密码编码学与网络安全第五版答案Word文件下载.docx
《密码编码学与网络安全第五版答案Word文件下载.docx》由会员分享,可在线阅读,更多相关《密码编码学与网络安全第五版答案Word文件下载.docx(86页珍藏版)》请在冰豆网上搜索。
Chapter5:
AdvancedEncryptionStandard28
Chapter6:
MoreonSymmetricCiphers33
Chapter7:
ConfidentialityUsingSymmetricEncryption38
Chapter8:
IntroductiontoNumberTheory42
Chapter9:
Public-KeyCryptographyandRSA46
Chapter10:
KeyManagement;
OtherPublic-KeyCryptosystems55
Chapter11:
MessageAuthenticationandHashFunctions59
Chapter12:
HashandMACAlgorithms62
Chapter13:
DigitalSignaturesandAuthenticationProtocols66
Chapter14:
AuthenticationApplications71
Chapter15:
ElectronicMailSecurity73
Chapter16:
IPSecurity76
Chapter17:
WebSecurity80
Chapter18:
Intruders83
Chapter19:
MaliciousSoftware87
Chapter20:
Firewalls89
AnswerstoQuestions
1.1TheOSISecurityArchitectureisaframeworkthatprovidesasystematicwayofdefiningtherequirementsforsecurityandcharacterizingtheapproachestosatisfyingthoserequirements.Thedocumentdefinessecurityattacks,mechanisms,andservices,andtherelationshipsamongthesecategories.
1.2Passiveattackshavetodowitheavesdroppingon,ormonitoring,transmissions.Electronicmail,filetransfers,andclient/serverexchangesareexamplesoftransmissionsthatcanbemonitored.Activeattacksincludethemodificationoftransmitteddataandattemptstogainunauthorizedaccesstocomputersystems.
1.3Passiveattacks:
releaseofmessagecontentsandtrafficanalysis.Activeattacks:
masquerade,replay,modificationofmessages,anddenialofservice.
1.4Authentication:
Theassurancethatthecommunicatingentityistheonethatitclaimstobe.
Accesscontrol:
Thepreventionofunauthorizeduseofaresource(i.e.,thisservicecontrolswhocanhaveaccesstoaresource,underwhatconditionsaccesscanoccur,andwhatthoseaccessingtheresourceareallowedtodo).
Dataconfidentiality:
Theprotectionofdatafromunauthorizeddisclosure.
Dataintegrity:
Theassurancethatdatareceivedareexactlyassentbyanauthorizedentity(i.e.,containnomodification,insertion,deletion,orreplay).
Nonrepudiation:
Providesprotectionagainstdenialbyoneoftheentitiesinvolvedinacommunicationofhavingparticipatedinallorpartofthecommunication.
Availabilityservice:
Thepropertyofasystemorasystemresourcebeingaccessibleandusableupondemandbyanauthorizedsystementity,accordingtoperformancespecificationsforthesystem(i.e.,asystemisavailableifitprovidesservicesaccordingtothesystemdesignwheneverusersrequestthem).
1.5SeeTable1.3.
AnswerstoProblems
1.1
Releaseofmessagecontents
Trafficanalysis
Masquerade
Replay
Modificationofmessages
Denialofservice
Peerentityauthentication
Y
Dataoriginauthentication
Accesscontrol
Confidentiality
Trafficflowconfidentiality
Dataintegrity
Non-repudiation
Availability
1.2
Encipherment
Digitalsignature
Authenticationexchange
Trafficpadding
Routingcontrol
Notarization
Chapter2
ClassicalEncryptionTechniquesr
2.1Plaintext,encryptionalgorithm,secretkey,ciphertext,decryptionalgorithm.
2.2Permutationandsubstitution.
2.3Onekeyforsymmetricciphers,twokeysforasymmetricciphers.
2.4Astreamcipherisonethatencryptsadigitaldatastreamonebitoronebyteatatime.Ablockcipherisoneinwhichablockofplaintextistreatedasawholeandusedtoproduceaciphertextblockofequallength.
2.5Cryptanalysisandbruteforce.
2.6Ciphertextonly.Onepossibleattackunderthesecircumstancesisthebrute-forceapproachoftryingallpossiblekeys.Ifthekeyspaceisverylarge,thisbecomesimpractical.Thus,theopponentmustrelyonananalysisoftheciphertextitself,generallyapplyingvariousstatisticalteststoit.Knownplaintext.Theanalystmaybeabletocaptureoneormoreplaintextmessagesaswellastheirencryptions.Withthisknowledge,theanalystmaybeabletodeducethekeyonthebasisofthewayinwhichtheknownplaintextistransformed.Chosenplaintext.Iftheanalystisabletochoosethemessagestoencrypt,theanalystmaydeliberatelypickpatternsthatcanbeexpectedtorevealthestructureofthekey.
2.7Anencryptionschemeisunconditionallysecureiftheciphertextgeneratedbytheschemedoesnotcontainenoughinformationtodetermineuniquelythecorrespondingplaintext,nomatterhowmuchciphertextisavailable.An
升级会员 