Chapter 1: Introduction 5
Chapter 2: Classical Encryption Techniques 7
Chapter 3: Block Ciphers and the Date Encryption Standard 13
Chapter 4: Finite Fields 21
Chapter 5: Advanced Encryption Standard 28
Chapter 6: More on Symmetric Ciphers 33
Chapter 7: Confidentiality Using Symmetric Encryption 38
Chapter 8: Introduction to Number Theory 42
Chapter 9: Public-Key Cryptography and RSA 46
Chapter 10: Key Management; Other Public-Key Cryptosystems 55人不可貌相
Chapter 11: Message Authentication and Hash Functions 59
Chapter 12: Hash and MAC Algorithms 62
Chapter 13: Digital Signatures and Authentication Protocols 66
Chapter 14: Authentication Applications 71
Chapter 15: Electronic Mail Security 73
Chapter 16: IP Security 76
Chapter 17: Web Security 80
Chapter 18: Intruders 83
Chapter 19: Malicious Software 87
Chapter 20: Firewalls 89
Answers to Questions
1.1 The OSI Security Architecture is a framework that provides a systematic way of defining the requirements for curity and characterizing the approaches to satisfying tho requirements. The document defines curity attacks, mechanisms, and rvices, and the relationships among the categories.
紧张的拼音
1.2 Passive attacks have to do with eavesdropping on, or monitoring, transmissions. Electronic mail, file transfers, and client/rver exchanges are examples of transmissions that can be monitored. Active attacks include the modification of transmitted data and attempts to gain unauthorized access to computer systems.
1.3 Passive attacks: relea of message contents and traffic analysis. Active attacks: masquerade, replay, modification of messages, and denial of rvice.
1.4 Authentication: The assurance that the communicating entity is the one that it claims to be.
劳动节的诗句 Access control: The prevention of unauthorized u of a resource (i.e., this rvice co
ntrols who can have access to a resource, under what conditions access can occur, and what tho accessing the resource are allowed to do).
Data confidentiality: The protection of data from unauthorized disclosure.
Data integrity: The assurance that data received are exactly as nt by an authorized entity (i.e., contain no modification, inrtion, deletion, or replay).
Nonrepudiation: Provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication.
Availability rvice: The property of a system or a system resource being accessible and usable upon demand by an authorized system entity, according to performance specifications for the system (i.e., a system is available if it provides rvices according to the system design whenever urs request them).
1.5 See Table 1.3.
Answers toProblems
1.1 | Relea of message contents | Traffic analysis | Masquerade | Replay | Modification of messages | 上海市公积金管理中心 Denial of rvice |
Peer entity authentication | | | Y | | | |
Data origin authentication | | | Y | | | |
Access control | | | Y | | | |
Confidentiality | Y | | | | | |
Traffic flow confidentiality | | Y | | | | |
Data integrity | | | | Y | Y | |
Non-repudiation | | | Y | | | |
Availability | | | | | | Y |
| | | | | | |
1.2 | Relea of message contents | Traffic analysis | Masquerade | Replay | Modification of messages | Denial of rvice |
怎么做饺子馅Encipherment | Y | | | | | |
Digital signature | | | Y | Y | Y | |
Access control | Y | Y | Y | Y | | Y |
Data integrity | | | | 杨改兰Y | Y | |
Authentication exchange 事例 | Y | | Y | Y | | Y |
Traffic padding | | Y | | | | |
Routing control | Y | Y | | | | Y |
Notarization | | | Y | Y | Y | |
| | | | | | |
Chapter 2
Classical Encryption Techniquesr
Answers to Questions
2.1 Plaintext, encryption algorithm, cret key, ciphertext, decryption algorithm.
2.2 Permutation and substitution.
2.3 One key for symmetric ciphers, two keys for asymmetric ciphers.
2.4 A stream cipher is one that encrypts a digital data stream one bit or one byte at a time. A block cipher is one in which a block of plaintext is treated as a whole and ud to produce a ciphertext block of equal length.
2.5 Cryptanalysis and brute force.
2.6 Ciphertext only. One possible attack under the circumstances is the brute-force approach of trying all possible keys. If the key space is very large, this becomes impractical. Thus, the opponent must rely on an analysis of the ciphertext itlf, generally
applying various statistical tests to it. Known plaintext. The analyst may be able to capture one or more plaintext messages as well as their encryptions. With this knowledge, the analyst may be able to deduce the key on the basis of the way in which the known plaintext is transformed. Chon plaintext. If the analyst is able to choo the messages to encrypt, the analyst may deliberately pick patterns that can be expected to reveal the structure of the key.
2.7 An encryption scheme is unconditionally cure if the ciphertext generated by the scheme does not contain enough information to determine uniquely the corresponding plaintext, no matter how much ciphertext is available. An encryption scheme is said to be computationally cure if: (1) the cost of breaking the cipher exceeds the value of the encrypted information, and (2) the time required to break the cipher exceeds the uful lifetime of the information.
2.8 The Caesar cipher怪哉虫 involves replacing each letter of the alphabet with the letter standing k places further down the alphabet, for k in the range 1 through 25.
2.9 A monoalphabetic substitution cipher maps a plaintext alphabet to a ciphertext alphabet, so that each letter of the plaintext alphabet maps to a single unique letter of the ciphertext alphabet.
