密码编码学与网络安全(第五版)英文答案.docVIP

Chapter 1: Introduction 5 Chapter 2: Classical Encryption Techniques 7 Chapter 3: Block Ciphers and the Date Encryption Standard 13 Chapter 4: Finite Fields 21 Chapter 5: Advanced Encryption Standard 28 Chapter 6: More on Symmetric Ciphers 33 Chapter 7: Confidentiality Using Symmetric Encryption 38 Chapter 8: Introduction to Number Theory 42 Chapter 9: Public-Key Cryptography and RSA 46 Chapter 10: Key Management; Other Public-Key Cryptosystems 55 Chapter 11: Message Authentication and Hash Functions 59 Chapter 12: Hash and MAC Algorithms 62 Chapter 13: Digital Signatures and Authentication Protocols 66 Chapter 14: Authentication Applications 71 Chapter 15: Electronic Mail Security 73 Chapter 16: IP Security 76 Chapter 17: Web Security 80 Chapter 18: Intruders 83 Chapter 19: Malicious Software 87 Chapter 20: Firewalls 89 Answers to Questions 1.1 The OSI Security Architecture is a framework that provides a systematic way of defining the requirements for security and characterizing the approaches to satisfying those requirements. The document defines security attacks, mechanisms, and services, and the relationships among these categories. 1.2 Passive attacks have to do with eavesdropping on, or monitoring, transmissions. Electronic mail, file transfers, and client/server exchanges are examples of transmissions that can be monitored. Active attacks include the modification of transmitted data and attempts to gain unauthorized access to computer systems. 1.3 Passive attacks: release of message contents and traffic analysis. Active attacks: masquerade, replay, modification of messages, and denial of service. 1.4 Authentication: The assurance that the communicating entity is the one that it claims to be. Access control: The prevention of unauthorized use of a resource (i.e., this service controls who can have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do). Data confidentiality: The protection of d