Computer Security CS140

Question 1

What questions do we need to ask in order to eva, if a system is secure?

Answer 1

Security in what aspects?
Secrecy,damage prevention
Security from whom? All users or differentiate users
What level of Security
Trade-off between cost and performance
Performance degradation

Question 2

What is the theoretical approach dependant on in the real word?

Answer 2

Implementation
Deployment
Maintenace
Parties involved
Location
Temptation

Question 3

What three things should be guaranteed in a secure system?

Answer 3

CIA triangle Confidentiality,integrity and availability

Question 4

Diff between Worm and Virus?

Answer 4

Worm:
Self-contained program that spreads independently.
Exploits network vulnerabilities to access other computers.
Can rapidly infect multiple systems and networks.
Virus:

Malware that requires a host file or program to attach itself to.
Spreads when infected files are shared or executed.
Can cause damage to data, corrupt files, modify or delete data, or steal information.

Question 5

Similairuty between worm and virus

Answer 5

Similarity: Malicious Intent
Description: Both worms and viruses are forms of malware designed with malicious intent.
Similarity: Self-Replication
Description: Both worms and viruses have the ability to replicate and create copies of themselves.
Similarity: Payload
Description: Both worms and viruses can carry a payload, which refers to additional malicious actions.

Question 6

What is a DOS and DDOS attack?

Answer 6

Definition: A DoS attack is a malicious attempt to disrupt the availability of a computer system or network by overwhelming it with a flood of illegitimate requests or excessive traffic.
Goal: The goal of a DoS attack is to exhaust system resources, such as bandwidth, processing power, or memory, rendering the targeted system or network unavailable to legitimate users.

Question 7

What is a Social Engineering Attack?

Answer 7

Definition: Social engineering attacks involve deceptive tactics to manipulate and exploit human psychology and trust in order to gain unauthorized access to information or systems.

Objective: Social engineering attacks aim to bypass traditional security measures by exploiting human vulnerabilities, such as trust, emotions, or cognitive biases.

Methods: Attackers use various methods, such as impersonation, phishing, baiting, pretexting, or persuasive tactics, to trick individuals into revealing sensitive information or performing actions that benefit the attacker.

Question 8

How can you analyze a security attack?

Answer 8

Who did it, the Motivation behind the attack,Attack vector (means),what was the damage,can this be prevented in the future.

Question 9

What is a security Asset?

Answer 9

Anything we value enough so that we want to protect it.Example customer database.

Question 10

What is a vulnerability?

Answer 10

A flaw in a systems design, implementation, operation, or management that could be exploited to violate the systems security policy.

Question 11

What is a threat?

Answer 11

A potential for the violation of security when an attacker has both the capability and intent to breach security. Threat=capability x intent.

Question 12

What is the stride model?

Answer 12

It is a threat evaluation model that has the following
Spoofing-Pretending to be a user
Tampering-Modifying or accessing data
Repudiation-Denying involvement in crime
Information Disclosure-Disclosing info without appropriate permisiion
DoS-Denial of service
Elevation of privilege-Hacker elevating their privilege.

Question 13

What is a risk

Answer 13

Risk: an expectation of loss expressed as the
probability of an actual attack in which a threat
will exploit a vulnerability with a harmful result.
Risk=prbabiltyx harm which equals threatxvulnerbaityxharm

Question 14

What is an attack?

Answer 14

An assault on security that derives from a threat

Question 15

Describe the dread model of risk analysis

Answer 15

Damage - how bad would an attack be?
Reproducibility - how easy is it to reproduce the attack?
Exploitability - how much work it needs to launch the attack?
Affected users - how many people will be affected?
Discoverability - how easy is it to discover the threat?

Question 16

What is a countermeasure?

Answer 16

Countermeasure: an action that reduces a threat,
vulnerability, harm by eliminating or preventing
the attack or by detecting the attack and reacting
with corrective action.

Question 17

What are the strats to handle a risk?

Answer 17

RIsk avoidance, Risk prevention, Risk detection, RIsk action

Question 18

How to do informal risk analysis?

Answer 18

Identify assets,identify vulnerabilities,identify threat.

Question 19

What is cryptography?

Answer 19

It is about secure communication in the presence of adversaries through encryption and decryption

Question 20

What is secret key encryption

Answer 20

When the same key is used for encryption and decryption.The key is private as is only known to the communicating parties.

Question 21

What is public key encryption

Answer 21

Use public key to encrypt msg and use private key to decrypt msg.

Question 22

How does secret key encrypton work?

Answer 22

Secret key is shared between sender and receiver
Plain text is encrypted using private key and AES
Decrypted using Advanced encryption standard and key.
The encryption algos r public.AES and DES

Question 23

What is steganography?

Answer 23

Is the practice of embedding confidential data within non-secret data in a way that the presence of the secret data is difficult to detect.It is used to hide the existence of the message.

Question 24

Why do we need steganography?

Answer 24

We need it because usually encrypted msgs r unreadbale which raises suspicion.Therefore we want to hide the encrypted msg within something that is readable.

Question 25

How do we implement steganography

Answer 25

cover_medium+hidden_data+steganography_key=steganography_medium
The cover medium are usually text or audio files and the hidden data can be encrypted using the steganography key.

Question 26

How can we implement steganography using 24bit images?

Answer 26

Imagine our hidden data is a 24bit colour image that mean each pixel is represented by 3 bytes.This could be red green blue.Replace the LSB of each byte in a pixel with the binary representation of the hidden data.Eg.
10010110 with 10010111 if 1 is first letter of hidden data.

Question 27

How does the transposition/permutation cipher work?

Answer 27

Arrange msg into rows of fixed length and transpose like a real matrix.Reciever must know what permutation key is used.

Question 28

How does the keyword cipher work?

Answer 28

Arrange the msg into rows of fixed length.Define a keyword eg phone which has alphabet order 5421.Read down rows in that order.Keyword is the secret between receiver sender.

Question 29

Explain how double transposition cipher works?

Answer 29

based on the rows assigned from 1-5 u put them into new rows.Read down the columns alwyas.

Question 30

What is the monoalphabetic subsition cipher?

Answer 30

This is when u have the normal alphabet and map it to a ciphertext alpha bet eg map A-D and B to E.y=x+3mod 26 is the encryption key.This is a major disadvantage as there is a linear relation.

Question 31

How to use keyword to define ciphertext?

Answer 31

Use a keyword eg Zebras at the front of the ciphertext alphabet and then continue as normal.There is no linear relation but long cipher text can be cracked using frequency analysis.

Question 32

What is frequency analyis?

Answer 32

This method is used to count the number of occurrences of a letter or symbol in a ciphertext.The idea is to map this to the most frequently appearing letter in the alphabet.

Question 33

How can we prevent the use of frequency analysis to crack ciphertexts

Answer 33

We can use the polyalphabetic substitution cipher where we used different cipher alphabets for each letter by using a keyword.The key letter is at the top for the vignere cipher and the plain text letter is on the left.The grid alphabet goes from A
then B
then C and wraps around.

Question 34

What is the benefit of using Polyalphabetoc cipher text?

Answer 34

It is much more resilient to frequency analysis as the 2 letters which are the same in plain text maybe mapped to two different letters in the ciphertext.However, the same statistical flaw is there if the same ciphertext alphabet is used.This approach is most safe when keyword length equals plain text length.Multiple ciphertext alphabets used.

Question 35

What bitwise operation is good for encryption and decryption?

Answer 35

And and OR is not good as they produce multiple same ciphertext for the same plain text and key.XOR produces unique ciphertext for each plaintext and key.Add is too expensive.

Question 36

How is XOR used for encryption and decryption?

Answer 36

First XOR the plain text and the key.Decrypt xor the key and the ciphertext to get the plain text.

Question 37

What is one time pad?

Answer 37

This is a method where a unique alphabet is used for each letter in the message.This is the most secure but the least practical due to the distribution protection and generation of the key.

Question 38

How do we know if the secret key encruption algo is food?

Answer 38

1.Is there confusion-if we change a bit of the key will most of the ciphertext change
hide the relationship between ciphertext and key
2.diffusion-if we change a bit of the plain text multiple parts of the ciphertext will change.Hide the relationship between plaintext and ciphertext
3.Ciphertext is hard to break even with the most generous assumptions-know encryption process,know key length,as long as key is secret we good
4.Managment of the algo must be feasible and cost effective.

Question 39

Block cipher vs Stream cipher?

Answer 39

A block cipher encrypts blocks of data one at a time.A stream cipher encrypts one bit/byte of input one at the time.The output is calculated as time goes on.

Question 40

What are the features of the DES and what is the DES

Answer 40

DES is the data encryption standard.The DES is the first encryption standard.It has a 64 bit block cipher.16 rounds of encryption per block.Encryption algo is public.It uses permutation(diffusion) and substation(confusion).56 bit key with parity bits

Question 41

Describe how the block cipher works in the DES?

Answer 41

The block cipher spilts the plain text into 2 halves 32 bits each.
2.It feeds one side of input to a feistal function with a key
3.This output is xored with the other input and is used on the next iteration as round function input.
4.The other initial input is xored with the output of the 2nd round function.
Li+1=Ri, Ri+1=Liexore(Ri,ki)

Question 42

How does subkey generation work in DES?

Answer 42

Drop the 8th bit of each 8 bit block and permutate the remaining 56 bits.Split key in half and shift bits left by certain amount depending on the round.Then shifted halves are permuted with PC2 where they r reduced to 48 bits and then the pc1 bits are shifted onto the next.

Question 43

How does the DES round function work?

Answer 43

32 bit half is taken and 48 bit subkey as input the 32 bit half is duplicated to make 48th subkey by duplicating bit 1 and 4 .This output is xored with current key.This result is broken done into 8 6 bit pieces and subsition operation is taken.Converts 6 bit input to 4 bit output.And then passed through permutation function.

Question 44

Summary of DES

Answer 44

Block cipher: a block is divided
into two halves
uEach block goes through 16
rounds of processing
u Each round has a different
subkey
u Apply the Feistel function:
expansion, combination,
substitution and permutation
u Symmetry of process for encryption/decryption

Question 45

What is in the AES algo?

Answer 45

DES has been considered insecure due to short key sizeCompared to DES it has longer block size (128 bits),
longer key (variable: 128, 192, or 256 bits) and faster
implementation.

Question 46

How does AES block cipher work1.

Answer 46

1.Substitution using 8-bit lookup table
2.Permutation – by shifting rows of the matrix
3.Mixing within each column(multiplication by a fixed matrix).
4.XOR with the round key

Question 47

DES vs AES

Answer 47

Key Size:
DES: Uses a 56-bit key, which is considered relatively small by today’s standards. The effective key length is 56 bits due to the inclusion of parity bits.
AES: Supports key sizes of 128, 192, and 256 bits, providing a significantly larger key space for stronger security.
Block Size:
DES: Operates on 64-bit blocks of data. Each 64-bit block is encrypted independently.
AES: Operates on 128-bit blocks of data. AES is more efficient in terms of block size and can encrypt larger amounts of data per iteration.
Security:
DES: DES has been widely used for several decades but is now considered relatively weak against brute-force attacks due to its small key size. The 56-bit key length can be feasibly brute-forced with modern computing power.
AES: AES is widely regarded as highly secure. It has undergone extensive analysis and has withstood scrutiny from the cryptographic community. AES is resistant to known attacks, and its security is based on the secrecy of the key.
Algorithm Complexity:
DES: DES employs a Feistel cipher structure and involves multiple rounds of the Feistel function. The algorithm complexity is moderate.
AES: AES uses various operations such as substitution, permutation, and mix columns. It employs a substitution-permutation network (SPN) structure and operates with different numbers of rounds depending on the key size. The algorithm complexity is higher than DES.

Question 48

What is the problem with secret key encryption?

Answer 48

The main issue with secret key encryption is distribution and maintencae of the key.This is because both the sender and receiver require the key in order to be able to send and receive the data.This is expensive and hard to distribute.Key storage and length.

Question 49

What are the conditions for y to be the primitive root of mod x.k=y^x mod p

Answer 49

Succesive powers of y taken mod 5 generate numbers in a loop from 1 to x-1
The value of k is uniformly distributed between 1 and p-1.

Question 50

What does the primitve root mean?

Answer 50

If we guess a value of x for a given k it is equally likely to be in the interval 1 to p-1.

Question 51

How to generate public key in RSA encryption?

Answer 51

n=pxq pick two relatively big numbers.N is the public key.Pick a value of e which is co prime to p-1,q-1 and p-1 x q-1 .E should be between 1 and p-1 q-1

Question 52

What is the formula for the ciphertext in RSA encryption?

Answer 52

c=M^emodN where e is the value and N is the public key.

Question 53

How to generate private key in RSA encryption?

Answer 53

e*d=1 mod(p-1)(q-1) value of d should be 1 greater than a multiple of p-1 and q-1 and multiple of e.

Question 54

How can msg be decrypted in RSA?

Answer 54

M=C^d mod n.

Question 55

How does RSA encryption work?

Answer 55

Sender encrypts msg using recievers public key.Reciever uses their own private key to decrypt the msg.

Question 56

Why is RSA secure?

Answer 56

The attacker will either have to reverse a one way function which is computationally infeasible.Or he will need to know the value of D which means he needs to know p q and e.The only way is brute force but a large key size makes this difficult.

Question 57

Advantages of Public key encryption

Answer 57

Key distribution easy,complex encryption and decryption process leaving it secure against attacks,

Question 58

Disadvantages of Public key

Answer 58

Uses one way function slower,Relies on length of public key

Question 59

Advantages of secret key

Answer 59

Uses XOR, substitution, permutation – fast
Key is secret – attacker knows less information and hence requires shorter key for same level of security
It is faster to perform operations on a shorter key.

Question 60

Why would we encrypt using a private key and let everyone decrypt using a public key?

Answer 60

Integrity-We dont care about privacy but we don’t want anyone to tamper.We send encrypted msg along with plain text.
Authentication-I want the receiver to know i sent the msg
Non-repudiation-A user with malicious intent cannot deny their actions.

Question 61

What is a hash?

Answer 61

Its a one way function that generates hash code based on a given input?

Question 62

How is a digital signature formed?WHere is it attached.

Answer 62

Generate a hash for the message and then encrypt this message using the senders private key.It is attached to a plaintext message.

Question 63

How do you check the authenticity of the hash?

Answer 63

Decrypt the digital signature using the senders public key.Run the plain text message through the same hash algo and compare the hashes.

Question 64

Differences between Encryption and Digital signature?

Answer 64

Encryption- need to maintain confidentiality,plain text is recoverable
DIgital signature-Provides integrity,authentication and non repudiation.Unable to recover plain text.

Question 65

What is MAC

Answer 65

It is message authentication code and its where the hash of an input file is calculated and it is encrypted using a shared secret key.This maintains integrity but there is no non repudiation as the key is shared by more than one party.

Question 66

MAC vs Digitial signature?

Answer 66

Mac is essential secret key encryption and uses XOR and substation so it much faster.

Question 67

Why are digital signatures weak?

Answer 67

Anyone can create a public key and claim it belongs to someone else.

Question 68

WHat are digital certficiates?

Answer 68

They are used to certify that a public key belongs to a user.They are issued by a 3rd party authority.

Question 69

What does web of trust consist of?

Answer 69

This is where users from a chain of trust personally.There are two attributes validity and trust.Validity concerns where user B is the owner of public key B and trust is whether user B will be careful when signing other ppls certificates.Theres full,unknown and marginal trust.

Question 70

How can we use both a secret key and public key to encrpyt data?

Answer 70

Use the shared key to encrypt the message and then use the public key to encrypt the shared key.This is also known as PGP encryption.

Question 71

What is the definiton of computer security?

Answer 71

The detection and/or prevention of unauthorized actions by users of a computer system.

Question 72

What is the first step of security?

Answer 72

Identify and authenticate the user.Identify the user by ID and authenticate the user by confirming their identity.

Question 73

What are the problems with using passwords?

Answer 73

Passwords should not be simple and be shared across accounts however if we have different passwords for every account it may overload the user.

Question 74

What are the solutions to the probelms with passwords?

Answer 74

Store all passwords in a single place, use hints, 2 factor authentication

Question 75

How to calculate the entrophy aka strenght of a passwords?

Answer 75

We do log2 W^L.Where L is length of password and W is character set

Question 76

What is salt and how is it used in hashfunction?

Answer 76

h=hash(password+salt) salt is a randomly generated number.The password file stores h and the salt value.

Question 77

What is a protocol

Answer 77

A fixed pattern of exchanges between 2 or more parties to achieve a certain task

Question 78

What is a replay attack?

Answer 78

When an eavesdropper stores a message sent by a user and sends it to the receiver later on.

Question 79

What are the solutions to a replay attack?

Answer 79

Generate a token which is a random number R this will be sent to the sender and will need to be signed and encrypted with theirprivate key.The reciever can verify this using the senders public key.
Timestamping contain a timestamp in the original encrypted msg.

Question 80

What is the function of a hypervisor?

Answer 80

Is to create and host vms on a physical host machine, it contains virtual hardware stored in files.The files are transferred to hardware when necessary.

Question 81

What is the paused state in a VM?

Answer 81

Vm is still running but not allocated cpu.And off running and suspended

Question 82

What are the benefits of VM?

Answer 82

It is isolated,low privileges,transience online and offline on demand and easy to record state of VM.

Question 83

Describe VM isolation?

Answer 83

VMs guest OS is encapuslated and hardware is abstracted.Vms access different files and resources therefore host os and other vms unlikely to be affected in the event of an attack

Question 84

Describe VM transcience?

Answer 84

Usually servers are alwyas on,vms can be switched on and off relatively quicly.Limiting operating time reduces security risks

Question 85

Describe VM state restoring?

Answer 85

Virtual disk for vm is stored as one file on the hypervisor.Therefore it is easy to return to previous states and undo changes.Help ensure data integrity.

Question 86

Descrive VM low Privelge?

Answer 86

Traditionally OS has the highest privilege and can only monitor itself.A VM has lower privilege than hypervisor so it can only be monitored by hypervisor or by a dedicated VM.

Question 87

What is the issue with VM Transcience?

Answer 87

Transcience may lead to diffuclty in eradicting a worm or virus.The worm/virus may infect vms but then may go offline and infect others.Usually we identify affected machines ,clean up and patch issue.

Question 88

What is the issue with state restoring?

Answer 88

Sensitive data is stored in virtual disk which goes against security principle of only keeping sensitive data for a limited time.State may be restored to an infected version without security patches.If hypervisor is comprised attacker have unlimited access only 2 states Guest OS or hypervisor affected.Many vms do not have virus protection due to roll back feature.

Question 89

What is the issue of Mobility ?

Answer 89

All the archeitecture of a vm is online in the form of files making it susceptible to theft.If attacker accesses version of VM not being used by Guest OS the VM will not show intusion.Attackers can access and modify files when the VM is offline.

Question 90

What is the issue with easy creation of VMs?

Answer 90

Vms can be easily created but have different configurations which may lead to vulnerabilites.

Question 91

What is the issue with VM identity?

Answer 91

Usually devices can be identifed by mac address but for VM there is only one mac address for physical machine.

Question 92

WHat is the DoS attack with hypervisors?

Answer 92

A hypervisor can allow onr vm to access all resources.

Question 93

WHat is the purpose of cookies

Answer 93

Cookies are used by webservers to store stateful info and record users browsing activity.

Question 94

How are cookies sent between a client and server

Answer 94

When a client access a webpage for the first time cookies and the data are sent from the webserver.When a client accesses another webpage on this server the cookie is sent back to the web server.

Question 95

What is a session?

Answer 95

It is a data structure used to store temporary info in an interaction between a client and server.

Question 96

What is network Eavesdropping?

Answer 96

When cookies are intercepted by an attacker and used to communicate with other server.This can be prevented by securing communications using https.

Question 97

Whare third party cookies?

Answer 97

They are cookies that are set by other domains compared to the one the user is currently using.They can be used to track user activity over multiple sites.

Question 98

What is cross site scripting?

Answer 98

Attacker injects malicious ccode into website using JS and is executed by users browser in URL for example.This can give access to cookies these cookies can be sent to remote servers or altered.

Question 99

What is phising false sub domain?

Answer 99

Fake sub domain created by attacker with attacker server IP address victims browser will submit to attackers server all cookies related to main domain