Security Protocols

Question 1

The challenge values used an an authentication protocol can be repeatedly used in multiple sessions

Answer 1

falseP2 L9

Question 2

The authentication messages can be captured and replayed by an adversary

Answer 2

trueP2 L9

Question 3

Authentication can be one-way, e.g. only authenticating Alice to Bob

Answer 3

trueP2 L9

Question 4

A reflection attack is a form of man-in-the-middle-attack

Answer 4

trueP2 L9

Question 5

To defeat a reflection attack, we can use an odd number as a challenge from the initiator and an even number from the responder

Answer 5

trueP2 L9

Question 6

We can use signing with public keys to achieve mutual authentication

Answer 6

trueP2 L9

Question 7

A session key should be a secret and unique to the session

Answer 7

trueP2 L9

Question 8

Authentication should be accomplished before the session key exchange

Answer 8

trueP2 L9

Question 9

A key benefit of using KDC (Key distribution center) is scalability

Answer 9

trueP2 L9

Question 10

In order to for Bob to verify Alice’s public key, the certificate authority must be online

Answer 10

false (just need the CA’s public key, which may be cached)P2 L9

Question 11

Signing the message exchanges in Diffie-Helman eliminates the man-in-the-middle attack during session key exchange.

Answer 11

trueP2 L9

Question 12

Kerberos provides authentication and access control

Answer 12

trueP2 L9

Question 13

Kerberos distributes session keys

Answer 13

trueP2 L9

Question 14

To avoid over-exposure of a user’s master key, Kerberos uses a per-day key and a ticket-granting-ticket

Answer 14

trueP2 L9

Question 15

The authenticators used in requests to KDC and application server can be omitted in Kerberos

Answer 15

falseP2 L9

Question 16

Access to any network resource requires a ticket issued by the KDC in Kerberos

Answer 16

trueP2 L9