CSC 249
HW 9
Due April 21, 2017
1) Suppose that Bob receives a PGP message from Alice. How does Bob know for sure that
Alice created the message (rather than, say, Trudy)? Does PGP use a MAC for message
integrity?
2) Suppose Bob initiates a TCP connection to Trudy who is pretending to be Alice. During
the handshake, Trudy sends Bob Alice’s certificate. In what step of the SSL handshake
algorithm will Bob discover that he is not communicating with Alice?
3) The figure below shows the operations that Alice must perform with PGP to provide
confidentiality, authentication, and integrity. Diagram the corresponding operations
that Bob must perform on the package received from Alice.
-
KA
m
H(.)
K (.)
-
-
KA(H(m))
KS
A
+
.
KS( )
+
m
KS
+
.
KB( )
K+
B
Internet
+
KB(KS )
4) Do the SSL Wireshark lab:
SSL Wireshark Lab
As with the Ethernet lab (and all labs this semester): Do not do the lab by writing up answers
to each of the questions, instead…
Write a short lab memo (~1 page), the purpose of which is to provide a means for you to
reflect upon what you are learning about secure sockets, the Internet in general, and this
particular lab. In general:
1. Be clear on what the objective of the lab is – why are you performing these traces
and thinking about the questions posed?
2. Summarize what you did, but do not write out answers to each question.
3. Include one statement demonstrating your growing understanding of the Internet
that goes beyond what is requested directly in the lab handout, as a means to
demonstrate you are processing and reflecting on the course material. Perhaps you
can:
o Make a statement on your growing knowledge of how SSL contributes to
security in the Internet,
CSC 249
HW 9
Due April 21, 2017
o Comment on a new insight about how security works (or doesn’t) in the
Internet,
o Comment on insights gained from your hands-on work versus text book
problems
o Write a well-posed question about the subject area (e.g. I observed _____ in
the Wireshark lab, and wonder how this event is consistent with _____).
o Comment on anything else that relates to the lab and course material
4. Don’t forget to include some conclusions or summary statement.