WeChat:lovexc60
1. 1. Message Integrity
1. SSL/TLS:
1a. [4 pts] Suppose that in the SSL Full Handshake, as shown, the Finished messages do not contain a
The above diagram shows the SSL Full handshake.
Alice purchased goods from Trudy’s website. Alice wants to transfer $100 (one hundred dollars)
to Trudy. Alice has a public and private key pair that the bank already knows the fingerprint of.
Alice sends a digitally signed message to the bank stating that $100 should be transferred from
her account to Trudy’s account. The bank successfully authenticates Alice’s digital signature and
performs the transfer.
1a. [4 pts] As stated above, how would Alice generate the digital signature?
1b. [4 pts] How can Trudy (who is evil) take advantage of this system to get herself more
money? 1c. [4 pts] How can the communication be modified to prevent this attack?
1. 1. Message Integrity. Suppose Alice purchased something from Trudy on eBay, and now needs
to send $100 to Trudy. Alice would send a message to the bank to make the transfer. The bank
requires Alice’s password in the message, as follows:
Alice -> Bank: Hello
Bank -> Alice: Use this nonce R
Alice -> Bank: encrypt_using_bank’s_public_key(“Transfer $100 to Trudy”, R, Alice’s_password)
1a. [4 pts] How would Trudy use this protocol to steal money from Alice? Explain in detail.
1b. [2 pts] What information does Trudy need to capture in order for her attack to work?
1c. [4 pts] How does the bank know that Alice is the original entity performing this request?
1d. [4 pts] Describe in detail two ways to improve this protocol.
checksum of all previous handshake messages. Describe two ways that an attacker can take advantage
of this flaw.
1b. [4 pts] Describe each algorithm of this ciphersuite its purpose in SSL/TLS:
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
1c. [2 pts] What’s the primary security difference between these two ciphersuites:
TLS_DHE_RSA_WITH_AES_128_CBC_SHA and
TLS_DH_RSA_WITH_AES_128_CBC_SHA
2a. [3 pts] What messages are hashed by each of the Finished messages in the SSL Full
Handshake? Be specific.
2b. [3 pts] When is the first encrypted message sent from each side in the SSL Full Handshake?
2c. [3 pts] What is the SSL Abbreviated Handshake and how are the messages different from the
SSL Full Handshake?
2d. [3 pts] Why should the TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA ciphersuite, which is a
TLS 1.2 ciphersuite, not be used anymore?
2e. [3 pts] If an attacker sent a TCP RST message to reset a TLS connection, does TLS know that
the TCP connection was attacked? How?