EBK COMPUTER NETWORKING
7th Edition
ISBN: 8220102955479
Author: Ross
Publisher: PEARSON
expand_more
expand_more
format_list_bulleted
Question
Chapter 8, Problem R22RQ
Program Plan Intro
SSL:
SSL stands for Secure Socket Layer and is a security protocol that establishes link between the web browser and the web server in an online communication.
SSL Handshaking protocol:
A Secure Socket Layer handshaking protocol is observed when two communicating entities exchange control packets first before sending data to each other.
CBC:
CBC stands for Cipher Block Chaining in which a sequence of bits is encrypted as a single unit or block with a cipherkey.
Block Cipher:
A Block Cipher is a method of encrypting text in which a cryptographic key and
Initialization
IV or Initialization Vector is a fixed size input that is required to be random or pseudorandom.
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solution
Students have asked these similar questions
Suppose an SSL session employs a block cipher with CBC. True or False The server sends to the client the IV in the clear?
Let an SSL session employs a block cipher. Then the server sends to the client the IV in the clear.True or False.
Kerberos is a protocol that is based around Needham-Schroeder protocol for many to
many authentications. Now answer the following questions. (Use necessary diagrams
to justify your answers)
i) Explain why the password of the user is not sent over the network and instead
session keys are generated and shared in the Kerberos protocol.
ii) The information in a TGT (Ticket Granting Ticket) is encrypted so the client
cannot access the information in the TGT. However, all information in the
ticket is already known to the client. Why is it still necessary to encrypt it?
iii) Describe the working mechanism of how a ticket is generated between the
client and server by the TGS (Ticket Granting Server) and how it is used for
client-server communication.
Chapter 8 Solutions
EBK COMPUTER NETWORKING
Ch. 8 - Prob. R1RQCh. 8 - Prob. R2RQCh. 8 - Prob. R3RQCh. 8 - Prob. R4RQCh. 8 - Prob. R5RQCh. 8 - Prob. R6RQCh. 8 - Prob. R7RQCh. 8 - Prob. R8RQCh. 8 - Prob. R9RQCh. 8 - Prob. R10RQ
Ch. 8 - Prob. R11RQCh. 8 - Prob. R12RQCh. 8 - Prob. R13RQCh. 8 - Prob. R14RQCh. 8 - Prob. R15RQCh. 8 - Prob. R16RQCh. 8 - Prob. R17RQCh. 8 - Prob. R18RQCh. 8 - Prob. R19RQCh. 8 - Prob. R20RQCh. 8 - Prob. R21RQCh. 8 - Prob. R22RQCh. 8 - Prob. R23RQCh. 8 - Prob. R24RQCh. 8 - Prob. R25RQCh. 8 - Prob. R26RQCh. 8 - Prob. R27RQCh. 8 - Prob. R28RQCh. 8 - Prob. R29RQCh. 8 - Prob. R30RQCh. 8 - Prob. R31RQCh. 8 - Prob. R32RQCh. 8 - Prob. R33RQCh. 8 - Prob. P1PCh. 8 - Prob. P2PCh. 8 - Prob. P3PCh. 8 - Prob. P4PCh. 8 - Prob. P5PCh. 8 - Prob. P6PCh. 8 - Prob. P8PCh. 8 - Prob. P12PCh. 8 - Prob. P13PCh. 8 - Prob. P14PCh. 8 - Prob. P18PCh. 8 - Prob. P20PCh. 8 - Prob. P21PCh. 8 - Prob. P22PCh. 8 - Prob. P23P
Knowledge Booster
Similar questions
- For the SSH protocol, Client generates a random session key which is encrypted and sent to server. Question 6 options: True Falsearrow_forwardAs presented in the text, SMTP involves the exchange of several small messages. In most cases, the server responses do not affect what the client sends subsequently. The client might thus implement command pipelining: sending multiple commands in a single message. (a) For what SMTP commands does the client need to pay attention to the server's responses? (b) Assume the server reads each client message with gets() or the equivalent, which reads in a string up to a . What would it have to do even to detect that a client had used command pipelining? (c) Pipelining is nonetheless known to break with some servers; find out how a client can negotiate its use.arrow_forwardHelp me pleasearrow_forward
- In IPsec, each incoming and outgoing packet will be checked with the Security Policy Database (SPD) and the Security Association Database (SAD). (a) What is the checking done with the SPD: (b) What is the checking done with the SAD? (c) Each security association stored in SAD is identified by an integer. What is this integer called?arrow_forwardAlice and Bob want to use their same (private) key for all the sessions between them. Would you advise them to do that? If not, why? What are the similarities and dissimilarities between SSL 3.0, TLS 1.2 and TLS 1.3?arrow_forwardSuppose Bob initiates a TCP connection to Trudy who is pretending to be Alice. During the handshake, Trudy sends Bob Alice's certificate. In what step of the SSL handshake algorithm will Bob discover that he is not communicating with Alice?arrow_forward
- In this problem we investigate whether either UDP or TCP provides a degree of end-point authentication. a. Consider a server that receives a request within a UDP packet and responds to that request within a UDP packet (for example, as done by a DNS server). If a client with IP address X spoofs its address with address Y, where will the server send its response? b. Suppose a server receives a SYN with IP source address Y, and after responding with a SYNACK, receives an ACK with IP source address Y with the correct acknowledgment number. Assuming the server chooses a random initial sequence number and there is no "man-in-the-middle," can the server be certain that the client is indeed at Y (and not at some other address X that is spoofing Y)?arrow_forwardFor the Zhou-Gollman non-repudiation protocol discussed in the lecture on “Non-Repudiationand Anonymity Protocols”, which one of the following statements is false:arrow_forward1. It is a protocol for encapsulating data packets that use one routing protocol inside the packets of another protocol. 2. It is a hash function that has been deprecated for uses other than as a non-cryptographic checksum to verify data integrity and detect unintentional data corruption. 3. An algorithm which is a pseudorandom function family in that it can easily generate arbitrary portions of the keystream without having to start from the beginning. 4. What is the most popular and widely implemented flavor of STP? 5. An algorithm that comprises of a series of linked operations, some of which involve replacing inputs by specific outputs (substitutions) and others involve shuffling bits around (permutations). 6. It is calculated using port cost values associated with port speeds for each switch port along a given path in STP 7. A proprietary architecture that authenticates users and devices using the identity-enabled network approach, and enables the government workforce to connect…arrow_forward
- In this question, you will help Mallory develop new ways to conduct denial-of-service (DoS) attacks. (1) CHARGEN and ECHO are services provided by some UNIX servers. For every UDP packet arriving at port 19, CHARGEN sends back a packet with 0 to 512 random characters. For every UDP packet arriving at port 7, ECHO sends back a packet with the same content. Mallory wants to perform a DoS attack on two servers. One with IP address M supports CHARGEN, and another with IP address N supports ECHO. Mallory can spoof IP addresses. Is it possible to create a single UDP packet with no content which will cause both servers to consume a large amount of bandwidth? If yes, describe the header (i.e., source IP, destination IP, source port, and destination port) of your UDP package; otherwise, explain why? Assume now that CHARGEN and ECHO are now modified to only respond to TCP packets (post-handshake) and not UDP. Is it possible to create a single TCP SYN packet with no content which will cause…arrow_forwardThe following is a dump of UDP header in hexadecimal format 5EFA00FD001C3297 What is the total length of user datagram? Is the packet from client to server or vice versa?arrow_forwardYou have been recently employed as part of a Network Snooping Association. You first task requires the use of a One-Time Pad to scramble a message. Given the Pad below: PAD1: 25 17 12 11 22 1 26 2 29 3 11 15 22 5 15 25 30 4 16 1 Scramble the message “I_AM_ _PREGNANT._ _ _”. The result cipher text should be descrambled to get back the original message or plaintext.arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
Database System ConceptsComputer ScienceISBN:9780078022159Author:Abraham Silberschatz Professor, Henry F. Korth, S. SudarshanPublisher:McGraw-Hill Education
Starting Out with Python (4th Edition)Computer ScienceISBN:9780134444321Author:Tony GaddisPublisher:PEARSON
Digital Fundamentals (11th Edition)Computer ScienceISBN:9780132737968Author:Thomas L. FloydPublisher:PEARSON
C How to Program (8th Edition)Computer ScienceISBN:9780133976892Author:Paul J. Deitel, Harvey DeitelPublisher:PEARSON
Database Systems: Design, Implementation, & Manag...Computer ScienceISBN:9781337627900Author:Carlos Coronel, Steven MorrisPublisher:Cengage Learning
Programmable Logic ControllersComputer ScienceISBN:9780073373843Author:Frank D. PetruzellaPublisher:McGraw-Hill Education
Database System Concepts
Computer Science
ISBN:9780078022159
Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:McGraw-Hill Education
Starting Out with Python (4th Edition)
Computer Science
ISBN:9780134444321
Author:Tony Gaddis
Publisher:PEARSON
Digital Fundamentals (11th Edition)
Computer Science
ISBN:9780132737968
Author:Thomas L. Floyd
Publisher:PEARSON
C How to Program (8th Edition)
Computer Science
ISBN:9780133976892
Author:Paul J. Deitel, Harvey Deitel
Publisher:PEARSON
Database Systems: Design, Implementation, & Manag...
Computer Science
ISBN:9781337627900
Author:Carlos Coronel, Steven Morris
Publisher:Cengage Learning
Programmable Logic Controllers
Computer Science
ISBN:9780073373843
Author:Frank D. Petruzella
Publisher:McGraw-Hill Education