Domain 3 Flashcards
Code
Cryptographic systems of symbols that
operate on words or phrases and are
sometimes secret but don’t always
provide confidentiality.
Cipher
Ciphers, are always meant to hide
the true meaning of a message.
Stream Cipher
is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream (keystream). In a stream cipher, each plaintext digit is encrypted one at a time with the corresponding digit of the keystream, to give a digit of the ciphertext stream
Block Cipher
is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to a block of data (for example, 64 contiguous bits) at once as a group rather than to one bit at a time.
Substitution Cipher
uses the encryption algorithm to replace each character or bit of the plaintext message with a different character. The Caesar cipher is a good example.
Transposition Cipher
uses an encryption algorithm to rearrange the letters of a plaintext message, forming the ciphertext message.
Initialization Vector (IV)
is a random bit string (a nonce) that is the same length as the block size that is XORed with the message. IVs are used to create a unique cipher text every time the same message is encrypted with the same key.
Caesar Cipher
substitution cipher that shifts characters, uses a key of length one
Vigenère Cipher
cipher uses a longer key (usually a word or sentence),
One time Pad Cipher
- For a one time pad to be successful, the key must be
- Generated randomly without any known pattern.
- Key at least as long as the message to be encrypted.
- The pads must be protected against physical disclosure
- Each pad must be used only one time and then discarded
Zero-knowledge proof
is a communication concept.
A specific type of information is exchanged, but no real data is transferred, as with digital signatures and digital
certificates.
More simply: It enables one to prove knowledge of a fact to another
individual without revealing the fact itself .
Split knowledge
means that the information or privilege
required to perform an operation is divided among multiple users.
This ensures that no single person has sufficient privileges to compromise the security of the environment.
Work function or work factor
a way to measure the strength of a cryptography system by measuring the effort in terms of cost and/or time to decrypt messages.
The time and effort required to break a protective measure.
Symmetric Key
Relies on the use of a shared secret key. Lacks support for scalability, easy key distribution, and nonrepudiation
Faster and for bulk encryption
Asymmetric
Public private key pairs for communication
between parties. Supports scalability, easy
key distribution, and nonrepudiation.
Stronger
3DES Modes
- Electronic Codebook Mode (ECB).
- Cipher Block Chaining (CBC).
- Cipher Feedback (CFB).
- Output Feedback (OFB).
- Counter (CTR).
3DES Mode - Electronic Codebook Mode (ECB).
Simplest & least secure mode. Processes 64 bit blocks, encrypts block with the chosen key. If same block encountered
multiple times, same encrypted block is produced, making it easy to break.
3DES Mode - Cipher Block Chaining (CBC).
Each block of unencrypted text is XORed with the block of ciphertext immediately preceding. Decryption process simply decrypts ciphertext and reverses the XOR operation.
3DES Mode - Cipher Feedback (CFB).
Is the streaming version of CBC. Works on data in real time, using memory buffers of same block size. When buffer is full, data is encrypted and transmitted. Uses chaining, so errors propagate.
3DES Mode - Output Feedback (OFB).
Operates similar to CFB, but XORs the plain text with a seed value. No chaining function, so errors do not propagate.
3DES Mode - Counter (CTR).
Uses an incrementing counter instead of a seed. Errors do not propagate.
Key Clustering
A Weakness in cryptography where a plain text message generates identical ciphertext messages using the same algorithm but using different keys.
Public Keys/Private Keys (asymmetric)
- Public keys are shared among communicating parties
- Private keys are kept secret.
DATA
- To encrypt a message: use the recipient’s public key.
- To decrypt a message: use your own private key.
DIGITAL SIGNATURE
- To sign a message: use your own private key.
- To validate a signature: use the sender’s public key.
HASH FUNCTION REQUIREMENTS
Good hash functions have five requirements:
- They must allow input of any length.
- Provide fixed length output
- Make it relatively easy to compute the hash function for any input
- Provide one way functionality.
- Must be collision free.
Cryptographic Salts
A salt is random data that is used as an additional
input to a one way function that hashes data, a password or passphrase
Adding salts to the passwords before hashing them reduces the effectiveness of rainbow table attacks.
DSS
Digital Signature Standard
The Digital Signature Standard uses the SHA-1, SHA-2, and SHA-3 message digest functions…
Works in conjunction with one of three encryption algorithms: -Digital Signature Algorithm (DSA) -Rivest, Shamir, Adleman (RSA) algorithm -Elliptic Curve DSA (ECDSA) algorithm.
Certificate Authorities (CA)
generate digital certificates containing the public keys of system users.
Users then distribute certificates to people with whom they want to communicate.
Certificate recipients verify a certificate using the CA’s public key.
Email Traffic Encryption
- S/MIME
- Pretty Good Privacy (PGP).
Web Traffic Encryption
Transport Layer Security (TLS)
largely replacing the older SSL
Network Traffic Encryption
IPsec
protocol standard provides a common
framework for encrypting network traffic and is built into many common operating systems.
IPsec
A security architecture framework that supports secure communication over IP.
Establishes a secure channel in 2 modes
transport mode or tunnel mode.
Can be used to establish direct communication between computers or over a VPN connection
Uses two protocols:
Authentication Header (AH)
Encapsulating Security Payload (ESP)
Meet in the middle attack
exploits protocols that use two rounds of encryption.
Birthday attack
an attempt to find collisions in hash functions.
Replay attack
an attempt to reuse authentication requests.
DRM
Digital Rights Management
Commonly protect entertainment content, such as music, movies, and e-books
Symmetric Algorithms
AES Blowfish Twofish 3DES RC5
AES
Advanced Encryption Standard
Symmetric
Block Size: 128 bits
Key Size: 128, 192, 256
Blowfish
Symmetric
Block Size: 64 bits
Key Size: 32 - 448 bit
3DES
Symmetric
Block Size: 64 bits
Key Size: 112 - 168 bit
Twofish
Symmetric
Block Size: 128 bits
Key Size: 1 - 256 bit
RC5
Symmetric
Block Size: 32, 64, 128 bits
Key Size: 0-2,040 bit
Hash Algorithms
-HAVAL
-MD4, 5 - no longer in use due to collisions
SHA-224
SHA-256
SHA-384
SHA-512
HAVAL
Hash algorithm
Value length: 128, 160, 192, 224, 256
SHA-2 (variants)
Secure Hash Algorithm
Hash algorithm
Used with digital signature standard (DSS)
Value length: 160, 224, 256, 384, 512
MD4, 5
Message Digest
Hash algorithm
No longer in use
Value length: 128
Public Key Cryptosystems (asymmetric)
RSA
is the most famous public key cryptosystem; it was developed by
Rivest, Shamir, and Adleman in 1977. It depends on the difficulty of factoring the
product of prime numbers.
El Gamal
is an extension of the Diffie
Hellman key exchange algorithm that depends on modular arithmetic.
(ECC) Elliptic curve
Algorithm depends on the elliptic curve discrete logarithm problem and
provides more security than other algorithms when both are used with keys of the same length.
Digital Signatures
Rely on public key cryptography and hashing functions DS algorithms suitable for use in FIPS 186 4 (the Digital Signature Standard) must use SHA 2 hashing functions.
Three currently approved encryption algorithms:
Digital Signature Algorithm (DSA), as specified in FIPS 186 4
Rivest, Shamir, Adleman (RSA), specified in ANSI X9.31
Elliptic Curve DSA (ECDSA), specified in ANSI X9.62
RSA
Asymmetric Key
Most common
Size: 512
El Gamal
Asymmetric Key
Replaced Diffie-Hellman
ECC
Asymmetric Key
Elliptic Curve
Size: Variable (smaller key size due to EC, 160 bit EC key = 1025 RSA)
Integrity Security Models
- Biba: State machine model (SMM)
- Clark-Wilson: Access control triple
- Goguen-Meseguer: THE noninterference model
- Sutherland: preventing interference (information flow and SMM)
Confidentiality Security Models
- Bell-LaPadula: no read up, no write down
- Brewer and Nash: Chinese Wall
- Take Grant: employs a “directed graph”
Bell-LaPadula model
State machine model enforces confidentiality
Uses mandatory access control (mac) to enforce the DoD multilevel security policy
Simple security property
subject cannot read data at a higher level of classification. “no read up”
Star * security property subject cannot write info to lower level of classification
“no write
Biba model
A lattice based model developed to address concerns of integrity.
Simple integrity property subject at one level of integrity is not permitted to read an object of lower integrity. “no read down”
Star * integrity property object at one level of integrity is not allowed to write to object of higher integrity.
Invocation property prohibits a subject at one level of integrity from invoking a subject at a higher level of integrity.
“no write up”
Clark-Wilson model
A lattice based model developed to address concerns of integrity.
Simple integrity property subject at one level of integrity is not permitted to read an object of lower integrity. “no read down”
Star * integrity property object at one level of integrity is not allowed to write to object of higher integrity. “no write up”
Invocation property prohibits a subject at one level of integrity from invoking a subject at a higher level of integrity.
Features the “ACCESS CONTROL” Triple
Take Grant model
another confidentiality based model that supports four basic operations: take, grant, create, and revoke.
Brewer and Nash model
also called the ”Chinese Wall model”. It was developed to prevent conflict of interest (COI) problems. (confidentiality based)
Graham-Denning model
This model uses a formal set of protection rules for which each object has an owner and a controller.
Eight primary protection rules: Securely create an object Securely create a subject Securely delete an object Securely delete a subject Securely provide the read access right. Securely provide the grant access right. Securely provide the delete access right. Securely provide the transfer access right
Security Modes
Dedicated Mode
Multilevel Mode
System High Mode
Compartmented Mode
Dedicated Mode
Security clearance that permits access to ALL info processed by system, approval for ALL info processed by system, valid need to know for ALL info processed by system.
Multilevel Mode
Can process information at different levels even when all system users do not have the required security clearance to access all information processed by the system.
System High Mode
Each user must have valid security clearance, access approval for ALL info processed by system, and valid need to know for at least SOME info on the system. Offers most granular control over resources and users of these models.
Compartmented Mode
Goes one step further than System High. Each user must have valid security clearance, access approval for ALL INFO processed by system, but requires valid need to know for ALL INFO they will have access to on the system.
State Machine Model (SMM)
Describes a system that is always secure
no matter what state it is in.
Based on the computer science definition of a finite state machine (FSM).
A state is a snapshot of a system at a specific
moment in time. All state transitions must be evaluated.
If each possible state transition results in another secure state, the system can be called a secure state machine.
Information Flow Model
Focuses on the flow of information
Information flow models are based on a
state machine model
Biba and Bell LaPadula are both information flow models
Bell LaPadula preventing information flow from a high security level to a low security level
Biba focuses on flow from low to high security level
TCB (Trusted Computing Base)
is a combination of hardware, software and controls that work together to form a “trusted base” to enforce your security policy
Includes reference monitor and security kernel
Reference monitor
is the logical part of the TCB that confirms whether a subject has the right to use a resource prior to granting access.
enforces access control
Security Kernel
is the collection of the TCB components that implement the functionality of the reference monitor.
implements access control
Common Criteria (ISO IEC 15048)
The Common Criteria enable an objective evaluation to validate that a particular product or system satisfies a defined set of security requirements.
TWO FLAVORS
community Protection Profile (cPP) black box
Evaluation Assurance Level (EAL)white box
CC Has replaced TCSEC and ITSEC!
TCSEC (Trusted Computer System Evaluation)
A structured set of criteria for evaluating computer security within products and systems.
ITSEC (Information Technology Security Evaluation Criteria)
The ITSEC represents an initial attempt to create security evaluation criteria in
Europe. TSEC uses two scales to rate functionality and assurance.
Common Criteria (CC) EAL valuation Standards
EAL0, EAL1 - Functionally Tested
EAL2 - Structurally Tested
EAL3 - Methodically Tested & Checked
EAL4 - Methodically Designed, Tested, and Reviewed (labels)
EAL5 - Semi Formally Designed and Tested
EAL6 - Semi Formally Verified Design and Tested
EAL7 - Formally Verified Design and Tested
TCSEC and ITSEC Evaluation Standards
TCSEC ITSEC
D F-D+E0 Minimal/no protection
C1 F-C1+E1
C2 F-C2+E2
B1 F-B1+E3 Labeled security protection
B2 F-B2+E4
B3 F-B3+E5
A1 F-B3+E6 Verified security design
Covert Channels
Two types:
covert timing channel
covert storage channel
A method that is used to pass information over a path that is not normally used for communication.
Because it’s not normally used, it may not be protected by the system’s normal security controls.
TPM
Trusted Platform Module
A chip that resides on the motherboard of the device.
Multi purpose, like storage and management of keys used for full disk encryption (FDE) solutions.
Provides the operating system with access to keys, but prevents drive removal and data access
Mandatory Access Control
Enforces an access policy that is
determined by the system, not the object owner. Relies on classification labels that are representative of security domains and realms.
Discretionary Access Control
Permits the owner or creator of an object to control and define its accessibility, because the owner has full control by default.
Non-discretionary Access Control
Enables the enforcement of system
wide restrictions that override object specific access control.
Rule-based Access Control
Defines specific functions for access to requested objects. Commonly found in firewall systems.
Role-based Access Control
Uses a well defined collection of named job roles to endow each one with specific permissions, thereby seeking to ensure that users who occupy such roles can
access what they need to get their jobs done.
Certification
The technical evaluation of each part of a
computer system to assess its concordance with security standards
Accreditation
The process of formal acceptance of a
certified configuration from a designated
authority.
Open System
are designed using industry standards and are usually easy to integrate with other open systems
Closed System
are generally proprietary hardware and/or
software. Their specifications are not
normally published, and they are usually
harder to integrate with other systems.
Confinement
restricts a process to reading from and
writing to certain memory locations.
Bounds
are the limits of memory a process cannot
exceed when reading or writing.
Isolation
is the mode a process runs in when it is
confined through the use of memory bounds.
Factors of Authentication
Something you know (pin or password)
Something you have (trusted device)
Something you are (biometric)
AuthN
Authentication (AuthN) is the process of
proving that you are who you say you are.
Identity
Authentication can be achieved with both
symmetric and asymmetric cryptosystems.
AuthZ
Authorization (AuthZ) is the act of granting an authenticated party permission to do something.
Access
Permissions, rights , and privileges are then granted to users based on their proven identity.
If user has rights to a resource, they are granted authorization.
Multitasking
simultaneous execution of more than one
application on a computer and is managed by the operating system.
Multithreading
Permits multiple concurrent tasks to be
performed within a single process.
Multiprocessing
The use of more than one processor to
increase computing power.
Multiprogramming
Similar to multitasking but takes place on
mainframe systems and requires specific
programming.
Single state and Multistate processors
Single state processors are capable of
operating at only one security level at a time, whereas multistate can simultaneously operate at multiple security levels.
Privileged Mode
Controlled operations are performed in
privileged mode, also known as system
mode, kernel mode, and supervisory mode.
User Mode
Applications operate in a limited instruction set environment known as user mode
Memory Types
- ROM. Read only. Contents burned in at factory.
- RAM. Static RAM (SRAM) uses flip flops, dynamic RAM (DRAM) uses capacitors
- PROM. Programmable chip similar to
- EPROM. Erasing, Clearing (overwriting w/ unclassified
data) . - EEPROM. Have a small window that, when illuminated with special ultraviolet light, erases content of chip
- Flash Memory. Derivative concept from EEPROM. nonvolatile, can be electronically erased and rewritten.
Storage types
-Primary storage is the same as memory.
-Secondary storage consists of magnetic, flash, and optical media that must be first read into primary memory before
the CPU can use the data.
-Random access storage devices can be read at any point
-Sequential access storage -devices require scanning
through all the data physically stored before the desired
Firmware
Software stored on a ROM chip, containing basic instructions needed to start a computer. Also used to provide operating instructions in peripheral devices such as printers
Process isolation
ensures that individual processes can access only their own data.
Layering
creates different realms of security within a process and limits communication between them.
Abstraction
creates “black box” interfaces for programmers to use without requiring knowledge of an algorithms or device’s inner workings.
Data hiding
prevents information from being read from a different security level. Hardware segmentation enforces process isolation with physical controls.
Hypervisor
The hypervisor, also known as a virtual machine monitor (VMM), is the component of virtualization that creates, manages, and operates the virtual machines (VMs).
Type I Hypervisor
A native or bare metal hypervisor. In this configuration, there is no host OS; instead, the hypervisor installs directly onto the hardware where the host OS would normally reside.
Type II Hypervisor
A hosted hypervisor. In this configuration, a standard regular OS is present on the hardware, and the hypervisor is then installed as another software application.
CASB
A cloud access security broker (CASB) is a security policy enforcement solution that may be installed on premises or in the cloud.
Shadow IT
Buffer overflow
occurs when the programmer fails to check the size of input data prior to writing the data into a specific memory location.
Functional Order of Security Controls
Deterrence
Denial
Detection
Delay
Physical Security Controls
Administrative
also known as management controls and include policies and procedures, like site management, personnel controls, awareness training, and emergency response and procedures
Logical
also known as technical controls and are implemented through technology like access controls, intrusion detection, alarms, CCTV, monitoring, HVAC, power
supplies, and fire detection and suppression.
Physical
use physical means to protect objects and includes fencing, lighting, locks, construction materials, mantraps, dogs and guards
Technical/Logical controls for physical security
- access controls
- intrusion detection
- alarms
- CCTV and monitoring
- HVAC
- power supplies
- fire detection and suppression
Administrative controls for physical security
- facility construction
- facility selection
- site management
- personnel controls
- awareness training
- emergency response
- emergency procedure
Physical controls for physical security
- fencing
- lighting
- locks
- construction materials
- mantraps
- dogs
- guards
Fences
3-4 feet deters casual trespasser 6-7 feet too hard to climb easily 8 feet (w/ barbed wire) will deter intruders
Temperatures and humidity
Humidity: 40% 60% ideal
Temps: for computers 60-75F (15
23C), damage at 175F.
Manage storage devices damaged at 100F
Too much humidity can cause corrosion. Too little humidity causes static electricity. Even on nonstatic carpet, low humidity can generate 20,000 volt static discharg!
Electrical Impacts
Blackout: prolonged loss of power Brownout: prolonged low voltage Fault: short loss of power Surge: prolonged high voltage Spike: temporary high voltage Sag: temporary low voltage
Lights
8 feet high with 2 feet candle power
3 Categories of Fire Detection Systems
smoke sensing
flame sensing
heat sensing
Fire Classes
A - common combustibles - water, soda acid B - liquids - CO2, halon, soda acid C - electrical - CO2, halon D - metals - Dry powder K - kitchen - wet chemicals
Electromagnetic interference types
-Common mode noise. Generated by the
difference in power between the hot and
ground wires of a power source operating electrical equipment
-Traverse mode noise. Generated by a
difference in power in the hot and neutral wires of a power source operating electrical
Radio frequency interference (RFI)
is the source of interference that is generated by electrical appliances, light sources, electrical cables and circuits, and so on.
Damage from fire and fire suppression
- Smoke is damaging to most storage devices.
- Heat can damage any electronic or computer component.
- Suppression mediums can cause short circuits, initiate corrosion, or otherwise render equipment useless.
Water Suppression Systems
-Preaction systems. use closed sprinkler heads, and the pipe is charged with
compressed air instead of water. The water is held in check by an electrically
operated sprinkler valve and the compressed air.
-Wet pipe systems. are filled with water. Dry pipe systems contain compressed
air until fire suppression systems are triggered, and then the pipe is filled with water; and flame activated sprinklers trigger when a predefined temperature is reached.
-Dry pipe systems. also have closed sprinkler heads: the difference is the pipes are filled with compressed air. The water is held back by a valve that remains
closed as long as sufficient air pressure remains in the pipes. Often used in areas
where water may freeze, such as parking garages.
-Deluge systems. are similar to dry pipes, except the sprinkler heads are open
and larger than dry pipe heads. The pipes are empty at normal air pressure; the
water is held back by a deluge valve.
Halon
is effective, but bad for environment (ozone depleting), turns to toxic gas at 900F.
Suitable replacements •FM 200 (HFC 227ea) •CEA 410 or CEA 308 •NAF S III (HCFC Blend A) •FE 13 (HCFC 23) •Argon (IG55) or Argonite (IG01) •Inergen (IG541) •Aero K
Lock Types
Electronic Combination Locks
(aka Cipher lock) Something you know
Key Card Systems
Something you have
Biometric Systems
Something you are
Conventional Locks
Easily picked / bumped & keys easily duplicated
Pick-and-Bump Resistant Locks
Expensive, harder to pick & keys not easily duplicated.
Threats to physical access controls
- Abuses of physical access control include propping open secured doors and bypassing locks or access controls.
- Masquerading is using someone else’s security ID to gain entry to a facility.
-Piggybacking is following someone through a secured
gate or doorway without being identified or authorized personally.
Media storage facility protections
- locked cabinets or safes
- using a librarian/custodian
- implementing a check-in/check-out process
- using media sanitization
Protections for evidence storage
- locked cabinets or safes
- dedicated/isolated storage facilities
- offline storage
- access restrictions and activity tracking
- hash management and encryption
