密码学通宵版

天天向上论坛 【文登考研正在招生】【重大代理：陈同学（Tel：15520077447） 秦同学（Tel：15123232002）】 特别鸣谢：波哥（软件学院魅力时尚偶像老师） 1 密码学通宵版 说明： 1）根据同学们反馈的建议，考试的型主要是选择、填空、判断类型的题目以及分析，涵盖了课堂讲授的 大部分知识点。题请同学们认真思考并详细作答。 2）同学们在复习的时候不用死记硬背，因为这样让考试和备考变得非常乏味。 3）试卷几乎全部是英文，生僻词汇做了中文注解。可以用英文或中文作答。 4）为了方便阅卷，请大家将所有的答案都填写在答题纸上，并注意按照题目的序号填写答案。否则将会“损失 惨重”。 6）考试是闭卷考试，不允许携带字典、计算器。有不懂的英文单词可以问主考老师（Mr ‘Who’）。 7）考试时间为 120分钟，试卷满分为 100分，期末考试成绩和平时成绩折算后为总成绩。 8）考试的题目比作业要简化很多，大家要抽点儿时间回顾一下作业. 9）考试的时候千万不要有任何小动作，Orz! 10) go to 1 11）波哥呼吁： 若你没参加网络评教，麻烦你考试前后抽空到教务处网站上评教并给老师的教学提出反馈意见，谢谢！ 祝大家开心复习，开心考试！ 1、知识点：Active attack and Passive attack Active attacks involve some modification of the data stream or the creation of a false stream, while passive attacks are in the nature of eavesdropping on(偷听), or monitoring of, transmissions. --Release(泄露) of message contents is an example of a/an passive attack --Denial of service(拒绝服务) is an example of a/an active attack. 2、知识点：security services and mechanisms(机制) Six security services were mentioned, as Confidentiality(数据保密性 ), Integrity(完整性 ), Availability(可用性 ), Authentication(认证), Non-repudiation(不可否认性), and Access Control(访问控制). --Message Encryption/Decryption meet the need of which security service? Confidentiality -- Integrity requires the message can not be modified by unathorized party(未授权的一方) 3、知识点：cryptography and steganography(隐写术) Steganography is a technique for hiding a secret message within a larger one in such a way that others cannot discern the presence or contents of the hidden message. While Cryptography is covert the message to an un-intelligible(难懂的) form. 4、知识点：Encryption and Decryption The transformation of plaintext into ciphertext is called Encryption ,the transformation of ciphertext into plaintext is called Decryption . 5、知识点：Substitution(代换) and Transposition(置换). Traditional symmetric(对称) ciphers use two techniques: one is substitution that replaces one symbol with another, the other is transposition that changes the location of the symbols. 6、知识点：Confusion(混淆) and Defusion(扩散) Claude Shannon defined two basic properties of modern ciphers: one is confusion for making the relationship 天天向上论坛 【文登考研培训正在招生】【重大代理：陈同学（Tel：15520077447） 秦同学（Tel：15123232002）】 特别鸣谢：波哥（软件学院魅力时尚偶像老师） 2 between the key and the ciphertext as complex and involved as possible, and the other is defusion for making the redundancy in the statistics of the plaintext "dissipated" in the statistics of the ciphertext. 7、知识点：Avalanche Effect(雪崩效应) Avalanche effect is a desirable property of cryptographic algorithms or hash functions when an input is changed slightly (for example, changing a single bit) while the output changes significantly . 8、知识点：Brute-force attack The two types of attacks on an encryption algorithm are cryptanalysis and brute-force attack, which involves trying all possible keys. 9、知识点：Caesar Cipher , Playfair Cipher , Vignere Cipher Using the Caesar Cipher C(7,p), encrypt the word “Money!” The ciphertext is TVULF . Encrypt “Programming” using Playfair Cipher with a key of “code”. The ciphertext is LUDFUDSMPGMH . Encrypt “Chocolate” using a Vignere Cipher with a keyword “red” The ciphertext is TLRTSORXH . 10、知识点：Block Cipher and Stream Cipher --A block cipher is an encryption/decryption scheme in which a block of plaintext is treated as a whole and used to produce a ciphertext block of equal length, while stream cipher encrypts/decrypts data byte-by-byte or bit-by-bit. 11、知识点：DES --请复习一下 DES的作业 --DES algorithm encrypt/decrypt a 64 -bit block with a 56 -bit key. --The encryption/decryption peforms 16 rounds. --The length of round-key is 48 bits. --The four steps of a round function are①E P-box ,② XOR ,③S-box and④ S P-box .. 12、知识点：Triple-DES Please denote the encryption and decryption form of Triple-DES with 2 keys(K1 and K2). C= E(K1, D(K2, E(K1,P) )) M= D(K1,E(K2,D(K1,P))) 13、知识点：AES: --请复习一下 AES的作业 --Unlike DES, AES is not a Feistel cipher structure. --Four transformations in a round are① byte substitution ,②shift rows ,③mix columns and④ add round key . --How many S-boxes are there in AES? 1 14、知识点：modes of operation for block cipher --Which mode is recommended to distribute a session key? --Which mode is recommended to encrypt data stream in a noisy link? --Which mode can achieve Message authentication service? 15、知识点：RC4 --复习一下 RC4的作业 16、知识点：end-to-end encryption and link encryption --简要了解一下概念即可。了解加密函数放置的位置 Link encryption: physical layer, data link layer End- to-end encryption: application layer, presentation layer, session layer --For link encryption, an effective countermeasure(对策) to traffic analysis attack is traffic padding , which is 天天向上论坛 【文登考研培训正在招生】【重大代理：陈同学（Tel：15520077447） 秦同学（Tel：15123232002）】 特别鸣谢：波哥（软件学院魅力时尚偶像老师） 3 usually accomplished by using random data generator to produces ciphertext output continuously. 17、知识点：Master key and Session Key --Symmetric session key can be generated by a trusted third party (such as C, or KDC) and distributed to communication parties (such as a and b) with a symmetric master key shared by users and C 18、知识点：Diffie-Hellman Key Exchange Algorithm --复习一下 D-H作业 19、知识点：RSA --复习一下 RSA作业，了解RSA密钥生成的方法和加密解密的过程 20、知识点：Use of Public-key cipher --Public-key cipher can be used for digital signature(数字签名) and key management(密钥管理) 21、知识点：Message authentication --Message Authentication is a kind of securiy mechanism to achieve which security service？ 22、知识点：Hash Function --The cryptographic hash function involves repeated use of a compression function, which means it accepting a variable-size message M as input and producing a fixed-size hash code H(M) as output. --The output of MD5 hash function is 128 bits. 23、知识点：Digital signature --Digital signature can achieve security services confidentiality ① and ②Message Integrity, Message Authentication ,Non-repudiation --Can symmetric-key cipher be used for Digital Signature?(Yes or No)Yes 24、知识点：Kerberos --The name of Kerberos severs are Ticket granting server and Authentication server . 25、知识点：PGP -- A will send [AES(Ks, (M || RSA(KRA, SHA-1(M)))) || RSA(KUB, Ks)] to B, Which sevices are provided in this scheme? -- Review the pictures of PGP in ppt (Lecture 7) 26、知识点：Network security Protocols SSL/TLS and IPSec are common network securuty protocols. --Which one works on IP layer? IPSec --Which one works on TCP layer? SSL/TLS 27、知识点：Malicious Software --Please list three types of malicious software: computer virus , computer worms , spam 28、案例分析 -- 作为一个跨国组织的 CIO（Chief Information Officer），请你结合“计算机网络与通信"课程和"信息安全导论"课程所学 到的知识来探讨一下你对组织内部的网络信息系统的安全解决方案。-- 作为软件学院的学生，你在毕业之后受聘于 Ace 软 件公司，目前正在开发大型的基于互联网的分布式软件系统并担任一个开发小组的组长。在开发的过程中你不仅要考虑开发 团队的效率以尽可能地满足进度的需求，更要认真地思考系统安全和软件安全的问题，在最低的成本和最大限度地减少 Bug 和漏洞之间取得平衡。请问你如何保证能够尽最大可能地从软件项目开发的角度本身保证软件系统的安全？--在你以往的软 件项目开发工作中，你是否考虑了软件系统的安全性问题？你是如何解决的？--BMI软件公司目前正为一家跨国公司开发复 杂的基于 B/S架构的商业系统，该系统拥有多种角色、遍布世界各地的用户。对于系统本身而言，除了满足客户方的功能需 求之外，还需要能够提供角色和权限管理、保密通信、身份认证、数字签名、安全邮件等安全功能。作为公司的一位系统分 析师，请你集合自己所学的信息安全理论，分析一下你的软件系统将会采用哪些技术来满足这些网络安全方面的需求。