《計算機網絡 自頂向下方法》（第7版）答案（第八章）（四）

P16

This wouldn’t really solve the problem. Just as Bob
thinks (incorrectly) that he is authenticating Alice in the first half of
Figure 7.14, so too can Trudy fool Alice into thinking (incorrectly) that she
is authenticating Bob. The root of the
problem that neither Bob nor Alice can tell is the public key they are getting
is indeed the public key of Alice of Bob.

P17

P18

a) No, without a public-private key pair or a
pre-shared secret, Bob cannot verify that Alice created the message.

b) Yes, Alice simply encrypts the message with Bob’s
public key and sends the encrypted message to Bob.

P19

a) client
b) IP:216.75.194.220,port:443
c) 283
d) 3 SSL records
e) 包含了一個加密的主密鑰
f) first byte:bc,last byte:29
g) 6
h) 🐴

P20

Again we suppose that SSL does not provide sequence numbers. Suppose that
Trudy, a woman-in-the-middle, deletes a TCP segment. So that Bob doesn’t
anything, Trudy needs to also adjust the sequence numbers in the subsequent
packets sent from Alice to Bob, and the acknowledgment numbers sent from Bob to Alice. The result will be that Bob will, unknowingly, be missing a packet’s
worth of bytes in the byte stream.

P21

No, the bogus packet will fail the integrity check (which uses a shared MAC key).