We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy

See Pricing

What's Your Topic?

Hire a Professional Writer Now

The input space is limited by 250 symbols

What's Your Deadline?

Choose 3 Hours or More.
Back
2/4 steps

How Many Pages?

Back
3/4 steps

Sign Up and See Pricing

"You must agree to out terms of services and privacy policy"
Back
Get Offer

Research assignment 1 acct 429

Hire a Professional Writer Now

The input space is limited by 250 symbols

Deadline:2 days left
"You must agree to out terms of services and privacy policy"
Write my paper

Solution : for this we need to update the latest security patch for the security or the university to patch the flaw on the system. Using the assign on Microsoft page fallowing KGB 2. We have identified a vulnerability in the Internet Public Key Infrastructure (PKZIP) used to issue digital certificates for secure websites. As a proof of concept we executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted by all common web browsers.

This certificate allows us to impersonate any website on the Internet, including banking and e- commerce sites secured using the HTTPS protocol.

Don't use plagiarized sources. Get Your Custom Essay on
Research assignment 1 acct 429
Just from $13,9/Page
Get custom paper

Our attack takes advantage of a weakness in the MAD cryptographic hash unction that allows the construction of different messages with the same MAD hash. This is known as an MAD “collision”. Previous work on MAD collisions between 2004 and 2007 showed that the use of this hash function in digital signatures can lead to theoretical attack scenarios.

Our current work proves that at least one attack scenario can be exploited in practice, thus exposing the security infrastructure of the web to realistic threats .

Solution: Well what I do is again maintain a update and secure the necessary SSL ports and redirecting the source of the attack and check were is coming. 3. A secure cryptographic hash algorithm is one that generates a unique identifier of a fixed size (known as a “digest” or simply “hash”) for a block of data of arbitrary size.

The MAD algorithm is a standard, widely used example of such an algorithm and is defined in IETF RFC 1321. One of the requirements of secure cryptographic hash algorithms is that it be extremely unlikely for two different inputs to the algorithm to generate the same digest. This property is generally referred to as collision resistance and cases where an algorithm generates the same digest for two different blocks of data are known as collisions. Solution : There’s no a solution for this type of Algorithm 4.

This is the Cisco response to research done by Alexander Sootier, Marc Stevens, Jacob Appellate, Arcane Leanest, David Molar, Tag Earn Skip, and Been De Wager pertaining to MAD collisions in certificates issued by vulnerable certificate authorities. Cisco has released an Intelligences activity bulletin detailing the specifics of this issue. This bulletin is available at the following link: http://tools. Cisco. Com/security/center/viewfinder. X? Alerted=17341.

The Cisco Adaptive Security Appliance (AS) and ISO may both serve as certificate authorities and by default use the MAD hashing algorithm in the digital signatures of certificates issued to end users and devices. The hashing algorithm used in digital certificates on the Cisco AS cannot be changed; however, the AS is unlikely to be affected by the attacks described in this research due to the way certificates are generated on the device. Cisco recognizes the weaknesses in MAD and plans to alter the signature algorithm used in digital certificates and modify the methods utilized in creation of CA and endpoint certificates.

This will be addressed by Cisco Bug ID: Chickasaws registered customers only) . The Cisco ISO CA may be vulnerable to the attack described in this research when configured to utilize MAD hashes in endpoint certificates. This is the default behavior; however, the device can be reconfigured to utilize a more secure hashing algorithm. Cisco plans to change this default behavior and modify the methods utilized in creation of CA and endpoint certificates.

Cite this Research assignment 1 acct 429

Research assignment 1 acct 429. (2018, Jun 28). Retrieved from https://graduateway.com/research-essay-assignment-1-acct-429/

Show less
  • Use multiple resourses when assembling your essay
  • Get help form professional writers when not sure you can do it yourself
  • Use Plagiarism Checker to double check your essay
  • Do not copy and paste free to download essays
Get plagiarism free essay

Search for essay samples now

Haven't found the Essay You Want?

Get my paper now

For Only $13.90/page