Solution Manual for Cryptography and Network Security: Principles and Practice, 8th Edition

SOLUTIONS MANUAL CRYPTOGRAPHY AND NETWORK SECURITY: PRINCIPLES AND PRACTICE EIGHTH EDITION CHAPTERS 1–10 WILLIAM STALLINGS Copyright 2019: William Stallings © 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. This material is protected under all copyright laws as they currently exist. No portion of this material may be reproduced, in any form or by any means, without permission in writing from the publisher. © 2019 by William Stallings All rights reserved. No part of this document may be reproduced, in any form or by any means, or posted on the Internet, without permission in writing from the author. Selected solutions may be shared with students, provided that they are not available, unsecured, on the Web. -2© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. This material is protected under all copyright laws as they currently exist. No portion of this material may be reproduced, in any form or by any means, without permission in writing from the publisher. TABLE OF CONTENTS NOTICE This manual contains solutions to the review questions and homework problems in Cryptography and Network Security, Eighth Edition. If you spot an error in a solution or in the wording of a problem, I would greatly appreciate it if you would forward the information via email to [email protected]. An errata sheet for this manual, if needed, is available at https://www.box.com/shared/nh8hti5167 File name is S-Crypto8e-mmyy. W.S. Chapter 1 Introduction……………………………………………………… 5 Chapter 2 Introduction to Number Theory ……………………………… 8 Chapter 3 Classical Encryption Techniques …………………………… 16 Chapter 4 Block Ciphers and the Data Encryption Standard ………. 25 Chapter 5 Finite Fields ……………………………………………………. 35 Chapter 6 Advanced Encryption Standard …………………………….. 41 Chapter 7 Block Cipher Operation………………………………………. 48 Chapter 8 Random and Pseudorandom Number Generation and Stream Ciphers ……………………………………………………………… 54 Chapter 9 Public-Key Cryptography and RSA ………………………… 62 Chapter 10 Other Public-Key Cryptosystems …………………………. 70 -3© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. This material is protected under all copyright laws as they currently exist. No portion of this material may be reproduced, in any form or by any means, without permission in writing from the publisher. -4© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. This material is protected under all copyright laws as they currently exist. No portion of this material may be reproduced, in any form or by any means, without permission in writing from the publisher. CHAPTER 1 INTRODUCTION ANSWERS TO QUESTIONS 1.1 The OSI Security Architecture is a framework that provides a systematic way of defining the requirements for security and characterizing the approaches to satisfying those requirements. The document defines security attacks, mechanisms, and services, and the relationships among these categories. 1.2 Passive attacks: release of message contents and traffic analysis. Active attacks: masquerade, replay, modification of messages, and denial of service. 1.3 Authentication: The assurance that the communicating entity is the one that it claims to be. Access control: The prevention of unauthorized use of a resource (i.e., this service controls who can have access to a resource, under what conditions access can occur, and what those accessing the resource are allowed to do). Data confidentiality: The protection of data from unauthorized disclosure. Data integrity: The assurance that data received are exactly as sent by an authorized entity (i.e., contain no modification, insertion, deletion, or replay). Nonrepudiation: Provides protection against denial by one of the entities involved in a communication of having participated in all or part of the communication. Availability service: The property of a system or a system resource being accessible and usable upon demand by an authorized system entity, according to performance specifications for the system (i.e., a system is available if it provides services according to the system design whenever users request them). 1.4 Cryptographic algorithms: Transform data between plaintext and ciphertext. Data integrity: Mechanisms used to assure the integrity of a data unit or stream of data units. Digital signature: Data appended to, or a cryptographic transformation of, a data unit that allows a recipient of the data unit to prove the source and integrity of the data unit and protect against forgery. -5© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. This material is protected under all copyright laws as they currently exist. No portion of this material may be reproduced, in any form or by any means, without permission in writing from the publisher. Authentication exchange: A mechanism intended to ensure the identity of an entity by means of information exchange. Traffic padding: The insertion of bits into gaps in a data stream to frustrate traffic analysis attempts. Routing control: Enables selection of particular physically or logically secure routes for certain data and allows routing changes, especially when a breach of security is suspected. Notarization: The use of a trusted third party to assure certain properties of a data exchange. Access control: A variety of mechanisms that enforce access rights to resources. 1.5 Keyless: Do not use any keys during cryptographic transformations. Single-key: The result of a transformation are a function of the input data and a single key, known as a secret key. Two-key: At various stages of the calculate two different but related keys are used, referred to as private key and public key. 1.6 Communications security: Deals with the protection of communications through the network, including measures to protect against both passive and active attacks. Device security: Deals with the protection of network devices, such as routers and switches, and end systems connected to the network, such as client systems and servers. 1.7 Trust: The willingness of a party to be vulnerable to the actions of another party based on the expectation that the other will perform a particular action important to the trustor, irrespective of the ability to monitor or control that other party. Trustworthiness: A characteristic of an entity that reflects the degree to which that entity is deserving of trust. ANSWERS TO PROBLEMS 1.1 The system must keep personal identification numbers confidential, both in the host system and during transmission for a transaction. It must protect the integrity of account records and of individual transactions. Availability of the host system is important to the economic well being of the bank, but not to its fiduciary responsibility. The availability of individual teller machines is of less concern. 1.2 The system does not have high requirements for integrity on individual transactions, as lasting damage will not be incurred by occasionally losing a call or billing record. The integrity of control programs and configuration records, however, is critical. Without these, the switching -6© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. This material is protected under all copyright laws as they currently exist. No portion of this material may be reproduced, in any form or by any means, without permission in writing from the publisher. function would be defeated and the most important attribute of all availability – would be compromised. A telephone switching system must also preserve the confidentiality of individual calls, preventing one caller from overhearing another. 1.3 a. The system will have to assure confidentiality if it is being used to publish corporate proprietary material. b. The system will have to assure integrity if it is being used to laws or regulations. c. The system will have to assure availability if it is being used to publish a daily paper. 1.4 a. An organization managing public information on its web server determines that there is no potential impact from a loss of confidentiality (i.e., confidentiality requirements are not applicable), a moderate potential impact from a loss of integrity, and a moderate potential impact from a loss of availability. b. A law enforcement organization managing extremely sensitive investigative information determines that the potential impact from a loss of confidentiality is high, the potential impact from a loss of integrity is moderate, and the potential impact from a loss of availability is moderate. c. A financial organization managing routine administrative information (not privacy-related information) determines that the potential impact from a loss of confidentiality is low, the potential impact from a loss of integrity is low, and the potential impact from a loss of availability is low. d. The management within the contracting organization determines that: (i) for the sensitive contract information, the potential impact from a loss of confidentiality is moderate, the potential impact from a loss of integrity is moderate, and the potential impact from a loss of availability is low; and (ii) for the routine administrative information (non-privacy-related information), the potential impact from a loss of confidentiality is low, the potential impact from a loss of integrity is low, and the potential impact from a loss of availability is low. e. The management at the power plant determines that: (i) for the sensor data being acquired by the SCADA system, there is no potential impact from a loss of confidentiality, a high potential impact from a loss of integrity, and a high potential impact from a loss of availability; and (ii) for the administrative information being processed by the system, there is a low potential impact from a loss of confidentiality, a low potential impact from a loss of integrity, and a low potential impact from a loss of availability. (Examples from FIPS 199.) -7© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. This material is protected under all copyright laws as they currently exist. No portion of this material may be reproduced, in any form or by any means, without permission in writing from the publisher. CHAPTER 2 INTRODUCTION TO NUMBER THEORY ANSWERS TO QUESTIONS 2.1 A nonzero b is a divisor of a if a = mb for some m, where a, b, and m are integers. That is, b is a divisor of a if there is no remainder on division. 2.2 It means that b is a divisor of a. 2.3 In modular arithmetic, all arithmetic operations are performed modulo some integer. 2.4 An integer p > 1 is a prime number if and only if its only divisors are ±1 and ±p. 2.5 Euler’s totient function, written f(n), is the number of positive integers less than n and relatively prime to n. 2.6 The algorithm takes a candidate integer n as input and returns the result “composite” if n is definitely not a prime, and the result “inconclusive” if n may or may not be a prime. If the algorithm is repeatedly applied to a number and repeatedly returns inconclusive, then the probability that the number is actually prime increases with each inconclusive test. The probability required to accept a number as prime can be set as close to 1.0 as desired by increasing the number of tests made. 2.7 If r and n are relatively prime integers with n > 0. and if f(n) is the least positive exponent m such that am º 1 mod n, then r is called a primitive root modulo n. 2.8 The two terms are synonymous. ANSWERS TO PROBLEMS 2.1 The equation is the same. For integer a < 0, a will either be an integer multiple of n of fall between two consecutive multiples qn and (q + 1)n, where q 2r. This is equivalent to qn + r > 2r, which is equivalent to qn > r. Since n > r, we must have qn > r. b. If you study the pseudocode for Euclid’s algorithm in the text, you can see that the relationship defined by Euclid’s algorithm can be expressed as Ai = qiAi+1 + Ai+2 The relationship Ai+2 < Ai/2 follows immediately from (a). c. From (b), we see that A3 < 2–1A1, that A5 < 2–1A3 < 2–2A5, and in general that A2j+1 < 2–jA1 for all integers j such that 1 (k + 1)/2, and if k is even, we take j = k/2 to obtain N > k/2. In either case k < 2N. 2.14 a. Euclid: gcd(2152, 764) = gcd(764, 624) = gcd(624, 140) = gcd(140, 64) = gcd(64, 12) = gcd(12, 4) = gcd(4, 0) = 4 -10© 2020 Pearson Education, Inc., Hoboken, NJ. All rights reserved. This material is protected under all copyright laws as they currently exist. No portion of this material may be reproduced, in any form or by any means, without permission in writing from the publisher.