密码编码学与网络安全(第五版)英文答案

  • 格式:docx
  • 大小:28.27 KB
  • 文档页数:2

In troduct ion 5
Classical Encryp tio n Tech niq ues ........
Block Cip hers and the Date Encryp ti on Stan dard .... Fi nite Fields
Adva need Encryp ti on Stan dard ........... More on Symmetric Cip hers ................ Con fide ntiality Using Symmetric Encryp ti on In troducti on to Number Theory ........... P ublic-Key Cryp togra phy and RSA .........
Key Man ageme nt; Other P ublic-Key Cryp tosystems Message Authe nticati on and Hash Fun cti ons ..............................
Hash and MAC Algorithms ...................
Digital Sign atures and Authe nticati on P rotocols Authe nticatio n App licati
ons ...........................................
Electr onic Mail Security .................
IP Security ...............................
Web Security .............................
Intruders ................................
Malicious Software ........................
Firewalls .................................
A NSWERS TO Q UI S'TIO NS
The OSI Security Architecture is a framework that p rovides a systematic way of defi ning the requireme
nts for security and characteriz ing the app roaches to satisfy ing those requireme nts. The docume nt
defi nes security attacks, mecha ni sms, and services, and the relatio nships among these categories. Passive attacks have to do with eavesdropping on, or monitoring, transmissions. Electro nic mail, file tran sfers, and clie nt/server excha nges are exa mples of transmissions that can be monitored. Active
attacks include the modification of tran smitted data and attem pts to gai n un authorized access to
compu ter systems.
Passive attacks: release of message contents and traffic analysis. Active attacks:
masquerade, re play, modificatio n of messages, and denial of service.
Authe nticati on: The assura nee that the com muni cati ng en tity is the one that it claims to be. Access con trol: The p reve nti on of un authorized use of a resource (i.e., this service con trols who can have access to a resource, un der what con diti ons access can occur, and what the access ing the resource are allowed to do).
Data con fide ntiality: The p rotecti on of data from un authorized disclosure.
Data integrity: The assuranee that data received are exactly as sent by an authorized entity (i.e., contain no modificati on, in serti on, deleti on, or rep lay).
Nonrepudiation: Provides protection against denial by one of the entities involved in a communication
Cha pter 1: Cha pter 2: Cha pter 3: Cha pter 4: Chap ter 5: Cha pter 6: Cha pter 7: Cha pter 8: Cha pter 9: Cha pter 10: Cha pter 11: Cha pter 12: Cha pter 13: Cha pter 14: Cha pter 15: Cha pter 16: Cha pter 17: Cha pter 18: Cha pter 19: Cha pter 20:
.......7 ..13 ..... 21 ....28 .....33 38 .... 42 .
..46 .....
..55 (59)
....62 ...
(66)
■ ...71 .
(73)
(76)
(80)
(83)
(87)
(89)
1.1 1.2 1.3 1.4
se
of having participated in all or part of the communication.
Availability service: The property of a system or a system resource being accessible and usable upon demand by an authorized system entity, according to performance specifications for the system (i.e., a system is available if it provides services according to the system design whenever users request them).
1.5 See Table 1.3.。