【正文】 blickey cryptosystem? Plaintext: This is the readable message or data that is fed into the algorithm as input. Encryption algorithm: The encryption algorithm performs various transformations on the plaintext. Public and private keys: This is a pair of keys that have been selected so that if one is used for encryption, the other is used for decryption. The exact transformations performed by the encryption algorithm depend on the public or private key that is provided as input. Ciphertext: This is the scrambled message produced as output. It depends on the plaintext and the key. For a given message, two different keys will produce two different ciphertexts. Decryption algorithm: This algorithm accepts the ciphertext and the matching key and produces the original plaintext. List and briefly define three uses of a publickey cryptosystem. Encryption/decryption: The sender encrypts a message with the recipient39。 … K[255]= 2. If a bit error occurs in the transmission of a ciphertext character in 8bit CFB mode, how far does the error propagate? Nine plaintext characters are affected. The plaintext character corresponding to the ciphertext character is obviously altered. In addition, the altered ciphertext character enters the shift register and is not removed until the next eight characters are processed. Key distribution schemes using an access control center and/or a key distribution center have central points vulnerable to attack. Discuss the security implications of such centralization. The central points should be highly faulttolerant, should be physically secured, and should use trusted hardware/software. 8 Chapter 3 PublicKey Cryptography and Message Authentication ANSWERS NSWERS TO QUESTIONS List three approaches to message authentication. Message encryption, message authentication code, hash function. What is message authentication code? An authenticator that is a cryptographic function of both the data to be authenticated and a secret key. Briefly describe the three schemes illustrated in . (a) A hash code is puted from the source message, encrypted using symmetric encryption and a secret key, and appended to the message. At the receiver, the same hash code is puted. The ining code is decrypted using the same key and pared with the puted hash code. (b) This is the same procedure as in (a) except that publickey encryption is used。M=8 d. p=11。 C = 57. d. n = 143。s private key). If the confidentiality service is used, the message plus signature (if present) are encrypted (with a onetime symmetric key). Thus, part or all of the resulting block consists of a stream of arbitrary 8bit octets. However, many electronic mail systems only permit the use of blocks consisting of ASCII text. Why is the segmentation and reassembly function in PGP needed? Email facilities often are restricted to a maximum message length. How does PGP use the concept of trust? PGP includes a facility for assigning a level of trust to individual signers and to keys. What is RFC822? RFC 822 defines a format for text messages that are sent using electronic mail. What is MIME? MIME is an extension to the RFC 822 framework that is intended to address some of the problems and limitations of the use of SMTP (Simple Mail Transfer Protocol) or some other mail transfer protocol and RFC 822 for electronic mail. What is S/MIME? S/MIME (Secure/Multipurpose Inter Mail Extension) is a security enhancement to the MIME Inter format standard, based on technology from RSA Data Security. ANSWERS NSWERS TO PROBLEMS In the PGP scheme, what is the expected number of session keys generated before a previously created key is produced? This is just another form of the birthday paradox discussed in Appendix 11A. Let us state the problem as one of determining what number of session keys 18 must be generated so that the probability of a duplicate is greater than . From Equation () in Appendix 11A, we have the approximation:?k ? ??n For a 128bit key, there are 2128 possible keys. Therefore?k ? ??2128 ? ??264 The first 16 bits of the message digest in a PGP signature are translated in the clear. a. To what extent does this promise the security of the hash algorithm? b. To what extent does it in fact perform its intended function, namely, to help determine if the correct RSA key was used to decrypt the digest? a. Not at all. The message digest is encrypted with the sender39。 C = 26. b. n = 55。M=5 b. p=5。 1 《網(wǎng)絡安全技術》 英文習題集 目錄 Chapter 1 Introduction ................................................................................................... 2 Chapter2 Symmetric Encryptionand Message Confidentiality .................................................. 5 Chapter 3 PublicKey Cryptography and Message Authentication ........................................ 8 Chapter 4 Authentication Applications ........................................................................... 13 Chapter 5 Electronic Mail Security ................................................................................ 16 Chapter 6 IP Security ................................................................................................... 20 Chapter 7 Web Security.................................................................................................. 24 Chapter 8 Network Management Security ........................................................................ 28 Chapter 9 Intruders ........................................................................................................ 33 Chapter 10 Malicious Software ....................................................................................... 36 Chapter 11 Firewalls ..........