Review Videos for Lecture 19: TCP + TLS

Best Effort Delivery

TCP Bytestreams


TCP Sequence Numbers

TCP Handshake


TCP RST Injection

TCP Data Injection

What obstacles does an on-path attacker need to overcome to inject data into a TCP connection?

TCP Off-path Attacks

In a blind spoofing attack, does the off-path attacker need to guess the sequence number or the acknowledgement number when sending the ACK part of the handshake?

Summary of TCP Security Issues

Intro to TLS

(True/False) TLS sits on top of UDP

TLS on the Web

(True/False) You use TLS when you visit


In RSA TLS, which party generates the Premaster Secret? How is it sent to the other party?

Ephemeral Diffie Hellman TLS

(True/False) In DH TLS, one party could force the Premaster Key to be a specific value

DH vs. RSA TLS and Forward Secrecy

(True/False) RSA TLS can be made to have forward secrecy by making sure to pick a new Premaster Secret on each handshake


(True/False) Even if an attacker is a MiTM, they can't fake a valid certificate