HomeworkLib
Question

A server often wants to authenticate a client. The SSL/TLS handshake protocol includes the possibility to authenticate the cl

engineering   Computer-Science   
0 0
Add a comment Improve this question Transcribed image text
Next > < Previous
Sort answers by oldest

Homework Answers

Answer #1

For a better understanding, one should first understand The Basic phases of SSL/TLS.
Steps used in SSL:

1.Establish Security Capabilities - used by
the client to initiate a connection and to
establish security capabilities.

2.Server Authentication and Key Exchange -
The server sends its
certificate if it needs to be authenticated.

3.Client Authentication and Key
Exchange - the client verifies that the
the server provided a valid certificate and check that the server's hello
parameters are acceptable.

4. Finish - this phase completes the
setting up a secure connection.

So, For most of the large web pages(Websites with a very large number of visitors) performance matters a lot.

SSL Handshake Protocol performance is not considered to be that high if we talk about web pages since the information that client send has to be encrypted by the server, it takes more server resources than if the information weren’t encrypted.

So, the Cost of performing above four steps of SSL/TSL Handshake for web pages especially for large web pages are comparably high. So, Handshake Protocol is typically not used on the internet when requesting SSL protected web pages.

0 0
Add a comment
Know the answer?
Add Answer to:
A server often wants to authenticate a client. The SSL/TLS handshake protocol includes the possibility to...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions

  • During TLS handshake, the client hello and the server hello messages are not encrypted or authenticated....

    During TLS handshake, the client hello and the server hello messages are not encrypted or authenticated. Explain why a man-in-the-middle cannot exploit these messages. Answer for both Diffie-Hellman and RSA case.?

  • A challenge response scheme can be used to authenticate a client to a server on a...

    A challenge response scheme can be used to authenticate a client to a server on a network. a) What is the main feature of a challenge response scheme compared to just sending the password? b) Why should a nonce be used in challenge response authentication? c) The challenge response protocol in WEP shared key authentication was/is insecure. Explain the weakness.

  • Project Description In this project, you will be developing a multithreaded Web server and a simple...

    Project Description In this project, you will be developing a multithreaded Web server and a simple web client. The Web server and Web client communicate using a text-based protocol called HTTP (Hypertext Transfer Protocol). Requirements for the Web server The server is able to handle multiple requests concurrently. This means the implementation is multithreaded. In the main thread, the server listens to a specified port, e.g., 8080. Upon receiving an HTTP request, the server sets up a TCP connection to...

  • Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around...

    Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...

  • The discussion: 150 -200 words. Auditing We know that computer security audits are important in business....

    The discussion: 150 -200 words. Auditing We know that computer security audits are important in business. However, let’s think about the types of audits that need to be performed and the frequency of these audits. Create a timeline that occurs during the fiscal year of audits that should occur and “who” should conduct the audits? Are they internal individuals, system administrators, internal accountants, external accountants, or others? Let me start you: (my timeline is wrong but you should use some...

  • Please read the article and answer about questions. You and the Law Business and law are...

    Please read the article and answer about questions. You and the Law Business and law are inseparable. For B-Money, the two predictably merged when he was negotiat- ing a deal for his tracks. At other times, the merger is unpredictable, like when your business faces an unexpected auto accident, product recall, or government regulation change. In either type of situation, when business owners know the law, they can better protect themselves and sometimes even avoid the problems completely. This chapter...

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT