Suppose Alice downloads a buggy browser that implements TLS incorrectly. The TLS specification says that, during the handshake, the browser should send a random 256-bit number RB. Instead of picking RB randomly the browser always sends all zeros. Describe an attack that is possible against this buggy browser and how to update the browser so that this attack is no longer feasible.

Question

21-04-2021
Computers and Technology

contestada

Suppose Alice downloads a buggy browser that implements TLS incorrectly. The TLS specification says that, during the handshake, the browser should send a random 256-bit number RB. Instead of picking RB randomly the browser always sends all zeros. Describe an attack that is possible against this buggy browser and how to update the browser so that this attack is no longer feasible.

Respuesta :

Otras preguntas

How many solutions can be found for the set of linear equations? Y = 7(x + 2) and y = 7x + 14

Which is an example of Southern Gothic literature? "Let Sleeping Dogs Lie" "A Good Man is Hard to Find" "The Problem that Has No Name" "The Man Who Was Almost a

Why did the Supreme Court overture Brown v The Board of Education

-2x+5y=-15 and 5x+2y=-6 how could you solve this system using elimination

Economy policy must strike a balance between ideals and

Describe the scoring system in tennis

what is the correct definition of an opportunity cost

5/9+(1/9+4/5). what is the awnser

Jupiter's four large moons -- Io, Europa, Ganymede, and Callisto -- were discovered by Galileo in 1610. Jupiter also has dozens of smaller moons. Callisto has a

This is an emergency it’s in ASAP problem I need this right away I need to find an answer thank you I need it ASAP

AbsorbingMan AbsorbingMan · Answer 1 · 2021-04-22T02:46:30+02:00

Solution :

It is given that Alice downloads the buggy browser which implements a TLS incorrectly. The specification of a TLS states that during a handshake, the browser sends a 256 bit number of RB randomly.

So in this case, a man-n-the-middle attack is possible. It can compromise the confidentiality of Alice. Updating the browser by visiting the website and checking its latest version of the browser or installing some other browser which has a more trust in the market for its security features.