Solution Manual For Cryptography And Network Security: Principles And Practice, 6th Edition

Page 1 of 16

Solution Manual For Cryptography And Network Security: Principles And Practice, 6th Edition - Page 1 preview image

SOLUTIONSMANUALCRYPTOGRAPHY ANDNETWORKSECURITY:PRINCIPLES ANDPRACTICESIXTHEDITIONCHAPTERS1–11

Page 2 of 16

Solution Manual For Cryptography And Network Security: Principles And Practice, 6th Edition - Page 2 preview image

Page 3 of 16

Solution Manual For Cryptography And Network Security: Principles And Practice, 6th Edition - Page 3 preview image

-4-Chapter 1Introduction .............................................................5Chapter 2Classical Encryption Techniques...................................9Chapter 3Block Ciphers and the Data Encryption Standard..........18Chapter 4Basic Concepts in Number Theory and Finite Fields ......29Chapter 5Advanced Encryption Standard ..................................39Chapter 6Block Cipher Operation.............................................46Chapter 7Pseudorandom Number Generation and Stream Ciphers 51Chapter 8Introduction to Number Theory .................................55Chapter 9Public-Key Cryptography and RSA .............................60Chapter 10Other Public-Key Cryptosystems ..............................70Chapter 11Cryptographic Hash Functions .................................74TABLE OF CONTENTS

Page 4 of 16

Solution Manual For Cryptography And Network Security: Principles And Practice, 6th Edition - Page 4 preview image

-5-CHAPTER1INTRODUCTIONANSWERS TOQUESTIONS1.1The OSI Security Architecture is a framework that provides a systematicway of defining the requirements for security and characterizing theapproaches to satisfying those requirements. The document definessecurity attacks, mechanisms, and services, and the relationshipsamong these categories.1.2 Passive attackshave to do with eavesdropping on, or monitoring,transmissions. Electronic mail, file transfers, and client/serverexchanges are examples of transmissions that can be monitored.Activeattacksinclude the modification of transmitted data and attempts togain unauthorized access to computer systems.1.3 Passive attacks:release of message contents and traffic analysis.Active attacks:masquerade, replay, modification of messages, anddenial of service.1.4 Authentication:The assurance that the communicating entity is theone that it claims to be.Access control:The prevention of unauthorized use of a resource (i.e.,this service controls who can have access to a resource, under whatconditions access can occur, and what those accessing the resource areallowed to do).Data confidentiality:The protection of data from unauthorizeddisclosure.Data integrity:The assurance that data received are exactly as sent byan authorized entity (i.e., contain no modification, insertion, deletion, orreplay).Nonrepudiation:Provides protection against denial by one of theentities involved in a communication of having participated in all or partof the communication.Availability service:The property of a system or a system resourcebeing accessible and usable upon demand by an authorized systementity, according to performance specifications for the system (i.e., asystem is available if it provides services according to the system designwhenever users request them).

Page 5 of 16

Solution Manual For Cryptography And Network Security: Principles And Practice, 6th Edition - Page 5 preview image

-6-1.5See Table 1.3.ANSWERS TOPROBLEMS1.1The system must keep personal identification numbers confidential, bothin the host system and during transmission for a transaction. It mustprotect the integrity of account records and of individual transactions.Availability of the host system is important to the economic well beingof the bank, but not to its fiduciary responsibility. The availability ofindividual teller machines is of less concern.1.2The system does not have high requirements for integrity on individualtransactions, as lasting damage will not be incurred by occasionallylosing a call or billing record. The integrity of control programs andconfiguration records, however, is critical. Without these, the switchingfunction would be defeated and the most important attribute of all -availability - would be compromised. A telephone switching system mustalso preserve the confidentiality of individual calls, preventing one callerfrom overhearing another.1.3a.The system will have to assure confidentiality if it is being used topublish corporate proprietary material.b.The system will have to assure integrity if it is being used to laws orregulations.c.The system will have to assure availability if it is being used to publisha daily paper.1.4a.An organization managing public information on its web serverdetermines that there is no potential impact from a loss ofconfidentiality (i.e., confidentiality requirements are not applicable), amoderate potential impact from a loss of integrity, and a moderatepotential impact from a loss of availability.b.A law enforcement organization managing extremely sensitiveinvestigative information determines that the potential impact from aloss of confidentiality is high, the potential impact from a loss ofintegrity is moderate, and the potential impact from a loss ofavailability is moderate.c.A financial organization managing routine administrative information(not privacy-related information) determines that the potential impactfrom a loss of confidentiality is low, the potential impact from a loss ofintegrity is low, and the potential impact from a loss of availability islow.d.The management within the contracting organization determines that:(i) for the sensitive contract information, the potential impact from aloss of confidentiality is moderate, the potential impact from a loss of

Page 6 of 16

Solution Manual For Cryptography And Network Security: Principles And Practice, 6th Edition - Page 6 preview image

-7-integrity is moderate, and the potential impact from a loss ofavailability is low; and (ii) for the routine administrative information(non-privacy-related information), the potential impact from a loss ofconfidentiality is low, the potential impact from a loss of integrity islow, and the potential impact from a loss of availability is low.e.The management at the power plant determines that: (i) for thesensor data being acquired by the SCADA system, there is nopotential impact from a loss of confidentiality, a high potential impactfrom a loss of integrity, and a high potential impact from a loss ofavailability; and (ii) for the administrative information beingprocessed by the system, there is a low potential impact from a lossof confidentiality, a low potential impact from a loss of integrity, and alow potential impact from a loss of availability. Examples from FIPS199.

Page 7 of 16

Solution Manual For Cryptography And Network Security: Principles And Practice, 6th Edition - Page 7 preview image

-8-1.5ReleaseofmessagecontentsTrafficanalysisMasqueradeReplayModificationof messagesDenialofservicePeer entityauthenticationYData originauthenticationYAccess controlYConfidentialityYTraffic flowconfidentialityYData integrityYYNon-repudiationYAvailabilityY1.6ReleaseofmessagecontentsTrafficanalysisMasqueradeReplayModificationof messagesDenialofserviceEnciphermentYDigital signatureYYYAccess controlYYYYYData integrityYYAuthenticationexchangeYYYYTraffic paddingYRouting controlYYYNotarizationYYY

Page 8 of 16

Solution Manual For Cryptography And Network Security: Principles And Practice, 6th Edition - Page 8 preview image

-9-CHAPTER2CLASSICALENCRYPTIONTECHNIQUESANSWERS TOQUESTIONS2.1Plaintext, encryption algorithm, secret key, ciphertext, decryptionalgorithm.2.2Permutation and substitution.2.3One key for symmetric ciphers, two keys for asymmetric ciphers.2.4Astream cipheris one that encrypts a digital data stream one bit orone byte at a time. Ablock cipheris one in which a block of plaintextis treated as a whole and used to produce a ciphertext block of equallength.2.5Cryptanalysis and brute force.2.6 Ciphertext only. One possible attack under these circumstances is thebrute-force approach of trying all possible keys. If the key space is verylarge, this becomes impractical. Thus, the opponent must rely on ananalysis of the ciphertext itself, generally applying various statisticaltests to it.Known plaintext.The analyst may be able to capture oneor more plaintext messages as well as their encryptions. With thisknowledge, the analyst may be able to deduce the key on the basis ofthe way in which the known plaintext is transformed.Chosenplaintext.If the analyst is able to choose the messages to encrypt, theanalyst may deliberately pick patterns that can be expected to revealthe structure of the key.2.7An encryption scheme isunconditionally secureif the ciphertextgenerated by the scheme does not contain enough information todetermine uniquely the corresponding plaintext, no matter how muchciphertext is available. An encryption scheme is said to becomputationally secureif: (1) the cost of breaking the cipher exceedsthe value of the encrypted information, and (2) the time required tobreak the cipher exceeds the useful lifetime of the information.

Page 9 of 16

Solution Manual For Cryptography And Network Security: Principles And Practice, 6th Edition - Page 9 preview image

-10-2.8TheCaesar cipherinvolves replacing each letter of the alphabet withthe letter standingkplaces further down the alphabet, forkin therange 1 through 25.2.9Amonoalphabetic substitution ciphermaps a plaintext alphabet to aciphertext alphabet, so that each letter of the plaintext alphabet mapsto a single unique letter of the ciphertext alphabet.2.10ThePlayfair algorithmis based on the use of a 5×5 matrix ofletters constructed using a keyword. Plaintext is encrypted two letters ata time using this matrix.2.11Apolyalphabetic substitution cipheruses a separatemonoalphabetic substitution cipher for each successive letter ofplaintext, depending on a key.2.12 1.There is the practical problem of making large quantities of randomkeys. Any heavily used system might require millions of randomcharacters on a regular basis. Supplying truly random characters inthis volume is a significant task.2.Even more daunting is the problem of key distribution andprotection. For every message to be sent, a key of equal length isneeded by both sender and receiver. Thus, a mammoth keydistribution problem exists.2.13Atransposition cipherinvolves a permutation of the plaintextletters.2.14Steganography involves concealing the existence of a message.ANSWERS TOPROBLEMS2.1 a.No. A change in the value ofbshifts the relationship betweenplaintext letters and ciphertext letters to the left or right uniformly,so that if the mapping is one-to-one it remains one-to-one.b.2, 4, 6, 8, 10, 12, 13, 14, 16, 18, 20, 22, 24. Any value ofalargerthan 25 is equivalent toamod 26.c.The values ofaand 26 must have no common positive integer factorother than 1. This is equivalent to saying thataand 26 are relativelyprime, or that the greatest common divisor ofaand 26 is 1. To seethis, first note that E(a,p) = E(a,q) (0≤p≤q< 26) if and only ifa(p–q) is divisible by 26.1.Suppose thataand 26 are relativelyprime. Then,a(p–q) is not divisible by 26, because there is no wayto reduce the fractiona/26 and (p–q) is less than 26.2.Suppose

Page 10 of 16

Solution Manual For Cryptography And Network Security: Principles And Practice, 6th Edition - Page 10 preview image

-11-thataand 26 have a common factork> 1. Then E(a,p) = E(a,q), ifq=p+m/k≠p.2.2There are 12 allowable values ofa(1, 3, 5, 7, 9, 11, 15, 17, 19, 21, 23,25). There are 26 allowable values ofb, from 0 through 25). Thus thetotal number of distinct affine Caesar ciphers is 12×26 = 312.2.3Assume that the most frequent plaintext letter is e and the second mostfrequent letter is t. Note that the numerical values are e = 4; B = 1; t =19; U = 20. Then we have the following equations:1 = (4a+b) mod 2620 = (19a+b) mod 26Thus, 19 = 15amod 26. By trial and error, we solve:a= 3.Then 1 = (12 +b) mod 26. By observation,b= 15.2.4A good glass in the Bishop's hostel in the Devil's seat—twenty-onedegrees and thirteen minutes—northeast and by north—main branchseventh limb east side—shoot from the left eye of the death's head— abee line from the tree through the shot fifty feet out. (fromThe GoldBug, by Edgar Allan Poe)2.5a.The first letter t corresponds to A, the second letter h corresponds toB, e is C, s is D, and so on. Second and subsequent occurrences of aletter in the key sentence are ignored. The resultciphertext:SIDKHKDM AF HCRKIABIE SHIMC KD LFEAILAplaintext:basilisk to leviathan blake is contactb.It is a monoalphabetic cipher and so easily breakable.c.The last sentence may not contain all the letters of the alphabet. Ifthe first sentence is used, the second and subsequent sentences mayalso be used until all 26 letters are encountered.2.6The cipher refers to the words in the page of a book. The first entry,534, refers to page 534. The second entry, C2, refers to column two.The remaining numbers are words in that column. The names DOUGLASand BIRLSTONE are simply words that do not appear on that page.Elementary! (fromThe Valley of Fear, by Sir Arthur Conan Doyle)

Page 11 of 16

Solution Manual For Cryptography And Network Security: Principles And Practice, 6th Edition - Page 11 preview image

-12-2.7 a.28107963145CRYPTOGAHIBEATTHETHIRDPILLARFROMTHELEFTOUTSIDETHELYCEUMTHEATRETONIGHTATSEVENIFYOUAREDISTRUSTFULBRINGTWOFRIENDS42810563719NETWORKSCUTRFHEHFTINBROUYRTUSTEAETHGISREHFTEATYRNDIROLTAOUGSHLLETINIBITIHIUOVEUFEDMTCESATWTLEDMNEDLRAPTSETERFOISRNGBUTLFRRAFRLIDLPFTIYONVSEETBEHIHTETAEYHATTUCMEHRGTAIOENTTUSRUIEADRFOETOLHMETNTEDSIFWROHUTELEITDSb.The two matrices are used in reverse order. First, the ciphertext islaid out in columns in the second matrix, taking into account theorder dictated by the second memory word. Then, the contents ofthe second matrix are read left to right, top to bottom and laid out incolumns in the first matrix, taking into account the order dictated bythe first memory word. The plaintext is then read left to right, top tobottom.c.Although this is a weak method, it may have use with time-sensitiveinformation and an adversary without immediate access to goodcryptanalysis (e.g., tactical use). Plus it doesn't require anythingmore than paper and pencil, and can be easily remembered.2.8SPUTNIK

Page 12 of 16

Solution Manual For Cryptography And Network Security: Principles And Practice, 6th Edition - Page 12 preview image

-13-2.9PT BOAT ONE OWE NINE LOST IN ACTION IN BLACKETT STRAIT TWOMILES SW MERESU COVE X CREW OF TWELVE X REQUEST ANYINFORMATION2.10a.LARGESTBCDFHI/JKMNOPQUVWXYZb.OCURENABDFGHI/JKLMPQSTVWXYZ2.11 a.UZTBDLGZPNNWLGTGTUEROVLDBDUHFPERHWQSRZb.UZTBDLGZPNNWLGTGTUEROVLDBDUHFPERHWQSRZc.A cyclic rotation of rows and/or columns leads to equivalentsubstitutions. In this case, the matrix for part a of this problem isobtained from the matrix of Problem 2.10a, by rotating the columnsby one step and the rows by three steps.2.12 a.25!≈284b.Given any 5x5 configuration, any of the four row rotations isequivalent, for a total of five equivalent configurations. For each ofthese five configurations, any of the four column rotations isequivalent. So each configuration in fact represents 25 equivalentconfigurations. Thus, the total number of unique keys is 25!/25 =24!2.13A mixed Caesar cipher. The amount of shift is determined by thekeyword, which determines the placement of letters in the matrix.

Page 13 of 16

Solution Manual For Cryptography And Network Security: Principles And Practice, 6th Edition - Page 13 preview image

-14-2.14a.We need an even number of letters, so append a "q" to the endof the message. Then convert the letters into the correspondingalphabetic positions:Meetmeattheusual1355201351202085211921112Placeattenrather161213512020514181208518Thaneightoclockq208114597820153121531117The calculations proceed two letters at a time. The first pair:C1C2!"##$%&&=9457!"#$%&135!"#$%&mod 26=137100!"#$%&mod 26=722!"#$%&The first two ciphertext characters are alphabetic positions 7 and 22,which correspond to GV. The complete ciphertext:GVUIGVKODZYPUHEKJHUZWFZFWSJSDZMUDZMYCJQMFWWUQRKRb.We first perform a matrix inversion. Note that the determinate of theencryption matrix is (9×7) – (4×5) = 43. Using the matrixinversion formula from the book:9457!"#$%&−1=1437−4−59!"#$%&mod 26=237−4−59!"#$%&mod 26=161−92−1159!"#$%&mod 26=5121525!"#$%&Here we used the fact that (43)–1= 23 in Z26. Once the inversematrix has been determined, decryption can proceed. Source:[LEWA00].

Page 14 of 16

Solution Manual For Cryptography And Network Security: Principles And Practice, 6th Edition - Page 14 preview image

-15-2.15Consider the matrixKwith elements kijto consist of the set of columnvectors Kj, where:K=k11k1nkn1knn!"####$%&&&&andKj=k1jknj!"####$%&&&&The ciphertext of the following chosen plaintextn-grams reveals thecolumns ofK:(B, A, A, …, A, A)↔K1(A, B, A, …, A, A)↔K2:(A, A, A, …, A, B)↔Kn2.16 a.7×134b.7×134c.134d.10×134e.24×132f.24×(132– 1)×13g. 37648h.23530i.1572482.17 a.(80 – 10) mod 26 = 18b.[(1×9×5) + (7×2×1) + (22×4×2) – (22×9×1) – (2×2×1)– (5×7×4)] mod 26= (45 + 14 + 176 – 198 – 4 – 140) mod 26= (–107) mod 26 = 232.18We label the matrices asAandB, respectively.a.det(A) = (44 – 3) mod 26 = 15(det(A))–1= 7, using Table E.1 of Appendix EA−1=detA()()−1cof11A()cof21A()cof12A()cof22A()"#$$%&''=7×22−3−12"#$%&'mod 26=154–21−714"#$%&'mod 26=2451914"#$%&'

Page 15 of 16

Solution Manual For Cryptography And Network Security: Principles And Practice, 6th Edition - Page 15 preview image

-16-b.det(B) =[(6×16×15) + (24×10×20) + (1×13×17) –(1×16×20) – (10×17×6) – (15×24×13)] mod 26= (1440 + 4800 + 221 – 320 – 1020 – 4680) mod 26= 441 mod 26 = 25We use the formulas from Appendix Ebij=cofjiK()detK()mod 26=17×cofjiK()mod 26b11=16101715×25mod 26=16×15−10×17()×25mod 26=5100 mod 26=8b12=−2411715×25mod 26=– 24×15−1×17()×25mod 26=–8575mod 26=5b13=2411610×25mod 26=24×10−1×16()×25mod 26=5600 mod 26=10b21=−13102015×25mod 26=– 13×15−10×20()×25mod 26=125mod 26=21b22=612015×25mod 26=6×15−1×20()×25mod 26=1750 mod 26=8b23=−611310×25mod 26=−6×10−1×13()×25mod 26=−1175mod 26=21b31=13162017×25mod 26=13×17−16×20()×25mod 26=−2475mod 26=21b32=–6242017×25mod 26=– 6×17−24×20()×25mod 26=9450 mod 26=12b33=6241316×25mod 26=6×16−24×13()×25mod 26=−5400 mod 26=8B-1=85102182121128!"###$%&&&2.19key:legleglegleplaintext:explanationciphertext:PBVWETLXOZR

Page 16 of 16

Solution Manual For Cryptography And Network Security: Principles And Practice, 6th Edition - Page 16 preview image

-17-2.20a.sendmoremoney18413312141741214134249017231521141111289141410931218232515127BECKJDMSXZPMHb.cashnotneeded201871314191344343254223221519519211284141410931218232515127BECKJDMSXZPMH2.21your package ready Friday 21st room three Please destroy thisimmediately.

Preview Mode

This document has 153 pages. Sign in to access the full document!

Report

Learning Tools

Writing Tools

Browse Resources

Solution Manual For Cryptography And Network Security: Principles And Practice, 6th Edition - Page 1

Study Now!

Document Details

Related Documents

DevOps and Its Importance Study Notes

Veeam Certified Engineer VMCE-V12

Modules 1 - 3 Basic Network Connectivity and Commu

Notes CCNA

CCNA 200-301 Portable Command Guide 5th Edition 20

CCNA 200-301 Portable Command Guide 5th Edition 22

CCNA 200-301 Portable Command Guide 5th Edition 36

Foundations of Novell Networking Section 26

Modulo 7 DHCPv4

Build and troubleshooting Integration Challenge

Company

Explore

Study Tools