- Date:17 Sep 2020
- Views:2
- Downloads:0
- Pages:17
- Size:482.26 KB

Transcription:

2016 by William Stallings,All rights reserved No part. of this document may be,reproduced in any form or,by any means or posted on. the Internet without,permission in writing from,the author Selected. solutions may be shared,with students provided,that they are not available. unsecured on the Web, 2017 Pearson Education Inc Hoboken NJ All rights reserved.

This manual contains solutions to the review,questions and homework problems in. Cryptography and Network Security Sixth,Edition If you spot an error in a solution or in. the wording of a problem I would greatly,appreciate it if you would forward the. information via email to wllmst me net An,errata sheet for this manual if needed is. available at,https www box com shared nh8hti5167 File.

name is S Crypto7e mmyy, 2017 Pearson Education Inc Hoboken NJ All rights reserved. TABLE OF CONTENTS,Chapter 1 Introduction 5,Chapter 2 Introduction to Number Theory 10. Chapter 3 Classical Encryption Techniques 18, Chapter 4 Block Ciphers and the Data Encryption Standard 27. Chapter 5 Finite Fields 38,Chapter 6 Advanced Encryption Standard 44. Chapter 7 Block Cipher Operation 51, Chapter 8 Random and Pseudorandom Number Generation and.

Stream Ciphers 57,Chapter 9 Public Key Cryptography and RSA 61. Chapter 10 Other Public Key Cryptosystems 71, 2017 Pearson Education Inc Hoboken NJ All rights reserved. CHAPTER 1 INTRODUCTION,ANSWERS TO QUESTIONS, 1 1 The OSI Security Architecture is a framework that provides a systematic. way of defining the requirements for security and characterizing the. approaches to satisfying those requirements The document defines. security attacks mechanisms and services and the relationships. among these categories, 1 2 Passive threats have to do with eavesdropping on or monitoring. transmissions Electronic mail file transfers and client server. exchanges are examples of transmissions that can be monitored Active. threats include the modification of transmitted data and attempts to. gain unauthorized access to computer systems, 1 3 Passive attacks release of message contents and traffic analysis.

Active attacks masquerade replay modification of messages and. denial of service, 1 4 Authentication The assurance that the communicating entity is the. one that it claims to be, Access control The prevention of unauthorized use of a resource i e. this service controls who can have access to a resource under what. conditions access can occur and what those accessing the resource are. allowed to do, Data confidentiality The protection of data from unauthorized. disclosure, Data integrity The assurance that data received are exactly as sent by. an authorized entity i e contain no modification insertion deletion or. Nonrepudiation Provides protection against denial by one of the. entities involved in a communication of having participated in all or part. of the communication, Availability service The property of a system or a system resource.

being accessible and usable upon demand by an authorized system. entity according to performance specifications for the system i e a. system is available if it provides services according to the system design. whenever users request them, 2017 Pearson Education Inc Hoboken NJ All rights reserved. 1 5 See Table 1 3, 1 6 Authentication The assurance that the communicating entity is the. one that it claims to be, Access control The prevention of unauthorized use of a resource i e. this service controls who can have access to a resource under what. conditions access can occur and what those accessing the resource are. allowed to do, Data confidentiality The protection of data from unauthorized. disclosure, Data integrity The assurance that data received are exactly as sent by.

an authorized entity i e contain no modification insertion deletion or. Nonrepudiation Provides protection against denial by one of the. entities involved in a communication of having participated in all or part. of the communication, Availability service The property of a system or a system resource. being accessible and usable upon demand by an authorized system. entity according to performance specifications for the system i e a. system is available if it provides services according to the system design. whenever users request them, 1 7 An attack surface consists of the reachable and exploitable. vulnerabilities in a system An attack tree is a branching hierarchical. data structure that represents a set of potential techniques for. exploiting security vulnerabilities,ANSWERS TO PROBLEMS. 1 1 The system must keep personal identification numbers confidential both. in the host system and during transmission for a transaction It must. protect the integrity of account records and of individual transactions. Availability of the host system is important to the economic well being. of the bank but not to its fiduciary responsibility The availability of. individual teller machines is of less concern, 1 2 The system does not have high requirements for integrity on individual. transactions as lasting damage will not be incurred by occasionally. losing a call or billing record The integrity of control programs and. configuration records however is critical Without these the switching. function would be defeated and the most important attribute of all. availability would be compromised A telephone switching system must. also preserve the confidentiality of individual calls preventing one caller. from overhearing another, 2017 Pearson Education Inc Hoboken NJ All rights reserved.

1 3 a The system will have to assure confidentiality if it is being used to. publish corporate proprietary material, b The system will have to assure integrity if it is being used to laws or. regulations, c The system will have to assure availability if it is being used to publish. a daily paper, 1 4 a An organization managing public information on its web server. determines that there is no potential impact from a loss of. confidentiality i e confidentiality requirements are not applicable a. moderate potential impact from a loss of integrity and a moderate. potential impact from a loss of availability, b A law enforcement organization managing extremely sensitive. investigative information determines that the potential impact from a. loss of confidentiality is high the potential impact from a loss of. integrity is moderate and the potential impact from a loss of. availability is moderate, c A financial organization managing routine administrative information.

not privacy related information determines that the potential impact. from a loss of confidentiality is low the potential impact from a loss of. integrity is low and the potential impact from a loss of availability is. d The management within the contracting organization determines that. i for the sensitive contract information the potential impact from a. loss of confidentiality is moderate the potential impact from a loss of. integrity is moderate and the potential impact from a loss of. availability is low and ii for the routine administrative information. non privacy related information the potential impact from a loss of. confidentiality is low the potential impact from a loss of integrity is. low and the potential impact from a loss of availability is low. e The management at the power plant determines that i for the. sensor data being acquired by the SCADA system there is no. potential impact from a loss of confidentiality a high potential impact. from a loss of integrity and a high potential impact from a loss of. availability and ii for the administrative information being. processed by the system there is a low potential impact from a loss. of confidentiality a low potential impact from a loss of integrity and a. low potential impact from a loss of availability Examples from FIPS. 2017 Pearson Education Inc Hoboken NJ All rights reserved. 1 5 Release Traffic Masquerade Replay Modification Denial. of analysis of messages of,message service,Peer entity Y. authentication,Data origin Y,authentication,Access control Y. Confidentiality Y,Traffic flow Y,confidentiality,Data integrity Y Y. Non repudiation Y,Availability Y, 1 6 Release Traffic Masquerade Replay Modification Denial. of analysis of messages of,message service,Encipherment Y.

Digital signature Y Y Y,Access control Y Y Y Y Y,Data integrity Y Y. Authentication Y Y Y Y,Traffic padding Y,Routing control Y Y Y. Notarization Y Y Y, 2017 Pearson Education Inc Hoboken NJ All rights reserved. Learn Cut Open Install,Combination Safe Improperly. Find Writ Get Combo,ten Combo from Target,Threaten Blackmail Eavesdrop Bribe.

Listen to Get Target to,Conversation State Combo, 1 8 We present the tree in text form call the company X. Survivability Compromise Disclosure of X proprietary secrets. OR 1 Physically scavenge discarded items from X,OR 1 Inspect dumpster content on site. 2 Inspect refuse after removal from site,2 Monitor emanations from X machines. AND 1 Survey physical perimeter to determine optimal monitoring position. 2 Acquire necessary monitoring equipment,3 Setup monitoring site. 4 Monitor emanations from site,3 Recruit help of trusted X insider.

OR 1 Plant spy as trusted insider,2 Use existing trusted insider. 4 Physically access X networks or machines,OR 1 Get physical on site access to Intranet. 2 Get physical access to external machines, 5 Attack X intranet using its connections with Internet. OR 1 Monitor communications over Internet for leakage. 2 Get trusted process to send sensitive information to attacker over Internet. 3 Gain privileged access to Web server, 6 Attack X intranet using its connections with public telephone network PTN. OR 1 Monitor communications over PTN for leakage of sensitive information. 2 Gain privileged access to machines on intranet connected via Internet. 2017 Pearson Education Inc Hoboken NJ All rights reserved. CHAPTER 2 INTRODUCTION TO NUMBER,ANSWERS TO QUESTIONS.

2 1 A nonzero b is a divisor of a if a mb for some m where a b and m. are integers That is b is a divisor of a if there is no remainder on. 2 2 It means that b is a divisor of a, 2 3 In modular arithmetic all arithmetic operations are performed modulo. some integer, 2 4 An integer p 1 is a prime number if and only if its only divisors are 1. 2 5 Euler s totient function written n is the number of positive integers. less than n and relatively prime to n, 2 6 The algorithm takes a candidate integer n as input and returns the. result composite if n is definitely not a prime and the result. inconclusive if n may or may not be a prime If the algorithm is. repeatedly applied to a number and repeatedly returns inconclusive. then the probability that the number is actually prime increases with. each inconclusive test The probability required to accept a number as. prime can be set as close to 1 0 as desired by increasing the number of. tests made, 2 7 If r and n are relatively prime integers with n 0 and if n is the. least positive exponent m such that am 1 mod n then r is called a. primitive root modulo n,2 8 The two terms are synonymous.

ANSWERS TO PROBLEMS, 2017 Pearson Education Inc Hoboken NJ All rights reserved. 2 1 The equation is the same For integer a 0 a will either be an integer. multiple of n of fall between two consecutive multiples qn and q 1 n. where q 0 The remainder satisfies the condition 0 r n. 2 2 In this diagram q is a negative integer,q 1 n a qn 3n 2n n. 2 3 a 2 b 3 c 4 There are other correct answers, 2 4 Section 2 3 defines the relationship a n a n a mod n Thus. we can define the mod operator as a mod n a n a n,a 5 mod 3 5 3 5 3 2. b 5 mod 3 5 3 5 3 1,c 5 mod 3 5 3 5 3 1,d 5 mod 3 5 3 5 3 2.

2 6 Recall Figure 2 1 and that any integer a can be written in the form. where q is some integer and r one of the numbers, Using the second definition no two of the remainders in the above list. are congruent mod n because the difference between them is less. than n and therefore n does not divide that difference Therefore two. numbers that are not congruent mod n must have different. remainders So we conclude that n divides a b if and only if a and b. are numbers that have the same remainder when divided by n. 2 7 1 2 4 6 16 12, 2017 Pearson Education Inc Hoboken NJ All rights reserved. 2 8 a This is the definition of congruence as used in Section 2 3. b The first two statements mean,a b nk b c nm,a c a b b c n k m. 2 9 a Let c a mod n and d b mod n Then,c a kn d b mn c d a b k m n. Therefore c d a b mod n,b Using the definitions of c and d from part a.

cd ab n kb ma kmn,Therefore cd a b mod n,2 10 1 1 1 2 1 3 3 1 2 4 1 4. 2 11 We have 1 1 mod 9 10 1 mod 9 102 10 10 1 1 1 mod. 9 10n 1 1 mod 9 Express N as a0 a1101 an 110n 1 Then. N a0 a1 an 1 mod 9, 2 12 a gcd 24140 16762 gcd 16762 7378 gcd 7378 2006. gcd 2006 1360 gcd 1360 646 gcd 646 68 gcd 68 34,gcd 34 0 34. 2 13 a We want to show that m 2r This is equivalent to qn r 2r. which is equivalent to qn r Since n r we must have qn r. b If you study the pseudocode for Euclid s algorithm in the text you. can see that the relationship defined by Euclid s algorithm can be. 5 CHAPTER 1 INTRODUCTION ANSWERS TO QUESTIONS 1 1 The OSI Security Architecture is a framework that provides a systematic way of defining the requirements for security and characterizing the approaches to satisfying those requirements The document defines

Recent Views:

- From personnel management to hrm key issues and challenges
- Model based real time testing of embedded automotive systems
- Employment downsizing and its alternatives
- Ccds acdis
- Kingston day commercial school kdcsa
- Company first name last name eei
- New zealand domestic vegetable production the growing story
- Reflective practice and writing a guide to getting started
- Deliverance training boot camp
- Most requested songs of 2017 dj intelligence