Chapter 17 1 Synchronous Diffiehellman 12 The Final Message Phase

CHAPTER 17: TRANSPORT-LEVEL SECURITY

TRUE OR FALSE

T F 1. A TLS session is an association between a client and a server.

T F 2. Secure Sockets Layer (SSL) is an Internet standard that evolved

from a commercial protocol known as Transport Layer Security

(TLS).

T F 3. Sessions are used to avoid the expensive negotiation of new

security parameters for each connection that shares security

parameters.

T F 4. The Handshake Protocol is the simplest of the four TLS-specific

protocols that use the TLS Record Protocol.

T F 5. The World Wide Web is fundamentally a client/server application

running over the Internet and TCP/IP intranets.

T F 6. One way to classify Web security threats is in terms of the location

of the threat: Web server, Web browser, and network traffic

between browser and server.

T F 7. The encryption of the compressed message plus the MAC must

increase the content length by more than 1024 bytes.

T F 8. The Change Cipher Spec Protocol is one of the four TLS-specific

protocols that use the SSL Record Protocol.

T F 9. The SSL Record Protocol is used before any application data is

transmitted.

T F 10. The first element of the CipherSuite parameter is the key exchange

method.

T F 11. The certificate message is required for any agreed on key

exchange method except fixed Diffie-Hellman.

T F 12. Phase 3 completes the setting up of a secure connection of the

Handshake Protocol.

T F 13. The shared master secret is a one-time 48-byte value generated

for a session by means of secure key exchange.

T F 14. SSL/TLS attacks can be grouped into four general categories:

attacks on the handshake protocol, attacks on the record and

application data protocols, attacks on the PKI, and other attacks.

T F 15. Server authentication occurs at the transport layer, based on the

server possessing a public/private key pair.

MULTIPLE CHOICE

1. The SSL Internet standard version is called _________ .

A) SSH B) HTTP

C) SLP D) TLS

2. The most complex part of TLS is the __________ .

A) SSL Record Protocol B) Handshake Protocol

C) Change Cipher Spec Protocol D) Alert Protocol

3. _________ attacks include impersonating another user, altering messages in transit

between client and server and altering information on a Web site.

A) Active B) Passive

C) Shell D) Psuedo

4. The symmetric encryption key for data encrypted by the client and decrypted by

the server is a _________ .

A) server write key B) client write key

C) sequence key D) master key

5. _________ provides secure, remote logon and other secure client/server facilities.

A) SLP B) HTTPS

C) TLS D) SSH

6. An TSL session is an association between a client and a server and is created by

the ___________ .

A) Handshake Protocol B) user

C) Spec Protocol D) administrator

7. An arbitrary byte sequence chosen by the server to identify an active or

resumable session state is a _________ .

A) peer certificate B) session identifier

C) compression D) cipher spec

8. The _________ is used to convey TLS-related alerts to the peer entity.

A) Change Cipher Spec Protocol B) Alert Protocol

C) SSL Record Protocol D) Handshake Protocol

9. With each element of the list defining both a key exchange algorithm and a

CipherSpec, the list that contains the combination of cryptographic algorithms

supported by the client in decreasing order of preference is the __________ .

A) CipherSuite B) Random

C) Session ID D) Version

10. Phase _________ of the Handshake Protocol establishes security capabilities.

A) 4 B) 1

C) 2 D) 3

11. The __________ approach is vulnerable to man-in-the-middle attacks.

A) Anonymous Diffie-Hellman B) Fixed Diffie-Hellman

C) Remote Diffie-Hellman D) Synchronous Diffie-Hellman

12. The final message in phase 2, and one that is always required, is the ___________

message, which is sent by the server to indicate the end of the server hello and

associated messages.

A) server_done B) no_certificate

C) goodbye D) finished

13. A ______ is an identifier of a user of TCP.

A) protocol B) port

C) seed D) shell

14. A PseudoRandom Function takes as input:

A) a secret value B) an identifying label

C) a seed value D) all of the above

15. _________ is organized as three protocols that typically run on top of TCP for

secure network communications and are designed to be relatively simple and

inexpensive to implement.

A) SSL B) SSH

C) TLS D) SSI

SHORT ANSWER

1. __________ uses Diffie-Hellman or Elliptic Curve Diffie-Hellman for key

exchange and does not permit RSA.

2. The _________ Protocol allows the server and client to authenticate each other

and to negotiate an encryption and MAC algorithm along with cryptographic

keys to be used to protect data sent in a TLS Record.

3. _________ attacks include eavesdropping on network traffic between browser

and server and gaining access to information on a Web site that is supposed

to be restricted.

4. The TLS Record Protocol provides two services for TLS connections:

confidentiality and ___________ .

5. The _________ takes an application message to be transmitted, fragments the

data into manageable blocks, optionally compresses the data, applies a MAC,

encrypts, adds a header, and transmits the resulting unit in a TCP segment.

6. __________ refers to the combination of HTTP and SSL to implement secure

communication between a Web browser and a Web server.

7. Two important TLS concepts are the TLS session and the TLS _________ .

8. Three standardized schemes that are becoming increasingly important as

part of Web commerce and that focus on security at the transport layer are:

SSL/TLS, HTTPS, and _________.

9. Three higher-layer protocols defined as part of TLS are: The Handshake

Protocol, The Change Cipher Spec Protocol, and the __________ .

10. _________ would appear to be the most secure of the three Diffie-Hellman

options because it results in a temporary, authenticated key.

11. A signature is created by taking the hash of a message and encrypting it with

the sender’s _________ .

12. With __________ , the user’s SSH client receives traffic with a given destination

port number, places the traffic on the correct port and sends it to the

destination the user chooses.

13. _________ require a client write MAC secret, a server write MAC secret, a client

write key, a server write key, a client write IV, and a server write IV, which

are generated from the master secret in that order.

14. TLS makes use of a pseudorandom function referred to as __________ to expand

secrets into blocks of data for purposes of key generation or validation.

15. __________ allows the client to set up a “hijacker” process that will intercept

selected application-level traffic and redirect it from an unsecured TCP

connection to a secure SSH tunnel.

TRUE OR FALSE

MULTIPLE CHOICE

SHORT ANSWER