Network Security and Encryption explained in laymen terms

Although I might pretend ver开发者_运维问答y well that I know a thing about networks or security and it might help me pass an interview or fix a bug, I don't really feel I'm fooling anyone. I'm looking for laymen explanation of current network security concepts and solutions. The information is scattered around and I didn't find a resource for "dummies" like me (e.g experienced Java developers that can speak the jargon but have no real clue what it means).

Topics I have a weak notion about and want to understand better as a Java developer:

• PGP
• Public / Private keys
• RSA / DES
• SSL and 2 way SSL (keystore / trustore)
• Protecting against Man in the middle fraud
• Digital Signature and Certificates

Is there a resource out there that really explains it in a way that doesn't require a Cisco certificate / Linux lingo / know what is subnet masking or other plumbing skills?

The book Cryptography Engineering by Ferguson, Schneier, and Kohno might be something that would get you a decent way down the road to understanding the topics you listed. I read the first version of this book (Practical Cryptography) and found it to be quite good. For example, I thought the descriptions of public key/private key cryptography to be reasonably straightforward to understand.

It might not explicitly describe the specific terms in all cases that you are asking about. For example, I just looked in the index of my copy of Practical Cryptography and do not see the terms "keystore" and "truststore", but the first google hit I clicked on for those provided a definition in language I understood (largely because I read the book).

I also own Applied Cryptography mentioned by Aidan Cully, and I think it is also a very good book and certainly worth owning. However I tend to think of it more as a reference book (although somewhat dated - the copyright is 1996). In terms of real-word advice, though, I think the original title of the newer book Practical Cryptography was right on. The book seems, well, practical.

Schneier's Applied Cryptography is how I learned most of what I know. I haven't read it, but expect Ross Anderson's Security Engineering would also be a good resource.

Priactical UNIX and Internet Security will cover a lot of that stuff and give you a basic UNIX background. Also, if you have extra time Academic Earth has free video lectures from top universities.