| Size: 2040 Comment:  | Size: 2436 Comment:  | 
| Deletions are marked like this. | Additions are marked like this. | 
| Line 33: | Line 33: | 
| * A can select a key and physically deliver it to B * A third party can select the key and physically deliver it to A and B. * If A and B have previously and recently used a key, one party can transmit the new key to the other, encrypted using the old key. * If A and B each has an encrypted connection to a third party C, C can deliver a key on the encrypted links to A and B. 7.6 '''What is the difference between a session key and a master key?''' | |
| Line 35: | Line 41: | 
| 7.6 '''What is the difference between a session key and a master key?''' | 
Review Questions
- 7.1 For a user workstation in a typical business environment, list potential locations for confidentiality attacks. 
- Eavesdropping on the LAN itself
- A remote access point such as dial-in
- Wiring closet
- Routers that connect to the internet
- On any line that your traffic traverses e.g.  - the local telephone company
- Point-to-point terrestrial links (microwave, wireless etc.)
- Satellite communication
 7.2 What is the difference between link and end-to-end encryption? 
Link encryption happens between links in this way it is much harder to determine the source and destination because routing information is encrypted between each link. However the message is still vulnerable at the switches themselves, so you need end-to-end encryption to guarentee that switches not under your controll are not releasing the message.
For more see Table 7.1 Characteristics of Link and End-to-End Encryption
- 7.3 What types of information might be derived from a traffic analysis attack? 
- Who is communicating
- How frequently the partners are communicating
- Message pattern, message length, or quantity of messages that suggest important information is being exchanged.
- The events that correlate with special conversations between particular partners 7.4 What is traffic padding and what is its purpose? 
Traffic padding produces ciphertext output continuously, even in the absence of plaintext. This makes it impossible for an attacker to distinguish between true data flow and padding and therefore impossible to deduce the ammount of traffic.
- 7.5 List ways in which secret keys can be distributed to two communicating parties. 
- A can select a key and physically deliver it to B
- A third party can select the key and physically deliver it to A and B.
- If A and B have previously and recently used a key, one party can transmit the new key to the other, encrypted using the old key.
- If A and B each has an encrypted connection to a third party C, C can deliver a key on the encrypted links to A and B. 7.6 What is the difference between a session key and a master key? 7.7 What is a nonce? 7.8 What is a key distribution center? 7.9 What is the difference between statistical randomness and unpredictability? 
