我在英國日不落

2003    Fall Network Security Midterm Exam

1.[Public-key Cryptosystem]
        Draw the public-key cryptosystem with secrecy and authentication.(10%)
                ans: Fgure 9.4 (p. 265)

2.[DES]
        (a) Draw the diagram of the single round of DES algorithm.    (10%)
                ans: Figure 3.8(p. 77)

        (b) Explain what Avalanche Effect is.                                   ( 5%)
                ans: A smallchange in either the plaintext or the key should produce
                       a significant change in the ciphertext.
                       key或plaintext的細微改變會使ciphertext明顯變化。(p. 80)

        (c) Draw the diagram of Cipher Block Chaining (CBC) mode. (10%)
                ans: Figure 3.12(p. 93)

3.[Cryptanalysis]
        (a) Explain what unconditionally secure is.                         ( 4%)
                ans: the ciphertext provides insufficient information to uniquely determine
                       the corresponding plaintext.
                       ciphertext的資訊不足，無法決定相對唯一的一組plaintext。
        (b) One-Time Pad is the only unconditionally secure scheme.
             However ,there are two problems that make One-Time Pad
             unpractical to use. What are the two problems?             ( 8%)
                ans: (1). problem of making large amount of random keys required
                             資料多大，key就需要多大
                       (2). problem of key distribution and protection
                             運送資料時，需運送同等大小的key，保護不易。

        (c) Explain what computationally secure is.
             Answer this question in two aspects.                            ( 8%)
                ans:(1). The cost of breaking the cipher exceeds the value of the
                            encrypted information.
                            破解密文的成本大於資訊的價值。
                      (2). The time required to break the cipher exceeds the useful
                            lifetime of the information
                            破解密文的時間超過明文的資訊有效期。

4.[Message Authentication]
        (a) Draw the diagram of the internal error control uses a frame
             check sequence for message authentication.                 (10%)
                這啥鬼？

        (b) Assume that we remove the encryption function from the internal
             error control diagram. Can the resultant diagram be used for
             message authentication. Explain.                                 ( 5%)
                這鬼還出現兩次。

        (c) Assume that Alice wants to send a message M to Bob. Alice sends
            Ｅkub(Ｍ) to Bob ,where ＫＵb is Bob's public key. Can Bob verify
             whether this message was sent by Alice or not. Explain.( 5%)
                ans: 不能，因為Bob's public key是公開的，
                       任何人都可以使用他來加密message。

5.[Public-Key Applications]
        What are the three categories of public-key application?      (15%)
        ans: (1). Encryption/decryption:
                        The sender encrypt a message with the recipient's public key.
                        sender用recipient的public key加密訊息。
               (2). Digital signature:
                        The sender "signs" a message with its private.
                        sender用自己的private key加密訊息。
               (3). Key exchange:
                        Two sides cooperate to exchange a session key.
                        雙方交換同一把session key

6.[RSA Encryption]
        Let M denote the plaintext, and C denote the ciphertext.
        Write down the two mathemmatical formulas for the following two questions.
        (a) How can you encrypt M to get C ?                                ( 5%)
                ans: C = M^e mod n.

        (b) How can you decrypt C to fet M ?                                 ( 5%)
             // For (b) ,you need to write down how you get the formula.
                ans: M = C^d mod n = (M^e)^d mod n = M^ed mod n