SHARE
SPREAD
HELP

The Tradition of Sharing

Help your friends and juniors by posting answers to the questions that you know. Also post questions that are not available.

To start with, Sr2Jr’s first step is to reduce the expenses related to education. To achieve this goal Sr2Jr organized the textbook’s question and answers. Sr2Jr is community based and need your support to fill the question and answers. The question and answers posted will be available free of cost to all.

Sharing the knowledge gained, is a generous way to change our world for the better. -Sr2Jr

 

#
Authors:
James F. Kurose, Keith W. Ross
Chapter:
Security In Computer Networks
Exercise:
Problems
Question:19 | ISBN:9780132856201 | Edition: 6

Question

Consider the Wireshark output below for a portion of an SSL session.

a. Is Wireshark packet 112 sent by the client or server?

b. What is the server’s IP address and port number?

c. Assuming no loss and no retransmissions, what will be the sequence number of the next TCP segment sent by the client?

d. How many SSL records does Wireshark packet 112 contain?

e. Does packet 112 contain a Master Secret or an Encrypted Master Secret or

neither?

f. Assuming that the handshake type field is 1 byte and each length field is

3 bytes, what are the values of the first and last bytes of the Master Secret (or Encrypted Master Secret)?

g. The client encrypted handshake message takes into account how many SSL records?

h. The server encrypted handshake message takes into account how many SSL records?

TextbookTextbookTextbookTextbookTextbookTextbookTextbookTextbookTextbookTextbookTextbookTextbookTextbookTextbookTextbookTextbookTextbook

Answer

a)

 

The Wireshark packet 112 sent by the client to server as the source address is related to 'client' and the destination address is related to 'Server'.

 

b)

 

The server’s IP address is 216.75.194.220 and port number is 443 as refer the server address is is 216.75.194.220  from the wire shark for the portion of SSL in the text book. It is belongs to  Https server in TCP. So, the destination port number is 443.

 

c)

 

 Assuming no loss and no retransmissions, then the sequence number of the next TCP segment sent by the client is 283.

Explanation:

The calculation of sequence number of the next TCP segment sent by the client is adding the length of packet(204) and the present sequence number (79)  from the wire shark output under TCP. So, the sequence numb= 204+79=283.

 

d)

 

The number of SSL(Secure Socket Layer) records does Wireshark packet 112 is 3 as the SSL, there are 3 records found for the packet 112 in wire shark output.

 

e)

 

The packet 112 contains an Encrypted Master Secret as one of the records specified as Encrypted Handshake Message in the SSL.

 

f)

 

Assuming that the handshake type field is 1 byte and each length field is  3 bytes,  the the values of the first of the master secret is "bc" as This field recognies the type of the handshake type 1 byte, that is first field is bc and the last byte of the master secret is 29 as handshake length 3 bytes recognies the length of the handshake message.

 

g)

 

The client encrypted handshake message takes into account, then the found of number of SSL records is 6 as the client encrypted handshake message generally 6 SSL records found.

 

h)

 

The server encrypted handshake message takes into account, then the found of number of SLL records is 9 as the server encrypted handshake message generally  9 SSL records found.

0 0

Discussions

Post the discussion to improve the above solution.