网络安全技术英文习题集网络安全技术文档格式.docx

网络安全技术英文习题集网络安全技术文档格式.docx

《网络安全技术英文习题集网络安全技术文档格式.docx》由会员分享，可在线阅读，更多相关《网络安全技术英文习题集网络安全技术文档格式.docx（25页珍藏版）》请在冰豆网上搜索。

releaseofmessagecontentsandtrafficanalysis.Activeattacks:

masquerade,replay,modificationofmessages,anddenialofservice.

1.4Listsandbrieflydefinecategoriesofsecurityservice?

Authentication:

Theassurancethatthecommunicatingentityistheonethatitclaimstobe.

Accesscontrol:

Thepreventionofunauthorizeduseofaresource（i.e.,thisservicecontrolswhocanhaveaccesstoaresource,underwhatconditionsaccesscanoccur,andwhatthoseaccessingtheresourceareallowedtodo）.

Dataconfidentiality:

Theprotectionofdatafromunauthorizeddisclosure.

Dataintegrity:

Theassurancethatdatareceivedareexactlyassentbyanauthorizedentity（i.e.,containnomodification,insertion,deletion,orreplay）.

Nonrepudiation:

Providesprotectionagainstdenialbyoneoftheentitiesinvolvedinacommunicationofhavingparticipatedinallorpartofthecommunication.

Availabilityservice:

Thepropertyofasystemorasystemresourcebeingaccessibleandusableupondemandbyanauthorizedsystementity,accordingtoperformancespecificationsforthesystem（i.e.,asystemisavailableifitprovidesservicesaccordingtothesystemdesignwheneverusersrequestthem）.

Chapter2SymmetricEncryptionandMessageConfidentiality

2.1Whataretheessentialingredientsofasymmetriccipher?

Plaintext,encryptionalgorithm,secretkey,ciphertext,decryptionalgorithm.

2.2Whatarethetwobasicfunctionsusedinencryptionalgorithms?

Permutationandsubstitution.

2.3Howmanykeysarerequiredfortwopeopletocommunicateviaasymmetriccipher?

Onesecretkey.

2.4Whatisthedifferencebetweenablockcipherandastreamcipher?

Astreamcipherisonethatencryptsadigitaldatastreamonebitoronebyteatatime.Ablockcipherisoneinwhichablockofplaintextistreatedasawholeandusedtoproduceaciphertextblockofequallength.

2.5Whatarethetwogeneralapproachestoattackingacipher?

Cryptanalysisandbruteforce.

2.6Whydosomeblockciphermodesofoperationonlyuseencryptionwhileothersusebothencryptionanddecryption?

Insomemodes,theplaintextdoesnotpassthroughtheencryptionfunction,butisXORedwiththeoutputoftheencryptionfunction.Themathworksoutthatfordecryptioninthesecases,theencryptionfunctionmustalsobeused.

2.7Whatistripleencryption?

Withtripleencryption,aplaintextblockisencryptedbypassingitthroughanencryptionalgorithm;

theresultisthenpassedthroughthesameencryptionalgorithmagain;

theresultofthesecondencryptionispassedthroughthesameencryptionalgorithmathirdtime.Typically,thesecondstageusesthedecryptionalgorithmratherthantheencryptionalgorithm.

2.8Whyisthemiddleportionof3DESadecryptionratherthananencryption?

Thereisnocryptographicsignificancetotheuseofdecryptionforthesecond

stage.Itsonlyadvantageisthatitallowsusersof3DEStodecryptdataencryptedbyusersoftheoldersingleDESbyrepeatingthekey.

2.9Whatisthedifferencebetweenlinkandend-to-endencryption?

Withlinkencryption,eachvulnerablecommunicationslinkisequippedonbothendswithanencryptiondevice.Withend-to-endencryption,theencryptionprocessiscarriedoutatthetwoendsystems.Thesourcehostorterminalencryptsthedata;

thedatainencryptedformarethentransmittedunalteredacrossthenetworktothedestinationterminalorhost.

2.10Listwaysinwhichsecretkeyscanbedistributedtotwocommunicatingparties.

FortwopartiesAandB,keydistributioncanbeachievedinanumberofways,asfollows:

（1）AcanselectakeyandphysicallydeliverittoB.

（2）AthirdpartycanselectthekeyandphysicallydeliverittoAandB.

（3）IfAandBhavepreviouslyandrecentlyusedakey,onepartycantransmitthenewkeytotheother,encryptedusingtheoldkey.

（4）IfAandBeachhasanencryptedconnectiontoathirdpartyC,CcandeliverakeyontheencryptedlinkstoAandB.

2.11Whatisthedifferencebetweenasessionkeyandamasterkey?

Asessionkeyisatemporaryencryptionkeyusedbetweentwoprincipals.Amasterkeyisalong-lastingkeythatisusedbetweenakeydistributioncenterandaprincipalforthepurposeofencodingthetransmissionofsessionkeys.Typically,themasterkeysaredistributedbynoncryptographicmeans.

2.12Whatisakeydistributioncenter?

Akeydistributioncenterisasystemthatisauthorizedtotransmittemporarysessionkeystoprincipals.Eachsessionkeyistransmittedinencryptedform,usingamasterkeythatthekeydistributioncentershareswiththetargetprincipal.

ANSWERSNSWERSTOPROBLEMS

2.1WhatRC4keyvaluewillleaveSunchangedduringinitialization?

Thatis,aftertheinitialpermutationofS,theentriesofSwillbeequaltothevaluesfrom0through255inascendingorder.

Useakeyoflength255bytes.Thefirsttwobytesarezero;

thatisK[0]=K[1]=0.Thereafter,wehave:

K[2]=255;

K[3]=254;

…K[255]=2.

2.2Ifabiterroroccursinthetransmissionofaciphertextcharacterin8-bitCFBmode,howfardoestheerrorpropagate?

Nineplaintextcharactersareaffected.Theplaintextcharactercorrespondingtotheciphertextcharacterisobviouslyaltered.Inaddition,thealteredciphertextcharacterenterstheshiftregisterandisnotremoveduntilthenexteightcharactersareprocessed.

2.3Keydistributionschemesusinganaccesscontrolcenterand/orakeydistributioncenterhavecentralpointsvulnerabletoattack.Discussthesecurityimplicationsofsuchcentralization.

Thecentralpointsshouldbehighlyfault-tolerant,shouldbephysicallysecured,andshouldusetrustedhardware/software.

Chapter3Public-KeyCryptographyandMessageAuthentication

3.1Listthreeapproachestomessageauthentication.

Messageencryption,messageauthenticationcode,hashfunction.

3.2Whatismessageauthenticationcode?

Anauthenticatorthatisacryptographicfunctionofboththedatatobeauthenticatedandasecretkey.

3.3BrieflydescribethethreeschemesillustratedinFigture3.2.

（a）Ahashcodeiscomputedfromthesourcemessage,encryptedusingsymmetricencryptionandasecretkey,andappendedtothemessage.Atthereceiver,thesamehashcodeiscomputed.Theincomingcodeisdecryptedusingthesamekeyandcomparedwiththecomputedhashcode.（b）Thisisthesameprocedureasin（a）exceptthatpublic-keyencryptionisused;

thesenderencryptsthehashcodewiththesender'

sprivatekey,andthereceiverdecryptsthehashcodewiththesender'

spublickey.（c）Asecretvalueisappendedtoamessageandthenahashcodeiscalculatedusingthemessageplussecretvalueasinput.Thenthemessage（withoutthesecretvalue）andthehashcodearetransmitted.Thereceiverappendsthesamesecretvaluetothemessageandcomputesthehashvalueoverthemessageplussecretvalue.Thisisthencomparedtothereceivedhashcode.

3.4Whatpropertiesmustahashfunctionhavetobeusefulformessageauthentication?

（1）Hcanbeappliedtoablockofdataofanysize.

（2）Hproducesafixed-lengthoutput.

（3）H（x）isrelativelyeasytocomputeforanygivenx,makingbothhardwareandsoftwareimplementationspractical.

（4）Foranygivenvalueh,itiscomputationallyinfeasibletofindxsuchthatH（x）=h.Thisissometimesreferredtointheliteratureastheone-wayproperty.

（5）Foranygivenblockx,itiscomputationallyinfeasibletofindy≠xwithH（y）=H（x）.

（6）Itiscomputationallyinfeasibletofindanypair（x,y）suchthatH（x）=H（y）.

3.5Inthecontextofahashfunction,whatisacompressionfunction?

Thecompressionfunctionisthefundamentalmodule,orbasicbuildingblock,ofahashfunction.Thehashfunctionconsistsofiteratedapplicationofthecompressionfunction.

3.6Whataretheprincipalingredientsofapublic-keycryptosystem?

Plaintext:

Thisisthereadablemessageordatathatisfedintothealgorithmasinput.Encryptionalgorithm:

Theencryptionalgorithmperformsvarioustransformationsontheplaintext.Publicandprivatekeys:

Thisisapairofkeysthathavebeenselectedsothatifoneisusedforencryption,theotherisusedfordecryption.Theexacttransformationsperformedbytheencryptionalgorithmdependonthepublicorprivatekeythatisprovidedasinput.Ciphertext:

Thisisthescrambledmessageproducedasoutput.Itdependsontheplaintextandthekey.Foragivenmessage,twodifferentkeyswillproducetwodifferentciphertexts.Decryptionalgorithm:

Thisalgorithmacceptstheciphertextandthematchingkeyandproducestheoriginalplaintext.

3.7Listandbrieflydefinethreeusesofapublic-keycryptosystem.

Encryption/decryption:

Thesenderencryptsamessagewiththerecipient'

spublickey.Digitalsignature:

Thesender"

signs"

amessagewithitsprivatekey.