69 3.3.3 GPRS (General Packet Radio Service) 69 3.3.4 EDGE (Enhanced Data rate for GSM Evolution) 69 3.3.5 cdmaOne IS–95B 69 3.4 3G Mobile Radio Technology (Situation and Status of 3G) 70 3.4.1 UMTS (Universal Mobile Telecommunication System) 73 3.4.2 HSDPA (High–Speed Downlink Packet Access) 73 3.4.3 CDMA2000 1x 74 3.4.4 CDMA2000 1xEV (1x Evolution) 74 3.4.5 CDMA2000 1xEV–DO (1x Evolution Data Only) 74 3.4.6 CDMA2000 1xEV–DV (1x Evolution Data Voice) 74 3.5 3G UMTS Security–Related Encryption Algorithm 75 3.5.1 KASUMI Encryption Function 75 4 Symmetric Block Ciphers 81 4.1 Data Encryption Standard (DES) 81 4.1.1 Description of the Algorithm 82 4.1.2 Key Schedule 84 4.1.3 DES Encryption 86 4.1.4 DES Decryption 91 4.1.5 Triple DES 95 4.1.6 DES–CBC Cipher Algorithm with IV 97 4.2 International Data Encryption Algorithm (IDEA) 99 4.2.1 Subkey Generation and Assignment 100 4.2.2 IDEA Encryption 101 4.2.3 IDEA Decryption 106 4.3 RC5 Algorithm 108 4.3.1 Description of RC5 109 4.3.2 Key Expansion 110 4.3.3 Encryption 114 4.3.4 Decryption 117 4.4 RC6 Algorithm 123 4.4.1 Description of RC6 123 4.4.2 Key Schedule 124 4.4.3 Encryption 125 4.4.4 Decryption 128 4.5 AES (Rijndael) Algorithm 135 4.5.1 Notational Conventions 135 4.5.2 Mathematical Operations 137 4.5.3 AES Algorithm Specification 140 5 Hash Function, Message Digest, and Message Authentication Code 161 5.1 DMDC Algorithm 161 5.1.1 Key Schedule 162 5.1.2 Computation of Message Digests 166 5.2 Advanced DMDC Algorithm 171 5.2.1 Key Schedule 171 5.2.2 Computation of Message Digests 173 5.3 MD5 Message–Digest Algorithm 176 5.3.1 Append Padding Bits 176 5.3.2 Append Length 177 5.3.3 Initialize MD Buffer 177 5.3.4 Define Four Auxiliary Functions (F, G, H, I) 177 5.3.5 FF, GG, HH, and II Transformations for Rounds 1, 2, 3, and 4 178 5.3.6 Computation of Four Rounds (64 Steps) 178 5.4 Secure Hash Algorithm (SHA–1) 188 5.4.1 Message Padding 188 5.4.2 Initialize 160–bit Buffer 189 5.4.3 Functions Used 189 5.4.4 Constants Used 190 5.4.5 Computing the Message Digest 191 5.5 Hashed Message Authentication Codes (HMAC) 195 6 Asymmetric Public–Key Cryptosystems 203 6.1 Diffie–Hellman Exponential Key Exchange 203 6.2 RSA Public–Key Cryptosystem 207 6.2.1 RSA Encryption Algorithm 208 6.2.2 RSA Signature Scheme 212 6.3 ElGamal’s Public–Key Cryptosystem 215 6.3.1 ElGamal Encryption 215 6.3.2 ElGamal Signatures 217 6.3.3 ElGamal Authentication Scheme 219 6.4 Schnorr’s Public–Key Cryptosystem 222 6.4.1 Schnorr’s Authentication Algorithm 222 6.4.2 Schnorr’s Signature Algorithm 224 6.5 Digital Signature Algorithm 227 6.6 The Elliptic Curve Cryptosystem (ECC) 230 6.6.1 Elliptic Curves 230 6.6.2 Elliptic Curve Cryptosystem Applied to the ElGamal Algorithm 239 6.6.3 Elliptic Curve Digital Signature Algorithm 240 6.6.4 ECDSA Signature Computation 244 7 Public–Key Infrastructure 249 7.1 Internet Publications for Standards 250 7.2 Digital Signing Techniques 251 7.3 Functional Roles of PKI Entities 258 7.3.1 Policy Approval Authority 258 7.3.2 Policy Certification Authority 260 7.3.3 Certification Authority 261 7.3.4 Organizational Registration Authority 262 7.4 Key Elements for PKI Operations 263 7.4.1 Hierarchical Tree Structures 264 7.4.2 Policy–Making Authority 265 7.4.3 Cross–Certification 266 7.4.4 X.500 Distinguished Naming 269 7.4.5 Secure Key Generation and Distribution 270 7.5 X.509 Certificate Formats 271 7.5.1 X.509 v1 Certificate Format 271 7.5.2 X.509 v2 Certificate Format 273 7.5.3 X.509 v3 Certificate Format 274 7.6 Certificate Revocation List 282 7.6.1 CRL Fields 282 7.6.2 CRL Extensions 284 7.6.3 CRL Entry Extensions 285 7.7 Certification Path Validation 287 7.7.1 Basic Path Validation 287 7.7.2 Extending Path Validation 289 8 Network Layer Security 291 8.1 IPsec Protocol 291 8.1.1 IPsec Protocol Documents 292 8.1.2 Security Associations (SAs) 294 8.1.3 Hashed Message Authentication Code (HMAC) 296 8.2 IP Authentication Header 299 8.2.1 AH Format 300 8.2.2 AH Location 301 8.3 IP ESP 301 8.3.1 ESP Packet Format 303 8.3.2 ESP Header Location 304 8.3.3 Encryption and Authentication Algorithms 306 8.4 Key Management Protocol for IPsec 308 8.4.1 OAKLEY Key Determination Protocol 308 8.4.2 ISAKMP 309 9 Transport Layer Security: SSLv3 and TLSv1 325 9.1 SSL Protocol 325 9.1.1 Session and Connection States 326 9.1.2 SSL Record Protocol 327 9.1.3 SSL Change Cipher Spec Protocol 331 9.1.4 SSL Alert Protocol 331 9.1.5 SSL Handshake Protocol 332 9.2 Cryptographic Computations 338 9.2.1 Computing the Master Secret 338 9.2.2 Converting the Master Secret into Cryptographic Parameters 339 9.3 TLS Protocol 339 9.3.1 HMAC Algorithm 340 9.3.2 Pseudo–random Function 344 9.3.3 Error Alerts 349 9.3.4 Certificate Verify Message 350 9.3.5 Finished Message 351 9.3.6 Cryptographic Computations (for TLS) 351 10 Electronic Mail Security: PGP, S/MIME 353 10.1 PGP 353 10.1.1 Confidentiality via Encryption 354 10.1.2 Authentication via Digital Signature 355 10.1.3 Compression 356 10.1.4 Radix–64 Conversion 357 10.1.5 Packet Headers 361 10.1.6 PGP Packet Structure 363 10.1.7 Key Material Packet 367 10.1.8 Algorithms for PGP 5.x 371 10.2 S/MIME 372 10.2.1 MIME 372 10.2.2 S/MIME 379 10.2.3 Enhanced Security Services for S/MIME 382 11 Internet Firewalls for Trusted Systems 387 11.1 Role of Firewalls 387 11.2 Firewall–Related Terminology 388 11.2.1 Bastion Host 389 11.2.2 Proxy Server 389 11.2.3 SOCKS 390 11.2.4 Choke Point 391 11.2.5 Demilitarized Zone (DMZ) 391 11.2.6 Logging and Alarms 391 11.2.7 VPN 392 11.3 Types of Firewalls 392 11.3.1 Packet Filters 392 11.3.2 Circuit–Level Gateways 397 11.3.3 Application–Level Gateways 397 11.4 Firewall Designs 398 11.4.1 Screened Host Firewall (Single–Homed Bastion Host) 399 11.4.2 Screened Host Firewall (Dual–Homed Bastion Host) 400 11.4.3 Screened Subnet Firewall 400 11.5 IDS Against Cyber Attacks 401 11.5.1 Internet Worm Detection 401 11.5.2 Computer Virus 402 11.5.3 Special Kind of Viruses 403 11.6 Intrusion Detections Systems 404 11.6.1 Network–Based Intrusion Detection System (NIDS) 404 11.6.2 Wireless Intrusion Detection System (WIDS) 406 11.6.3 Network Behavior Analysis System (NBAS) 408 11.6.4 Host–Based Intrusion Detection System (HIDS) 409 11.6.5 Signature–Based Systems 410 11.6.6 Anomaly–Based Systems 411 11.6.7 Evasion Techniques of IDS Systems 412 12 SET for E–Commerce Transactions 415 12.1 Business Requirements for SET 415 12.2 SET System Participants 417 12.3 Cryptographic Operation Principles 418 12.4 Dual Signature and Signature Verification 420 12.5 Authentication and Message Integrity 424 12.6 Payment Processing 427 12.6.1 Cardholder Registration 427 12.6.2 Merchant Registration 433 12.6.3 Purchase Request 434 12.6.4 Payment Authorization 435 12.6.5 Payment Capture 437 13 4G Wireless Internet Communication Technology 439 13.1 Mobile WiMAX 440 13.1.1 Mobile WiMAX Network Architecture 440 13.1.2 Reference Points in WiMAX Network Reference Model (NRM) 442 13.1.3 Key Supporting Technologies 444 13.1.4 Comparison between Mobile WiMAX Network and Cellular Wireless Network 447 13.2 WiBro (Wireless Broadband) 448 13.2.1 WiBro Network Architecture 448 13.2.2 Key Elements in WiBro System Configuration 449 13.2.3 System Comparison between HSDPA and WiBro 451 13.2.4 Key Features on WiBro Operation 451 13.3 UMB (Ultra Mobile Broadband) 452 13.3.1 Design Objectives of UMB 453 13.3.2 Key Technologies Applicable to UMB 453 13.3.3 UMB IP–Based Network Architecture 455 13.3.4 Conclusive Remarks 456 13.4 LTE (Long Term Evolution) 457 13.4.1 LTE Features and Capabilities 457 13.4.2 LTE Frame Structure 458 13.4.3 LTE Time–Frequency Structure for Downlink 458 13.4.4 LTE SC–FDMA on Uplink 460 13.4.5 LTE Network Architecture 461 13.4.6 Key Components Supporting LTE Design 463 13.4.7 Concluding Remarks 464 Acronyms 467 Bibliography 473 Index 481
- ISBN: 978-1-118-49653-4
- Editorial: Wiley–Blackwell
- Encuadernacion: Cartoné
- Páginas: 522
- Fecha Publicación: 19/04/2013
- Nº Volúmenes: 1
- Idioma: Inglés