Question

You are working as a consultant and are assigned the task to set up a secure communication
channel between three premises in the company. The communication should be using
symmetric encryption with new keys exchanged on a daily basis. All premises have individual
X.509 certificates. Describe a solution that includes how to carry out the encryption, key
exchange and certifying that there is no malicious man-in-the-middle attempt

Kindly answer this question in the field of Applied Computer Security....

Answer 1

Answer: An SSL X.509 Certificate is most reliable when issued by a trusted Certificate Authority (CA). The CA has to follow very strict rules and policies about who may or may not receive an SSL Certificate. So, when you have a valid SSL Certificate from a trusted CA, there is a higher degree of trust.

The encryption key exchange is carried out in the following manner:

1. A browser requests a secure page.
2. The web server sends its public key with its certificate.
3. The browser checks that the certificate was issued by a trusted root authority or Certificate Authority and that the certificate is still valid and that the certificate is related to the site contacted.
4. The browser then uses the public key, to encrypt a random symmetric encryption key and sends it to the server with the encrypted URL required as well as other encrypted http data.
5. The web server decrypts the symmetric encryption key using its private key and uses the symmetric key to decrypt the URL and http data.
6. The web server sends back the requested html document and http data encrypted with the symmetric key.
7. The browser decrypts the http data and html document using the symmetric key and displays the information.

How to check if the connection is secure or not:

1. A standard web site without SSL security displays “HTTP” at the beginning of the web site address in the browser address bar. This stands for “Hypertext Transfer Protocol,” and is the conventional way to transmit information over the Internet. However, a web site that is secured with an SSL Certificate will have “HTTPS” before the address. This stands for “Hypertext Transfer Protocol Secure”.
2. You will also see a padlock symbol on the top or bottom of the Internet browser.
3. By clicking the closed padlock in the browser window, or certain SSL trust marks, you can see the authenticated organization name. In high-security browsers, the authenticated organization name is prominently displayed and the address bar turns green when an Extended Validation (EV) SSL Certificate is detected. If the information does not match, or the certificate has expired, the browser displays an error message or warning.