Chapter 8

Question 1

What are the the security features of the CIA model?

Answer 1

• Confidentiality
• Message integrity
• End-point authentication
• Operational security

Question 2

What does confidentiality provide?

Answer 2

Only the sender and the intended receiver should be able to understand the contents of the transmitted message.

Question 3

What does message integrity provide?

Answer 3

Ensure that the content of their communication is not altered, either maliciously or by accident, in transit. Extends checksumming from the transport layer.

Question 4

What does end-point authentication provide?

Answer 4

Both the sender and the receiver should be able to confirm the identity of the other party involved in the communication - to confirm that the other party is indeed who or what they claim to be.

Question 5

Why are keys important to network security?

Answer 5

Because encryption algorithms and protocols are known, published and standardized. Thus, nothing prevents a intruder from exploiting these methods.

Question 6

In layman’s terms what does Ka(m) do?

Answer 6

Encrypt message ‘m’ with key ‘Ka’

Question 7

What does this represent: Kb(Ka(m))

Answer 7

The decryption of Ka’s message ‘m’

Question 8

What is the property of a symmetric key system?

Answer 8

Ka and Kb are known to both hosts. They are identical and secret.

Question 9

How does a public key system works?

Answer 9

• One of the keys is known to the world (i.e. public)

- The other key is known to either host A or B (not both)

Question 10

What is a ciphertext-only attack?

Answer 10

Intercept the ciphertext message and use statistical analysis to break the encryption theme.

Question 11

What is a known-plaintext attack?

Answer 11

When you have a priori knowledge of certain combinations of the content of the message.

Question 12

What is a chosen-plaintext attack?

Answer 12

When you have access to plaintext message and the encrypted version.

Question 13

Block ciphers are used for what major Internet protocols?

Answer 13

• PGP (e-mail)
• SSL (TCP connections)
• IPsec (network layer security)

Question 14

What is a good measure to prevent brute force attacks with block ciphers?

Answer 14

Increase the size of the ‘blocs’ being encrypted.

Example

Block size 3 –> 40,320 permutations
(2^3 = 8 = 8!)

Block size 64 –> 1.8446744e+19… hard to brute force

Question 15

Why are block cipher tables not a feasible solution?

Answer 15

Host A and Host B would have to hold a table (example) of 2^64 values. If they were to change, they would need to change the table again.

Question 16

At a high level how what are the steps for public key encryption?

Answer 16

• Host A gets the public key from Host B
• Encrypts its message Kb+(m)
• Send encrypt message to Host B
• Host B decrypts the message with its private key Kb-(Kb+(M))

Question 17

What are two conceptual issues with public key encryption?

Answer 17

• Someone can intercept the Kb+(m) and break it with know public key protocols
• The private key host has no way to identify who is sending the message (e.g. is Alice (good) or Trudy (bad))

Question 18

What is the feature of the RSA algorithm sets it apart?

Answer 18

Extensive use of arithmetic operations using modulo-n arithmetic

Question 19

Why does RSA provides great security but can’t guarantee it?

Answer 19

Because it relies on the fact that there are no known algorithms for quickly factoring a number.

Conversely, it is not known where or not there exist fast algorithms for factoring a number. E.g. government secret.

Question 20

What is the property of a cryptographic hash function?

Answer 20

Computationally infeasible for an intruder to substitute one message for another message that is protected by the hash function. e.g. H(x) = H(y)

Question 21

What are the two major hash algorithms?

Answer 21

MD5 (message digest 5)

SHA-1 (secure hash algorithm)

Question 22

What are the three steps of using a hash function?

Answer 22

1. Host A creates message ‘m’ and hashes it H(m)
2. Host A appends the hash to message ‘m’ -> (m, H(m)). Sends it to Host B
3. Host B receives (m, h) and calculates H(m). If H(m) = h - message integrity achieve (not really, there’s a flaw))

Question 23

What is a flaw with just using hash functions?

Answer 23

A third host, Host C, could send a message using a ‘bogus’ message and the hash would check out, thus Host B could think the message was sent by Host A.

Question 24

What is needed to perform message integrity in addition to hash functions?

Answer 24

A shared secret between Host A and Host B –> authentication key.

Question 25

How is a MAC (message authentication code) created?

Answer 25

Concatenate a message with the secret and hash it -> H(m+s)

Question 26

What is the purpose of a digital signature?

Answer 26

That is, it must be possible to prove that a document signed by an individual was indeed signed by that individual (the signature must be verifiable) and that only that individual could have signed the document (the signature cannot be forged).

Question 27

Why is public key cryptography an ideal candidate for digital signatures?

Answer 27

Because a host needs to have both a private and public key that are both unique to it.

Question 28

What is the process to create a digital signature? Why does this protect from message modification?

Answer 28

Use the private key to sign the document i.e. Kb-(m)

K+b(K-b(m)) = m

It protects from modification because the signature for K-b(m) != k-b(m`)

Question 29

How does a client-server negotiate agree on cipher suite?

Answer 29

• Client offers choice

- Server picks one

Question 30

What are the steps of an SSL handshake?

Answer 30

1. Server auth
2. negotiation
3. establish keys
4. Client auth (optional)