7. Security and SSL Flashcards
What layer is security implemented at?
Transport
What are the desirable properties of secure communication? (7)
- MANAREC
- confidentialilty, only the sender and intended receiver sould be able to understand the message
- anonymity, only the sender and the receiver know of the existence of the message
- authentication, both parties are who they say they are
- message integrity, arrives unmodified
- non-repudiation, the sender cannot deny they sent the message
- replay protection, the message cannot be copied and reused
- efficiency, must be feasible for specfic types of device
What does SSL provide?
confidentiality, integrity and authentication
What is a man-in-the-middle attack?
The act of maliciously inserting messages into a connection.
Describe private key (symmetric) encryption, and it’s drawbacks.
Both Alice and Bob have a secret key that they use to encrypt and decrypt the data they send to each other. The drawbacks are that you need to find a way to securely share this key in the first place, otherwise the whole thing is pointless. Sucks with many-to-many connections because you have to share more keys. There’s no way of telling who a message came from.
Describe public key (asymmetic) encryption, and it’s drawbacks.
Sender has a public key which is known to all and distributed, and a private key which only they know. Messages encrypted with the public key can only be decrypted by the private key, and vice versa. Can be used to verify who sent the message, because only they have their private key. Drawback - computationally expensive, so slower.
What is a session key? Why use it?
Bob and Alice use public key cryptography to enchange a symmetric key, Ks. They use Ks for a session, then throw it away when they’re done. Allows for the speed of symmetric and the security of public.
What is the purpose of a hash algorithm/function?
It is very difficult to work out what the message is if you know the hash digest, even if you know the function. Very difficult to create a different message with the same hash digest too. Used to ensure integrity of a message.
What is the purpose of a nonce?
Defending against a playback attack. Send a nonce with the message that is only good for one interaction.
Describe digital signatures.
A cryptographic technique analogous to hand-written signatures. Sender signs document, establishing he is the owner/creator. Verifiable and nonforgeable. Uses public key cryptography. Provides non-repudiation.
What is the role of a Certification Authority?
Binds a public key to an entity. (Person, router…). Entity E provides proof of indentity to CA, CA creates certifcate binding E to it’s key. Signed by CA.
Describe the SSL handshake process.
- Client sends list of supported algorithms and a nonce
- Server choses an algorithm, sends back choice + certificate + server nonce
- client verifies cert, extracts server’s public key, generates secret, encrypts it with server’s public key, sends
- both parties indepenently compute encryption and mac keys from secret and nonces
- client sends a mac of the handshake messages
- server sends a mac of the handshake messages
steps 5 and 6 prevent MITM deleting stronger algorithms from the list.
purpose:
- server authentication
- negotiation: agree on crypto algorithms
- establish keys
- client authentication (optional)
What’s the problem with CAs?
Any CA can sign certificates for any domain. Users are under the impression they are using HTTPS if they are accessing the second version of the website.