Encryption is commonly used to provide data confidentiality in the Internet: when two hosts communicate, other entities in the path between the two hosts cannot read the data being sent. However encryption on its own does not privacy of who is communicating. Although the other entities cannot read the data, they can determine which two hosts are communicating.
Consider a simple view of an Internet path where client C is communicating using IPv4 with server S. There are n routers on the path. Assume a malicious user, who wants to know information about who is communicating and when, has access to one of the routers in the path (router Rm), e.g. they can capture packets on that router. Note Rm is not directly attached to the subnets of C or S.
(a)What information can the malicious user learn about who C and S are? Consider both computer addresses and information that may identify the human user (e.g. names, locations), and explain how the malicious user may obtain that information. [2 marks]
(b)If Network Address Translation (NAT) is used in the subnet for C (but not for S), how does that change your answer to sub-question (a)? [1 mark]
One method for providing privacy in the Internet is using a Virtual Private Network (VPN). Assume client C is using a VPN server which is located on a router in the path between C and S (but not on Rm).
(c)What information can the malicious user learn about who is communicating when C and S communicate via the VPN server? [1 mark]
(d)Potential disadvantages of using a VPN server include: reduced performance between C and S; required to trust the VPN server; and VPN server logs may be requested/accessed (by the malicious user). Explain each of these three potential disadvantages. [3 marks]
Advanced Network Security
|
Page 9 of 10
|
COIT20262
|
Assignment 2
|
Term 1, 2017
|
Onion routing, used in Tor, is another method for providing privacy in the Internet. It is generally consider to provide more privacy than using a VPN. The following sub-questions require you to learn the basics of Tor.
(e)Explain how Tor (or onion routing) works. Use the scenario of C and S as an example. That is, how would C communicate with S if Tor was used instead of a VPN. [2 marks]
(f)What are the advantages of Tor compared to VPN? [1 mark]
(g)What are the disadvantages of Tor computer to VPN? [1 mark]
Marking Scheme
(a)All relevant information listed and explained to receive 2 marks. Missing information or poor explanations: 0 or 1 mark.
(b)1 mark for clear explanation.
(c)1 mark for clear explanation.
(d)1 mark for each disadvantage clearly explained.
(e)2 marks for clear explanation. Missing information or poor explanations: 0 or 1 mark.
(f)1 mark for clear explanation.
(g)1 mark for clear explanation.