In this question, we study Nested ESP in AH, that is, we combine ESP with AH. Let's look at the site-to-site VPN scenario shown again in Figure 1. Let's assume that Alice's desktop is on VPN Site 1 while Bob's is on VPN site 2. Assume the IP address of Alice's desktop is 130.2.3.244; the IP address of Bob's desktop is 166.100.66.2. In addition, because neither Alice nor Bob trusts all employees in their companies, they would use the Transparent Mode of ESP.

When Alice sends message "Stock X price $29" to Bob, the message sender program running on Alice's desktop needs to firstly compose the packet before it is encrypted. This cleartext packet will be the exact same packet in your answer for Question 3.1. Next, the sender packet will use ESP to encrypt the packet. After this packet is encrypted, what does the packet look like? Please draw the whole packet and mark the fields that are encrypted.

Next, Alice's message sender program will apply the AH protocol so that all IP spoofing attacks and message replacement attacks can be defeated. To compute the hash, which part of the packet resulted from Question 4.1 will be used as the input?

After the hash is computed by Alice's message sender program, the hash will be included in which part of the packet sent out from Alice's desktop?

After a while, the packet will arrive at the VPN router on site 2. Will the VPN router decrypt the packet? Why?

After a while, the packet will arrive at Bob's desktop. Is it possible for Bob to decrypt the packet and get the message before the AH header is verified? Why?

After the packet arrives at Bob's desktop, please give a step-by-step answer on how the AH header is verified by the receiver program running on Bob's desktop.

During the whole process from (4.1) to (4.6), where is the IKE protocol used?

Posted Date: 2/16/2013 4:38:12 AM | Location : United States

Ask an Expert

Related Discussions:- Compute the hash - part of the packet, Assignment Help, Ask Question on Compute the hash - part of the packet, Get Answer, Expert's Help, Compute the hash - part of the packet Discussions

Write discussion on Compute the hash - part of the packet
Your posts are moderated

Write your message here..

Related Questions

What are the major technologies to create client application, What are the ... What are the five major technologies that can be used to create Client/Server applications? Database Servers Groupware TP Monitors Distributed Objects Intranets.

Hierarchical addressing and routing, The steps of forwarding the packets of... The steps of forwarding the packets of information is known routing. The information about receivers is saved in routing tables. Note that several entries have same next hop. It is

Explain how the LAN model be developed, Explain how the lan model be develo... Explain how the lan model be developed The LAN model can be developed incrementally. If LAN is just a long cable. it cannot be brought down by single failure (if servers are re

Write down short note on frame-relay dlci, DLCI- Data Link Connection Iden... DLCI- Data Link Connection Identifier. A frame-relay service provider usually assigns DLCI values that are used by frame-relay to distinguish among different virtual circuits on th

Explain the term- bits and bitmap, Explain teh term- Bits and Bitmap ... Explain teh term- Bits and Bitmap Many tiny dots, which are put together to make a picture. Bits are combined to make a graphic image called a bitmap. GIF and JPEG files are

Explain the lan topologies, LAN Topologies The term topology explains t... LAN Topologies The term topology explains the geographic arrangement of networking devices. It explains the actual layout of the network hardware. Given the location of worksta

Explain fddi media, FDDI Media FDDI signifies a 100 Mbps token-passing ... FDDI Media FDDI signifies a 100 Mbps token-passing dual-ring LAN that uses a fiber-optic transmission medium. Even though it operates at faster speeds FDDI is similar to Tok

Set cookies 1178345 - application layer, Set Cookies 1178345 When  Hus... Set Cookies 1178345 When  Hussan  browser receives  the HTTP response  message it sees the set cookies header. The  browser then appends  a line to the special cookie file  th

What is the meaning of p-persistent, What is the meaning of P-persistent ... What is the meaning of P-persistent If the medium is idle, transmit with probability p, and delay one time unit with probability (1 - p); if the medium is busy, continue to lis

What is quantum computing, In quantum computing, we use the method of qubit... In quantum computing, we use the method of qubits, superposition and coherence. A normal bit can be in only two states - 0 and 1. But a qubit it can be in 0, 1, or in the superposi