Whatsapp Us

Scan or Click here to open the chat!%s

[SOLVED] Tutorial 5 Computer Systems

$25

File Name: Tutorial_5__Computer_Systems.zip
File Size: 263.76 KB

SKU: 7996437983 Category: Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
5/5 - (1 vote)

Tutorial 5 Computer Systems

Tutorial 5 Computer Systems

Copyright By Assignmentchef assignmentchef

Revising Diffie-Hellman key

1) Provides perfect forward
secrecy: ONLY IF EPHEMERAL,
public variables must be
destroyed and not reused!!!

Session keys will not be
compromised
even if the private key is
compromised.
Just getting private key doesnt
help the attacker.

2) No authentication happening

3) Vulnerable to MITM attacks

How does TLS work?
TCP connection is established
Client sends ClientHello to server asking for secure
connection with cipher suites
Server responds with ServerHello and selects one cipher
suite, also includes its certificate and can request client to
send its certificate (mutual authentication)
Client confirms validity of certificate
Client generates session key by random number or Diffie-
concludes and both parties share a key that is
then used for encrypting and decrypting

Certifcates

A certificate is a digitally signed document that provides proof of identity

A certificate authority creates a certificate for Bob including a digital signature which is a
hash of Bobs information (including the public key) which is signed by CAs private key.

To verify

Bob sends Alice his public key in plaintext along with the certificate signed by a root CA
Verify certificate by using CAs public key

Check if Bob has private key by picking a random called (a nonce) and send to bob with his
public key

If the nonce can be sent back in plaintext, it is of certificate validation

Domain Validation
Checks if the requester has some control over the
domain (e.g. emails with the domain, nonces)

Organisational Validation
Connects a certificate to a legal entity
The identity of legal entity is verified

Extended Validation (EV)
Includes an offline process involving authorised officers
to validate legal entity

https://www.digicert.com/difference-between-dv-ov-and-ev-ssl-certificates
https://www.digicert.com/difference-between-dv-ov-and-ev-ssl-certificates

CS: assignmentchef QQ: 1823890830 Email: [email protected]

Reviews

There are no reviews yet.

Only logged in customers who have purchased this product may leave a review.

Related products

Shopping Cart
[SOLVED] Tutorial 5 Computer Systems
$25