Question

In: Computer Science

When configuring a web server, you notice the following Cipher Suites are available to use for...

When configuring a web server, you notice the following Cipher Suites are available to use for TLS-based connections:

• Cipher Suite 1: TLS_ECDHE_RSA_AES_128_CBC_SHA256

• Cipher Suite 2: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA

Answer the following questions regarding these two cipher suites. (10 marks total)

i. What is the key exchange (Kx) algorithm in Cipher Suite 2? (1 mark)

ii. What is the authentication (Au) algorithm in Cipher Suite 1? (1 mark)

iii. What is the key size of the symmetric cipher in Cipher Suite 1? (1 mark)

iv. What is the effective key size of the symmetric cipher in Cipher Suite 2? (1 mark)

v. What is the message integrity algorithm in Cipher Suite 2? (1 mark)

vi. You are working on a new web store for a client and need to assist the server administrator to configure the web server security settings. State which of these two Cipher Suites would you prefer to use in this context and suggest two reasons why.

Solutions

Expert Solution

Question 1) What is the key exchange (Kx) algorithm in Cipher Suite 2?

Answer: As from the cipher suite TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, you can see the last three letters are SHA depicting that the key exchange (Kx) algorithm is Secure Hash Algorithm 1 (SHA).

Question 2) What is the authentication (Au) algorithm in Cipher Suite 1?

Answer: Rivest Shamir Adleman algorithm (RSA)

Question 3) What is the key size of the symmetric cipher in Cipher Suite 1?

Answer: 128bit.

Question 4) What is the effective key size of the symmetric cipher in Cipher Suite 2?

Answer: 168 bits

Question 5) What is the message integrity algorithm in Cipher Suite 2?

Answer: MAC algorithm

Question 6) You are working on a new web store for a client and need to assist the server administrator to configure the web server security settings. State which of these two Cipher Suites would you prefer to use in this context and suggest two reasons why.

Answer: I will prefer to use TLS_ECDHE_RSA_AES_128_CBC_SHA256 as it is more secure, it has better authentication algorithm and key exchange algorithm is more advance Elliptic Curve Diffie-Hellman Ephemeral (ECDHE).


Related Solutions

Web Server is the computer that stores Web Server Software and Website. If you are running...
Web Server is the computer that stores Web Server Software and Website. If you are running some service like Food Panda which type of Hosting Server will be used. Answer your question by discussion and comparison of different types of web hosting? If you have low budget so what will be the best possible hosting plan in this situation? Justify your answer by logical reasoning.
When you put a Servlet in a Web Application on the Tomcat/Glassfish server, how do you...
When you put a Servlet in a Web Application on the Tomcat/Glassfish server, how do you go about running this Servlet? a. From the Browser’s URL(give path):
Network administrators warn against configuring a file server to use DHCP. Explain what would happen if...
Network administrators warn against configuring a file server to use DHCP. Explain what would happen if a file server was configured to use DHCP and, due to a power outage, the file server and DHCP server rebooted at the same time? Justify your answer.
Use the sample entry from an Apache web server log below to answer the following questions....
Use the sample entry from an Apache web server log below to answer the following questions. (10 marks total) CSE1CPR 2020 Final Exam Page 8 10.10.0.2 - - [1/Jan/2020:10:02:45 +0000] “GET /login.php?username=admin&password=password&submit=TRUE HTTP/1.1 302 i. Identify the key information in this message and briefly describe what this log entry is telling you? ii. What security threat or vulnerability can you see from this log entry? iii. How might this cause harm? iv. Suggest how the website developer or administrator might...
Use the sample entry from an Apache web server log below to answer the following questions....
Use the sample entry from an Apache web server log below to answer the following questions. 10.10.0.2 - - [1/Jan/2020:10:02:45 +0000] “GET /login.php?username=admin&password=password&submit=TRUE HTTP/1.1 302 i. Identify the key information in this message and briefly describe what this log entry is telling you? ii. What security threat or vulnerability can you see from this log entry? iii. How might this cause harm? i v. Suggest how the website developer or administrator might mitigate this threat or vulnerability?
Use the sample entry from an Apache web server log below to answer the following questions....
Use the sample entry from an Apache web server log below to answer the following questions. 10.10.0.2 - - [1/Jan/2020:10:02:45 +0000] “GET /login.php?username=admin&password=password&submit=TRUE HTTP/1.1 302 i. Identify the key information in this message and briefly describe what this log entry is telling you? ii. What security threat or vulnerability can you see from this log entry?   iii. How might this cause harm? iv. Suggest how the website developer or administrator might mitigate this threat or vulnerability?
In this assignment, you will develop a simple Web server in Python that is capable of...
In this assignment, you will develop a simple Web server in Python that is capable of processing only one request. Specifically, your Web server will (i) create a connection socket when contacted by a client (browser); (ii) receive the HTTP request from this connection; (iii) parse the request to determine the specific file being requested; (iv) get the requested file from the server’s file system; (v) create an HTTP response message consisting of the requested file preceded by header lines;...
The following is a mock-up of a Nginx web server access log. There are a few...
The following is a mock-up of a Nginx web server access log. There are a few entries that might indicate someone is searching for an attack vector. Write a command that will do all of the wollowing; Read the lines from a file Use a single regular expression to find all lines where; Someone tried to access a file starting with a period (example ".htaccess") OR Someone attempted to open one of; "php.ini" or "wp.conf" OR Someone tried to retrieve...
You are organizing the operating room suite when you notice a reprocessed single-use item ready to...
You are organizing the operating room suite when you notice a reprocessed single-use item ready to be opened on your back table. Please explain your stand point on this? Please answer the following question. You must have a minimum of 100 words in your original post.
What type of budget is best to use when configuring productivity data to get actual data?
What type of budget is best to use when configuring productivity data to get actual data?
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT