In which way does a Secure Socket Layer (SSL) server prevent a “man-in-the-middle” attack?
A.
It uses signed certificates to authenticate the server’s public key.
B.
A 128 bit value is used during the handshake protocol that is unique to the connection.
C.
It uses only 40 bits of secret key within a 128 bit key length.
D.
Every message sent by the SSL includes a sequence number within the message contents.
Explanation:
Secure Sockets Layer (SSL). An encryption technology that is used to provide
secure transactions such as the exchange of credit card numbers. SSL is a socket layer security
protocol and is a two-layered protocol that contains the SSL Record Protocol and the SSL
Handshake Protocol. Similiar to SSH, SSL uses symmetric encryption for private connections and
asymmetric or public key cryptography (certificates) for peer authentication. It also uses aMessage Authentication Code for message integrity checking.
Krutz: The CISSP Prep Guide pg. 89. It prevents a man in the middle attack by confirming that you
are authenticating with the server desired prior entering your user name and password. If the
server was not authenticated, a man-in-the-middle could retrieve the username and password
then use it to login.
The SSL protocol has been known to be vulnerable to some man-in-the-middle attacks. The
attacker injects herself right at the beginning of the authentication phase so that she obtains both
parties’ keys. This enables her to decrypt and view messages that were not intended for her.
Using digital signatures during the session-key exchange can circumvent the man-in-the-middle
attack. If using kerberos, when Lance and Tanya obtain each other’s public keys from the KDC,
the public keys are signed by the KDC. Because Tanya and Lanace have the public key of the
KDC, they both can decrypt and verify the signature on each other’s public key and be sure that it
came from the KDC itself. Because David does not have the private key of the KDC, he cannot
substitute his pubic key during this type of transmission. Shon Harris All-In-One CISSP
Certification pg. 579.
One of the most important pieces a PKI is its public key certificate. A certificate is the mechanism
used to associate a public key with a collection of components sufficient to uniquely authenticate
the claimed owner. Shon Harris All-In-One CISSP Certification pg. 540.