Security Services & Mechanisms
1.You are asked to design the simplest curity system possible bad on the following Internet
architecture for regulating and protecting web-bad communications among the employees of a multi-national corporation. Your system should fulfill the following curity policies:
Only authorized employees can access
the cure rver in the main office.
Only authorized clients using specific
foreign hosts can communicate with
employees in the main and local offices.
Communication between employees in
the local and main offices via the global
Internet must be protected from eaves-
dropping by outsiders.
Mobile hosts ud by employees on the
road must be verified before they are
学生计算器
allowed to communicate with employees
in the main and local offices.
Plea identify the esntial curity rvices
that must be provided by your curity
system. Plea also specify the locations to
扒肉条的做法
deploy the rvices. (50 pts.) Hint: Assume the employees working in the main and local offices are trustworthy. Also, assume that the communications between main and local offices are susceptible to both eavesdropping and message alterations.甲午中日战争的影响
2.Protocol designer Random J. was told to design a scheme to prevent messages from being
七字词语>转作风心得体会modified by an intruder. Random J. decided to append to each message a hash (message digest) of that message. Why doesn’t this solve the problem? (We know of a protocol that ud this technique in an attempt to gain curity). (10 pts.)
3.Suppo Alice, Bob and Carol want to u cret key technology to authenticate each other. If
they all ud the same cret key K, then Bob could impersonate Carol to Alice (actually, any of the three can impersonate the other to the third). If each of them also had their own cret key, so Alice us K A, Bob us K B and Carol us K C. This means that each one of them can respond to an authentication challenge with a respon computed with his/her cret key and the challenge in order to prove his/her identity. Is this new approach more cure than the old method, in which all three of them u the same cret key K? (10 pts.) Hint: what does Alice need to know in order to verify Carol’s answer to Alice’s challen ge?
4.When one signs an electronic document using digital signature, one often performs the signature
operation on a message digest produced by passing the document through a cryptographically strong hash function. Plea explain why it is important that it is difficult to find two documents with the same message digest. (10 pts.)
中药五味子5.Assume there exists a cryptography algorithm in which the performance of the good guys (with
the encryption/decryption keys) grows linearly with the length of the keys and the only way for
the bad guys (without the keys) to break the algorithm is to try all possible keys. To begin with, the g
叶圣陶的代表作品
管仲名言ood guys have adequate computing power to encrypt and decrypt the message as fast as they are transmitted and received. Now, advances in computing technology allow both the good guys and the bad guys to have computers that work twice as fast as the old ones. Does this increa in computer speed works to the advantage of the good guys, the bad guys or makes no difference at all? (10 pts.)
6.In the class, we learned about how to perform challenge-respon authentication using public key
digital signature. As mentioned, there is a similar scheme that us public key encryption. Could you design that scheme? [Hint: the responder still has to perform an operation only he/she can do.]
(10 pts.)
