In: Computer Science
4.What is the purpose of padding, Message Authentication Code (MAC), handshake protocol, change cyber suite (CCS) protocol?
5.How does TLS provide: confidentiality, availability, integrity, non-repudiation?
6.Is TCP a user of TLS services or does it provide services to TLS (hard question) – explain your answer in one sentence?
7.Does TLS use sequence numbers?
8.Sequence numbers can be used to launch replay attacks (as in TCP).How does TLS protect against replay attacks?
4.What is the purpose of padding , message authentication code,handshake protocal,change cyber suite protocal?
What is the purpose of padding:
solution: the primary use of the padding with classical ciphers is to prevent the crytanalyst from using that predictability to find known plaintext that aids in breaking the encryption.
random length padding also prevents an attacker from knowing the exact length of the plain text message
Message authentication code(MAC):
solution:sender and receiver share same key where sender generates a fixed size output called cryptographic checksum or message authentication code and appends it to the original message.
on receiver side receiver also generates the code and compares it with what he/she received thus ensuring the originality of the message
components of MAC
1. message
2.key
3.MAC algorithm
4.MAC value
Handshake protocal:
solution:
The TLS handshake protocal is used to authentication the participants of the communication and negotitaye an encryption algorithm
this allows the client and server to agree upon an encryption method and prove who they are using cryptographic keys before any data is sent between them
Change cyber suite protocal:
solution:
cyber suite is comprehensive cyber insurance package designed to help your business respond to wide range of cyber attacks so change the cyber suite protocal to improve the security of data that provides suite
5. How does TLS provides:confidentiality,availability,integrity,non-repudiation?
confidentiality: TLS use a combination of symmetric and asymmetric encryption to ensure message privacy
during TLS handshake,TLS client and server agree an enryption algorithm and a shared secret key to be used for one session only
integrity: TLS ensure that between encrypting , transmitting and decrypting the data no information is lost, damaged,tampered with or falsified.
A TLS connection starts with a handshake phase where a client and server agree on a shared secret and important parameter like cipher suites, are negotiated
availability: security of the TLS protocal suggests HTTPS provides availability
non-repudiation: although it relies on public key signature for authentication,TLS protects message integrity and confidentislity of exchange messages via shared secret keys that are established at the beginning of the session
6.is TCP a user of TLS services or does it provide services to TLS explain one sentance?
solution:
the TLS protocal is designed to provide three essential services to all applications running there are Encryption,Authentication,and integrity
7.Does TLS use sequence number?
solution:
TLS uses 64-bit sequence numbers,and these are implicit transmitted as part of TLS
8.sequence numbers can be used to launch replay attacks. how does TLS protect against replay attacks?
solution:
A reply attack is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated tjid is carried out either who intercepts data and retransmission it
TLS protect against replay attacks?
TLS only protects thhe transport and thus it provides protection gainst modifying or replaying of the encrypted data only it does not protect against any kind of modifications or replaying of the data before the encryption or after decryption
kindly requesting please upvote my answer and my answer is correct