本文共 1222 字，大约阅读时间需要 4 分钟。

P16

This wouldn’t really solve the problem. Just as Bob

thinks (incorrectly) that he is authenticating Alice in the first half of Figure 7.14, so too can Trudy fool Alice into thinking (incorrectly) that she is authenticating Bob. The root of the problem that neither Bob nor Alice can tell is the public key they are getting is indeed the public key of Alice of Bob.

P17

P18

a) No, without a public-private key pair or a

pre-shared secret, Bob cannot verify that Alice created the message.

b) Yes, Alice simply encrypts the message with Bob’s

public key and sends the encrypted message to Bob.

P19

a) client

b) IP:216.75.194.220,port:443 c) 283 d) 3 SSL records e) 包含了一个加密的主密钥 f) first byte:bc,last byte:29 g) 6 h) 🐴

P20

Again we suppose that SSL does not provide sequence numbers. Suppose that

Trudy, a woman-in-the-middle, deletes a TCP segment. So that Bob doesn’t anything, Trudy needs to also adjust the sequence numbers in the subsequent packets sent from Alice to Bob, and the acknowledgment numbers sent from Bob to Alice. The result will be that Bob will, unknowingly, be missing a packet’s worth of bytes in the byte stream.

P21

No, the bogus packet will fail the integrity check (which uses a shared MAC key).

转载地址：http://dkwai.baihongyu.com/