ICOM 5018 Final Exam
Open book and notes. Only the text copies, instruction sheet handout, slide printouts and your own notes may be used. In the interests of originality and creativity please turn off all electronic communication devices including celulares, laptops, and pocket computing devices
1. This question relates to
IPSEC, SSL, and SSH
a. Explain the relationship, if
any, between IPSEC and the other two.
IPSEC provides security capabilities at the IP level, and appears as an additional level below the transport layer. SSL is a layer above transport, and is accessed by the secure socket API. There is essentially no relation.
b. Secure HTTP is on well-known
port 480 (ordinary HTTP is on port 80). Explain how the SHTTP server invokes the SSL
As above – the SHTTP server makes its socket API calls to the secure socket API.
c. Repeat b for SSH
SSH is a user of SSL and, like the SHTTP server uses the secure socket API.
d. Explain the fundamental
difference between transport and tunneling
Transport refers to using the next lower layer to carry the information from this layer. Tunneling refers to using this layer to carry another instance of this layer – for example using an additional IP header to mask a machine inside a corporate network
e. Can transport and tunneling
be implemented at other layers than transport?
Yes, transport is universal, and tunneling is used (for example) at the link layer to handle PPP with a DSL connection.
2. This question relates to
Oakley and ISAKMP
a. What is the connection
between the two.
Relatively little, Oakley is just a protocol enhancement to the Diffie-Hellman algorithm to counter some person-in-the middle attacks. ISAKMP is a complete key management protocol.
b. What in general is meant by
an aggressive interchange
One in which some method, such as using timestamps, is used to reduce the number of steps in the interchange.
c. In the example at the top of
page 510 (figure 16.11) explain what would have to be added to make this a
non-aggressive interchange. You can do
this with a one-or-two sentence answer.
A fourth message R->I, needs to be included, with an encryption of a function of the last nonce. The timestamps may be omitted.
3. This question relates to
Electronic mail security
a. Explain the basic
differences between PGP and S/MIME
PGP is a specific mail security format and system that provides encryption and signature – it does not do certificate management, but does key storage using key rings. A typical PGP installation probably provides some understanding of certificates. Again, S/MIME is an addition to the MIME layer that provides a full set of certificate-handling capabilities, and also provides Diffie-Hellman for cases where no certificates exist.
b. Does PGP support signature
without encrypted content (for example signing a University regulation on
No. (I didn’t ask for an explanation, but it provides only the encrypted, authenticated format).
c. How does S/MIME support signature
without encrypted content
It is an additional content type.