Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

(9 points IPSEC, phase 1, main mode, symmetric key option is illustrated below w

ID: 3834767 • Letter: #

Question

(9 points IPSEC, phase 1, main mode, symmetric key option is illustrated below where K h (IC, RC, gab mod p, RA, RB, KAB), and AB is a symmetric key shared by Alice and Bob. IC, CP IC,RC, CS ICRC, ga mod p, RA ICRC, gb mod p, R IC,RC, ice proof A, K) Alice IC,RC, E("Bob", proofR, K) (a) As discussed in class and in the textbook, this protocol fails to provide anonymity. Since main modes are supposed to provide anonymity, this is a significant flaw. Clearly explain why this protocol fails to provide anonymity

Explanation / Answer

(a) Privacy is becoming a critical issue on the Internet. Users feel that one of the most important barriers to using the Internet is the fear of having their privacy violated. Governments around the world have introduced legislation placing requirements upon the way in which personal information is handled. In attempt to provide some technical solutions within the privacy void, several network-based privacy-enhancing technologies have been developed in recent years.

There is a Catch-22 situation|Bob must know that he is talking to Alice before he can decrypt message 5, which is the rst place that Alice identies herself. Consequently, Bob uses Alice's IP address to identify Alice. But this
implies that Alice has a static IP address, which o ers very limited (if any) anonymity.

(b)

For a successful and secure communication using IPSec, the IKE (Internet Key Exchange) protocols takes part in a two step negotiation. Main mode or Aggressive mode (Phase 1) authenticates and/or encrypts the peers. Quick mode (Phase 2) negotiates the algorithms and agree on which traffic will be sent across the VPN.

Aggressive mode can be used within the phase 1 VPN negotiations, as opposed to Main mode. Aggressive mode takes part in fewer packet exchanges. Aggressive mode does not give identity protection of the two IKE peers, unless digital certificates are used. This means VPN peers exchange their identities without encryption (clear text). It is not as secure as main mode, but the advantage to aggressive mode is that it is faster than Main mode.

Aggressive mode is typically used for remote access VPN’s (remote users). Also you would use aggressive mode if one or both peers have dynamic external IP addresses. Although you don’t have to use Aggressive mode if the peer devices are using digital certificates.

Aggressive mode is not flawed, since aggressive mode does not attempt to provide anonymity.

Related Questions

(8c27p110) A battery of ? = 2.70 V and internal resistance R = 0.700 ? is drivin
Question #1905076
(8c27p22) A solar cell generates a potential difference of 0.0970 V when a 500 2
Question #1866223
(8c27p22) A solar cell generates a potential difference of 0.1382 V when a 500 r
Question #1538215
(8c27p22) A solar cell generates a potential difference of 0.1382 V when a 500 r
Question #1596114
(8c27p22) A solar cell generates a potential difference of 0.1397 V when a 500 r
Question #585899
(8c27p66) The figure shows the circuit of a flashing lamp, like those attached t
Question #2029598
(8c27p66) The figure shows the circuit of a flashing lamp, like those attached t
Question #2142781
(8c28p17) An electron with kinetic energy 1.68 keV circles in a plane perpendicu
Question #2261101

Navigate

Previous
(9 Quizzes , CHEN Chegg Capitol City Stax Math × C Secure: https://lccc-wydesire
Next
(9 points) A news article reports that Americans have differing views on two pot

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.