2.8 - Importance of Physical Security Controls Flashcards

1
Q

Cryptography

A
  • Derives from Greek: “Kryptos” means hidden, secret
  • Provides Confidentiality (secret)
  • Provides authentication and access control (I know it’s you. I REALLY know it’s you)
  • Provides non-repudiation (You said it, you can’t deny it)
  • Provides integrity (tamper-proof, can verify that email / file wasn’t changed since it was sent)
  • traditionally, Power cryptography has traditionally required strength
  • a powerful CPU and lots of time
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Plaintext

A
  • Unencrypted message you start with
  • “in the clear”
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Ciphertext

A
  • An encrypted message
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Cipher

A
  • The algorithm used to encrypt and / or decrypt
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Cryptanalysis

A
  • The art of cracking encryption that already exists
  • Finding vulnerable ciphers is an important part of security
  • A mathematically flawed cipher is bad for everyone
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Keys

A
  • This is the part that is not known, adds the key to the cypher to encrypt
  • this is the part that is unknown
  • sometimes using multiple keys creates more protection
  • larger keys are generally more secure
  • Often ciphers are publicly available for anyone to read
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Weak keys

A
  • Always want to use a large encryption key, but sometimes you can’t. So make smaller, weaker keys stronger by performing multiple processes
  • Ex: key stretching / strengthening
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Key stretching / Strengthening

A
  • When you hash a password and then has the hash of the password, etc..
  • A way to make weak keys work
  • makes it difficult for hacker to brute forces (they have to brute force each hash, even though key is small)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Key stretching libraries

A
  • Already built for your application, no additional programming required
  • Ex: bcrypt, PBKDF2
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

bcrypt

A
  • An example of a key stretching library
  • Generates hashes from passwords, an extension of the UNIX crypt library
  • Uses Blowfish cipher to perform multiple rounds of hashing
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

PBKDF2

A
  • Password-Based Key Derivation Function 2
  • Another example of a key stretching library
  • Part of RSA public key cryptography standards (PKCS #5, RFC 2898)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Lightweight cryptography

A
  • Cryptography that doesn’t require a lot of power
  • driven by IoTs, which have limited power (and NIST)
  • Both watts and CPU
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

NIST

A
  • National Institute of Standards and Technology
  • Leading the effort on lightweight cryptography
  • Provide powerful encryption, with the least amount of power
  • Include integrity features
  • keep costs low
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

HE

A
  • Homomorphic Encryption
  • Allows you to perform calculations while the data is encrypted (and save the data while encrypted) Never have to unencrypt it
  • Perform the work directly on the encrypted data
  • The decrypted data can only be viewed with the private key
  • Advantages, esp. in the cloud, allows people to perform actions and get research data without ever having access to original data source
  • Usually, encrypted data is difficult to work with (usually need to decrypt, then perform function, then re-encrypt)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Symmetric Encryption

A
  • A single, shared key
  • encrypt with the key
  • decrypt with the same key
  • if it gets out, you’ll need another key (and re-do encryption)
  • aka “Secret key algorithm” (b/c it’s a shared secret based on the one key)
  • doesn’t scale well (how do you share a key with others, when you don’t currently have a way to share the information.) Picture a person carrying a key in a briefcase, you can’t share it until you get to your destination
  • can’t encrypt it to share it, so you to find other ways to share the key
  • but it’s very fast to use and involves less overhead than asymmetric encryption (often combined with asymmetric encryption)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Secret Key algorithm

A
  • aka symmetric encryption
  • (b/c it’s a shared secret based on the one key)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Asymmetric encryption

A
  • 2 (or more) mathematically related keys
  • Public and Private key
  • Private key (only you have access to it, keep it private)
  • Public key )anyone can see this key, you can give it away)
  • anyone who wants to encrypt information and send it to you needs this public key
  • The only way to decrypt the key is to use the private key
  • You can do it in reverse too, encrypt with private key and only ppl with public key can decrypt (ex: digital signature)
  • You can’t derive the private key from the public key (although mathematically related)
  • aka “Public key encryption”
  • downside: uses very large numbers and is expensive to run
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Public key encryption

A
  • aka symmetric key encryption
  • b/c there is a public key
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

The key pair process

A
  • In asymmetric cryptography, build the keys at the same time
  • larger random numbers are used as input, then run through key generation program
  • two keys are output, one is chosen as private and one is chosen as public
  • Bob has plain text message, gets Alice’s public key, which then converts the message into cipher text, allice receives cipher text message and applies her private text and then she can see the plain text original message
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Ways to get a public key

A
  • Can request it from the user
  • Go to a public key server
  • See if they have posted their key on a website
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Symmetric key from Asymmetric keys

A
  • Gets around the problem of not being able to share a symmetric key
  • Use public / private key cryptography (asymmetric) to create a symmetric key
  • Ex: Bob and Alice both have asymmetric encryption (combine your private key with someone else’s public key to create a symmetric key). So Bob and Alice end up with the same symmetric key for (symmetric cryptography)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

ECC

A
  • Elliptic Curve Cryptography
  • Asymmetric encryption
  • Use curves instead of numbers!
  • uses smaller keys than non-ECC asymmetric encryption
  • smaller storage and transmission requirements
  • perfect for mobile devices and IoT
  • traditional asymmetric encryption needs large integers composted of two or more prime factors
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Hash

A
  • Represents data as a short string of text
  • Takes an input of any size (string, file) and creates a fixed size string, message digest, checksum
  • aka message digest (a fingerprint)
  • one-way trip, impossible to recover the original message from the digest (used to store passwords / confidentiality)
  • Often used to provide integrity (verify a downloaded document is still the same as the original)
  • ## Ex: compare a downloaded file, run it through the hashed algorithm and see if matches the original
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Digital Signatures

A
  • Hashing combines with encryption to create digital signatures
  • Provides Authentication (tells us where data came from)
  • Provides Non-Repudiation (tie it back to a specific person)
  • Provides Integrity (same as original, no tampering)
  • Hopefully won’t have a collision (meaning different messages should never have the same hash)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Collision

A
  • When 2 different messages provide the same hash
  • Not good
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

SHA256

A
  • The SHA256 hash algorithm
  • takes 256 bits (hashing algorithem) / 64 hexadecimal characters (number of characters it spits out)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

MD5

A
  • Hashing algorithm that has a collision problem
  • Found in 1996, don’t use MD5
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Salt

A
  • Random data added to a password when hashing
  • Ex: good if you’re storing passwords where users happen to be using the same passwords (they would have the same hash), to combat this, we add salt (allows us to add randomization, so you couldn’t identify same passwords from the same salt)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Rainbow tables

A
  • Precomputed hash tables
  • used by attackers to see if there are similar hashes
  • adding salt helps prevents how useful a rainbow table is (although attacker could still brute force the process, it would be much slower since the same passwords wouldn’t jump out in the rainbow table)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Digital Signatures

A
  • Prove the message was not changed
  • Provides integrity
  • Provides non-repudiation (not fake)
  • Signed with private key ( so the message doesn’t need to be encrypted b/c nobody else can sign it)
  • Verified with the public key (any change in the message will invalidate the signature)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Creating a digital signature

A
  • Alice wants to send bob a message that bob knows came from Alice
  • Alice sends a plain text message that goes through a hashing algorithm, Alice will encrypt the hashed message with her private key = a digital signature (attach it to original plain text) and send it to bob. Bob gets the plain text message with the digital signature
  • Bob will then reverse the process to verify the legitimacy of the document: he’ll use Alice’s public key to decrypt her public key, he gets the hash of the plaintext, then he performs the same hashing algorithm to see if he ends up with the same hash of the plaintext
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Cryptographic proces

A
  • Interesting b/c it’s used to protect the data but the process used to protect the data is well known
  • The algorithm is usually a known entity
  • The only thing you don’t know is the key (that’s why you have to keep it private)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Brute force attacks

A
  • Make larger keys more secure since it takes longer time to perform the attack
34
Q

Key size

A
  • Symmetric encryption (128bit or larger is common). These numbers will get larger as time goes on and computing capabilities increase
  • Asymmetric encryption (3,072 bits or larger is common), much larger than symmetric, complex calculations of prime numbers
35
Q

Key exchange

A
  • A logistical challenge, how do you transfer a key over a medium that is essentially insecure (without an encryption key)
  • Ways around this:
  • Out-of-Band key exchange
  • In-band key exchange
36
Q

Out-of-band

A
  • A type of key exchange
  • Don’t send the symmetric key over the internet
  • use a telephone, courier, in person etc.
  • not very convenient
37
Q

In-band

A
  • A type of key exchange
  • It’s on the network (more convenient than out-of-band)
  • Protect the key with additional encryption
  • Use asymmetric encryption to deliver a symmetric key
38
Q

Real time encryption / decryption

A
  • Ex: share a symmetric key using asymmetric encryption: (using a session key)
  • Client encrypts a random symmetric key with a server’s public key, the server decryptes this shared key and uses it to encrypt data, this is the session key
  • Implement session keys very carefully (they need to be changed often ( ephemeral) and need to be unpredictable)
  • or Diffie Hellman key exchange
39
Q

Session Keys

A
  • Used only during the session, not permanent
  • aka Ephemeral
  • need to be unpredictable
40
Q

Diffie-Hellman Ephemeral example

A
  • A type of key exchange for symmetric keys using asymmetric keys
  • The session keys aren’t kept around
  • Have a private key for each user (bob and Alice), use the public key from the other side, and both sides would combine these to create a symmetric key (and on each side the symmetric key turns out to be identical)
  • Bob and Alice can use the same key without ever having sent the key to each other
  • Could create a vulnerability (if someone gets access to your public key, b/c the symmetric key doesn’t change)
  • an example of PFS
41
Q

Webserver encryption vulnerability (SSL/TLS)

A
  • SSL/ TLS uses encryption keys to protect web server communication, traditionally, this is based on web server’s RSA key pair, one key encrypts all symmetric keys
  • This server’s private key can rebuild everything, if you capture all the traffic and get the private key, you can see all the server’s traffic = one point of failure for all your website encryption
  • Need some other way to provide encryption (see PFS - Perfect Forward Secrecy )
42
Q

PFS

A
  • Perfect Forward Secrecy
  • Changes the encryption process, so you’re not using the same private key every time to transfer symmetric key across the network
  • uses the Elliptic curve (or Diffie-Hellman ephemeral) - the sessions aren’t kept around
  • Changes the method for key exchange
  • Don’t use the server’s private RSA key
  • combats the webserver vulnerability with symmetric keys
  • ECDHE
43
Q

ECDHE

A
  • Elliptic Curve or Diffie-Hellman Ephemeral
  • Each session will have different set of ephemeral keys
  • public / private keys are created on the fly for each session
  • requires more computing power
  • also need to make sure browsers can support PFS, most modern browsers do
44
Q

Obfuscation

A
  • The process of making something unclear
  • not impossible to understand, but a lot more difficult
  • Commonly done with source code as a layer of protection
45
Q

Steganography

A
  • Hide information inside of an image
  • Doesn’t necessarily make it more secure, but makes it harder to know that the information is there
  • Another type of Obfuscation
  • Comes from the Greek for “concealed writing”
  • “security through obscurity” b/c it’s not truly a secure method
  • message is invisible to human eye but it’s there
46
Q

Covertext

A
  • The container document or file for a Steganography image
47
Q

Steganography tools

A
  • A number available online to create the image and then others can extract images online
  • ex: Network based, image based, water marks, audio files, video files
48
Q

Network based Steganography

A
  • Embed messages in TCP packets
  • You can then collect bits on other sides and then put together on the other side
49
Q

Image based Steganography

A
  • Embed the message in the image itself
50
Q

Water mark based Steganography

A
  • Invisible watermarks
51
Q

Audio file Steganography

A
  • modify the digital audio file
  • interlace a secret message within the audio (similar technique to image steganography)
52
Q

Video Steganography

A
  • A sequence of images, use image steganography on a a larger scale
  • Manage the signal or noise ratio
  • potentially transfer much more information
53
Q

Quantum Computing

A
  • Based on quantum physics (not classic physics, which is based on 0s, and 1s)
  • New computing technology
  • This is not an upgrade to your existing computer, rather a different type of computing used along side existing computers
  • scalability provides biggest potential in quantum computing
  • potential areas for huge impacts: medical advances, weather prediction, astrophysics, etc.
54
Q

Classical Mechanics

A
  • Uses bits, 0s and 1s
  • smallest form of information, apply algorithms to come up with solutions to problems
55
Q

Quantum Mechanics

A
  • Smallest form of information is a qubit (bits are zeros, ones and any combination in between, at the same time)
  • essentially a zero and a one at the same time (adds complexity)
  • Quantum superposition
56
Q

Binary calculations (Classic vs Quantum)

A
  • Ex: 4 different bits (0, 0, 0, 0) if you create all possibilities of zeros and ones, you get 16 bits (2^4).
  • In quantum computing you can represent these 16 bit possibilities with 4 qubits (b/c all are both zero and one simultaneously)
  • Quantum computing can be scaled very quickly (ex: 8 qubits = 256 values at once and 16 qubits = 65,536 values at once and 32 qubits = 4,294,967,296 values at once )
57
Q

Post-Quantum Cryptography

A
  • Time for updated cryptography
  • ex: NTRU
  • Quantum computing would breaks our existing encryption mechanisms
  • quickly factor large prime numbers
  • This would cause significant issues, none of the existing cryptography could be trusted, no financial transactions would be safe, no data would be private
58
Q

Shor’s algorithm

A
  • Invented by Peter Short in 1994
  • Given an integer of N, find its prime numbers
  • figured out a way you could greatly shorten the process of finding prime numbers
  • Traditional computers would take longer than the lifetime of the universe
  • Shor’s algorithm would be much faster theoretically
59
Q

NTRU

A
  • A crypto system using lattice theory
  • Relies on the “closest-vector” problem (instead of large prime numbers), this is still a difficult problem for quantum computing and could provide a viable option for encryption in quantum computers
  • Instead of finding the prime factorizations of large numbers
60
Q

Quantum Communication

A
  • Protect against eaves dropping by using quantum cryptography
  • If you examine quantum bits, you are effectively changing them, provides opportunity for QKD (Quantum Key Distribution)
61
Q

QKD

A
  • Quantum Key Distribution
  • Allows us to send encryption keys to the other side without the worry that someone will intercept it
  • Sends qubits across quantum network challenge and if they’re identical then they would verify
  • if someone tried to view the keys, they would change and then the two keys wouldn’t verify
62
Q

Stream cipher

A
  • Encryption is done one bit or byte at a time
  • high speed, low hardware complexity
  • often used with symmetric encryption
  • not commonly used with asymmetric (b/c of overheard and additional time asymmetric encryption takes)
  • Issues: you don’t know what’s coming down the stream until you get to that byte, which can make randomization a challenge
  • The starting state should never be the same twice, key is often combined with an initialization vector
63
Q

Block cipher

A
  • Encrypting a fixed length block of text at a time
  • often 64- bit or 128 - bit blocks are usually the block sizes used
  • and if input doesn’t match one of these lengths, then it’ll pad shorter blocks
  • Each block is encrypted / decrypted independently
  • also commonly use symmetric encryption (similar to stream encryption)
  • Block size, will begin by splitting it into smaller blocks
64
Q

IV

A
  • Initialization vector
  • added to encryption process to create more randomization
  • ex: if in a stream cipher you had two bytes that were the same, they could theoretically started at the same starting state, which is why you’d want to combine with an IV
65
Q

Modes of operation

A
  • Block cipher uses these to avoid patterns in the encryption, many different modes to choose from
  • Each mode will have one fixed- length group of bits at a time (a block)
  • The mode of operation will define the method of encryption, may provide authentication
    ex: ECB (Electronic Codebook - not recommended), CBC (Cypher Block chaining)
66
Q

ECB

A
  • Electronic Codebook
  • Use single encryption key and perform same encryption for every block
  • each block is encrypted in the same way
  • if there is no randomization or salt, sometimes you could end up with something not too different
  • therefore it’s usually not the best option to choose
67
Q

CBC

A
  • Cypher Block Chaining
  • a popular mode of operation, relatively easy to implement
  • Each plaintext block is XORed with the previous ciphertext block (meaning different set of input / output to add randomization)
  • Adds additional randomization, use an initialization for the first block
  • Use an IV f(which is inserted before the encryption) on the first block (adds randomization that ECB doesn’t have), then for the next block the resulting ciphertext from the first block becomes the IV for the second block
68
Q

XOR

A
  • Exclusive Or
  • if you input two bits that are identical you get a 0
  • if you input two blocks that are different you get a 1
  • adds some randomization to final results
69
Q

CTR

A
  • Counter mode
  • uses incremental counter to add randomization to process
  • Block cipher mode / acts like a stream cipher (encrypts successive values of a “counter”)
  • Plaintext can be any size, since it’s part of the XOR (ie 8 bits at a time (streaming) instead of a 128-bit block
  • Instead of using the cipher result in the next step (like CBC), you’ll increment the counter and perform the cipher encryption again
70
Q

GCM

A
  • Galois / Counter Mode
  • Combines counter mode with authentication
  • authentication is part of the block mode
  • Minimum latency, minimum operation overhead
  • very efficient encryption and authentication
  • Commonly used in Wireless connectivity, wireless, IPSec, SSH, TLS
71
Q

Blockchain

A
  • A distributed ledger
  • A way to keep track of transactions
  • many people can participate so there can be distribution across multiple devices
  • so a lot of checks and balances and everyone can see what’s happening on the block chain
  • many practical applications: digital identification, supply chain monitoring, digital voting
72
Q

The Blockchain process

A
  • Step 1 - transaction requested (transaction could be any digital transaction, transferring Bitcoins, medical records, data backups, house title info, etc)
  • Step 2 - before transaction is verified, a copy is sent to every computer (or node) in a decentralized network to be verified
  • Step 3 - once transaction is verified, it’s added into a block of data containing other recently verified transactions (this allows many transactions to be processed at the same time)
  • Step 4 - To provide integrity, use a hashing function, to add a hash to the block, so if block is modified, you can know
  • Step 5 - The block is added to the end of the blockchain which is then updated all nodes in the network for security and the transaction is complete
  • If any node (computer) wants to make changes to an already verified block for a dubious reason, the hash will signal to all other nodes that something has been modified. (an altered chain will be rejected by the rest of the network and will be rejected)
  • every block chain technologies has different nuances that distinguish it
73
Q

Cryptography use cases summary

A
  • Confidentiality - secrecy, privacy (file-level, drive-level, email)
  • Integrity - prevent data modification - validate the contents with hashes (file downloads, password storage)
  • Obfuscation - Modern malware (encrypted data hides the active malware code, decryption occurs during execution) - can get around anti-virus
  • Authentication - password hashing, protect original password, might add salt or randomization
  • non-repudiation - combine authentication with asymmetric encryption (allows us to confirm that info from someone really is from them, usually a digital signature (and data wasn’t modified)
74
Q

Limitations of Cryptography

A
  • Cryptography isn’t a perfect solution, can have significant limitations
  • Not all implementations are the same, different platforms, different cryptographic options
  • Cryptography can’t fix bad technique (ex: if you apply hashing to passwords without salt, hashing can be easily guessed)
  • Every situation is different, do your homework
  • Ex: Speed, Size, Weak keys, Time, Longevity, Predictability and Entropy , key reuse, resource vs. security constraints
75
Q

Speed limitation Cryptography

A
  • Cryptography uses overhead
  • Need to make sure CPU can handle it and have enough power to handle
  • More involved encyprtion increases load
76
Q

Size limitation Cryptography

A
  • Typical block ciphers don’t increase the size of encrypted data
  • However, remember that AES block size is 128 bits / 16 bytes so if you’re encrypting only 8 bytes you would potentially double the storage size
77
Q

Weak Keys limitation Cryptography

A
  • Smaller encryption keys are generally weaker than larger ones (easier to brute force)
  • Ex: the weak IV (initialization variable) in RC4 created security issues in WEP
78
Q

Time limitation Cryptography

A
  • Encryption / hashing takes time
  • larger files take longer
  • Asymmetric is slower than symmetric
79
Q

Longevity limitation cryptography

A
  • A specific cryptographic technology becomes less secure over time as CPUs get bigger and brute force becomes easier
  • Smaller keys are easier to brute force, larger keys take longer to process
  • key retirement is a good best practice
  • Ex: When DES was released in 1977 it was considered very secure, but 22 years later, it was brute forced in 22 hours
80
Q

Predictability Limitation Cryptography

A
  • Cryptography relies on randomization
  • Hardware random number generators can be predictable
  • a passphrase needs to be appropriately random
  • Ex: Cloudflare has wall of lava lamps which provides basis for randomization
81
Q

Key reuse limitation Cryptography

A
  • Reusing the same key reduces complexity (less cost and effort to rectify keys, less administrative overhead)
  • But if key is comprised everything with that key is at risk
    0 IoT devices often have keys embedded in the firmware
82
Q

Resources vs security constraints

A
  • IoT devices have limited CPU, memory and power
  • Real-time applications (antilock brakes) can’t delay and often don’t have time for encryption
  • need to find happy medium b/n functionality and security
  • difficult to maintain and update security components