cs35Lhw9

cs35Lhw9 - 1. Even if the network connection between the...

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
1. Even if the network connection between the SSH server and the client is being tapped, the connection will still be secure. It is becuase that the ssh keys transferring between the client and the host are non-reversible hashed values. Therefore, even if the attacker can successfully intercept the data, it is still impossible for him the discover what the real passphrase is. Although the SSH public/private key mechanism can significantly reduce the success rate of keyboard/network tapping attack; however, it is not perfect. When the connection between the SSH host and client is being estabilished for the very first time, the host and client has to determine eachother's identity by using passphrases. When this happens, the attacker can easily obtain the passphrase by tapping the client's keyboard, and therefore makes the latter SSH encryptions useless. 2. The biggest challenge would be how to estabilish the host-client connection for the very first time safely. As shown in problem 1, although SSH can
Background image of page 1
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 06/02/2009 for the course CS 35L taught by Professor Eggert during the Spring '09 term at UCLA.

Ask a homework question - tutors are online