Domain 3: Security Engineering Flashcards

1
Q

Asymetric Encryption

A

2 keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Graham-Denning Security Model

A
Defines rights based on the commands that the subjects can execute
R1:  Transfer access
R2: Grant access
R3: Delete access
R4: Read objects
R5: Create objects
R6: Delete objects
R7: Create subjects
R8: Delete subjects
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Brewer-Nash Security Model

A

Designed to avoid conflicts of interests

AKA: Chinese wall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Clark-Wilson

A
  • Well formed transactions
  • authorization access modifications made in organized manner
  • Real-world technology model
  • Separation of duties ensures that authorized users do not change data in inappropriate way
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Biba Security Model

A

Integrity of objects

  • Simple Integrity Axiom
    • no read down
    • Integrity Axiom
      • no write up
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Lattice-based Access Control

A

Upper and Lower Limits

  • Every relationship between subjects and objects has upper and lower limits.
  • Multilevel and multilateral
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Bell-LaPadula Security Model

A

Confidentiality of objects

  • Designed for Dept of Defense
  • Simple Security Property
    • No read up
    • Security Property
    • No write down
  • Strong Tranquility Property - security labels will not change while system on operating.
  • Weak Tranquility Property - security labels will not change in a way that conflicts with defined security properties.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

ITSEC

Information Technology Security Evaluation Criteria

A
  • Used extensively in Europe
  • Assurance correctness rating E0 (inadequate) - E6 (formal model of security policy)
  • References the orange book but added
    F- Functionality
    Q- Effectiveness
    E- Correctness
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

TCSEC

Trusted Computer System Evaluation Criteria

A
  • Orange Book
  • Developed on 1983
    (KNOW THE LEVELS)
    D- minimal protections
    C- Discretionary protection
    B- Mandatory protection
  • B1 labeled
  • B2 structured
  • B3 Security Domains
    A- Verified Protection
    -A1- Verified Domains
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Rule-based Access Control

RBA

A
  • Firewall
  • Based on a set of rules
  • Stored in Access Control List
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Role-based Access Control

A
  • Non-discretionary access control

- Assigns permissions to roles in the organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Mandatory Access Control

MAC

A
  • Access control where OS constrains the ability of the subject to access or perform on a object
  • Rules enforced on OS kernel
  • Security policy administrator controls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Trusted Computer System Evaluation Criteria

A
  • Discretionary access control (DAC)
  • Restricts access to objects based on the identity of the subjects and the groups they belong to
  • Subjects with certain permissions are capable of passing that permission
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

4 Modes of Systems/ Access Control

A
  1. Dedicated - one classification for all objects - subject must have clearance equal or greater than the system label
  2. Systems High - mixed labels - subject must have clearance equal or greater than the highest object label
  3. Compartmented -objects placed in compartments. Subjects must have a formal need to know.
    >All subjects must have- NDA for ALL. Clearance for ALL information on the system.
  4. Multi-level- objects of varying levels. Subjects with varying clearances can access the system, Reference monitor mediates access. NDA. Clearance for SOME information on the system
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Common Criteria

A
  • Internationally agreed upon standard for describing
    and the the security of IT products.
    -primary objects is to eliminate known vulnerabilities of the target for testing.

Terms:
>Target of Evaluation (ToE): system or product being tested
>Security Target (ST): documentation describing the TOE
>Protections Profile (PP): independent set of security requirements and objectives for a specific category of products or systems
>Evaluation Assurance Level (EAL): evaluation score of the tested…
- Latest version July 2009

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Common Criteria 7 levels of Evaluations (EAL)

A

EAL1: Functionally tested
EAL2: Structurally tested
EAL3: Methodically tested and checked
EAL4: Methodically designed, tested, and reviewed
EAL5: Semi-formally designed and tested
EAL6: Semi-formally verified, designed, and tested
EAL7: Formally verified, designed, and tested

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Layering

A
  • Separates HW and SW functions into Modular tiers.
  • Actions that take place at one layer to not directly affect components of another
  • Generic list of security architecture layers
    .Kernel - 0
    .OS - 1
    .Hardware - 2
    .Applications - 3
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Abstractions

A

Unnecessary details are hidden from the user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Ring Model

A
  • CPU HW layering to separate and protect domains (user mode from kernel mode)
  • Ring 0: Kernel
  • Ring 1: OS components outside of Ring 0
  • Ring 2: Device drivers
  • Ring 3: User applications
  • Processes communicate between ring via system call.
  • Rings allow abstraction.
  • Allows layering
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Computer Bus

A
  • Primary communications channel on a computer.

- Communications between CPU, memory, and input/output devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Northbridge

Southbridge

A
  • Northbridge = memory controller hub
    . connects cpu to ram and video memory
    . directly connected to CPU

Southbridge = I/O controller hub
. connects I/O devices
. Keyboards, mice, etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Thread

A
  • CPU action where one process has spawned another process

- Threads can share memory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Trusted Platform Module

A
  • International standard
  • Hardware-based encryption (fast)
  • Platform integrity and disk encryption (primary uses)
  • Boot integrity
  • DoD requires TPM 1.2 or higher
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Kernel

A
  • Interface between OS and HW
  • Reference monitor is its core function: mediates all access between subjects and objects.
    -Two primary types
    . Monolithic kernel: compiles int one static executable.
    . Microkernel: modular, can add functionality
    -Reference monitor is core
    .
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Cloud computing

A
  • Leverages economies of scale
    . IaaS - customer configures OS and all else
    . PaaS - pre-configured OS, customer does all else
    . SaaS - everything is configured, customer uses. (Webmail)
  • Cloud Security Issues
    . Need strict SLA
    . Limited visibility
    . Shared infrastructure and shared target
    . Right to audit, right to assess (vulnerabilities), right to test (pentest)
    . Physical boundaries (geographical)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Emanations

A
  • Energy the escapes and electronic signal
  • Potential side-channel attack
  • TEMPEST: NSA spec and NATO cert referring to spying through leaking emanations.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Rootkit

A
  • Replaces part of the kernel or OS

- User-mode (ring 3, called userland) and kernel mode (ring 0)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Database Security

A
  • Polyinstantiation: two different objects with the same name
  • Inference: requires deductions using clues
  • Aggregation: mathematical process that asks every question, no deduction.
  • Data Mining: searching through DB looking for patterns
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Cryptography - Key Terms

A
  • Cryptology: the science of secure communications
  • Cryptography: creates messages with hidden meanings
  • Cryptoanalysis: the science of breaking hidden messages (recovering their meanings)
  • Cryptology: encompasses cryptography and cryptoanalysis
  • Cipher: cryptographic algorithm
  • Plaintext: an unencrypted message
  • Cyphertext: an encrypted message
  • Encryption: converts plaintext to cyphertext
  • Decryption: turning cyphertext back into plaintext.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Confusion, Diffusion, Substitution, Permutation

A
  • Confusion: means the relationship between the plaintext and cyphertext should be as confused or random as possible
  • Diffusion: the order of the plaintext should be diffused (dispersed) in the cyphertext
  • Substitution: replace one character with another to provide diffusion
  • Permutation:provided confusion by rearranging the characters of the plaintext; anagram style
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Cryptographic Strength

A
  • Work factor: how long it takes to break a cryptosysten (decrypt a cyphertext without a key)
  • Kerchoffs’ principle - secrecy of the cryptographic algorithm does not provide strength
32
Q

Monoalphabetic and Polyalphabetic Ciphers

A

Monalphabetic cyphers: uses one alphabet, a specific letter “ like E” is substituted for another (like X).
- Suseptible to frequency analysis

Polyalphabetic cipher: uses multiple alphabets: E may be substituted for X one round and S the next round.

33
Q

Rotation Cipher

A
  • Julius Caesar
  • Rotated each letter of the plaintext forward three times. (Rot-3) A became D
  • Rot-13 frequently used
34
Q

Codebooks

A
  • assign a codeword for important people, locations and terms
  • One-Time Pad
    . Uses identical paired pads of random characters
    . One page used to encrypt (sender) and decrypt (receiver)
    . Pages never reused
    . Only encryption method that is mathematically proved to be secure if the following conditions are met:
    1. character are truly random
    2. pads are kept secure
    3. No page is ever reused.
35
Q

Wassenaar Agreement

A
  • 1996

- many countries relaxed restrictions on exporting cryptography

36
Q

Data Encryption Standard (DES)

Symmetric Encryption

A
  • Describes the Data Encryption Algorithm (DEA)
  • 1976 was made the US federal standard symmetric cipher
  • 64-bit block size (64 bits each round and a 56-bit key)
37
Q

DES

5 modes

A
  • Modes primary difference is block versus (emulated stream, use of initialization vectors and whether errors in encryption propagate to subsequent blocks.
  • 5 modes
    . Electronic code book (ECB) - Weakest
    . Cipher block chaining (CBC)
    . Cipher feedback (CFB)
    . Output feedback (OFB)
    . Counter mode (CTR)

Notice the words “chaining” and “feedback”

  • Chaining = block mode
  • Feedback = stream mode
38
Q

Electronic Code Book (ECB)

Data Encryption Standard (DES) -Symmetric Encryption

A
  • Simplest and weakest form of DES

- Identical plaintext and identical keys encrypt to identical cyphertext

39
Q

Cipher Block Chaining (CBC)

Data Encryption Standard (DES) -Symmetric Encryption

A
  • First encrypted block is the initialization vector (IV)
  • Chaining destroys patterns.
  • One limitation is CBC encryption error will propagate.
    . an error in one block will cascade through subsequent block due to chaining, thus destroying their integrity
40
Q

Cipher Feedback (CFB)

Data Encryption Standard (DES) -Symmetric Encryption

A
  • Feedback = stream

- Errors propagate

41
Q

Output Feedback (OFB)

Data Encryption Standard (DES) -Symmetric Encryption

A
  • Stream
  • Uses previous ciphertext for feedback
  • Error WILL NOT propagate
42
Q

Counter (CTR)

Data Encryption Standard (DES) -Symmetric Encryption

A
  • Uses a counter

- Errors WILL NOT propagate

43
Q

Mode Comparison Chart

A

Memorize

44
Q

Triple DES

A
  • applies singe DES 3 times per block
  • 168 bits of key length
  • 1999 became a recommended standard
  • primary weakness is slow and complex
45
Q

International Data Encryption Algorithm (IDEA)

A
  • International replacement to DES

- Uses 128-bit key and 64-bit block size

46
Q

Advanced Encryption Standard (AES)

Symmetric Encryption

A
  • Current US standard for symmetric block
  • Rijndael algorithm chosen in 1999
  • 128 bit block size

-Uses
. 128 bit (10 rounds)
. 192-bits (12 rounds)
. 256-bits (14 rounds)

47
Q

Symmetric Encryption

AES

Four functions

A
  • SubBytes: confusion by substituting bytes
  • ShiftRows: diffusion by shifting rows
  • MixColumns: diffusion by mixing columns
  • AddRoundKeys: final function applied to each round, subket different for each round
48
Q

Symmetric Encryption
Blowfish

Twofish

A
  • Block ciphers by Bruce Schneier
  • Blowfish: 32 - 488 bits. default is 128. Keys encrypt 64 bits of data
  • Twofish: 128-bit blocks, using 128-256 bit keys
49
Q

Symmetric Encryption

RC5 and RC6

A

RC5

  • symmetric block cipher by RSA laboratories
  • uses 32-bit blocks Key sizes 0 - 2040 bits

RC6

  • based on RC5 but altered to meed AES requirements
  • 128-bit blocks encrypted, using keys of 128, 192 or 256 bits
50
Q

Asymmetric Encryption

A

-Solved the challenge of pre-shared key
-1976 Diffie-Hillman key exchange
-2 keys, if you encrypt with one you may decrypt with the other
-called public-key
-Math lies beneath.
. one-way functions; easy to computer one way, difficult to computer in opposite direction.

51
Q

Asymmetric Encryption

Method: Factoring Prime numbers

A

Factoring Prime numbers

  • factoring a composite number (prime x prime) to its prime
  • no shortcut has been found for hundreds of years.
  • basis of RSA algorithm
  • public key: factoring large primes number is so difficult that the composite can be publicly posted
  • private key: the prime number that are multiplied to create the public key. must be kept secret
52
Q

Asymmetric Encryption

Method: Discrete Logarithm

A

Discrete Logarithm

  • is the opposite of exponentiation
  • asking what number is factored to create 9999999999999
  • basis of Diffie-Hilman and EIGamal asymmetric algorithm
53
Q

Diffie-Hillman Key exchange

Asymmetric Encryption

A

allows two parties to securely agree on a symmetric key via a public channel

54
Q

Elliptical Curve Cryptography (ECC)

Asymmetric Encryption

A
  • one way function the uses discrete logarithms applied to elliptic curves
  • requires less computational power because of shorter keys compared to other asymmetric methods
  • often used on lower power devices.
55
Q

Hash Functions

A

-provides encryption using an algorithm and no key
-called “one way hash functions” because there is no way to reverse the encryption
-variable length plaintext is hashed in the fixed length hash values called “hash” or message digest”
-primarily used to provide integrity
. if the hash of a plaintext has changed, then the plaintext itself has changed
-Collision: more than one document can produce the same hash

56
Q

Hash Algorithms

A
  • Secure Hash Algorithms-1 (SHA-1) 160-bit hash and message digest
  • Message Digest 5 (MD5): creates 128-bit hash
  • Newer alternatives like SHA-2 are recommended
57
Q

Hash Algorithms

MD5

A

-Message Digest Algorithm 5 by Ronald Rivest
-create 128-bit hash value based on any input value length
-Weakness discovered where collisions can be found
MD6 now recommended (2008)

58
Q

Hash Algorithms

Secure Hash Algorithm (SHA)

A
  • SHA-1 - 1993 Created 160-bit hash value
  • SHA-2 recommended over SHA-1 and MD5
  • SHA-3 is the standard in 2015 (Keccak algorithm)
59
Q

Hash Algorithms

HAVAL

A
  • Hash of variable length
  • 126, 160, 192,224,256 length message digests
  • 3,4 or 5 rounds
60
Q

Cryptographic Attacks

Brute Force
Known Plaintext
Chosen Plaintext

A

-Brute Force: used crytpoanalysts to recover plaintext without the key or to recover the key itself.
. Every possible key
. Effective key-based ciphers (except one-time pad)

-Known Plaintext:
. relies on recovering and analyzing a matching plaintext and ciphertext pair
. goal is the derive the key used

Chosen Plaintext:
. chooses the plaintext to be encrypted
. goal is to derive the key
. adapts further rounds of encryption based on the previous rounds

61
Q

Cryptographic Attacks

Chosen Ciphertext

Meet in the middle

A

-Chosen Ciphertext
. similar to chosen plaintext, except cryptoanalyst chooses the ciphertext to be decrypted
. usually launched against asymmetric cryptosystems

-Meet in the Middle
. attacker has a copy of a matching plaintext and ciphertext, and seeks to recover the two keys used to encrypt
. encrypts one side, decrypts the other side and meets in the middle
. common attack again “double DES”

62
Q

Cryptographic Attacks

Known Key

Differential Cryptanalysis

A

Known Key:
. cryptanalyst know something about the key, i.e. all upper case letters, so omits other character in attack

Differential Cryptanalysis:
. seeks to find difference between related plaintexts that are encrypted

63
Q

Cryptographic Attacks

Linear cryptanalysis

Side-channel attack

A

Linear cryptanalysis:
. analysts finds large amounts of plaintext/ciphertext pairs created with the same key. Studies to derive information about the key used to create them

Side Channel attack:
. uses physical data to break a cryptosystem, such a monitor CPU cycles used while encrypting

64
Q

Cryptographic Attacks

Birthday attacks

Key Clustering

A

Birthday attacks:
. named after the birthday paradox

Key Clustering:
. occurs when two different symmetric keys applied to same plaintext produce the same ciphertext

65
Q

Digital Signatures

A
  • Used the cryptographically sign documents
  • Provide nonrepudiation
  • Uses hash function
  • Creates digital signature by encrypting the hash with a private key
  • Provide authentication and integrity, which form non-repudiation
  • Do not provide confidentiality as the plaintext remain unencrypted.
66
Q

HMAC

A
  • Combines symmetric encryption with hashing
  • HMACs are used by IPSec
  • Two parties must preshare a secret key
  • The receiver hashed the plaintext locally and also decrypts the HMAC with their copy of the private key, recovering the sender’s hash
67
Q

Public Key Infrastructure

A
  • Leverages 3 forms of encryption to provide and manage digital certificates
  • Used for SSL websites
68
Q

PKI

Certificate Authorities

A

-Certificate Authorities
. Issue digital certificates
. Authenticate identity before issuing
. May be private or public run

-Certificate Revocation List maintained by CAs

69
Q

IPSec

A
  • Suite of protocols that provide cryptographic layer to both IPv4 and IPv6
  • Includes two primary protocols
    . Authentication Header (AH)
    . Encapsulating Header (ESP)
70
Q

IPSec

AH
ESP

A
  • Authentication header: provided authentication and integrity for each packet on network data. No confidentiality
  • Encapsulating header: provides confidentiality be encrypting packet data
71
Q

IPSEC

Tunnel Mode
Transport Mode

A

-Transport Mode: used by security gateway ( which provides point to point IPSec tunnels.

  • ESP Tunnel mode encrypts the entire packet
  • ESP Transport mode only encrypts the data
72
Q

IPSec

Internet Key Exchange (IKE)

A
  • IPSec can use a variety of encryption algorithms (MD5m SHA-1
  • Algorithm selection process negotiated by Internet Key Exchange (IKE)
  • Two side of the IPSec tunnel will typically use IKE to negotiate that hightest and fastest level of security, selecting AES over single DES for confidentiality, for example, if both sides support AES
73
Q

SSL and TLS

A

-Secure Socket Layer (SSL): authenticates and provides confidentiality to web traffic
. developed for Netscape browser in 1990s

-Transport Layer Security (TLS): Successor to SSL
. TLS 1.3 is the current release in RFC 8446 (August 2018)

-Both uses as a part of HTTPS

74
Q

PGP

A

-Pretty Good Privacy
. Asymmetric Encryption
. Phil Zimmerman
- uses web of trust model to authenticate digital certificates

75
Q

S/MIME

A
  • MIME Multipurpose Internet Mail Extensions

- S/MIME leverages PKI to encrypt and authenticate MIME encrypted mail

76
Q

Escrow Encryption

Clipper chip

A
  • Takes private key and divides into two parts.
  • Parts held in escrow by trusted third party, will only release with court order

Clipper chip: the name of the technology used in Escrow Encryption Standard.

  • announced in 1993 by US Government
  • created media firestorm and abandoned on 1996