Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

You are placing an order with an online retailer. To complete a purchase, your w

ID: 3855832 • Letter: Y

Question

You are placing an order with an online retailer. To complete a purchase, your web browser sends a single encrypted, authenticated message to the web site, consisting only of the following information: a) your credit card information, b) the item number and quantity being ordered.

A. Say an adversary is sitting between you and the retailer, with the ability to intercept traffic and send messages. Describe an attack the adversary could carry out to “max out” your credit card. What type of attack is this?


B. What could the retailer do to prevent this attack, simply by changing what data is sent in the single encrypted, authenticated message?


Explanation / Answer

Hi,

Please find below the answer-

Ans A - A man-in-the-middle attack is a type of cyberattack where a intruder or actor inserts him/herself into a conversation between two parties, impersonates both parties and gains access to information that the two parties were trying to send to each other. A man-in-the-middle attack allows a malicious actor to intercept, send and receive data meant for someone else, or not meant to be sent at all, without either outside party knowing until it is too late.

Ans B -

A simple protocol that makes use of the Diffie-Hellman calculation. Suppose that user A
wishes to set up a connection with user B and use a secret key to encrypt messages on that connection. User A can generate a one-time private key XA, calculate YA, and send that to user B. User B responds by generating a private value XB calculating YB, and sending YB to user A. Both users can now calculate the key. The necessary public values q and would need to be known ahead of time. Alternatively, user A could pick values for q and and
include those in the first message.

Regards,

Vinay Singh

Related Questions

You are performing a case-control study dealing with the development of skin can
Question #126188
You are performing a right-tailed test of population mean and the population sta
Question #3319495
You are performing a spectrophotometry assay to quantify the activity of Ribulos
Question #140564
You are performing a titration of 25.0 mL of 0.0100 M Sn4 in 1 M HCl with 0.0500
Question #1053938
You are performing a titration of 25.0 mL of 0.0100 M Sn4 in 1 M HCl with 0.0500
Question #1054291
You are performing an abdominal assessment on a postoperative patient. You are a
Question #137586
You are performing an accounting analysis on ABC Company and noted excessive goo
Question #2417424
You are performing an analyisis of a new metalic alloy created in your research
Question #1472668
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
You are placing an order with an online retailer. To complete a purchase, your w
Next
You are placing an order with an online retailer. To complete a purchase, your w

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.