logo

Hash Algorithm and Encryption Algorithm for Certificate Signature

Answering questions related to advanced network security, including topics such as certificates, encryption algorithms, access control, and firewalls.

9 Pages2432 Words48 Views
   

Added on  2023-01-20

About This Document

This document discusses the hash algorithm and encryption algorithm used for generating the certificate signature in advanced network security. It provides information on the number of bytes in the public key modulus and the algorithms used for encrypting session data, hashing for the MAC, and key exchange. Additionally, it explores the number of bytes of random data sent during the handshake process.

Hash Algorithm and Encryption Algorithm for Certificate Signature

Answering questions related to advanced network security, including topics such as certificates, encryption algorithms, access control, and firewalls.

   Added on 2023-01-20

ShareRelated Documents
COIT20262 Assignment 2 Submission Term 1, 2019
COIT20262 - Advanced Network Security, Term 1, 2019
Assignment 2 Submission
Due date: 5pm Friday 7 June 2019 (Week 12) ASSESSMENT
Weighting: 45%
2Length: N/A
Student Name: enter your name
Student ID: id
Campus: campus
Tutor: tutor
Advanced Network Security Page 1 of 9
Hash Algorithm and Encryption Algorithm for Certificate Signature_1
COIT20262 Assignment 2 Submission Term 1, 2019
Question 1. HTTPS and Certificates
Part (d)
What hash algorithm is used to generate the certificate
signature?
The main purpose of being
associated with the usage of
the SHA algorithm includes
the generation of the
signatures for the certificates.
What encryption algorithm is used to generate the
certificate signature?
The encryption algorithm
which is generally used of the
purpose of generating the
certificate signature is
associated with including the
RSA encryption algorithm
How many bytes is the public key modulus in the
certificate?
The number of bytes which the
public key module consists of
in the certificate is around
2048 bytes
In the TLS cipher suite used between client and server,
what algorithm is used for:
- Encrypting session data?
The key exchange algorithm
which is generally used in the
TLS cipher suite existing
between the server and the
client is the SSL
- Hashing for the MAC? The hashing for the MAC is
done by making use of the
SHA 256
- Key exchange? The Key Exchange algorithm
which is used is associated
with including the ECDHE
How many bytes of random data are sent from the client
to server at the start of the handshake?
The number of bytes which
were sent at the beginning
from the client to the server of
the handshake process was
around 128 bytes
Part (e)
The process which is associated with including the sending of the CSR to the CA along with
the process of receiving the certificate back from there are certainly considered to be the
security issue and the reason behind this is that the certificate authority would be having an
access to the server and along with this it is also seen to be dependent upon the certain
aspects such as the trust and the relationship which is seen to be existing with the certificate
authority.
During the process of receiving back, the certificate which is associated with the usage of the
communication method might be associated with facing the risks related to the man in the
middle attack which is capable of causing the certificate to become available to the hacker
and this in turn leads to compromise of the security which the web servers are having. In
Advanced Network Security Page 2 of 9
Hash Algorithm and Encryption Algorithm for Certificate Signature_2
COIT20262 Assignment 2 Submission Term 1, 2019
addition to this the attacker might also become capable of using the certificate file for the
purpose of conducting forgery by means of the duplicate identity of the user which in turn
would make them capable of performing various illegal activities.
Question 2. Authentication and Access Control
12063113
web13 websecret
web21 correcthorsebatteryapple
web31 T7w/P@z]6k
Group
webdev
Part (e)
Below are the listed some of the major security and convenience issues which are faced by
using the three different password which has been selected by web developers have been
listed below:
/etc/shadow –
- This is generally used for the purpose of storing the details of the password which
is being used by the user
- This is generally having a readable nature in case if it is a root account
- The passwords which are generally used are seen to be stored in an encrypted
format
- It is also possible to generate this by making use of the password file and the
command which is generally used for doing so is pwconv
- The information which are seen to be existing are associated with being changed
at a frequent rate and the main reason behind this is that the password and
password of the user can be changed in a frequent manner.
/etc/passwd –
- This is generally used for the purpose of storing the details related to the accounts
of the user.
- This is generally associated with the storing of each and every details of the users
in a format which is readable.
- This is also seen to existing in the system as a default feature.
- This is seen to be static in nature
/etc/groups –
Advanced Network Security Page 3 of 9
Hash Algorithm and Encryption Algorithm for Certificate Signature_3

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
COIT20262 - Advanced Network Security
|7
|1530
|156

COIT20262 Assignment 2 Submission
|6
|821
|58

Advanced Network Security: Cryptography, Access Control, Firewalls, and Wireless Network Security
|11
|1783
|206

Advanced Network Security: Cryptography, HTTPS, Access Control, Firewalls, Wireless Security
|10
|1404
|169

Advanced Network Security : PDF
|10
|1144
|216

Advanced Network Security - PDF
|9
|1400
|70