Question

In: Computer Science

(Operating System , CSE) What commonly used computer programs are prone to man-in-the-middle attacks? Discuss solutions...

(Operating System , CSE)

What commonly used computer programs are prone to man-in-the-middle attacks? Discuss solutions for preventing this form of attack.

Solutions

Expert Solution

Any protocol that requires a sender and a receiver to agree on a session key before they start communicating is prone to the man-in-the-middle attack. For example, if one were to implement on a secure shell protocol by having the two communicating machines to identify a common session key, and if the protocol messages for exchanging the session key is not protected by the appropriate authentication mechanism, then it is possible for an attacker to manufacture a separate session key and get access to the data being communicated between the two parties. In particular, if the server is supposed to manufacture the session key, the attacker could obtain the session key from the server, communicate its locally manufactured session key to the client, and thereby convince the client to use the fake session key. When the attacker receives the data from the client, it can decrypt the data, reencrypt it with the original key from the server, and transmit the encrypted data to the server without alerting either the client or the server about the attacker’s presence. Such attacks could be avoided by using digital signatures to authenticate messages from the server. If the server could communicate the session key and its identity in a message that is guarded by a digital signature granted by a certifying authority, then the attacker would not be able to forge a session key, and therefore the man-in-the-middle attack could be avoided.

Hope this answers your questions, please leave a upvote if you find this helpful.


Related Solutions

Cyber attacks: Explain what each of the following attacks is: Replay attacks Man-in-the-middle attacks Keylogging
Cyber attacks: Explain what each of the following attacks is: Replay attacks Man-in-the-middle attacks Keylogging
The operating system provides an interface between application programs and the computer hardware. Discuss the process...
The operating system provides an interface between application programs and the computer hardware. Discuss the process of the execution of any application program on the hardware using all managers of the operating system.
The operating system provides an interface between application programs and the computer hardware. Discuss the process...
The operating system provides an interface between application programs and the computer hardware. Discuss the process of the execution of any application program on the hardware using all managers of the operating system.
The operating system provides an interface between application programs and the computer hardware. Discuss the process...
The operating system provides an interface between application programs and the computer hardware. Discuss the process of the execution of any application program on the hardware using all managers of the operating system.
Explain how an operating system protects main memory in a computer system. Discuss three responsibilities that...
Explain how an operating system protects main memory in a computer system. Discuss three responsibilities that an operating system has for file management in a computer system. Clearly distinguish between interrupt and trap. Give examples to illustrate your answer. Describe time-sharing systems and give an example to illustrate your answer. Discuss the 4 categories in which work concerning information security and protection relating to Operating Systems are grouped.
Discuss the following with neat diagram a.Virtualization and its types b.Hypervisor (Operating System , Computer Science...
Discuss the following with neat diagram a.Virtualization and its types b.Hypervisor (Operating System , Computer Science and Engineering )
1. Even when a computer software system is used for management of the practice’s finances, discuss...
1. Even when a computer software system is used for management of the practice’s finances, discuss why following the bookkeeping guidelines for a manual system still has merit. 2. Identify precautions for accepting the types of payments: cash, check, credit card, and debit card.   
1.What is the role of the computer operating system? Identify several activities performed by this key...
1.What is the role of the computer operating system? Identify several activities performed by this key piece of software. 2. What is an entity-relationship diagram, and what is its purpose? 3. What is Hadoop? What are its primary components, and what does each do?
1-What measures (Operating system, application software, network, hardware, etc…) are there in your computer to secure...
1-What measures (Operating system, application software, network, hardware, etc…) are there in your computer to secure your data from hacking? 2-How often do you back up critical data files such as homework files? What type of device do you use for backing up files? Where do you store the backups to ensure they won’t be destroyed if a major disaster (such as a fire) destroys your computer? Do you use online sites for file backups?
Discuss what issues you've had in installing an operating system and if the vendor (Microsoft, Linux,...
Discuss what issues you've had in installing an operating system and if the vendor (Microsoft, Linux, etc.) was helpful in fixing those issues.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT