Information Security | Principles And Practice

One of my goals in writing this book was to illuminate some of those black boxes that are so popular in information security books today. On the other hand, I don’t want to bore you to death with trivial details (if that’s what you want, go read some RFCs). As a result, I often ignore details that I deem irrelevant to the topic at hand. You can judge whether I’ve struck the proper balance between these two competing goals.
I’ve strived to keep the presentation moving along so as to cover a broad selection of topics. My goal is to cover each item in just enough detail so that you can appreciate the basic security issue at hand, while not getting bogged down in details. I’ve also attempted to regularly emphasize and reiterate the main points so that crucial information doesn’t slip by below the radar screen.

Another goal of mine was to present the topic in a reasonably lively and interesting way. If any computing subject should be exciting and fun, it’s information security. Security is happening now and it’s in the news—it’s clearly alive and kicking.

I’ve also tried to inject a little humor into the material. They say that humor is derived from pain, so judging by the quality of my jokes, I’d say that I’ve led a charmed life. In any case, most of the really bad jokes are in footnotes, so they shouldn’t be too distracting.


  1. Introduction
  2. Classic Cryptography
  3. Symmetric Key Crypto
  4. Public Key Crypto
  5. Hash Functions++
  6. Advanced Cryptanalysis
  7. Authentication
  8. Authorization
  9. Authentication Protocols
  10. Real-World Protocols
  11. Software Flaws and Malware
  12. Insecurity in Software
  13. OS and Security

Download PDF

Happy learning!

Friendly Websites