This course did not consist of any assignments independent from being on Canvas, but these are snippets of questions and answers in the course that I consider part of my best.
From HW-Module 14:
cs4641From HW-Module 13:
cs-464-2From HW-Module 9:
Consider the following threats to Web security and describe how each is countered by a particular feature of SSL.
- Brute-Force Cryptanalytic Attack: An exhaustive search of the key space for a conventional encryption algorithm.
- Known Plaintext Dictionary Attack: Many messages will contain predictable plaintext, such as the HTTP GET command. An attacker constructs a dictionary containing every possible encryption of the known-plaintext message. When an encrypted message is intercepted, the attacker takes the portion containing the encrypted known plaintext and looks up the ciphertext in the dictionary. The ciphertext should match against an entry that was encrypted with the same secret key. If there are several matches, each of these can be tried against the full ciphertext to determine the right one. This attack is especially effective against small key sizes (e.g., 40-bit keys).
- Replay Attack: Earlier SSL handshake messages are replayed.
- Man-in-the-Middle Attack: An attacker interposes during key exchange, acting as the client to the server and as the server to the client.
- Password Sniffing: Passwords in HTTP or other application traffic are eavesdropped.
- IP Spoofing: Uses forged IP addresses to fool a host into accepting bogus data.
- IP Hijacking: An active, authenticated connection between two hosts is disrupted and the attacker takes the place of one of the hosts.
- SYN Flooding:An attacker sends TCP SYN messages to request a connection but does not respond to the final message to establish the connection fully. The attacked TCP module typically leaves the “half-open connection” around for a few minutes. Repeated SYN messages can clog the TCP module.
My Answers:
a. The feature of SSL known as Forward Secrecy can keep past sessions secure even when a long-term becomes compromised. SSL uses strong encryption processes so brute-force attacks are essentially weak with the key space provided.
b. Dictionary attacks can be countered by SSL because SSL uses a unique encryption each session.
c. All handshake messages in SSL include MAC. All past messages cannot be replayed in a new session.
d. The PKI counters MITM attacks through ensuring that there is affirmative authentication between the clients and the servers.
e. SSL encrypts all data that is transmitted so even password data trying to be intercepted in the traffic will be unreadable.
f. Similar to how the MITM attacks would be countered, IP spoofing can be countered through ensuring that there is authentication and a handshake.
g. Strong session keys created from SSL can protect against IP hijacking.
h. SYN Flooding can be countered by SSL when it works along with other defense mechanisms such as firewalls and intrusion detections.