Question

When configuring a web server, you notice the following Cipher Suites are available to use for...

When configuring a web server, you notice the following Cipher Suites are available to use for TLS-based connections:

• Cipher Suite 1: TLS_ECDHE_RSA_AES_128_CBC_SHA256

• Cipher Suite 2: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA

Answer the following questions regarding these two cipher suites.

i. What is the key exchange (Kx) algorithm in Cipher Suite 2?

ii. What is the authentication (Au) algorithm in Cipher Suite 1?

iii. What is the key size of the symmetric cipher in Cipher Suite 1?

iv. What is the effective key size of the symmetric cipher in Cipher Suite 2?

v. What is the message integrity algorithm in Cipher Suite 2?

vi. You are working on a new web store for a client and need to assist the server administrator to configure the web server security settings. State which of these two Cipher Suites would you prefer to use in this context and suggest two reasons why.

Homework Answers

Answer #1

(*Note: Please up-vote. If any doubt, please let me know in the comments)

i.

key exchange (Kx) algorithm is given in the second term so in Cipher Suite 2 it is DHE Diffie–Hellman key exchange.

ii.

the authentication (Au) algorithm in Cipher Suite 1 is RSA (Rivest Shamir Adleman algorithm) as indicated by the third term.

iii.

The key size of the symmetric cipher in cipher suite 1 is 128 bits as indicated by 128 written with AES (cipher name).

iv.

The effective key size in 3DES is 3*56 = 168 bits

v.

The message integrity algorithm in Cipher Suite 2 is SHA (Secure Hash Algorithms) as indicated by the last term.

vi.

I would choose cipher suite 1 as it is more secure, as required for a web store, due to following reasons:

1. AES used in suite 1 is more secure than 3DES in suite2

2. SHA256 used in suite 1 is more secured as compared to SHA which is vulnerable to collision attacks.

Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
NWS620S Tutorial 1: Symmetric Encryption - DES Encryption is the translation of data into a secret...
NWS620S Tutorial 1: Symmetric Encryption - DES Encryption is the translation of data into a secret code so that only authorised entities can read it. Encrypting data is considered a very effective way of achieving data security. To access encrypted data, you must have access to a secret key that enables you to decrypt it. Unencrypted data is called plain text; encrypted data is referred to as cipher text. There are two types of encryption: • Symmetric encryption • Asymmetric...
Overview Your assignment is to complete a wireless network design for a small company. You will...
Overview Your assignment is to complete a wireless network design for a small company. You will place a number of network elements on the diagram and label them appropriately. A network diagram is important to communicate the design features of a network between network administrators, system administrators and cyber-security analysts. It helps to create a shared mental model between these different technologists, yet each will have their own perspective on what is important to have documented on the diagram. Please...
QUESTION 1 Advanced Security Inc. was hired by the Treasury Bank Inc. for securing their systems....
QUESTION 1 Advanced Security Inc. was hired by the Treasury Bank Inc. for securing their systems. The first thing they did was implement the best practice if separation of domains. As a result of this The bank had to get a new domain name. any change made in the records points to only one party who could have made that change. If you are a technical person, you must have office in a particular area of the building. accessing outside...
Please read the article and answear about questions. Determining the Value of the Business After you...
Please read the article and answear about questions. Determining the Value of the Business After you have completed a thorough and exacting investigation, you need to analyze all the infor- mation you have gathered. This is the time to consult with your business, financial, and legal advis- ers to arrive at an estimate of the value of the business. Outside advisers are impartial and are more likely to see the bad things about the business than are you. You should...
ADVERTISEMENT
Need Online Homework Help?

Get Answers For Free
Most questions answered within 1 hours.

Ask a Question
ADVERTISEMENT