Domain 3 - Security Architecture and Engineering Flashcards
Principle of split knowledge
Split knowledge means that the information or privilege required to perform an operation is divided among multiple users. example: role separation
This ensures that no single person has sufficient privileges to compromise the security of the environment. M of N Control is an example of split knowledge used in key recovery and other sensitive tasks.
key escrow arrangement, M of N Control, a cryptographic key is stored with a third party for safekeeping, requires that a minimum number of agents ( M ) out of the total number of agents ( N ) work together to perform high-security tasks. So, implementing three of eight controls would require three people out of the eight with the assigned work task of key escrow recovery agent to work together to pull a single key out of the key escrow database
Asymmetrics vs Symmetric Cryptographic System
Symmetric cryptosystems use a shared secret key available to all users of the cryptosystem.
Weakness: Key distribution is problem, not scalable, keys must be regenerated often, does not implement nonrepudiation
Asymmetric cryptosystems use individual combinations of public and private keys for each user of the system.
Weakness: Slow
Types of Ciphers
Stream > Symmetric Key cipher, plaintext combined with pseudorandom digit stream
Block Ciphers > Encrypting text to block of data at once rather than to one bit
Substitution > is a random bit string (a nonce) that same length as block size that is XORed with the message, IVs are used to create unique chipher text every time the same message is encrypted with the same key
Transposition > rearrange the letters forming ciphertext
Initialization Vector (IV) is random bit string that is the same length as the block size that is XORed with the message.
Caesar, Vigenere, One time pad : similar stream cipher, different is key length
Caesar: 1 key
Vigenere: word or sentence
One time pad: use same length as text
One time pad success factors
> Key must be generated randomly without any known pattern
Pads must be protected against physical disclosure
Each pad must be used only one time then discarded
What is zero knowledge proof?
is a communication concept, prove knowledge fact to another individual without revealing the fact itself
What is work function/factors?
measure the strength of cryptography system by measuring the effort (cost/time).
The time and effort required to break protective measure
5 basics operation on DES
DES : Data Encryption Standards is basic methods for encryption data
3DES : use DES 3 times with 2 or more different key
ECB : Electronic Codebook > Simple & Least Secure, processes 64-bit blocks, encrypt block with the chosen key, if same block encountered multiple time, same encrypted block is produces, making it easy to break
CBC : Cipher Block Chaining > Each block of unencrypted text is XORed with the block of ciphertext immediately preceeding, decrypting process simply decrypt ciphertext and reverses the XOR operation
CFB : Cipher Feedback > like CBC but in streaming mode
OFB : Output Feedback > No chaining function, XOR plaintext with seed value
CTR : Counter > uses a incrementing counter instead of seed.
XOR Cipher
Exclusive OR, Method for flipping bit
1 1 > 0
1 0 > 1
0 1 > 1
0 0 > 0
Key Clustering
A Weakness in cryptography where a plain-text message generates identical ciphertext mesages using same algorithm but using different keys, similar with collision
Asymmetric Key Types
Public keys are shared among communicating parties
Private keys are kept secret
> Data
to encrypt using public key
to decrypt using private key
> Digital Signature, provide non-repudiation
to sign a message, use you own private key.
to valid a signature, use senders public key
5 Requirements of good hash function
They must allow input of any length Provide fixed-length output Easy to compute the hash function for any input Provide one-way functionality Must be collision free
Cryptographic Salts
to prevent rainbow tables attacks
a salt is random data that used as additional input in one way function.
rainbow tables : precomputed values to identify commonly used password
Digital Signature Standard
DSS rely on public key cryptography and uses message digest function, must use SHA-2 hashing function as a standards
Work in conjuction with one of three encryption algorithms
DSA : Digital Signature Algorithm, specified in FIPS 186-4
RSA : Rivest Shamir Adleman Algorithm, specified in ANSI X9.31
ECDSA : Elliptic Curve DSA Algorithm, specified in ANSI X9.62
What is Public Key Infrastructure?
PKI certificate authorities (CA) generate digital certificates containing the public keys of system users
users then distributes certificates to people with whom they want to communicate
Certificate recipients verify a certificate using the CA’s public key
Security Traffic (data in motion)
Email : standards, using S/MIME protocol and PGP (Pretty Good Privacy)
Web : using HTTP over Transport Layer Security (TLS)
Network : using IPSec
IPSec > secure communitcation over IP. 2 secure channel, transport mode or tunnel mode. can be used to establish direct communication between computer or over a VPN connection.
2 protocol: Authentication Header (AH) > assurances of message integrity and nonrepudiation Encapsulating Security Payload (ESP) > provides confidentiality and integrity of packet contents. It provides encryption and limited authentication and prevents replay attacks.
Common Cryptographic Attacks
Brute-force attacks - randomly find the correct cryptographic text
Meet in the middle attack, exploits protocol that use 2 rounds of encryption (ex, 2DES)
Man in the middle attack, fools both parties into communicating with the attacker instead of directly with each other
Birthday attack, attempt to find collisions in hash function
Replay attack, attempt to reuse authentication request (need to use mitm to intercept request)
Digital Rights Management
Allow content owners to enforce restriction on the use of their content by others
3 Major Asymmetric Cryptosystems
RSA > founded by 1977 depends on the difficulty of factoring the product of prime numbers
El Gamal > extension of Diffie-Hellman key exchange algorithm that depends on modular arithmetic (less common than RSA)
Elliptic Curve > more secure, depends on elliptic curve discrete logarithm
What is Security Models? and list 7 security model
In information security, models provide a way to formalize security policies.
> Integrity Biba Clark-Wilson Goguen-Mesguer Sutherland
> Confidentiality
Bell-Lapadula
Take Grant
Brewer and Nash
> Secure creation and deletion of both subjects and objects
Graham–Denning Model, uses 8 primary protection
Harrison–Ruzzo–Ullman Model, assignment of object access rights to subjects as well as the resilience of those assigned rights
What is Biba model?
focused on integrity, using Mandatory Access Control, Lattice-based model
Properties:
> The Simple Integrity Property states that a subject cannot read an object at a lower integrity level (no read-down).
> The * (star) Integrity Property states that a subject cannot modify an object at a higher integrity level (no write-up).
> Invocation Property : No Read or Write Up (subject can never access or alter data on higher level)
What is Bell-Lapadula model?
state machine model enforce confidentiality, uses mandatory access control to enforce the DoD multilevel security policy.
prevents the leaking or transfer of classified information to less secure clearance levels
The Simple Security Property states (no read up) > subject cannot read data at a higher level of classification
The * (star) Security Property (no write down) > subject cannot write info to lower level of classification
Strong * Property > subjects can Only access data on their own level (No Read or Write UP and Down)
The Discretionary Security Property > states that the system uses an access matrix to enforce discretionary access control. restricting access to objects based on the identity of subjects and/or groups to which they belong
What is Brewer-Nash Model?
Chinese Wall, focused on confidentiality, restrict users access based on activity, prevent conflict of interest (COI). For example, once consultant access data belonging Acme Cola, they may no longer access data belonging Acme Cola competitors.
When is fire detected though technology?
Incipient stage During such hey stage air ionization takes place and specialize incipient at fire detection systems can identify the changes early
What is Confinement
Technique to ensuring CIA, Software designers use process confinement to restrict the actions of a program. Simply put, process confinement allows a process to read from and write to only certain memory locations and resources. This is also known as sandboxing
The goal of confinement is to prevent data leakage to unauthorized programs, users, or systems.