HomeworkLib
Question

4. (10’) Describe four key exchange methods used in TLS. Which methods do not need to...

4. (10’) Describe four key exchange methods used in TLS. Which methods do not need to send server- key-exchange message? Why not needed?

engineering   Computer-Science   
0 0
Add a comment Improve this question Transcribed image text
Next > < Previous
Sort answers by oldest

Homework Answers

Answer #1

1. Rivest–Shamir–Adleman (RSA)
The server sends a certificate containing an RSA (public)key; the client validates the cert and uses the publickey to RSA encrypt the random premaster secret. The server proves correct decryption (and is implicitly authenticated) with the Finished message. The server can optionally request client authentication; if so the client sends its own cert and uses its matching privatekey to sign a partial transcript, which the server validates and verifies, but this is rarely used. Except possibly the client auth, this is 'pure' RSA.

2. Ephemeral Diffie-Hellman (DHE)
DHE (DH in ephemeral mode) is used in conjunction with a signing certificate, which can be either RSA or DSA. The server sends its cert which client validates, and also its DH group and ephemeral publickey signed under its cert; client generates its ephemeral key in the same group and sends that, plus its cert and signature if client authentication is used.

3. Elliptic Curve Diffie-Hellman (ECDH)
There is also a method to use DH keyagreement without certificates and authentication, which is in effect ephemeral, but SSL/TLS doesn't call it that, it calls it DH-anon instead. This is usually a bad idea; many people imagine only passive eavesdroppers and think they only need encryption, but in today's internet active attacks of many kinds are widespread and if you don't use authentication you probably aren't secure. You could view this as 'pure' DHE even though it isn't called that.

4. Ephemeral Elliptic Curve Diffie-Hellman (ECDHE)
There are elliptic-curve variants ECDHE (ephemeral, RSA or ECDSA signing} and ECDH-anon. The handshake sequence, and security properties, are the same, only the actual crypto computations are different. These are technically optional but in fact nowadays widely implemented and becoming more popular to use.

Methods which does not need to send Server Key Exchange Message:
If RSA is used for key exchange, then the client can retrieve the public key from the server certificate and encrypt the premaster secret with this key. Similarly, if a fixed Diffie-Hellman key exchange is used, then the client can retrieve the server's Diffie-Hellman parameters from the server certificate, employ these parameters to perform a Diffie-Hellman key exchange, and use the result as the premaster secret. In all of these cases, the server's certificate message is sufficient and no additional information is required for the client to securely communicate a premaster secret to the server. In particular, no Server Key Exchange message is needed.

0 0
Add a comment
Know the answer?
Add Answer to:
4. (10’) Describe four key exchange methods used in TLS. Which methods do not need to...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions

  • The Diffie-Hellman public-key encryption algorithm is an alternative key exchange algorithm that is used by protocols...

    The Diffie-Hellman public-key encryption algorithm is an alternative key exchange algorithm that is used by protocols such as IPSec for communicating parties to agree on a shared key. The DH algorithm makes use of a large prime number p and another large number, g that is less than p. Both p and g are made public (so that an attacker would know them). In DH, Alice and Bob each independently choose secret keys, ?? and ??, respectively. Alice then computes...

  • Answer all of it asap Discrete mathematics Problem 10 (10 pts) Alice and Bob would like to exchange a key using the...

    Answer all of it asap Discrete mathematics Problem 10 (10 pts) Alice and Bob would like to exchange a key using the Diffie-Hellman protocol that uses the following public information: the cyclic group Zio, and 5 as its base element. Alice: If she chooses 3 as her private key, which element does she send to Bob. Bob: If he chooses 4 as his private key, which element does he send to Alice Key-Exchanged: What is their Private Key exchanged. Problem...

  • Describe the Basic Communication Model in detail. Explain the four (4) Message Appeals which are used...

    Describe the Basic Communication Model in detail. Explain the four (4) Message Appeals which are used on consumers. Complete in essay form.

  • Why is symmetric encryption also called private key cryptography? Describe the steps for a user named...

    Why is symmetric encryption also called private key cryptography? Describe the steps for a user named Mike to send a digitally signed message to a user named Sophie. List the four characteristics a hash algorithm should have if it is to be considered secure.

  • 1. In a scenario where Nancy and Matthew are using public key encryption, which keys will...

    1. In a scenario where Nancy and Matthew are using public key encryption, which keys will Matthew have the ability to see in his public keyring (--list-keys)? 2.    If Nancy wishes to send a message to Matthew, which key does she use to encrypt the message? 3.    If Matthew receives an encrypted message from Nancy, which key does he use to read it?   4.    If Matthew wishes to send a message to Nancy, which key does he use to encrypt...

  • Bob is trying to send an encrypted message to Alice using the Asymmetric Key approach. Which...

    Bob is trying to send an encrypted message to Alice using the Asymmetric Key approach. Which key will Bob use to encrypt the message for Alice? Alice's Private Key Bob's Public Key Alice's Public Key Bob's Private Key Alice wants to digitally sign a message so that Bob can be assured that the message came from Alice and has not been changed in transit. Which key must Alice use to encrypt the message digest? Bob's Public Key Bob's Private Key...

  • secuirty 1. When digitally signing a document, which key do you use? A: Symmetric key B:...

    secuirty 1. When digitally signing a document, which key do you use? A: Symmetric key B: Public key C: Private Key D: Your house key 2. Which of the following protocols uses encryption? A: FTP B: Telnet C: SSH D: SMTP 3. What happens when rm is used to delete a file? A: Creates a new hardlink to the file B: Only removes the file pointer C: Removes file pointer and only writes over data D: Removes file pointer and...

  • just need help with part c key and public key cryptography methods 2. (a) Explain the...

    just need help with part c key and public key cryptography methods 2. (a) Explain the difference between the symmetric (b) In the famou s RSA algorithm for public key cryptography, very large prime numbers are used so as to make ult for the attackers to find from their product the prime factors. However, for an illustration of the ideas behind the RSA algorithm, you could chooses two small prime numbers 7 and 11, and a public key e 13...

  • Question (6) (15 Marks) A. List and describe FOUR (4) key pieces of information a designer needs ...

    Question (6) (15 Marks) A. List and describe FOUR (4) key pieces of information a designer needs to B. Describe the challenges a design engineer would experience working with a C. Outline and describe THREE (3) tools that could be used to facilitate the communicate to the manufacturing team to realize a product manufacturing team that speaks a different language communication process between the design and manufacturing team if they spoke different languages? Question (6) (15 Marks) A. List and...

  • SMTP Your task is to develop a simple mail client that sends email to any recipient....

    SMTP Your task is to develop a simple mail client that sends email to any recipient. Your client will need to connect to a mail server, dialogue with the mail server using the SMTP protocol, and send an email message to the mail server. Python provides a module, called smtplib, which has built in methods to send mail using SMTP protocol. However, we will not be using this module in this lab, because it hide the details of SMTP and...

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT