What s New in the Fourth Edition

What's New in the Fourth Edition

In the three years since the third edition of this book was published, the field has seen continued innovations and improvements. In this new edition, I try to capture these changes while maintaining a broad and comprehensive coverage of the entire field. To begin this process of revision, the third edition was extensively reviewed by a number of professors who teach the subject. In addition, a number of professionals working in the field reviewed individual chapters. The result is that, in many places, the narrative has been clarified and tightened, and illustrations have been improved. Also, a large number of new "field-tested" problems have been added.

Beyond these refinements to improve pedagogy and user friendliness, there have been major substantive changes throughout the book. Highlights include the following:

• Simplified AES: This is an educational, simplified version of AES (Advanced Encryption Standard), which enables students to grasp the essentials of AES more easily.

• Whirlpool: This is an important new secure hash algorithm based on the use of a symmetric block cipher.

• CMAC: This is a new block cipher mode of operation. CMAC (cipher-based message authentication code) provides message authentication based on the use of a symmetric block cipher.

• Public-key infrastructure (PKI): This important topic is treated in this new edition.

• Distributed denial of service (DDoS) attacks: DDoS attacks have assumed increasing significance in recent years.

• Common Criteria for Information Technology Security Evaluation: The Common Criteria have become the international framework for expressing security requirements and evaluating products and implementations.

• Online appendices: Six appendices available at this book's Web site supplement the material in the text.

In addition, much of the other material in the book has been updated and revised.