Review Questions
7.1 For a user workstation in a typical business environment, list potential locations for confidentiality attacks.
- Eavesdropping on the LAN itself
- A remote access point such as dial-in
- Wiring closet
- Routers that connect to the internet
- On any line that your traffic traverses e.g.
- the local telephone company
- Point-to-point terrestrial links (microwave, wireless etc.)
- Satellite communication
7.2 What is the difference between link and end-to-end encryption?
Link encryption happens between links in this way it is much harder to determine the source and destination because routing information is encrypted between each link. However the message is still vulnerable at the switches themselves, so you need end-to-end encryption to guarentee that switches not under your controll are not releasing the message.
For more see Table 7.1 Characteristics of Link and End-to-End Encryption
7.3 What types of information might be derived from a traffic analysis attack?
- Who is communicating
- How frequently the partners are communicating
- Message pattern, message length, or quantity of messages that suggest important information is being exchanged.
- The events that correlate with special conversations between particular partners
7.4 What is traffic padding and what is its purpose?
Traffic padding produces ciphertext output continuously, even in the absence of plaintext. This makes it impossible for an attacker to distinguish between true data flow and padding and therefore impossible to deduce the ammount of traffic.
7.5 List ways in which secret keys can be distributed to two communicating parties.
- A can select a key and physically deliver it to B
- A third party can select the key and physically deliver it to A and B.
- If A and B have previously and recently used a key, one party can transmit the new key to the other, encrypted using the old key.
- If A and B each has an encrypted connection to a third party C, C can deliver a key on the encrypted links to A and B.
7.6 What is the difference between a session key and a master key?
A master key is used by a key distribution center to encrypt and deliver a temporary session key that is used to communicate between parties.
7.7 What is a nonce?
A word ocurring, invented, or used just for a partiuclar occasion. In this case the occasion is to keep track of which response goes to which request - a book keeping take.
7.8 What is a key distribution center?
A key distribution center is a trusted third party that handles the distribution of session keys.
7.9 What is the difference between statistical randomness and unpredictability?
Randomness:
- Uniform distribution: The distribution of numbers in the sequence should be uniform; that is, the frequency of occurrence of each of the numbers should be approximately the same.
- Independence: No one value in the sequence can be inferred from the others.
Unpredictability: When generating pseudorandom numbers you will not have independence but you need unpredictability as well as adherence to a uniform distribution.