= 2, 3, 4, …, N Om = Fj (EK(SRm)) ; m = 2, 3, 4, …, N Cm = Om ⊕ Pm ; m = 2, 3, 4, …,
N C = C1 || C2 || C3, …, CN 解密运算程序: SR1 = IV O1 = Fj (DK(SR1)) P1 = O1 ⊕
C1 SRm = Sj (SRm-1) || Om-1 ; m = 2, 3, 4, …, N Om = Fj (DK(SRm)) ; m = 2, 3, 4, …,
N Pm = Om ⊕ Cm ; m = 2, 3, 4, …, N P = P1 || P2 || P3, …, PN
5.Consider the following method of encrypting a message using CBC mode. To
encrypt a message, one uses the algorithm for doing a CBC decryption. To decrypt a
message, one uses the algorithm for doing a CBC encryption. Would this work? How
secure is this alternative method in comparison with the normal CBC mode? (10
points)
考虑以下这种方法,通过CBC模式加密一个消息。为了加密一个消息,可以使用一个CBC
解码算法。为了解密一个消息,可以使用一个CBC加密算法。这是怎么实现的呢?这种
转换方法与一般的CBC模式比起来有多安全呢?
答:这种方式是可以的。这种方式不如通常的CBC模式安全,因为解密算法是,每个密
文组分别解密,再与上一个块密文亦或就可以恢复明文。解密算法的输入是明文,这样
的安全性就非常低。
6.What pseudo-random bit stream is generated by 64-bit OFB with a weak DES key?
(10 points)
Note: please refer to Kaufman §3.3.6 for the definition of weak key.
通过使用一个弱的DES密码加密而成的64位OFB,将产生什么伪随机的比特流呢?
注:请参考Kaufman §3.3.6相关章节弱密码的定义
答:OFB是用虚拟随机数产生器加上IV 与密钥,产生“一次性冗字填充”片段,即Ex(IV),
Ex(Ex (IV)), Ex(Ex(Ex (IV))), ...。一个弱DES Key是自己本身的反转,对于任何
一个块来说b: Ex(b) = Dx(b). So Ex(Ex(b)) = b. 应此OFB的填充序列是Ex(IV), IV,
Ex(IV), IV, ..。这样的规律导致不安全性。
7.In RSA algorithm, is it possible for more than one d to work with a given e, p, and q?
[Kaufman §6.3] (10 points)
在RSA算法中,当我们知道e,p,g,是否可能得到超过一个d?
答:不能得到,要得到d必须知道p q n e。
8.In RSA algorithm, what is the probability that something to be encrypted will not
be in Z*n? [Kaufman §7.11] (10 points)
在RSA算法中,被加密的一些不属于Z*n, ,什么情况下是可能发生的? 答:Znn-Znn - p - q +1
Zn- ZnZnp+q-2)/(n-1)
9.In the description of possible defense against Man-in-the-Middle Attack [Kaufman
§6.4.2, 3], it stated that encrypting the Diffie-Hellman value with the other sides’s
public key shall prevent the attack. Why is this case assumption that an attacker can
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
