465 midterm Flashcards

Question

Complete Mediation

Answer 1

Every access attempt should be checked. Example: Session timeouts.

Answer 2

Security should not rely on secrecy. Example: Open-source cryptography.

Answer 3

Require multiple conditions for access. Example: Multi-factor authentication.

Answer 4

Users get only necessary permissions. Example: Principle of least authority (PoLA).

Answer 5

Reduce shared system resources. Example: Separate user processes.

Answer 6

Security should be user-friendly. Example: Intuitive UI design.

Answer 7

Security measures should be proportionate to the attack difficulty. Example: Strong encryption for sensitive data.

Answer 8

Logging and monitoring to detect breaches. Example: Security cameras, Intrusion Detection Systems (IDS).

Answer 9

A table defining subjects, objects, and their permissions. Example: Each row = user/system, each column = resource.

Answer 10

A list defining which users can access an object and what permissions they have. Example: A file system ACL defines read/write/execute rights.

Answer 11

Assign permissions to roles rather than individuals. Example: Admin role has full access, User role has limited access.

Answer 12

Ensures that a sender cannot deny sending a message. Example: Digital signatures provide nonrepudiation by binding a user’s private key to a message.

Answer 13

Techniques used to link anonymous online activities to an individual. Example: Traffic analysis on Tor networks.

Answer 14

Psychological manipulation to trick users into revealing sensitive information. Example: Pretexting, phishing, baiting.

Answer 15

An attacker intercepts and possibly alters communication between two parties. Example: An attacker intercepting HTTPS traffic by stripping encryption.

Answer 16

An attack that overwhelms a system to make it unavailable. Example: A botnet flooding a web server with excessive traffic.

Answer 17

Adding a unique random value to each password before hashing to prevent precomputed attacks. Example: A user’s password is hashed with a salt so two users with the same password have different hashes.

Answer 18

Prevents unauthorized users from modifying firmware settings before the OS loads. Example: Prevents booting from unauthorized USB devices.

Answer 19

Hibernation files store system memory contents and may contain sensitive data. Example: Encryption keys or passwords could be extracted from a dumped memory file.

Answer 20

Double-DES encrypts with two separate keys (K1, K2): C = E(K2, E(K1, P)) Meet-in-the-Middle attack reduces security from 2^112 to 2^56 by: Encrypting P with all 2^56 possible K1 values, storing intermediate results. Decrypting C with all 2^56 possible K2 values and checking for matches. Since only 2^56 encryptions + 2^56 decryptions are needed, security is not doubled.

Answer 21

Triple-DES avoids the meet-in-the-middle attack by encrypting three times: E(K1, D(K2, E(K1, P))) Since the attack needs to store 2^56 intermediate values, but now there are three independent operations, brute-forcing remains at 2^112, making it significantly harder to break than Double-DES.

Answer 22

Each block is encrypted independently: C_i = E(K, P_i) Identical plaintext blocks produce identical ciphertext blocks, making patterns visible. Weakness: Doesn't provide diffusion, making it vulnerable to pattern analysis (e.g., encrypted images reveal structure).

Answer 23

Uses an IV (Initialization Vector) and XORs previous ciphertext block with plaintext before encryption: C_i = E(K, P_i ⊕ C_(i-1)) Weakness: Susceptible to bit-flipping attacks—modifying ciphertext bits affects plaintext predictably after decryption.

Answer 24

Uses an IV and encrypts it iteratively to generate a keystream: S_i = E(K, S_(i-1)) C_i = P_i ⊕ S_i Weakness: Since encryption depends only on the key and IV, if IV is reused, the keystream is the same, making it vulnerable to plaintext recovery.

Answer 25

Uses a counter value instead of chaining: C_i = P_i ⊕ E(K, Counter_i) Weakness: If the same counter and key are reused, the ciphertexts can be XORed together to reveal plaintext.

Answer 26

If a hash function has N = 2^n outputs, collisions happen at sqrt(N)=2^(n/2) rate

Answer 27

Given a specific key X, it's infeasible to find a X' where they hash to the same

Answer 28

It's infeasible to find any X and X' where they hash to the same value

Answer 29

Stores the addresses of library functions, lazy so only resolves when first called

Answer 30

Overwriting a GOT entry lets us redirect to malicious code

Answer 31

Replace a library function with a custom shared library to run instead

Answer 32

DAC: Users control file permissions

Answer 33

Uses UGO model (user, group, other), each FILE has read, write, execute permissions for each of those

Answer 34

Access control lists used in linux, we can grant fine-grained permission to specific users

Answer 35

Root has full control, sudo lets non-root run as root

Answer 36

Uses access control lists for everything, can use role-based in some scenarios

Answer 37

Each file and object has a ACL, explicit allow/deny rules

Answer 38

Uses ACLs to define our granular permissions, like read/write/modify/execute

Answer 39

Child objects inherit permission from their parent directories

Answer 40

chmod, u+rwx,g+rwx,o+rwx file.text

Answer 41

u+s lets you run with file owner privileges, g+s lets you run with group priveleges/make files inherit group, if misconfigured allows for escalation

Answer 42

File inherits permissions from DESTINATION not original file, also same if you move a file between different volumes

Answer 43

Ensures only the owner can delete/rename even if world-writeable, stops meddling in shared dirs

Answer 44

When we pass our int-max we overflow into int-min

Answer 45

Most significant bit is the sign bit, 01111111 (127)+1=10000000 which is -128

Answer 46

printf can allow us to use %x to read memory addresses, %n to write to memory if we forget to explicitly include our format strings.

Answer 47

Shift forward by fixed secret key n spaces.

Answer 48

Shift by all 25 possible shifts, or frequency analysis if we reuse keys

Answer 49

Fixed mapping for each letter to another letter, for example A->M, B->H, C->P...

Answer 50

Frequency analysis and pattern recognition, notice common letters like words ending in S, one-letter words being A or I, repeating phrases like signatures or common words

Answer 51

Take a word or string of numbers, use that repeated shift. For example we have 3 12 4 1, shift the first letter by 3, second one by 12, third by 4, fourth by 1, fifth by 3 again, and so on

Answer 52

Find the key length via repeated patterns, treat it like a Caesar cipher for each letter mod n

Answer 53

Let us have two plaintexts P1, P2, OTP key K. Encrypt both with K into P1 and P2. Now, if we XOR these together the keys cancel out and we end up with P1 XOR P2, which is usually close enough to allow us to crack it

Answer 54

Encrypt in fixed-size blocks instead of bit-by-bit

Answer 55

56-bit key 64-bit blocks, but brute-forcing is easy since we have relatively few keys and our computers are way better than the 70s

Answer 56

Apply 3 different keys to it but still slower and weaker than AES, plus if we're not careful we can meet-in-the-middle it

Answer 57

128-block, key sizes 128, 192, or 256 bits, brute-forcing currently impossible

Answer 58

1. Pick primes p, q 2. Compute n=p*q 3. Compute phi(n)=(p-1)(q-1) 4. Pick public key e coprime with phi(n) 5. Pick private key d which is equal to e inverse mod phi(n), so d*e is 1 mod phi(n)

Answer 59

Start with message m, public key pair (e,n). Compute m^e mod n to get our encrypted message c. Decrypt with private key pair (d,n), take c^d mod n to get m.

Answer 60

n*(1-1/p1)*(1-1/p2)(1-1/p3) and so on. For example, if we have 2^5*3^7*5^2, we take 2^5*3^7*5^2*(1-1/2)*(1-1/3)*(1-1/5) which equals 2^5*1/2*3^7*2/3*5^2*4/5 = 2^5*3^6*5*4=2^7*3^6*5=466560

Answer 61

Agree on prime p and base g Alice picks secret A, sends g^A mod p to Bob Bob picks secret B, sends g^B mod p to Alice Alice computes (g^B mod p)^A = g^(BA) mod p Bob computes (g^A mod p)^B = g^(AB) mod p If they're equal we've done it

Answer 62

If a, n coprime, then a^phi(n) mod n is 1. Therefore, a^x mod n is equal to a^(x mod phi(n)) mod n. Example: 3^111 mod 11, phi(11)=11-1=10, so 3^10 mod 11 is 3^0=1. Now, 111 mod 10 is 1, so 3^111 mod 11 = 3^1 mod 11 = 3.

Answer 63

A stealthy malware that enables attackers to maintain privileged access to a system while hiding its presence.

Answer 64

A virus attaches to files and needs execution, while a worm spreads independently over networks.

Answer 65

Polymorphic viruses mutate encryption each infection. Metamorphic viruses rewrite their own code.