如果你也在 怎样代写网络安全network security这个学科遇到相关的难题,请随时右上角联系我们的24/7代写客服。网络安全network security是一套技术,通过防止各种潜在威胁进入或在网络中扩散,来保护公司基础设施的可用性和完整性。
网络安全network security一个网络安全架构是由保护网络本身和在网络上运行的应用程序的工具组成。有效的网络安全策略采用了可扩展和自动化的多道防线。每个防御层都执行一套由管理员决定的安全策略。
my-assignmentexpert™ 网络安全network security作业代写,免费提交作业要求, 满意后付款,成绩80\%以下全额退款,安全省心无顾虑。专业硕 博写手团队,所有订单可靠准时,保证 100% 原创。my-assignmentexpert™, 最高质量的网络安全network security作业代写,服务覆盖北美、欧洲、澳洲等 国家。 在代写价格方面,考虑到同学们的经济条件,在保障代写质量的前提下,我们为客户提供最合理的价格。 由于统计Statistics作业种类很多,同时其中的大部分作业在字数上都没有具体要求,因此网络安全network security作业代写的价格不固定。通常在经济学专家查看完作业要求之后会给出报价。作业难度和截止日期对价格也有很大的影响。
想知道您作业确定的价格吗? 免费下单以相关学科的专家能了解具体的要求之后在1-3个小时就提出价格。专家的 报价比上列的价格能便宜好几倍。
my-assignmentexpert™ 为您的留学生涯保驾护航 在数学Mathematics作业代写方面已经树立了自己的口碑, 保证靠谱, 高质且原创的网络安全network security代写服务。我们的专家在数学Mathematics代写方面经验极为丰富,各种网络安全network security相关的作业也就用不着 说。
我们提供的网络安全network security及其相关学科的代写,服务范围广, 其中包括但不限于:
非线性方法 nonlinear method functional analysis
变分法 Calculus of Variations
数学代写|网络安全作业代写network security代考|A Fixed-Length MAC
Pseudorandom functions are a natural tool for constructing secure message authentication codes. Intuitively, if the tag $t$ is obtained by applying a pseudorandom function to the message $m$, then forging a tag on a previously unauthenticated message requires the adversary to correctly guess the value of the pseudorandom function at a “new” input point. The probability of guessing the value of a random function on a new point is $2^{-n}$ (if the output length of the function is $n$ ). The probability of guessing such a value for a pseudorandom function can be only negligibly greater.
数学代写|网络安全作业代写network security代考|Domain Extension for MACs
Construction $4.5$ is important in that it shows a general paradigm for constructing secure message authentication codes from pseudorandom functions. Unfortunately, the construction is only capable of handling fixed-length messages that are furthermore rather short. ${ }^{2}$ These limitations are unacceptable in most real-world applications. We show here how a MAC handling arbitrarylength messages can be constructed from any fixed-length MAC for messages of length $n$. The construction we show is not very efficient and is unlikely to be used in practice; far more efficient constructions of secure MACs are known, as we will see later. We include the present construction for its simplicity and generality, and for pedagogical purposes.
Let $\Pi^{\prime}=\left(\right.$ Mac $^{\prime}$, Vrfy $\left.^{\prime}\right)$ be a secure fixed-length MAC for messages of length $n$. Before presenting the construction of a MAC for arbitrary-length messages based on $\Pi^{\prime}$, we rule out some simple ideas and describe some canonical attacks that must be prevented.
- A natural first idea is to parse the message $m$ as a sequence of $n$-bit blocks $m_{1}, \ldots, m_{d}$ and authenticate each block separately, i.e., compute $t_{i}:=\operatorname{Mac}{k}^{\prime}\left(m{i}\right)$ and output $\left\langle t_{1}, \ldots, t_{d}\right\rangle$ as the tag. This prevents an adversary from sending any previously unauthenticated block without being detected. However, it does not prevent a block re-ordering attack in which the attacker shuffles the order of blocks in an authenticated message. Specifically, if $\left\langle t_{1}, t_{2}\right\rangle$ is a valid tag on the message $m_{1}, m_{2}$ (with $\left.m_{1} \neq m_{2}\right)$, then an attacker can construct a valid tag $\left\langle t_{2}, t_{1}\right\rangle$ on the (new) message $m_{2}, m_{1}$, something that is not allowed by Definition 4.2.
- We can prevent the previous attack by authenticating a block index along with each block. That is, we now compute $t_{i}=\operatorname{Mac}{k}^{\prime}\left(i | m{i}\right)$ for all $i$, and output $\left\langle t_{1}, \ldots, t_{d}\right\rangle$ as the tag. (Note that now $\left|m_{i}\right|<n$.) This does not prevent a truncation attack whereby an attacker simply drops blocks from the end of the message (and drops the corresponding blocks of the tag as well).
- A truncation attack can be thwarted by additionally authenticating the message length along with each block. (Authenticating the message length as a separate block does not work. Do you see why?) That is, compute $t_{i}=\operatorname{Mac}{k}^{\prime}\left(\ell|i| m{i}\right)$ for all $i$, where $\ell$ denotes the length of the message in bits. (Once again, the block length $\left|m_{i}\right|$ will need to decrease.) This scheme is vulnerable to a “mix-and-match” attack where the adversary combines blocks from different messages. For example, if the adversary obtains tags $\left\langle t_{1}, \ldots, t_{d}\right\rangle$ and $\left\langle t_{1}^{\prime}, \ldots, t_{d}^{\prime}\right\rangle$ on messages $m=m_{1}, \ldots, m_{d}$ and $m^{\prime}=m_{1}^{\prime}, \ldots, m_{d}^{\prime}$, respectively, it can output the valid tag $\left\langle t_{1}, t_{2}^{\prime}, t_{3}, t_{4}^{\prime}, \ldots\right\rangle$ on the message $m_{1}, m_{2}^{\prime}, m_{3}, m_{4}^{\prime}, \ldots .$
网络安全作业代写
数学代写|网络安全作业代写NETWORK SECURITY代考|A FIXED-LENGTH MAC
伪随机函数是构建安全消息验证码的自然工具。直观地说,如果标签吨通过对消息应用伪随机函数获得米,然后在先前未经身份验证的消息上伪造标签需要对手正确猜测“新”输入点处的伪随机函数的值。在新点上猜测随机函数值的概率为2−n 一世F吨H和这在吨p在吨l和nG吨H这F吨H和F在nC吨一世这n一世s$n$. 为伪随机函数猜测这样一个值的概率只能忽略不计。
数学代写|网络安全作业代写NETWORK SECURITY代考|DOMAIN EXTENSION FOR MACS
建造4.5很重要,因为它显示了从伪随机函数构造安全消息认证代码的一般范例。不幸的是,该结构只能处理固定长度的消息,而且相当短。2这些限制在大多数实际应用中是不可接受的。我们在这里展示了如何从任何固定长度的 MAC 构造处理任意长度消息的 MAC,用于长度的消息n. 我们展示的构造不是很有效,不太可能在实践中使用;正如我们稍后将看到的,更有效的安全 MAC 结构是已知的。我们包括目前的结构是因为它的简单性和普遍性,以及出于教学目的。
让圆周率′=(苹果电脑′,′)是长度消息的安全固定长度 MACn. 在介绍基于任意长度消息的 MAC 的构造之前圆周率′,我们排除了一些简单的想法并描述了一些必须防止的规范攻击。
- 一个自然的第一个想法是解析消息米作为一个序列n位块米1,…,米d并分别验证每个块,即计算 $n$-bit blocks $m_{1}, \ldots, m_{d}$ and authenticate each block separately, i.e., compute $t_{i}:=\operatorname{Mac}{k}^{\prime}\left(m{i}\right)$ and output $\left\langle t_{1}, \ldots, t_{d}\right\rangle$ as the tag. This prevents an adversary from sending any previously unauthenticated block without being detected. However, it does not prevent a block re-ordering attack in which the attacker shuffles the order of blocks in an authenticated message. Specifically, if $\left\langle t_{1}, t_{2}\right\rangle$ is a valid tag on the message $m_{1}, m_{2}$ (with $\left.m_{1} \neq m_{2}\right)$, then an attacker can construct a valid tag $\left\langle t_{2}, t_{1}\right\rangle$ on the (new) message $m_{2}, m_{1}$, something that is not allowed by Definition 4.2.
- We can prevent the previous attack by authenticating a block index along with each block. That is, we now compute $t_{i}=\operatorname{Mac}{k}^{\prime}\left(i | m{i}\right)$ for all $i$, and output $\left\langle t_{1}, \ldots, t_{d}\right\rangle$ as the tag. (Note that now $\left|m_{i}\right|<n$.) This does not prevent a truncation attack whereby an attacker simply drops blocks from the end of the message (and drops the corresponding blocks of the tag as well).
- A truncation attack can be thwarted by additionally authenticating the message length along with each block. (Authenticating the message length as a separate block does not work. Do you see why?) That is, compute $t_{i}=\operatorname{Mac}{k}^{\prime}\left(\ell|i| m{i}\right)$ for all $i$, where $\ell$ denotes the length of the message in bits. (Once again, the block length $\left|m_{i}\right|$ will need to decrease.) This scheme is vulnerable to a “mix-and-match” attack where the adversary combines blocks from different messages. For example, if the adversary obtains tags $\left\langle t_{1}, \ldots, t_{d}\right\rangle$ and $\left\langle t_{1}^{\prime}, \ldots, t_{d}^{\prime}\right\rangle$ on messages $m=m_{1}, \ldots, m_{d}$ and $m^{\prime}=m_{1}^{\prime}, \ldots, m_{d}^{\prime}$, respectively, it can output the valid tag $\left\langle t_{1}, t_{2}^{\prime}, t_{3}, t_{4}^{\prime}, \ldots\right\rangle$ on the message $m_{1}, m_{2}^{\prime}, m_{3}, m_{4}^{\prime}, \ldots .$
数学代写|网络安全作业代写network security代考 请认准UprivateTA™. UprivateTA™为您的留学生涯保驾护航。