Practical Cryptology and Web Security

P.K. Yuen  
Total pages
October 2005
Related Titles


Security is now the number one concern for businesses world wide. The gold standard for attaining security is cryptography; it provides the most reliable tools for storing or transmitting digital information.


This is the first textbook showing students how to implement cryptography and incorporate it into real-world systems on the Web.


  • A practical focus helping students master security skills step-by-step.
  • 50 worked examples.
  • Reports of recent security breaches.
  • Plenty of practical tips and tricks.
  • Examines how to:
    -         protect a website against viruses
    -         encrypt emails
    -         build secure databases
    -         perform secure business transactions on the web
  • Works from a problem-solving perspective, showing how to implement technology solutions.
  • Looks from the attacker’s point of view at possible challenges to security.
  • Shows how every algorithm discussed can be used within a real-world context

Additional Support Material

  • Author hosted website containing PowerPoint slides and code for all the examples discussed in the book.

Table of Contents

1. Basic security skills on the World Wide Web
1.1 An introduction to network security
1.1.1 Secure and insecure networks
1.1.2 Digital cryptography on the web  
1.2 The web browser-server dialog                                                     
1.2.1 The structure and configurations of the web
1.2.2 Web browser and server dialog
1.2.3 My first page with security
1.2.4 Using HTML and migrating to XHTML
1.3 Webpage skills for message manipulation and Security                  
1.3.1 Number Systems Used On The Web
1.3.2 The Ascii Character Set
1.3.3 Using Unicode On The Web
1.3.4 Numerical Representations Of Messages
1.3.5 Implementation Of The Caesar Code
1.4 Bitwise Operators And Base64 Encoding/Decoding               
1.4.1 An Introduction To Bitwise Operators
1.4.2 Bitwise Operations and Encryptions on The Web
1.4.3 Base64 Encoding And Decoding
1.5 The Xor And Pkzip/Winzip Encryption Schemes                                
1.5.1 Xor Encryption/Decryption
1.5.2 Implementation Of The Xor Scheme On The Web
1.5.3 Encryption/Decryption Of Pkzip And Winzip
1.5.4 Implementation Of The Pkzip/Winzip Encryption Scheme
2. Cryptology, Website Protection And Attacks
2.1 An Overview Of Cryptology                                                                         
What Is Cryptology?                                                                                            
Examples On Classic Ciphers And Attacks                                                           
Basic User Authentication And Website Protections                               
2.2.1 The Beginning Of Cipher-Based Authentication                        
2.2.2 Basic HTTP Authentication With Apache                                  

Back Cover

Practical Cryptology and Web Security

P. K. Yuen


The transfer of information over the world wide web depends critically on secure communications. The need to protect the material we send and receive from cyberspace, from the largest of business transactions to the simplest of personal web-pages, is crucial in ensuring we can continue to use this incredible resource safely. Cryptology provides the most reliable tools for storing or transmitting digital information and is the gold standard for attaining the levels of security our online interactions demand. 

Taking a step-by-step approach P. K. Yuen demonstrates how to master practical encryption/decryption algorithms, implementation techniques, and web-based security skills including:

·        Protecting websites from hackers and viruses;

·        Encrypting email, Web pages, and instant messages;

·        Building a secure web-database;

·        Performing secure business transactions over the web.

Working from a problem-solving perspective, he shows how to implement security solutions and looks from the attacker’s point of view at possible challenges to that security. In short, Practical Cryptology and Web Security offers a practical and comprehensive guide to all aspects of web security.

  • Over 120 worked examples, many from industry, demonstrate the key considerations in implementing web security.
  • Covers all the major encryption techniques and standards, including the AES.
  • Examines the latest web technologies in terms of security, including XML Signatures and XML Digital Contracts
PK Yuen is a well known expert on Communications, Internet and the World Wide Web. He has over 13 years’ experience working on web technologies including large scale application developments, engineer training, project leadership and working on the security systems of international airports. He is co-author of  Practical Web Technologies, also published by Addison-Wesley.