X 509 authentication service pdf

https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=b98a9035-9055-495e-bca5-81410d36b3ff&course_i… 1/4

%30

%29

SafeAssign Originality Report Network Security - 201931 - CRN185 - Kotaprolu • Week 4 Assignment Submission

%59Total Score: High riskThakur Prabhakar Jilludimudi Submission UUID: 8e7e56df-5cd8-fca0-84fd-309126cf0557

Total Number of Reports

1 Highest Match

59 % Assignment_4.doc

Average Match

59 % Submitted on

06/06/19 8:47 PM EDT

Average Word Count

934 Highest: Assignment_4.doc

%59Attachment 1

Global database (6)

Student paper Student paper Student paper

Student paper Student paper Student paper

Institutional database (5)

Student paper Student paper Student paper

Student paper Student paper

Top sources (3)

Excluded sources (0)

View Originality Report - Old Design

Word Count: 934 Assignment_4.doc

1 2 8

9 5 7

4 3 10

6 11

1 Student paper 4 Student paper 3 Student paper

4.1 List ways in which secret keys can be distributed to two communicating parties.

1. A key can be selected by party A and physically delivered to party B.

2. A key can physically be deliver to part A and party B through a third party. 3. A key can be delivered to both parties through encryption either through a third

party or among themselves. However, they must have been in communication before for the encryption to take place.

4.2 What is the difference between a session key and a master key?

A session key is a temporary key that two principals uses through encryption. On the other hand, a master key is a long lasting key used by the key

distribution center. The purpose of the master key is to allow communication between the principals and the key distribution center during a transmission

session. More importantly, non-cryptographic means are used by master keys to distribute session keys. 4.3 What is a key distribution center?

It determines the entities that are allowed to communicate with each other. A key distribution center refers to a unit set up to convey temporary key to the

principals. The center employs the use of encryption to convey the keys. The center also uses the master key to transmit communication to the principals.

4.4 What entities constitute a full-service Kerberos environment?

A full-service Kerberos is characterized by certain mandatory entities. First, it must have a Kerberos server. Then, it must have a number of clients. In addition, it

must have a number of application servers.

4.5 In the context of Kerberos, what is a realm?

Kerberos realm occurs in the event of several Kerberos servers. A user is registered in a database using a unique ID. In addition, they have hashed passwords stored in the Kerberos server. The Kerberos server has the ability to share the stored information with other servers. Therefore, the realm is the node points where these servers connect.

4.6 What are the principal differences between version 4 and version 5 of Kerberos?

1

2

3

1

4 2

4

1

5

1

1

1

https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport?attemptId=b98a9035-9055-495e-bca5-81410d36b3ff&course_id=_44079_1&download=true&includeDeleted=true&print=true&force=true
6/6/2019 Originality Report

https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=b98a9035-9055-495e-bca5-81410d36b3ff&course_i… 2/4

Source Matches (31)

Student paper 100%

Student paper 84%

Student paper 74%

Student paper 100%

The 5th version of Kerberos is supposed to address the limitations of the 4th version. It overcomes the environmental shortcomings. It lacks technical

deficiencies experienced with the 4th version. Version 4 had low functionality levels.

4.7 What is a nonce?

A value that can only be used once. Examples include a timestamp and a counter. Also include a random number. The most important requirement is that it should be different in each transaction.

4.8 What are two different uses of public-key cryptography related to key distribution?

Public key cryptography can be subjected to two major uses. First, in public key encryption in which the message is encrypted by the public key used by the

recipient and can be decryption through a private key. Secondly, public key is used to create digital signatures. With this, the message is sent using the private key of the sender upon which it can be verified by whoever has the access to the public key.

4.9 What are the essential ingredients of a public-key directory?

There has to be authority in-order to establish a public key directory. The authority establishes entry for each of the participants. Thereafter, each of the

participants have to register a public key in the directory through the authority. Participants can also access the directory electronically and are often allowed to replace their public key at given times. Furthermore, it often serves as a repository of public-key certificates. 4.10 What is a public-key certificate?

A public key certificate is composed of the public key and the ID of the owner of the public key. The certificate has to be signed by a trusted third party. The

information is presented to the authority by the user in a secure manner. Afterwards, the user is able to print his or her certificate. Public key certificate is availed to anyone who verifies the validity of his or her public key through the way of a signature.

4.11 What are the requirements for the use of a public-key certificate scheme?

Any participant can verify the currency or expiry of the certificate. Only the certificate authority can create and update certificates. Any participant can verify that

the certificate originated from the certificate authority and is not counterfeit. Any participant can read a certificate to determine the name and public key of the certificate’s owner.

4.12 What is the purpose of the X.509 standard?

It is a digital certificate that uses the universally accepted international X.509 public key infrastructure (PKI) standard. It is used to verify that the public indeed

belongs to the said user. X.509 specifies a framework for the provision of authentication services by the X.500 directory to its users. Additionally, X.509

provides alternative authentication protocols based on the use of public-key certificates. 4.13 What is a chain of certificates?

This is a series of certificates as created by certification authorities (CAs). The chain also contains an SSL Certificate. The chain or path begins with the SSL certificate. Here, the successive certificate is a certificate by one CA that certifies the public key of the next CA in the chain.

6

1

1

6 4

1

7

8 1

9

1

4

1

3

10 8

1

11

4.14 How is an X.509 certificate revoked?

They are only considered valid upon use during the validity period. It can be revoked if considered to be no-longer trustable. Also revoked prior to the expiry date defined. The revocation takes place through the use of Certificate Authority (CA).

1

1

Student paper

4.1 List ways in which secret keys can be distributed to two communicating parties.

Original source

4.1 List ways in which secret keys can be distributed to two communicating parties

2

Student paper

A key can be selected by party A and physically delivered to party B.

Original source

can be selected by a third party and physically delivered to A and B

3

Student paper

A key can physically be deliver to part A and party B through a third party.

Original source

· A third party can select the key and physically deliver it to A and B

1

Student paper

4.2 What is the difference between a session key and a master key?

Original source

4.2 What is the difference between a session key and a master key

6/6/2019 Originality Report

https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=b98a9035-9055-495e-bca5-81410d36b3ff&course_i… 3/4

Student paper 82%

Student paper 68%

Student paper 63%

Student paper 100%

Student paper 79%

Student paper 100%

Student paper 77%

Student paper 100%

Student paper 68%

Student paper 100%

Student paper 100%

Student paper 64%

Student paper 69%

Student paper 100%

Student paper 72%

Student paper 62%

4

Student paper

A session key is a temporary key that two principals uses through encryption.

Original source

A session key is a temporary encryption key used between two principals

2

Student paper

On the other hand, a master key is a long lasting key used by the key distribution center.

Original source

A master key is a long lasting key between a distribution center and a user or device, used to encode the session Key

4

Student paper

The purpose of the master key is to allow communication between the principals and the key distribution center during a transmission session.

Original source

A master key is a long-lasting key that is used between a key distribution center and a principal for the purpose of encoding the transmission of session keys

1

Student paper

4.3 What is a key distribution center?

Original source

4.3 What is a key distribution center

5

Student paper

It determines the entities that are allowed to communicate with each other.

Original source

It determines which systems are allowed to communicate with each other

1

Student paper

4.4 What entities constitute a full-service Kerberos environment?

Original source

4.4 What entities constitute a full-service Kerberos environment

1

Student paper

Then, it must have a number of clients. In addition, it must have a number of application servers. 4.5 In the context of Kerberos, what is a realm?

Original source

· A number of clients · A number of application servers 4.5 In the context of Kerberos, what is a realm

1

Student paper

4.6 What are the principal differences between version 4 and version 5 of Kerberos?

Original source

4.6 What are the principal differences between version 4 and version 5 of Kerberos

6

Student paper

The 5th version of Kerberos is supposed to address the limitations of the 4th version.

Original source

The 5th Version of Kerberos intends to address the limitations of version 4 in two areas

1

Student paper

4.7 What is a nonce?

Original source

4.7 What is a nonce

1

Student paper

4.8 What are two different uses of public- key cryptography related to key distribution?

Original source

4.8 What are two different uses of public- key cryptography related to key distribution

6

Student paper

Public key cryptography can be subjected to two major uses.

Original source

Public-key cryptography has two different uses

4

Student paper

First, in public key encryption in which the message is encrypted by the public key used by the recipient and can be decryption through a private key. Secondly, public key is used to create digital signatures. With this, the message is sent using the private key of the sender upon which it can be verified by whoever has the access to the public key.

Original source

The public key of the recipient can be used to encrypt the message, which is in turn decrypted using a private key Secondly, public key cryptography is used as digital signatures The private key of the sender is used to sign the message, which is later verified by recipients with correct public key

1

Student paper

4.9 What are the essential ingredients of a public-key directory?

Original source

4.9 What are the essential ingredients of a public-key directory

7

Student paper

Thereafter, each of the participants have to register a public key in the directory through the authority.

Original source

· Participants register a public key with a directory authority

8

Student paper

Furthermore, it often serves as a repository of public-key certificates.

Original source

The directory may serve as a repository of public-key certificates

6/6/2019 Originality Report

https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=b98a9035-9055-495e-bca5-81410d36b3ff&course_i… 4/4

Student paper 100%

Student paper 62%

Student paper 100%

Student paper 97%

Student paper 100%

Student paper 63%

Student paper 92%

Student paper 84%

Student paper 100%

Student paper 90%

Student paper 100%

1

Student paper

4.10 What is a public-key certificate?

Original source

4.10 What is a public-key certificate

9

Student paper

A public key certificate is composed of the public key and the ID of the owner of the public key.

Original source

The public key and user ID of the key owner is presented to the authority and the certificate is given

1

Student paper

4.11 What are the requirements for the use of a public-key certificate scheme?

Original source

4.11 What are the requirements for the use of a public-key certificate scheme

4

Student paper

Any participant can verify the currency or expiry of the certificate. Only the certificate authority can create and update certificates. Any participant can verify that the certificate originated from the certificate authority and is not counterfeit. Any participant can read a certificate to determine the name and public key of the certificate’s owner.

Original source

· Any participant can verify the currency of the certificate · Only the certificate authority can create and update certificates · Any participant can verify that the certificate originated from the certificate authority and is not counterfeit Any participant can read a certificate to determine the name and public key of the certificate’s owner

1

Student paper

4.12 What is the purpose of the X.509 standard?

Original source

4.12 What is the purpose of the X.509 standard

3

Student paper

It is a digital certificate that uses the universally accepted international X.509 public key infrastructure (PKI) standard.

Original source

An X.509 certificate is a digital certificate that uses the widely accepted international X.509 public key infrastructure (PKI) standard to verify that a public key belongs to the user, computer or service identity contained within the certificate

10

Student paper

X.509 specifies a framework for the provision of authentication services by the X.500 directory to its users.

Original source

X.509 defines a framework for the provision of authentication services by the X.500 directory to its users

8

Student paper

Additionally, X.509 provides alternative authentication protocols based on the use of public-key certificates.

Original source

The X.509 also defines alternative authentication protocols based on the use of public-key certificates

1

Student paper

4.13 What is a chain of certificates?

Original source

4.13 What is a chain of certificates

11

Student paper

Here, the successive certificate is a certificate by one CA that certifies the public key of the next CA in the chain.

Original source

A successive certificate is one CA that certifies the public key of next CA in the chain

1

Student paper

4.14 How is an X.509 certificate revoked?

Original source

4.14 How is an X.509 certificate revoked