(英文版)网络安全技术习题集

(英文版)网络安全技术习题集内容摘要：

ts a message with the recipient39。 s public key. Digital signature: The sender signs a message with its private key. Signing is achieved by a cryptographic algorithm applied to the message or to a small block of data that is a function of the message. Key exchange: Two sides cooperate to exchange a session key. Several different approaches are possible, involving the private key(s) of one or both parties. What is the difference between a private key and a secret key? The key used in conventional encryption is typically referred to as a secret key. The two keys used for publickey encryption are referred to as the public key and the private key. What is digital signature? A digital signature is an authentication mechanism that enables the creator of a message to attach a code that acts as a signature. The signature is formed by taking the hash of the message and encrypting the message with the creator39。 s private key. The signature guarantees the source and integrity of the message. 10 What is a publickey certificate? A pubickey certificate consists of a public key plus a User ID of the key owner, with the whole block signed by a trusted third party. Typically, the third party is a certificate authority (CA) that is trusted by the user munity, such as a government agency or a financial institution. How can publickey encryption be used to distribute a secret key? Several different approaches are possible, involving the private key(s) of one or both parties. One approach is DiffieHellman key exchange. Another approach is for the sender to encrypt a secret key with the recipient39。 s public key. ANSWERS NSWERS TO PROBLEMS Consider a 32bit hash function defined as the concatenation of two 16bit functions: XOR and RXOR, defined in Section as “two simple hash function.” a. Will this checksum detect all errors caused by an odd number of error bits? Explain. b. Will this checksum detect all errors caused by an even number of error bits? If not, characterize the error patterns that will cause the checksum to fail. c. Comments on the effectiveness of this function for use a hash functions for authentication. a. Yes. The XOR function is simply a vertical parity check. If there is an odd number of errors, then there must be at least one column that contains an odd number of errors, and the parity bit for that column will detect the error. Note that the RXOR function also catches all errors caused by an odd number of error bits. Each RXOR bit is a function of a unique spiral of bits in the block of data. If there is an odd number of errors, then there must be at least one spiral that contains an odd number of errors, and the parity bit for that spiral will detect the error. b. No. The checksum will fail to detect an even number of errors when both the XOR and RXOR functions fail. In order for both to fail, the pattern of error bits must be at intersection points between parity spirals and parity columns such that there is an even number of error bits in each parity column and an even 11 number of error bits in each spiral. c. It is too simple to be used as a secure hash function。 finding multiple messages with the same hash function would be too easy. Suppose H (m) is a collision resistant hash function that maps a message of arbitrary bit length into an nbit hash value. Is it true that, for all messages x, x’ with x≠x’,we have H(x)≠H(x’)?Explain your answer. The statement is false. Such a function cannot be onetoone because the number of inputs to the function is of arbitrary, but the number of unique outputs is 2n. Thus, there are multiple inputs that map into the same output. Perform encryption and decryption using the RSA algorithm, as in , for the following: a. p=3。 q=11。 e=7。 M=5 b. p=5。 q=11。 e=3。 M=9 c. p=7。 q=11。 e=17。 M=8 d. p=11。 q=13。 e=11。 M=7 e. p=17。 q=31。 e=7。 M=: Decryption is not as hard as you think。 use some finesse. a. n = 33。 (n) = 20。 d = 3。 C = 26. b. n = 55。 (n) = 40。 d = 27。 C = 14. c. n = 77。 (n) = 60。 d = 53。 C = 57. d. n = 143。 (n) = 120。 d = 11。 C = 106. e. n = 527。 (n) = 480。 d = 343。 C = 128. For decryption, we have 128343 mod 527 = 128256 12864 12816 1284 1282 1281 mod 527 = 35 256 35 101 47 128 = 2 mod 527 = 2 mod 257 In a publickey system using RSA, you intercept the cipher text C=10 sent to a user whose public key is e=5, n= is the plaintext M? M = 5 In an RSA system, the public key of a given user is e=31, n= is the private key of this user? d = 3031 Suppose we have a set of blocks encoded with the RSA algorithm and we don’t have the private key, Assume n=pq, e is the public key. 12 Suppose also someone tells us they know one of the plaintext blocks has a mon factor with n. Does this help us in any way? Yes. If a plaintext block has a mon factor with n modulo n then the encoded block will also have a mon factor with n modulo n. Because we encode blocks that are smaller than pq, the factor must be p or q and the plaintext block must be a multiple of p or q. We can test each block for primality. If prime, it is p or q. In this case we divide into n to find the other factor. If not prime, we factor it and try the factors as divisors of n. Consider a DiffieHellman scheme with a mon prime q=11 and a primitive root a=2. a. If user A has public key YA=9, what is A’s private key XA? b. If user B has public key YB=3, what is the shared secret key K? a. XA = 6 b. K = 3 13 Chapter 4 Authentication Applications ANSWERS NSWERS TO QUESTIONS What problem was Kerberos designed to address? The problem that Kerberos addresses is this: Assume an open distributed environment in which users at workstations wish to access services。