Chapter 3: Security Engineering Flashcards
5 Symmetric Block Cyphers
EDB, CBC, DES, 3DES, AES last two are bay far most common 3DES very processor intensive
Abstraction
hides unnecessary data from user
access control matrix
a table defining what accesss permission exist between subject and object.
AES
Most common ecryption algorithm
what block cypher does bla bla bla:
AES
default standard for most apps.
AES Finalists
MARSRC6Rijndael - Winner!SerpentTwofishAES has four functions: SubBytes, ShiftRows, MixColumns, and AddRoundKey.
AES winner from 5 finalists
Rijndael was chosen and became aes.
AH
Authentication Header provides Auth and integrity for each packet of network data. provideds dig. signature protects against replay attacks.
Algorithm
a collection of all the math functions can be performed.
block of data goes though a bunch of math functions…
we want confusion…good strong math.
diffusion plain text intesperced with cypher text adds to confusion…
Permutation- rounds of encryption.
Kerkoff… principle
ALU
Algorithmetic logic unit and control unit performs math functions fed by the control unit
Aspects of Asym Cryptography
PAIN
Privacy, Authenticity, Integritiy, Non- Repudiationdd
Privacy = Every - user has a key pair private and public.
the two key’s are mathimatically related..
aka public key cryptography
Authenticity = sender encrypts with private key (random info) like time of day sent.
Integrity - Hashing comapre hashing that no change has happened.
Asymmetric Crypto - Inegrity Examples
MD5, SHA-1, SHA 256
Bell-Lapadula
It is focused on maintaining the confidentiality of objects. Protecting confidentiality means not allowing users at a lower security level to access objects at a higher security level.no read up no write down
*****all about confidentiality protecing gov secrets!
Bibba
Integrity of Information no read down no write up.
“Down Data is Dirty”
worried about integrity
Birthday Attack
Attempt to cause hash collisions.
it is based on the idea that it is easier to find two hashes that happen to match than to produce a specfic hash. “dump luck”
Block Cyphers
Symmetric Encryption encrypt blocks of data each round 56bit for DES, 128,192, 256 for AES
uses:
Confusion: carried out through substitution
Diffusion: is carried out though transpositon
Blowfish & Twofish
Blowfish and Twofish are symmetric block ciphers created by teams led by Bruce Schneier, author of Applied Cryptography. Blowfish uses 32- through 448-bit (the default is 128) keys to encrypt 64 bits of data. Twofish was an AES finalist, encrypting 128-bit blocks using 128- through 256-bit keys. Both are open algorithms, unpatented, and freely available.
Bollard
A security barrier for a car.
Brewer-Nash
aka chinese wall avoid conflict of interest by assigning someone to one item.
burn rating
2 hrs.
Ceasar Cipher
- Simple Substitution
- Shift Characters 3 spaces
- A=D, B=E, C=F, etc
- Substitusion Ciphers are subject to pattern analysis.
Chaining Feedback in Stream Modes called feedback
seeds the previous encrypted block into the next block to be encrypted. This destroys patterns in the resulting ciphertext.
Chosen Ciphertext Attack
An attacker can see whatever they want in palin or ciphertext. They have compromised a workstation. Sometimes called a lunchtime or midnight attack.
chosen plaintext attack
attacker can see the full text excrypted and decrypted. Usually the attacker has initiated the message.
you now have both and can compare them.
Cipher
a crypographic algorithm
Cipher Block Chaining
is a block mode of DES that XOR’s the previous encrypted block of ciphertext to the the next block of plaintext to be encrypted.
Ciphertext Only Attack
Attacker has captured encrypted text on the network. Usually means all the attacker can do it brute force. not very successful
Clark-Wilson
users access object via contrained programs/user interface
enforece well-formed trasactions throught the access triple
Helps to enforce integrity of the data
“keep users out of your stuff or they’ll break it.”
Clipper Chip
encryption in telecom devices skipjack key used went defunct in ‘96
Collision
When two different documents product teh same hash it is called a collision.
Common Asymmetric alorithms 6
“buddy system”
**importamento**
- DSA
- RSA
- ECC (Elipitcal Curve Crypto)
- El Gamal
- Diffie Hellman
- Knapsack
If it ain’t in the list then it is symmetric
Write down before test
RSA and DSA - “the SA bros”
ECC and El Gamal “start with e’s”
DH (Diffie Hellman) and Knapsack - doogie hauser has a knapsack
common criteria
iternationally agreed upon standard for describing and testing security of IT products
Confusion
Good strong math complex math for substitution
CPTED
CPTED (Crime Prevention Through Environmental DesignProvides instruction on direction of the use of:Organizational (People)Mechanical (Technology, hardware)Natural Design (landscaping, natural environment)
CPU Cycles
- Fetch - retrieves instruction from application
- Decode - control unit deciphers teh instruction and directs data from sys memory to ALU
- Execute - control and alu performs the math
- Store - result is stored in memory.
cpu modes
priveledge more level 0
user mode level 3 - non root
Cryptoanalysis
Science of breaking ecrypted messages
Cryptography
Secret Writing - communication that can only be understood by recipient
Cryptology
Science of Secure communications
CSRF
uses session ID
grab session information if you
cross site request fogery
takes advantage of a website’s trust in a user.
DAC
Discretionary Access Control
- Security of an object is as the owner’s discretions
- Access is granted through and ACL (access control list)
- Commonly implemented in commercial products and all client based systemes
- Identity Based
***Microsoft uses this…all about the owner.
linux and unix
Datacenter Location
Not in basement because of floods Not on first floor because of trafficNot on top floor because of fireIdeally on 2nd or 3rd floorShould be located in center of the building to avoid data emanation
CipherText
PlainText +Initialization Vextor + Algorithm(aka Cipher) + Key.
Deluge System
Same as dry pipe but sprinker head is open - releases much water faaaaaaast. no good for data processing environment.
DES Electronic Code Book
does not use an initialization vector or chaining and patterns can be clearly visible in the resulting ciphertext.
Diffie-Hellman
First asymmetric alogrithm
Key agreement allows two parties to securely agree on a symmetric key via a public channel like the internet, with no prior key exchange.
secure key agreements without pre-shared secrets.
we can agree on the 5h number based on the info we already have.
Diffusion
Permutations Rounds
Digital Certificate
x.509 v4 stardard
provides authenticity of a servers public key.
via hash the compare the has
encrypted by the certificate authority.
Digital Signature
Hash + Sender Private key…
standard.guarantee’s non-repuditaion = integ & auth
require PKI
Discrete Algorithm
Discrete logarithms apply logarithms to ((((GROUPS)))), which is a much harder problem to solve. This one-way function is the basis of the Diffie-Hellman and ElGamal asymmetric algorithms. a logarithm is the opposite of exponentiation…much harder to compute.
Door Security
Hinges should be protectedHinges internal to the door provide protection for the hinges while still allowing door to open outwardlyPanic bar allows for quick evacuationKick plate provides cosmetic protection for doorStrike plate—T-shaped component of lock which provides reinforcementIn the event of power failure, electronic doors can:Fail secure: Fails locked. No evacuation. Only in facilities where value of what is being protected exceeds human lifeFail Soft: Opens outward, but door is locked to bar returnFail Safe: Door fails open (easiest to evacuate)On the CISSP exam never choose fail secure . Fail soft/safe is the best choice
DRAM
less expensive uses capacitors can leak charge
requires constant charge
Drawbacks to Symmetric Cryptography
out of band key exchange
not scalable
no authenticity, Integrity or Non-Repudiation
we only get privacy.
ECC
Elliptical Curve Cryptography
Asymmetric
Based on plotting point upon a curve
super fast and efficient..only designed to work with certain enviornments.
eeprom
being able to flash the bios with software.
electromechanical alarms
Most commonRely on a connection being brokenmagnet on door and frame. Alarm sounds if the connection is brokenWeight based systems based on the same concept
Elliptic Curve Algorithm
much stronger per bit than systems using discrete algorithms.
Enigma Machine
Enigma Machine/Purple Machines
used by germans and japs.
add rotors to incrase comlexity.
Exclusive or XOR
Bits are different answer is 1 same answer is 0
Facility Considerations CPTED
Improve Surveillance: Improve visibility and eliminate concealment opportunitiesAccess Control:Actively control traffic, direct visitors, limit accessTerritoriality:Providing the impression of a well-tended building provides a deterrentActivity Support:Ensure all areas of the facility are occupied at least occasionally. Use activities like meetings, luncheons to populate these area
Fail Soft
door works as normal allows people out not in.
Fencing
Controls entrance accessCan be costly and unsightlyHeights provide degrees of protection3-4 feet – deters casual trespassers 5-7 feet – too high to climb easily (preventive)8 feet with 3 strands of barbed wire – (preventive) Will discourage all but the most determined intruder
Firmware
PROM (Programmable Read-Only Memory) can be written to once, typically at the factory. EPROM (Erasable Programmable Read-Only Memory) and EEPROM (Electrically Erasable Programmable Read-Only Memory) may be “flashed,” or erased and written to multiple times.
Goals in Protecting Property
Most important goal is to protect life, property and operations
halon
halon good fatal to people though…
HASH
one way math = for integritiyhash on both sides sender/receiver to ensure integrity
assurance it hasn’t been corrupted.
all hash are fixed length..
Hash Collision
two pieces of text/documents create the same hash
HASH MAC
Message agreed upon symmetric key + agreed upon hash never truly as good as dig sig. with it true non repudiation reasonalble assurance of authenticity without the overhead of a PKI
Hashing Algorithms 3 main- know bit lengths 4 less known
MD5 128 bits
SHA1 160 bits
SHA -256
Less common:RipeMD, Tiger, Whirlpool Haval
one way math..
Haval
hash of various length uses principles of md5…
How many ways are Hashes
One- Way
Humidity
Humidity should be around 50%Too high causes condensation/rustToo low causes ESD (Electro static discharge aka static electricity
hypervisor
key to virtualization security it is the traffic cop for virtualization
IaaS
linux server hosting
IKE
Internet Key Exchange negotiates the algorithm selection process or the two sides of the ipsec tunnel.
Initialization Vector
Used in some symmetric cyphers to ensure that the first encrypted block of data is random
make sure initial number is random..go from there.
sudo random number
similar to “seed” or a “salt”
International Data Encryption Algorithm
a block cipher designed as an international replacement to DES. The IDEA algorithm is patented in many countries. It uses a 128-bit key and 64-bit block size.
IPsec
An Encapsulation Framework.
tunnel mode and transport mode
Internet Protocol Security is a suite of protocols that provice a cryptographic layer to both IPv4 & 6 IPsec includes 3 primary sub-protocols:
Authentication Header (AH) - runs ICV integrity check value ie hash on the header (doesn’t work with NAT) - non-repudiation
Encapsulating Security Payload (ESP). - you need it for privacy - encryption
Internet Key Exchange (IKE) key management config of security associations and security paramater indexes.
IPSec Sub - Protocols 3
AH - non-repudiation
ESP - Encryption
testable: any indication you need confidentiality you need ESP
IKE - key management for security parameter and associations is the rodey…comes out ahead of the show and sets everything up.
two subs: oakly- diffe hellman
isakamp manages keys, security associations.
IPsec Transport Mode
only the packet is encapsulated.
ESP transport mode only encrypts the data (and not the original headers); this is commonly used when the sending and receiving system can “speak” IPsec natively
IPSec Tunnel Mode
Tunnel mode is used by security gateways (which can provide point-to-point IPsec tunnels). whole packet is encapsulated.
ESP tunnel mode encrypts the entire packet, including the original packet headers. ESP
most secure mode….greater security.
ITSEC
first successful euro evaluation model
Kerkoff Principle
Let the algorithms be open
more people looking at it the better!
Known Key Attack
cryptanalyst knows something about the key
Known Plaintext
A known plaintext attack relies on recovering and analyzing a matching plaintext and ciphertext pair: the goal is to derive the key that was used.
Known PlainText Attack
the attacker has captured cipher text, but also knows what a portion of the message is in plain text (like an automatic signature)
figure out how the key encrypts based on some known data.
Lattice Security Model
upper lower access limits on subject and object.
In a lattice model, there are pairs of elements that have the least upper bound of values and greatest lower bound of values.
External Consistency
Ensures that the data stored in the database is consistent with the real word.
Layered Defense
Outer PerimeterBuilding Grounds and ConstructionIngress/EgressInterior
levels of evaluation EAL
EAL 4 is what most companies go for no total overkill
Linear crytanalysis
cryptanalyst finds large amounts of plaintext/ciphertext pairs created with the same key. the pairs are studied to derive information about the key.
MAC
Higher Security
heart and sould is label.
- Data owners cannot grant access
- OS makes teh decision based on a security label system
- Subject label must cominate the object label.
- Rules for access are configured by the security officer and enforced by the OS.
Labels are written in stone
Gov. Organiztions use…ie confidential label.
MAC - Cryptography
Message Authentication Code - less overhead than PKI Integrity and reasonable authenticity.
Hash Messaged and Shared Symetric Key with is a HMAC has mac…have symmetric key issues…got to share it…
Message + Symmetric (shared) key + hashing algorithm = HMAC
*does not provide true authenticity*
masking
mask out inportant data.
MD5
128bit hash not secure replaced by MD6
Meet in the middle attack
A known plaintext attack relies on recovering and analyzing a matching plaintext and ciphertext pair: the goal is to derive the key that was used.
Meet in the middle attack
these attacks are targeted towards algorithms like 3des where there are muliple keys. an attacker tries to learn what each key does individually.
monoalphabetic cipher
uses one alphabet: a specific letter (like “E”) is substituted for another (like “X”).
Montreal Protocal
got rid of halon cause of ozone.
Most secure windows
polycarbonate
multi - core cpu
for multi threading…
multi programming
did not allow for isolation of individual processes. hard for multiple programs to run at the same time….they had to be written to deal with other programs.
Multi Threading
is the ability to perform more than one thread at a time. is was done via OS but to get true MT. we need mult. processors.
multiprocessing
mult processes on mult cpu’s
multitasking
mult tasking allowed for the true isolation of resources each application was running in its own space and could be isolated.
Nonce
to add uniqueness add randomness trwart replay attack
OCSP
testable :)
Online Certification Status Protocol- streamlines the process of verifying whether or not a cert has been revoked.
One Way Function Factoring Prime Numbers
typical in asymmetric alogrithms example: Factoring prime numbers An example of a one-way function is factoring a composite number into its primes. Multiplying the prime number 6269 by the prime number 7883 results in the composite number 49,418,527. That “way” is quite easy to compute, taking milliseconds on a calculator. Answering the question “which prime number times which prime number equals 49,418,527” is much more difficult. That problem is called factoring, and no shortcut has been found for hundreds of years. This is the basis of the RSA algorithm.
OWASP
The Open Web Application Security Project (OWASP; see http:// www.owasp.org) represents one of the best application security resources. OWASP provides a tremendous number of free resources dedicated to improving organizations’ application security posture. One of their best-known projects is the OWASP Top 10 project, which provides consensus guidance on what are considered ten most significant app risks
PasS
web service hosting
Permutation/Transposition
provides diffusion by rearranging the characters of the plaintext, anagram style. “ATTACKATDAWN” can be rearranged to “CAAKDTANTATW,” for example. Substitution and permutation are often combined.
PGP
pretty good privacy
symmetric block cypher
uses IDEA alogrithm instead of AES
“PGP is a good idea”
PIDAS Fencing
Perimeter Intrusion Detection and Assessment SystemDetects if someone tries to climb a fence or damage the fenceMesh-wire fence with a passive cable vibration sensor that sets off an alarm if detected
pipelining
multiple steps into one unit.
PKI
Public Key Infrastructure
polyaphabetic ciphier
Uses Multiple alphabets.
Polyinstantiation
two different objects that have the same name
multiple instances of an event.
Enter fasle information for sensitive data.
a Big work for lying.. :)
Positive airflow
HVAC Positive Airflow (Contaminants/smoke should flow out, not in)
Power issues terms
Power ExcessSpike: Momentary high voltageSurge: Prolonged high voltagePower DegradationSag: Momentary degradationBrownout: Prolonged degradationPower LossFault: Temporary outageBlackout: Prolonged outage
Pre-Action System
combo of wet and dry pipe
process
from an executable program
RBAC
used to prevent priveledge creep.
based on role of organization…not like the indivuals like DAC.
RC4
Stream Cypher
RC5 & RC6
RC5 and RC6 are symmetric block ciphers by RSA Laboratories. RC5 uses 32- (testing purposes), 64- (replacement for DES), or 128-bit blocks. The key size ranges from 0 to 2040 bits. RC6 was an AES finalist. It is based on RC5, altered to meet the AES requirements. It is also stronger than RC5, encrypting 128-bit blocks using 128-, 192-, or 256-bit keys.
Ref Monitor
mediates access between subject/objects
ring model
4 rings 0 - kernel1 - other os components2 - device drivers3 - user apps
ROM
memory that maintains without power bios is a ROM
Read only memory
RSA
named for Rivest, Shamir, Adleman creators
Current Standard for Dig. Signatures
once doc get hashed RSA encrypts hash with senders private key.
**factorization** trap door function
one way math…
S/MIME
(Multipurpose Internet Mail Extensions) provides a standard way to format e-mail, including characters, sets, and attachments. S/ MIME (Secure/ MIME) leverages PKI to encrypt and authenticate MIME-encoded e-mail. The client or client’s e-mail server (called an S/ MIME gateway) may perform the encryption.
SaaS
software as a service: webmail
SBox
substitution round for block cypher all driven by the key. for number of rounds…etc.
Scytale
based on rod size
tape wrapped around rod.
Secuirty Services Provided by Cryptography
P - Prevents unauthorized disclosure of info.
A - Authenticity: Verifies the claimed indentity
I - Integrity: detects modification or corruption
N - Non - repudiation: combine uthenticity and integrity a user can’t dispute sent message and its contents.
PAIN
Security Association
made of of a destinsation address and spi
(security parameter index) for IPSec sub protocol IKE - ISAKMP
unique identifier for every secure connection.
this is a socket for a secure connection.
2 one for outgoing and one for incoming.
Security Domain
a list of objects a subject is allowed to access
Service Oriented Architecture
neutral services so vendors can communicate with eath other…
SHA-1
160bit hash
Single DES
Single DES is the original implementation of DES, encrypting 64-bit blocks of data with a 56-bit key, using 16 rounds of encryption. The work factor required to break DES was reasonable in 1976, but advances in CPU speed and parallel architecture have made DES weak to a brute-force key attack today, where every possible key is generated and attempted. Triple DES Triple DES applies single DES encryption
SRAM
more expensive uses small latches flip-flops and fast
holds it info without power…use for cache.
SSL/TLS
know this phrase:
Asymmetric Key Exchange
Symmetric Data Exchange
need symmetric for speed.
public key encrypts the clients session key
both parties have secure channel with symmetric key…like secure cb radios…
- client set up secure session
- server sends certificate
- client decrypts the servers cert using the public key from the trusted CA.
- server decrypts session key using its private key and estblished secure session.
client
Stream Cypher
1 bit at a time XOR, transpositon or substituion
Substitution
Crypto Substitution replaces one character for another
Symmetric Algorithm
ie: Private Key, Shared key, Secret Key, Session Key - (limited time)
Same key to encrypt and decrypt
Stream Cypher - very fast not as secuire used in hardware. Only know RC4
Block Cypher - slower AES = standard /3DES still around not used as much
Symmetric Stream Cypher
RC4
Target Hardening
four D’sDeterDelayDetectDeny
TCSEC
trusted computing evaluation criterea ie the orange book one of the first security standards implemented most tings are based from that.c - discretionary controlsb - mand. controlsa - verified protection all of b plus addl…
temp
nice constant temp.dd
threads
child threads from a parent process
TOCTOU
Time of Check/ Time of Use (TOCTOU) attacks are also called race conditions: an attacker attempts to alter a condition after it has been checked by the operating system, but before it is used. Maintenance Hooks
Triple DES
Triple DES applies single DES encryption three times per block. Formally called the “Triple Data Encryption Algorithm” (TDEA) and commonly called “TDES” or “3DES,” it became a recommended standard in 1999. 48 Rounds - Kurt :)
Trusted Computer Base
Originated from orange book.
Security Perimiter - delineates trussted and the untrusted components in a computer system.
Reference Monitor - mediates access between subject and objects
Security kernel - enformant of ref monitor
is defined as the total combination of protection mechanisms within a computer system.
Type C
need to be in electrical fires tested quartly
Ubiquitous Computing
Wireless Networking
RFID
NFC - wireless keys in hotel
LBS - location based security.
UL325
Class I: Ornamental/ResidentialClass II: Commercial usage where general public access is expected: Gated community, self-storage facilityClass III: Industrial Usage where limited access is expected. Example: A WarehouseClass IV: Restricted access: Prisons, military
Vernam Cipher
- One time pad
- only mathematically unbreakable form of cryptography.
key must be used only once
pad must be at leas as long as the message
key pad is statistacally unpredictable
key pad must be delivered and stored securely.
one tiem key rsa…evey minute…etc.
Vignere
- First polyaplphabetic cipher
- key word is agreed upon ahead of time
- First letter fo teh key is matched up against fist letter of the message and so on.
Virtual Memory
provides virtual address mapping between apps and hardware memory
Volumetric detection
More expensive (used for higher value assetsPhoto-electric: Changes in light—no windowsAcoustic systems: detect certain frequencies of sounds
What block cypher does bla bla bla
Guess AES default standard.
What Makes up a Ciphertext
Plaintext + Initialization Vector + Algorithm + Key
what type of crytopgraphy does tls use
best hybrid.
if not that then asymmetric…
what type of cryptography use for data exchange
symmetric cryptography.
for key exchange it it asymmetric.
whats the forumla for the number of keys in an asymetric enviornment
2N
Which fence will deter a determined intruder
8 feet with 3 strands of barbed wire – (preventive) Will discourage all but the most determined intruder
who is responsible for the safety of employees
Senior Management
Work Factor
How long it will take to break a cryptosystmem. (decrypt cyphertext without key)
x.509 v.4
the Standard digital certificate format for Pub. key interface PKI.
stardarized….
XOR
Steam Ciphers XOR
exclusive or
plain text + key
Values:
same = 0
diffrent =1
XSS
client side threat
cross site scripting
attacker takes control of a trusted website. with a code injection.
question: cross site scripting takes advantage of a user trust of a website.
Refencence Monitor
defined as an abstract machine that mediates all access to objects by subjects to ensure that subjects have the necessary access rights and to protect objects from unauthorized access
Access control - Dominate
Higher or equal to access class. The reason is the term dominates refers to a subject being authorized to perform an operation if the access class of the subject is higher or dominates the access class of the object requested.
Rainbow Attack
Rainbow attacks involve using pre-computed hashes of their password equivalents.
Basically we take a rainbow table; a list of passwords and hash value equivalents and just compare the hashes we see on the wire (Or file elsewhere like in the SAM file or in the process lsass.exe memory space) to the list of pre-computed cleartext password equivalents in the rainbow table for instant cleartext passwords.
Mitigation: Password salting involves adding random characters to the password hash making the attack infeasible. There are millions of possible salt values which means you would need one 67 GB database for each of the possible.
ISO 9126
is a standard to assist in evaluating the quality of a product
The functions are those that satisfy stated or implied needs.
Suitability
Accuracy
Interoperability
Security
Functionality Compliance
