Scribd
Upload
1K views6 pages

Answers To Problems For Cryptography and Network Security, 7th Edition by Stallings

Unlock the secrets to mastering the challenges in Cryptography and Network Security with our comprehensive guide to the exercises and problems presented in the 7th Edition of Stallings' authoritative textbook. This resource provides clear, step-by-step answers and detailed explanations to help you understand the complex concepts of cryptography, network security, and data protection. Whether you're studying for an exam or working through assignments, our collection of solutions for problems off

Uploaded by

civileng2020
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
1K views6 pages

Answers To Problems For Cryptography and Network Security, 7th Edition by Stallings

Unlock the secrets to mastering the challenges in Cryptography and Network Security with our comprehensive guide to the exercises and problems presented in the 7th Edition of Stallings' authoritative textbook. This resource provides clear, step-by-step answers and detailed explanations to help you understand the complex concepts of cryptography, network security, and data protection. Whether you're studying for an exam or working through assignments, our collection of solutions for problems off

Uploaded by

civileng2020
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

You can access complete document on following URL.

Contact me if site not loaded


https://unihelp.xyz/

CHAPTER 1 INTRODUCTION
sm
ANSWERS TO QUESTIONS
1.1 The OSI Security Architecture is a framework that provides a systematic
way of defining the requirements for security and characterizing the
tb9
approaches to satisfying those requirements. The document defines
security attacks, mechanisms, and services, and the relationships
among these categories.

1.2 Passive threats have to do with eavesdropping on, or monitoring,


transmissions. Electronic mail, file transfers, and client/server
8@
exchanges are examples of transmissions that can be monitored. Active
threats include the modification of transmitted data and attempts to
gain unauthorized access to computer systems.

1.3 Passive attacks: release of message contents and traffic analysis.


Active attacks: masquerade, replay, modification of messages, and
denial of service.
gm

1.4 Authentication: The assurance that the communicating entity is the


one that it claims to be.
Access control: The prevention of unauthorized use of a resource (i.e.,
this service controls who can have access to a resource, under what
conditions access can occur, and what those accessing the resource are
ail

allowed to do).
Data confidentiality: The protection of data from unauthorized
disclosure.
Data integrity: The assurance that data received are exactly as sent by
.co

an authorized entity (i.e., contain no modification, insertion, deletion, or


replay).
Nonrepudiation: Provides protection against denial by one of the
entities involved in a communication of having participated in all or part
of the communication.
Availability service: The property of a system or a system resource
m

being accessible and usable upon demand by an authorized system


entity, according to performance specifications for the system (i.e., a
system is available if it provides services according to the system design
whenever users request them).

-5-
Contact me in order to access the whole complete document - Email: [email protected]
WhatsApp: https://wa.me/message/2H3BV2L5TTSUF1 - Telegram: https://t.me/solutionmanual
1.5 See Table 1.3.

1.6 Authentication: The assurance that the communicating entity is the


one that it claims to be.
Access control: The prevention of unauthorized use of a resource (i.e.,
this service controls who can have access to a resource, under what
conditions access can occur, and what those accessing the resource are
allowed to do).
Data confidentiality: The protection of data from unauthorized
disclosure.
Data integrity: The assurance that data received are exactly as sent by
an authorized entity (i.e., contain no modification, insertion, deletion, or
replay).
Nonrepudiation: Provides protection against denial by one of the
entities involved in a communication of having participated in all or part
of the communication.
Availability service: The property of a system or a system resource
being accessible and usable upon demand by an authorized system
entity, according to performance specifications for the system (i.e., a
system is available if it provides services according to the system design
whenever users request them).

1.7 An attack surface consists of the reachable and exploitable


vulnerabilities in a system. An attack tree is a branching, hierarchical
data structure that represents a set of potential techniques for
exploiting security vulnerabilities.

ANSWERS TO PROBLEMS
1.1 The system must keep personal identification numbers confidential, both
in the host system and during transmission for a transaction. It must
protect the integrity of account records and of individual transactions.
Availability of the host system is important to the economic well being
of the bank, but not to its fiduciary responsibility. The availability of
individual teller machines is of less concern.

1.2 The system does not have high requirements for integrity on individual
transactions, as lasting damage will not be incurred by occasionally
losing a call or billing record. The integrity of control programs and
configuration records, however, is critical. Without these, the switching
function would be defeated and the most important attribute of all -
availability - would be compromised. A telephone switching system must
also preserve the confidentiality of individual calls, preventing one caller
from overhearing another.

-6-
1.3 a. The system will have to assure confidentiality if it is being used to
publish corporate proprietary material.
b. The system will have to assure integrity if it is being used to laws or
regulations.
c. The system will have to assure availability if it is being used to publish
a daily paper.

1.4 a. An organization managing public information on its web server


determines that there is no potential impact from a loss of
confidentiality (i.e., confidentiality requirements are not applicable), a
moderate potential impact from a loss of integrity, and a moderate
potential impact from a loss of availability.
b. A law enforcement organization managing extremely sensitive
investigative information determines that the potential impact from a
loss of confidentiality is high, the potential impact from a loss of
integrity is moderate, and the potential impact from a loss of
availability is moderate.
c. A financial organization managing routine administrative information
(not privacy-related information) determines that the potential impact
from a loss of confidentiality is low, the potential impact from a loss of
integrity is low, and the potential impact from a loss of availability is
low.
d. The management within the contracting organization determines that:
(i) for the sensitive contract information, the potential impact from a
loss of confidentiality is moderate, the potential impact from a loss of
integrity is moderate, and the potential impact from a loss of
availability is low; and (ii) for the routine administrative information
(non-privacy-related information), the potential impact from a loss of
confidentiality is low, the potential impact from a loss of integrity is
low, and the potential impact from a loss of availability is low.
e. The management at the power plant determines that: (i) for the
sensor data being acquired by the SCADA system, there is no
potential impact from a loss of confidentiality, a high potential impact
from a loss of integrity, and a high potential impact from a loss of
availability; and (ii) for the administrative information being
processed by the system, there is a low potential impact from a loss
of confidentiality, a low potential impact from a loss of integrity, and a
low potential impact from a loss of availability. Examples from FIPS
199.

-7-
1.5 Release Traffic Masquerade Replay Modification Denial
of analysis of messages of
message service
contents
Peer entity Y
authentication
Data origin Y
authentication
Access control Y
Confidentiality Y
Traffic flow Y
confidentiality
Data integrity Y Y
Non-repudiation Y
Availability Y

1.6 Release Traffic Masquerade Replay Modification Denial


of analysis of messages of
message service
contents
Encipherment Y
Digital signature Y Y Y
Access control Y Y Y Y Y
Data integrity Y Y
Authentication Y Y Y Y
exchange
Traffic padding Y
Routing control Y Y Y
Notarization Y Y Y

1.7

-8-
Open Safe

Learn Cut Open Install


Pick Lock
Combination Safe Improperly

Find Writ- Get Combo


ten Combo from Target

Threaten Blackmail Eavesdrop Bribe

Listen to Get Target to


Conversation State Combo

1.8 We present the tree in text form; call the company X:


Survivability Compromise: Disclosure of X proprietary secrets
OR 1. Physically scavenge discarded items from X
OR 1. Inspect dumpster content on-site
2. Inspect refuse after removal from site
2. Monitor emanations from X machines
AND 1. Survey physical perimeter to determine optimal monitoring position
2. Acquire necessary monitoring equipment
3. Setup monitoring site
4. Monitor emanations from site
3. Recruit help of trusted X insider
OR 1. Plant spy as trusted insider
2. Use existing trusted insider
4. Physically access X networks or machines
OR 1. Get physical, on-site access to Intranet
2. Get physical access to external machines
5. Attack X intranet using its connections with Internet
OR 1. Monitor communications over Internet for leakage
2. Get trusted process to send sensitive information to attacker over Internet
3. Gain privileged access to Web server
6. Attack X intranet using its connections with public telephone network (PTN)
OR 1. Monitor communications over PTN for leakage of sensitive information
2. Gain privileged access to machines on intranet connected via Internet

-9-
CHAPTER 2 INTRODUCTION TO NUMBER
THEORY

ANSWERS TO QUESTIONS
2.1 A nonzero b is a divisor of a if a = mb for some m, where a, b, and m
are integers. That is, b is a divisor of a if there is no remainder on
division.

2.2 It means that b is a divisor of a.

2.3 In modular arithmetic, all arithmetic operations are performed modulo


some integer.

2.4 An integer p > 1 is a prime number if and only if its only divisors are ±1
and ±p.

2.5 Euler's totient function, written φ(n), is the number of positive integers
less than n and relatively prime to n.

2.6 The algorithm takes a candidate integer n as input and returns the
result "composite" if n is definitely not a prime, and the result
"inconclusive" if n may or may not be a prime. If the algorithm is
repeatedly applied to a number and repeatedly returns inconclusive,
then the probability that the number is actually prime increases with
each inconclusive test. The probability required to accept a number as
prime can be set as close to 1.0 as desired by increasing the number of
tests made.

2.7 If r and n are relatively prime integers with n > 0. and if φ(n) is the
least positive exponent m such that am ≡ 1 mod n, then r is called a
primitive root modulo n.

2.8 The two terms are synonymous.

ANSWERS TO PROBLEMS

-10-

You might also like