ÄÚÈÝ·¢²¼¸üÐÂʱ¼ä : 2025/8/26 18:22:48ÐÇÆÚÒ» ÏÂÃæÊÇÎÄÕµÄÈ«²¿ÄÚÈÝÇëÈÏÕæÔĶÁ¡£
1 ¸ù¾ÝÒÔϵÄÒªÇóÈ¥Éè¼ÆÒ»¸ö¼òµ¥µÄÍøÂç¼Ü¹¹°²È«ÏµÍ³, Õâ¸öϵͳÊÇΪÁ˹ÜÀíºÍ±£»¤Ô±¹¤ÔÚ¿ç¹ú¹«Ë¾¼äµÄͨѶ¡£ÄãµÄϵͳ±ØÐëÒªÂú×ãÒÔϰ²È«²ßÂÔ(security policies): Ö»ÓÐÊÚȨµÄÔ±¹¤²Å¿ÉÒÔ·ÃÎÊ×ܹ«Ë¾µÄ°²È«·þÎñÆ÷¡£
Ö»ÓÐʹÓÃÌØ¶¨ Foreign Hosts µÄ¿Í»§²Å¿ÉÒÔºÍÔÚ×ܹ«Ë¾ºÍ·Ö¹«Ë¾µÄÔ±¹¤Í¨Ñ¶¡£
Èô¿Í»§ÔÚ×ܹ«Ë¾ºÍ·Ö¹«Ë¾¼äÊǽåÓÉ Global Internet ͨѶµÄ»°,±ØÐëÒª±£»¤´ËͨѶ±ÜÃâ±» Íâ½çÇÔÌý¡£
Ô±¹¤ÔÚʹÓà Mobile Hosts Óë×ܹ«Ë¾ºÍ·Ö¹«Ë¾Í¨Ñ¶Ö®Ç°±ØÐëÒªÏȱ»ÈÏÖ¤¡£
ÇëÖ¸³öÄãµÄ°²È«ÏµÍ³ËùÌṩµÄ°²È«·þÎñ,Çë˵Ã÷²¿ÊôÕâЩ·þÎñµÄλÖá£(50 ·Ö) Ìáʾ:¼ÙÉèÔÚ×ܹ«Ë¾ºÍ·Ö¹«Ë¾¼äµÄÔ±¹¤¶¼ÊÇÖµµÃÐÅÀµµÄ¡£
ÁíÍâ,¼ÙÉè×ܹ«Ë¾ºÍ·Ö¹«Ë¾¼äµÄͨ Ѷ¶¼ÊÇÈÝÒ×±»ÇÔÌýºÍ´Ü¸ÄµÄ¡£
´ð: ÎҵݲȫϵͳÌṩÒÔÏ·þÎñ£º 1. »úÃÜ·þÎñ
a) ÔÚ×ܹ«Ë¾ºÍ·Ö¹«Ë¾µÄÍøÂçÉϲ¿Êð\·ÇÁª»úÈ¡ÏòµÄÊý¾Ý»úÃÜ·þÎñ\ÒÔ±£Ö¤×ܹ«Ë¾ºÍ·Ö¹«Ë¾·¢³öµÄÐÅÏ¢¶¼ÊǼÓÃÜÐÅÏ¢¡£
b) ÔÚ Mobile Hosts Éϲ¿Êð\·ÇÁª»úÈ¡ÏòµÄÊý¾Ý»úÃÜ·þÎñ\ÒÔ±£Ö¤Ô±¹¤ÔÚʹÓà Mobile Hosts Óë×ܹ«Ë¾ºÍ·Ö¹«Ë¾Í¨Ñ¶µÄÏûÏ¢ÊǼÓÃÜÏûÏ¢
c) ÔÚ×ܹ«Ë¾ºÍ·Ö¹«Ë¾µÄÍøÂçÉϲ¿Êð\Êý¾Ý´«ÊäÁ÷µÄ»úÃÜ·þÎñ\ÒÔ±£Ö¤±ðÈËÎÞ·¨Í¨¹ý ¹Û²ìÁ÷Á¿ÒÔ»ñµÃÐÅÏ¢¡£ 2. ÍêÕûÐÔ·þÎñ
a) ÔÚ×ܹ«Ë¾µÄ°²È«·þÎñÆ÷¡¢×ܹ«Ë¾ºÍ·Ö¹«Ë¾Ô±¹¤µÄµçÄÔ¡¢Foreign Hosts¡¢Mobile Hosts Éϲ¿Êð\ÏûÏ¢ÍêÕûÐÔ·þÎñ\±£Ö¤×ܹ«Ë¾ºÍ·Ö¹«Ë¾½åÓÉ
Global Internet ͨѶ¡¢Ê¹Óà Foreign Hosts µÄ¿Í»§Óë×ܹ«Ë¾ºÍ·Ö¹«Ë¾µÄÔ±¹¤Í¨Ñ¶¡¢ Ô±¹¤Ê¹Óà Mobile Hosts Óë×ܹ«Ë¾»ò·Ö¹«Ë¾Í¨Ñ¶¶¼²»»á±»´Ü¸Ä 3. ÈÏÖ¤·þÎñ
a) ÔÚ×ܹ«Ë¾µÄ°²È«·þÎñÆ÷Éϲ¿Êð\×ÊÁÏÀ´Ô´ÈÏÖ¤·þÎñ\,±£Ö¤Ö»ÓÐÊÚȨµÄÔ±¹¤²ÅÄÜ·Ã ÎÊ×ܹ«Ë¾µÄ°²È«·þÎñÆ÷
b) ÔÚ×ܹ«Ë¾ºÍ·Ö¹«Ë¾µÄÔ±¹¤¼ÆËã»ú¡¢Foreign Hosts Éϲ¿Êð\×ÊÁÏÀ´Ô´ÈÏÖ¤·þÎñ\È· ±£Ö»ÓÐʹÓÃÌØ¶¨ Foreign Hosts µÄ¿Í»§²Å¿ÉÒÔºÍÔÚ×ܹ«Ë¾ºÍ·Ö¹«Ë¾ µÄÔ±¹¤Í¨Ñ¶
c) ÔÚ×ܹ«Ë¾ºÍ·Ö¹«Ë¾µÄÔ±¹¤¼ÆËã»ú¡¢Ô±¹¤µÄ Mobile Hosts Éϲ¿Êð\×ÊÁÏÀ´Ô´ÈÏÖ¤·þ Îñ\È·±£Ô±¹¤ÔÚʹÓà Mobile Hosts Óë×ܹ«Ë¾ºÍ·Ö¹«Ë¾Í¨Ñ¶Ö®Ç° ±ØÐëÒªÏȱ»ÈÏÖ¤ 4. ·ÃÎÊ¿ØÖÆ
a) ÔÚ×ܹ«Ë¾µÄ°²È«·þÎñÆ÷Éϲ¿Êð\·ÃÎÊ¿ØÖÆ·þÎñ\,±£Ö¤Ö»ÓÐÊÚȨµÄÔ±¹¤²ÅÄÜ·ÃÎÊ×Ü ¹«Ë¾µÄ°²È«·þÎñÆ÷ 5. ²»¿É·ñÈÏÐÔ
a) ÔÚ×ܹ«Ë¾ºÍ·Ö¹«Ë¾µÄÔ±¹¤¼ÆËã»ú¡¢Foreign Hosts Éϲ¿Êð\²»¿É·ñÈÏÐÔ·þÎñ\È·±£ ¿Í»§ÓëÔ±¹¤Ö®¼äµÄÍ¨Ñ¶ÕæÊµÓÐЧ 6. ÉóºË
a) ÔÚ×ܹ«Ë¾µÄ°²È«·þÎñÆ÷Éϲ¿Êð\ÉóºË·þÎñ\,È·±£¿ÉÒÔ·ÖÎö°²È«·þÎñÆ÷ÊÇ·ñÊܵ½Èë ÇÖ¡£
7. Availability
a) ÔÚ×ܹ«Ë¾µÄ°²È«·þÎñÆ÷Éϲ¿Êð\·þÎñ\,È·±£°²È«·þÎñÆ÷²»ÊÜ DDos ¹¥ »÷¡£
2 ÐÒéÉè¼ÆÕß Random J ±»¸æÖªÒªÉè¼ÆÒ»¸ö¿ÉÒÔÔ¤·ÀѶϢ±»ÈëÇÖÕߴܸĵĻúÖÆ, Random J ¾ö¶¨ ÒªÔÚÿ¸öѶϢºóÃæ¸½ÉÏÊôÓÚÕâ¸öѶϢµÄÕªÒª(message digest),
ΪʲôÕâÑù×öÎÞ·¨½â¾ö´ËÎÊÌâ ÄØ?(ÎÒÃÇÒÑÖªÓÐÐÒéʹÓÃÕâÑùµÄ¼¼ÇÉÀ´Ôö¼ÓÆä°²È«ÐÔ) (10 ·Ö)
´ð: ÒòΪÈëÇÖÕß¿ÉÒԴܸÄѶϢ»ò±àÔìÒ»¸öѶϢ, ÓÉÓÚ¹þÏ£·½·¨Êǹ«¿ªµÄ, ËùÒÔÈëÇÖÕß¿ÉÒÔÉú³É¸ÃѶϢµÄÕªÒª¡£½«´Ü¸ÄºóµÄѶϢ¼ÓÉÏÕªÒªÔÙ·¢ËͳöÈ¥, ÕâÑù½ÓÊÕ·½½Óµ½Ñ¶Ï¢ºóÍêÈ«ÎÞ·¨·¢ÏÖѶϢ±»¸Ä¹ýÁË¡£
3 ¼ÙÉè Alice, Bob ºÍ Carol ÏëҪʹÓà secret key µÄ·½·¨À´ÈÏÖ¤±Ë´Ë¡£Èç¹ûËûÃÇÈý¸ö¹²ÏíÒ»°Ñ secret key K,ÄÇô Bob ¿ÉÒÔÔÚ Alice ÃæÇ°Î±×°³É
Carol(ÊÂʵÉÏ,ËûÃÇÈý¸öÖ®ÖеÄÈÎÒ»¸ö¶¼¿É ÒÔ¶ÔÁíÒ»¸öÈËαװ³ÉÁíÍâÒ»¸öÈË)¡£ ÓÖÈç¹ûËûÃÇÈý¸öÿ¸öÈ˶¼ÓÐ×Ô¼ºµÄ secret key, Alice ʹÓà KA,Bob
ʹÓà KB,Carol ʹÓà KC¡£ÕâÑùËûÃǾͿÉÒÔÓÃ×Ô¼ºµÄ secret key Ëã³öÀ´µÄ response ºÍ challenge À´ÑéÖ¤×Ô¼ºµÄÉí·Ö¡£ ÇëÎÊÕâÑùµÄз½·¨ÊÇ·ñ±È¹²Ïí
Ò»°Ñ secret key µÄ·½·¨À´µÄ°² È«ÄØ? (10 ·Ö) Ìáʾ:Alice ÐèÒªÖªµÀʲôÀ´ÑéÖ¤ Carol ¶Ô Alice µÄ Challenge µÄ´ð°¸ÄØ?
´ð: Õâ¸öз½·¨±ØÐ뻹ҪÓÐÓë kA¡¢KB¡¢kC ¶ÔÓ¦µÄ¹«Ô¿²ÅÄܹ¤×÷¡£½« kA¡¢KB¡¢kC ·Ö±ð×÷Ϊ Alice, Bob ºÍ Carol µÄ˽Կ,Ö»ÓÐËûÃÇ×Ô¼ºÖªµÀ¡£
ÁíÍâÓÐ KA¡¢KB¡¢KC ×÷ΪÓë˽Կ¶ÔÓ¦µÄ¹«Ô¿,Èý È˶¼ÖªµÀ¡£Carol Óë Alice ͨѶʱÏÈ·¢ËÍ Challenge ¸ø Alice,Alice Óà kA Ëã³ö response »ØË͸ø
Carol,Carol Óà KA Ëã³öµÄ Challenge Óë֮ǰËͳöµÄ Challenge ¶Ô±È,Èç¹ûÒ»Ö¾Í˵Ã÷ÓëÆäͨ ѶµÄ¿Ï¶¨ÊÇ Alice ÁË¡£ÓÃÕâÖÖ·½·¨ Alice, Bob ºÍ
Carol »¥ÏàͨѶʱ¶¼¿ÉÒÔÈÏÖ¤±Ë´Ë,°²È«ÐÔ ±È¹²ÏíÒ»°Ñ secret key Òª¸ßµÄ¶à¡£
4 µ± ÎÒ ÃÇ Òª ÔÚ µç ×Ó ÎÄ ¼þ ÉÏ Ç© ÉÏ digital signature µÄ ʱ ºò, ͨ ³£ »á °Ñ Õû ·Ý µµ °¸ ´« µ½ Ò» ¸ö cryptographically strong hash function
²úÉú message digest ×öΪ digital signature¡£ Çë½âÊÍΪºÎºÜ ÄÑÕÒµ½ÓÐÁ½·ÝÎļþÓÐÒ»ÑùµÄ digest ÊǺÜÖØÒªµÄÒ»¼þÊ¡£(10 ·Ö)
´ð:ÒòΪ digital signature ÊÇÓà private key ¶Ô message digest ¼ÓÃܺóµÃµ½µÄ½á¹û¡£Èç¹ûÁ½·ÝÎļþÓÐ Ò»ÑùµÄ digest,Ôò²úÉúµÄ digital signature
Ò²¾ÍÍêȫһÑù,ÕâÑù¾ÍÎÞ·¨È·¶¨ÄÄ·ÝÎļþÊÇÕæÕýÇ© ÉÏ digital signature µÄ¡£ Õâ¾Í´ú±íÁ½·ÝÎļþÓÐÒ»ÑùµÄ digest µÄ¼¸ÂÊÓëαÔìµÄÇ©Êð digital signature
ÎļþµÄ³É¹¦ÂʳÉÕý±È¡£Õâ¸ö¼¸Âʵ±È»ÊÇԽСԽºÃ,ËùÒÔºÜÄÑÕÒµ½ÓÐÁ½·ÝÎļþÓÐÒ»ÑùµÄ digest ÊǷdz£ÖØÒªµÄÊÂÇé¡£
5 ¼ÙÉè´æÔÚÒ»¸ö¼ÓÃܵÄË㷨ʹµÃÓµÓÐ encryption key ºÍ decryption key µÄºÃÈË¿ÉÒÔÔÚ key ³¤¶ÈµÄ ÏßÐÔʱ¼äÄÚÔËËãÍê±Ï, ¶øÃ»ÓÐ key µÄ»µÈËÏë񻮮½â´ËËã
·¨Ö»ÄÜÈ¥ÊÔËùÓпÉÄÜµÄ keys¡£ ¸Õ¿ªÊ¼, ÎÕÓÐ key µÄºÃÈËÓµÓÐ×ã¹»µÄÔËËãÄÜÁ¦¿ÉÒԺܿìµÃ¼Ó½âÃÜѶϢ¡£Ëæ×ÅÔËËã¿Æ¼¼µÄ½ø²½, ºÃÈËºÍ »µÈ˶¼ÓбÈÔ±¾µÄÔËËã
ÄÜÁ¦¿ìÁ½±¶µÄ¼ÆËã»ú, ÇëÎÊÔö¼Ó¼ÆËã»úµÄÖ¸ÁîÖÜÆÚ, ÊǶԺÃÈËÓÐÀû»¹ ÊǶԻµÈËÓÐÀû,Òà»ò¸ù±¾¾Íû²îÄØ? (10 ·Ö)
´ð: ¼ÙÉè K µÄ³¤¶ÈΪ n,ºÃÈ˵ÄËÙ¶ÈΪ Sg,»µÈ˵ÄËÙ¶ÈΪ Sb Ôò Sg = an,Sb = 2n Èç¹ûËæ×ſƼ¼µÄ½ø²½,¼ÆËã»úµÄÔËËãÄÜÁ¦»áÔ½À´Ô½¿ì,µ«ÊÇÖ»Òª½« key
µÄ³¤¶È±äµÃ×ã¹»³¤, »¹ÊÇ¿ÉÒÔʹºÃÈËÄܹ»ºÜ¿ì½âÃÜ, ¶ø»µÈËÒª»¨·Ç³£·Ç³£³¤µÄʱ¼äÆÆ½âÃÜÂë¡£ ËùÒÔÎÞÂÛ¼ÆËã»úµÄ ÔËËãÄÜÁ¦Ôö³¤Óë·ñ,¶ÔºÃÈËÒÖ»òÊÇ»µÈËÀ´ ˵ûʲô²î±ð¡£
6 ÔÚ¿ÎÌÃÉÏ,ÎÒÃÇѧµ½ÁËÈçºÎʹÓà public key digital signature À´Ö´ÐÐ challenge-response authentication¡£ÈçͬÔÚ¿ÎÌÃËùÌáµÄ,ÓÐÒ»¸öʹÓà public key
encryption µÄÀàËÆ»úÖÆ,Äã¿ÉÒÔÉè ¼ÆÕâ¸ö»úÖÆÂð? (10 ·Ö) Ìáʾ:ÄǸö responder ±ØÐëÖ´ÐÐÖ»ÓÐ×Ô¼º²ÅÄÜÖ´ÐеÄÔËËã
´ð: ¼ÙÉèͨÐÅË«·½ÊÇ Alice Óë Bob¡£Alice µÄ˽ԿΪ kA,¹«Ô¿Îª KA¡£Bob µÄ˽ԿΪ kB,¹«Ô¿Îª KB Alice Ïȵõ½Ò»¸öËæ»úÊý Na,Óà KB ¶ÔÆä¼ÓÃÜ×÷Ϊ challenge
Ë͸ø Bob¡£Bob ÊÕµ½ challenge ºó Óà kB ½âÃܵõ½ response,Ëͻظø Alice¡£Alice ÊÕµ½ response ºóÓë Na ±È½Ï,ÈôÒ»ÖÂÔòÖ¤Ã÷Óë ÆäͨÐŵÄÊÇ Bob¡£