Initial exchanges of public keys are vulnerable to the man-in-the-middle attack. Describe as many
defences against it as you can.

What will be an ideal response?

1. Use a private channel for the delivery of initial keys, such as a CDROM delivered by hand or by some
other rellable method.
2. Include the Domain Name in the certificate and deal only with the correct corresponding IP address.
3. If certificates are delivered through the network, validate them with a ‘key fingerprint’ – a character
string that is derived from the key with a standard one-way function - that was delivered by a separate
channel (e.g. on a business card).

Computer Science & Information Technology

You might also like to view...

More than ________ billion people frequent social networking sites each month

A) 5 B) 2 C) 3 D) 1

View

Computer Science & Information Technology

To remove a value from a specific index in the ArrayList, use method ______.

a) Remove b) RemoveAt c) Delete d) DeleteAt

View

Computer Science & Information Technology

Initial exchanges of public keys are vulnerable to the man-in-the-middle attack. Describe as many defences against it as you can.

You might also like to view...

Initial exchanges of public keys are vulnerable to the man-in-the-middle attack. Describe as many
defences against it as you can.