Certificates and KTP's Flashcards

1
Q

With certificates, explain RA

A

Registration Authority, verifies peronal data, accepts, registers and contact with client

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

With certificates, explain CA

A

Certification Authority, Generation, management and distribution of PK-certificates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the biggest threads for key exchange protocols based on static symmetric keys?

A

Static keys (often) require a TTP, but no information should be exposed to this party. It also requires all parties to maintain long term keys
Furthermore:
* Replay attack
* Man in the middle

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What principle is key transport based on?

A

Public key system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What kind of key is sent using key transport?

A

Symmetric key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Explain what the problem is with key transport? (using version 1)

A

Bob is unsure about the validity of the source claim.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Explain what the problem is with key transport? (using version 2)

A

Because Alice sents the two message-parts uncorrelated, Eve can replace the second message with her own, making Bob believe that the message was fake/bad.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Explain what the problem is with key transport? (using version 3)

A

Replay attack
(this is a problem in all versions)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Explain what Forward Secrecy is.

A

A system is said to have forward secrecy if compromising of a long-term
private key (in the future) does not compromise the security of communications made using that key in the past.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Explain DH key exchange.

A

Both parties choose a,b from Z/qZ respectively. Then they exchange g^a and g^b using public value g. Then the agreed key is** H** (g^ab), which can be computed by both parties but not by outsiders.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Show that DHKE is not protected against mitm attack.

A

Eve will intercept the messages and establish a agreed key with both parties independently. This gives her the power to read everything witout any of the two parties being aware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Explain why signed DHKE is not secure.

A

Man in the middle attack, because we only sign the (partial) key g^a, there is no ID connected to the transfer. Hence Eve can replace the signature with her own, and Bob will believe that eve is trying to set up communication, instead of Alice.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly