1.Consider the following threats to Web security and describe (in detail) how each is countered by a particular feature of SSL:
a. Brute-Force Cryptanalytic Attack: An exhaustive search of the key space for a conventional encryption algorithm.
b. Replay Attack: Earlier SSL handshake messages are replayed.
c. Man-in-the-Middle Attack: An attacker interposes during key exchange, acting as the client to the server and as the server to the client.
d. Password Sniffing: Passwords in HTTP or other application traffic are eavesdropped.
e. IP Spoofing: Uses forged IP addresses to fool a host into accepting bogus data.
f. IP Hijacking: An active, authenticated connection between two hosts is disrupted
and the attacker takes the place of one of the hosts.
g. SYN Flooding:An attacker sends TCP SYN messages to request a connection but does not respond to the final message to establish the connection fully. The attacked TCP module typically leaves the "half-open".
2.Suppose H(m) is a collision-resistant hash function that maps a message of arbitrary bit length
into an n-bit hash value. Is it true that, for all messages x, x' with x ≠ x', we have H(x) ≠ H(x')?
Explain your answer.
3.Perform encryption and decryption using the RSA algorithm (Figure 3.10) for the following:
p = 11; q = 13; e = 11; M = 7. Make sure you show both the resulting ciphertext and plaintext
equations for encryption and decryption, respectively. Show your work!
4.Consider a Diffie-Hellman scheme with a common prime q = 11 and a primitive root α = 2.
a. If user A has public key YA = 9, what is A's private key XA? Show your work!
b. If user B has public key YB = 3, what is the shared secret key K? Show your work!
5.Consider a one-way authentication technique based on asymmetric encryption:
A à B: IDA
B à A: E(PUa, R2)
A à B: R2
a. Explain the protocol.
b. What type of attack is this protocol susceptible to?
6.In the context of Kerberos, answer all of the following questions:
a. When Bob receives a ticket from Alice, how does he know it is genuine?
b. When Bob receives a ticket from Alice, how does he know it came from Alice?
c. Alice receives a reply, how does she know it came from Bob (that it's not a replay of an
earlier message from Bob)?
d. What does the ticket contain that allows Alice and Bob to talk securely?
7.Is it possible in SSL for the receiver to reorder SSL record blocks that arrive out of order? If so,
explain how it can be done. If not, why not?