Domain 3: Security Engineering

Question 1

Asymetric Encryption

Answer 1

2 keys

Question 2

Graham-Denning Security Model

Answer 2

Defines rights based on the commands that the subjects can execute
R1:  Transfer access
R2: Grant access
R3: Delete access
R4: Read objects
R5: Create objects
R6: Delete objects
R7: Create subjects
R8: Delete subjects

Question 3

Brewer-Nash Security Model

Answer 3

Designed to avoid conflicts of interests

AKA: Chinese wall

Question 4

Clark-Wilson

Answer 4

• Well formed transactions
• authorization access modifications made in organized manner
• Real-world technology model
• Separation of duties ensures that authorized users do not change data in inappropriate way

Question 5

Biba Security Model

Answer 5

Integrity of objects

• Simple Integrity Axiom
  
  • no read down
• • Integrity Axiom
    
    • no write up

Question 6

Lattice-based Access Control

Answer 6

Upper and Lower Limits

• Every relationship between subjects and objects has upper and lower limits.
• Multilevel and multilateral

Question 7

Bell-LaPadula Security Model

Answer 7

Confidentiality of objects

• Designed for Dept of Defense
• Simple Security Property
  
  • No read up
• • Security Property
  • No write down
• Strong Tranquility Property - security labels will not change while system on operating.
• Weak Tranquility Property - security labels will not change in a way that conflicts with defined security properties.

Question 8

ITSEC

Information Technology Security Evaluation Criteria

Answer 8

• Used extensively in Europe
• Assurance correctness rating E0 (inadequate) - E6 (formal model of security policy)
• References the orange book but added
  F- Functionality
  Q- Effectiveness
  E- Correctness

Question 9

TCSEC

Trusted Computer System Evaluation Criteria

Answer 9

• Orange Book
• Developed on 1983
  (KNOW THE LEVELS)
  D- minimal protections
  C- Discretionary protection
  B- Mandatory protection
• B1 labeled
• B2 structured
• B3 Security Domains
  A- Verified Protection
  -A1- Verified Domains

Question 10

Rule-based Access Control

RBA

Answer 10

• Firewall
• Based on a set of rules
• Stored in Access Control List

Question 11

Role-based Access Control

Answer 11

• Non-discretionary access control

- Assigns permissions to roles in the organization

Question 12

Mandatory Access Control

MAC

Answer 12

• Access control where OS constrains the ability of the subject to access or perform on a object
• Rules enforced on OS kernel
• Security policy administrator controls

Question 13

Trusted Computer System Evaluation Criteria

Answer 13

• Discretionary access control (DAC)
• Restricts access to objects based on the identity of the subjects and the groups they belong to
• Subjects with certain permissions are capable of passing that permission

Question 14

4 Modes of Systems/ Access Control

Answer 14

1. Dedicated - one classification for all objects - subject must have clearance equal or greater than the system label
2. Systems High - mixed labels - subject must have clearance equal or greater than the highest object label
3. Compartmented -objects placed in compartments. Subjects must have a formal need to know.
   >All subjects must have- NDA for ALL. Clearance for ALL information on the system.
4. Multi-level- objects of varying levels. Subjects with varying clearances can access the system, Reference monitor mediates access. NDA. Clearance for SOME information on the system

Question 15

Common Criteria

Answer 15

• Internationally agreed upon standard for describing
  and the the security of IT products.
  -primary objects is to eliminate known vulnerabilities of the target for testing.

Terms:
>Target of Evaluation (ToE): system or product being tested
>Security Target (ST): documentation describing the TOE
>Protections Profile (PP): independent set of security requirements and objectives for a specific category of products or systems
>Evaluation Assurance Level (EAL): evaluation score of the tested…
- Latest version July 2009

Question 16

Common Criteria 7 levels of Evaluations (EAL)

Answer 16

EAL1: Functionally tested
EAL2: Structurally tested
EAL3: Methodically tested and checked
EAL4: Methodically designed, tested, and reviewed
EAL5: Semi-formally designed and tested
EAL6: Semi-formally verified, designed, and tested
EAL7: Formally verified, designed, and tested

Question 17

Layering

Answer 17

• Separates HW and SW functions into Modular tiers.
• Actions that take place at one layer to not directly affect components of another
• Generic list of security architecture layers
  .Kernel - 0
  .OS - 1
  .Hardware - 2
  .Applications - 3

Question 18

Abstractions

Answer 18

Unnecessary details are hidden from the user

Question 19

Ring Model

Answer 19

• CPU HW layering to separate and protect domains (user mode from kernel mode)
• Ring 0: Kernel
• Ring 1: OS components outside of Ring 0
• Ring 2: Device drivers
• Ring 3: User applications
• Processes communicate between ring via system call.
• Rings allow abstraction.
• Allows layering

Question 20

Computer Bus

Answer 20

• Primary communications channel on a computer.

- Communications between CPU, memory, and input/output devices

Question 21

Northbridge

Southbridge

Answer 21

• Northbridge = memory controller hub
  . connects cpu to ram and video memory
  . directly connected to CPU

Southbridge = I/O controller hub
. connects I/O devices
. Keyboards, mice, etc

Question 22

Thread

Answer 22

• CPU action where one process has spawned another process

- Threads can share memory

Question 23

Trusted Platform Module

Answer 23

• International standard
• Hardware-based encryption (fast)
• Platform integrity and disk encryption (primary uses)
• Boot integrity
• DoD requires TPM 1.2 or higher

Question 24

Kernel

Answer 24

• Interface between OS and HW
• Reference monitor is its core function: mediates all access between subjects and objects.
  -Two primary types
  . Monolithic kernel: compiles int one static executable.
  . Microkernel: modular, can add functionality
  -Reference monitor is core
  .

Question 25

Cloud computing

Answer 25

• Leverages economies of scale
  . IaaS - customer configures OS and all else
  . PaaS - pre-configured OS, customer does all else
  . SaaS - everything is configured, customer uses. (Webmail)
• Cloud Security Issues
  . Need strict SLA
  . Limited visibility
  . Shared infrastructure and shared target
  . Right to audit, right to assess (vulnerabilities), right to test (pentest)
  . Physical boundaries (geographical)

Question 26

Emanations

Answer 26

• Energy the escapes and electronic signal
• Potential side-channel attack
• TEMPEST: NSA spec and NATO cert referring to spying through leaking emanations.

Question 27

Rootkit

Answer 27

• Replaces part of the kernel or OS

- User-mode (ring 3, called userland) and kernel mode (ring 0)

Question 28

Database Security

Answer 28

• Polyinstantiation: two different objects with the same name
• Inference: requires deductions using clues
• Aggregation: mathematical process that asks every question, no deduction.
• Data Mining: searching through DB looking for patterns

Question 29

Cryptography - Key Terms

Answer 29

• Cryptology: the science of secure communications
• Cryptography: creates messages with hidden meanings
• Cryptoanalysis: the science of breaking hidden messages (recovering their meanings)
• Cryptology: encompasses cryptography and cryptoanalysis
• Cipher: cryptographic algorithm
• Plaintext: an unencrypted message
• Cyphertext: an encrypted message
• Encryption: converts plaintext to cyphertext
• Decryption: turning cyphertext back into plaintext.

Question 30

Confusion, Diffusion, Substitution, Permutation

Answer 30

• Confusion: means the relationship between the plaintext and cyphertext should be as confused or random as possible
• Diffusion: the order of the plaintext should be diffused (dispersed) in the cyphertext
• Substitution: replace one character with another to provide diffusion
• Permutation:provided confusion by rearranging the characters of the plaintext; anagram style

Question 31

Cryptographic Strength

Answer 31

• Work factor: how long it takes to break a cryptosysten (decrypt a cyphertext without a key)
• Kerchoffs’ principle - secrecy of the cryptographic algorithm does not provide strength

Question 32

Monoalphabetic and Polyalphabetic Ciphers

Answer 32

Monalphabetic cyphers: uses one alphabet, a specific letter “ like E” is substituted for another (like X).
- Suseptible to frequency analysis

Polyalphabetic cipher: uses multiple alphabets: E may be substituted for X one round and S the next round.

Question 33

Rotation Cipher

Answer 33

• Julius Caesar
• Rotated each letter of the plaintext forward three times. (Rot-3) A became D
• Rot-13 frequently used

Question 34

Codebooks

Answer 34

• assign a codeword for important people, locations and terms
• One-Time Pad
  . Uses identical paired pads of random characters
  . One page used to encrypt (sender) and decrypt (receiver)
  . Pages never reused
  . Only encryption method that is mathematically proved to be secure if the following conditions are met:
  
  1. character are truly random
  2. pads are kept secure
  3. No page is ever reused.

Question 35

Wassenaar Agreement

Answer 35

• 1996

- many countries relaxed restrictions on exporting cryptography

Question 36

Data Encryption Standard (DES)

Symmetric Encryption

Answer 36

• Describes the Data Encryption Algorithm (DEA)
• 1976 was made the US federal standard symmetric cipher
• 64-bit block size (64 bits each round and a 56-bit key)

Question 37

DES

5 modes

Answer 37

• Modes primary difference is block versus (emulated stream, use of initialization vectors and whether errors in encryption propagate to subsequent blocks.
• 5 modes
  . Electronic code book (ECB) - Weakest
  . Cipher block chaining (CBC)
  . Cipher feedback (CFB)
  . Output feedback (OFB)
  . Counter mode (CTR)

Notice the words “chaining” and “feedback”

• Chaining = block mode
• Feedback = stream mode

Question 38

Electronic Code Book (ECB)

Data Encryption Standard (DES) -Symmetric Encryption

Answer 38

• Simplest and weakest form of DES

- Identical plaintext and identical keys encrypt to identical cyphertext

Question 39

Cipher Block Chaining (CBC)

Data Encryption Standard (DES) -Symmetric Encryption

Answer 39

• First encrypted block is the initialization vector (IV)
• Chaining destroys patterns.
• One limitation is CBC encryption error will propagate.
  . an error in one block will cascade through subsequent block due to chaining, thus destroying their integrity

Question 40

Cipher Feedback (CFB)

Data Encryption Standard (DES) -Symmetric Encryption

Answer 40

• Feedback = stream

- Errors propagate

Question 41

Output Feedback (OFB)

Data Encryption Standard (DES) -Symmetric Encryption

Answer 41

• Stream
• Uses previous ciphertext for feedback
• Error WILL NOT propagate

Question 42

Counter (CTR)

Data Encryption Standard (DES) -Symmetric Encryption

Answer 42

• Uses a counter

- Errors WILL NOT propagate

Question 43

Mode Comparison Chart

Answer 43

Memorize

Question 44

Triple DES

Answer 44

• applies singe DES 3 times per block
• 168 bits of key length
• 1999 became a recommended standard
• primary weakness is slow and complex

Question 45

International Data Encryption Algorithm (IDEA)

Answer 45

• International replacement to DES

- Uses 128-bit key and 64-bit block size

Question 46

Advanced Encryption Standard (AES)

Symmetric Encryption

Answer 46

• Current US standard for symmetric block
• Rijndael algorithm chosen in 1999
• 128 bit block size

-Uses
. 128 bit (10 rounds)
. 192-bits (12 rounds)
. 256-bits (14 rounds)

Question 47

Symmetric Encryption

AES

Four functions

Answer 47

• SubBytes: confusion by substituting bytes
• ShiftRows: diffusion by shifting rows
• MixColumns: diffusion by mixing columns
• AddRoundKeys: final function applied to each round, subket different for each round

Question 48

Symmetric Encryption
Blowfish

Twofish

Answer 48

• Block ciphers by Bruce Schneier
• Blowfish: 32 - 488 bits. default is 128. Keys encrypt 64 bits of data
• Twofish: 128-bit blocks, using 128-256 bit keys

Question 49

Symmetric Encryption

RC5 and RC6

Answer 49

RC5

• symmetric block cipher by RSA laboratories
• uses 32-bit blocks Key sizes 0 - 2040 bits

RC6

• based on RC5 but altered to meed AES requirements
• 128-bit blocks encrypted, using keys of 128, 192 or 256 bits

Question 50

Asymmetric Encryption

Answer 50

-Solved the challenge of pre-shared key
-1976 Diffie-Hillman key exchange
-2 keys, if you encrypt with one you may decrypt with the other
-called public-key
-Math lies beneath.
. one-way functions; easy to computer one way, difficult to computer in opposite direction.

Question 51

Asymmetric Encryption

Method: Factoring Prime numbers

Answer 51

Factoring Prime numbers

• factoring a composite number (prime x prime) to its prime
• no shortcut has been found for hundreds of years.
• basis of RSA algorithm
• public key: factoring large primes number is so difficult that the composite can be publicly posted
• private key: the prime number that are multiplied to create the public key. must be kept secret

Question 52

Asymmetric Encryption

Method: Discrete Logarithm

Answer 52

Discrete Logarithm

• is the opposite of exponentiation
• asking what number is factored to create 9999999999999
• basis of Diffie-Hilman and EIGamal asymmetric algorithm

Question 53

Diffie-Hillman Key exchange

Asymmetric Encryption

Answer 53

allows two parties to securely agree on a symmetric key via a public channel

Question 54

Elliptical Curve Cryptography (ECC)

Asymmetric Encryption

Answer 54

• one way function the uses discrete logarithms applied to elliptic curves
• requires less computational power because of shorter keys compared to other asymmetric methods
• often used on lower power devices.

Question 55

Hash Functions

Answer 55

-provides encryption using an algorithm and no key
-called “one way hash functions” because there is no way to reverse the encryption
-variable length plaintext is hashed in the fixed length hash values called “hash” or message digest”
-primarily used to provide integrity
. if the hash of a plaintext has changed, then the plaintext itself has changed
-Collision: more than one document can produce the same hash

Question 56

Hash Algorithms

Answer 56

• Secure Hash Algorithms-1 (SHA-1) 160-bit hash and message digest
• Message Digest 5 (MD5): creates 128-bit hash
• Newer alternatives like SHA-2 are recommended

Question 57

Hash Algorithms

MD5

Answer 57

-Message Digest Algorithm 5 by Ronald Rivest
-create 128-bit hash value based on any input value length
-Weakness discovered where collisions can be found
MD6 now recommended (2008)

Question 58

Hash Algorithms

Secure Hash Algorithm (SHA)

Answer 58

• SHA-1 - 1993 Created 160-bit hash value
• SHA-2 recommended over SHA-1 and MD5
• SHA-3 is the standard in 2015 (Keccak algorithm)

Question 59

Hash Algorithms

HAVAL

Answer 59

• Hash of variable length
• 126, 160, 192,224,256 length message digests
• 3,4 or 5 rounds

Question 60

Cryptographic Attacks

Brute Force
Known Plaintext
Chosen Plaintext

Answer 60

-Brute Force: used crytpoanalysts to recover plaintext without the key or to recover the key itself.
. Every possible key
. Effective key-based ciphers (except one-time pad)

-Known Plaintext:
. relies on recovering and analyzing a matching plaintext and ciphertext pair
. goal is the derive the key used

Chosen Plaintext:
. chooses the plaintext to be encrypted
. goal is to derive the key
. adapts further rounds of encryption based on the previous rounds

Question 61

Cryptographic Attacks

Chosen Ciphertext

Meet in the middle

Answer 61

-Chosen Ciphertext
. similar to chosen plaintext, except cryptoanalyst chooses the ciphertext to be decrypted
. usually launched against asymmetric cryptosystems

-Meet in the Middle
. attacker has a copy of a matching plaintext and ciphertext, and seeks to recover the two keys used to encrypt
. encrypts one side, decrypts the other side and meets in the middle
. common attack again “double DES”

Question 62

Cryptographic Attacks

Known Key

Differential Cryptanalysis

Answer 62

Known Key:
. cryptanalyst know something about the key, i.e. all upper case letters, so omits other character in attack

Differential Cryptanalysis:
. seeks to find difference between related plaintexts that are encrypted

Question 63

Cryptographic Attacks

Linear cryptanalysis

Side-channel attack

Answer 63

Linear cryptanalysis:
. analysts finds large amounts of plaintext/ciphertext pairs created with the same key. Studies to derive information about the key used to create them

Side Channel attack:
. uses physical data to break a cryptosystem, such a monitor CPU cycles used while encrypting

Question 64

Cryptographic Attacks

Birthday attacks

Key Clustering

Answer 64

Birthday attacks:
. named after the birthday paradox

Key Clustering:
. occurs when two different symmetric keys applied to same plaintext produce the same ciphertext

Question 65

Digital Signatures

Answer 65

• Used the cryptographically sign documents
• Provide nonrepudiation
• Uses hash function
• Creates digital signature by encrypting the hash with a private key
• Provide authentication and integrity, which form non-repudiation
• Do not provide confidentiality as the plaintext remain unencrypted.

Question 66

HMAC

Answer 66

• Combines symmetric encryption with hashing
• HMACs are used by IPSec
• Two parties must preshare a secret key
• The receiver hashed the plaintext locally and also decrypts the HMAC with their copy of the private key, recovering the sender’s hash

Question 67

Public Key Infrastructure

Answer 67

• Leverages 3 forms of encryption to provide and manage digital certificates
• Used for SSL websites

Question 68

PKI

Certificate Authorities

Answer 68

-Certificate Authorities
. Issue digital certificates
. Authenticate identity before issuing
. May be private or public run

-Certificate Revocation List maintained by CAs

Question 69

IPSec

Answer 69

• Suite of protocols that provide cryptographic layer to both IPv4 and IPv6
• Includes two primary protocols
  . Authentication Header (AH)
  . Encapsulating Header (ESP)

Question 70

IPSec

AH
ESP

Answer 70

• Authentication header: provided authentication and integrity for each packet on network data. No confidentiality
• Encapsulating header: provides confidentiality be encrypting packet data

Question 71

IPSEC

Tunnel Mode
Transport Mode

Answer 71

-Transport Mode: used by security gateway ( which provides point to point IPSec tunnels.

• ESP Tunnel mode encrypts the entire packet
• ESP Transport mode only encrypts the data

Question 72

IPSec

Internet Key Exchange (IKE)

Answer 72

• IPSec can use a variety of encryption algorithms (MD5m SHA-1
• Algorithm selection process negotiated by Internet Key Exchange (IKE)
• Two side of the IPSec tunnel will typically use IKE to negotiate that hightest and fastest level of security, selecting AES over single DES for confidentiality, for example, if both sides support AES

Question 73

SSL and TLS

Answer 73

-Secure Socket Layer (SSL): authenticates and provides confidentiality to web traffic
. developed for Netscape browser in 1990s

-Transport Layer Security (TLS): Successor to SSL
. TLS 1.3 is the current release in RFC 8446 (August 2018)

-Both uses as a part of HTTPS

Question 74

PGP

Answer 74

-Pretty Good Privacy
. Asymmetric Encryption
. Phil Zimmerman
- uses web of trust model to authenticate digital certificates

Question 75

S/MIME

Answer 75

• MIME Multipurpose Internet Mail Extensions

- S/MIME leverages PKI to encrypt and authenticate MIME encrypted mail

Question 76

Escrow Encryption

Clipper chip

Answer 76

• Takes private key and divides into two parts.
• Parts held in escrow by trusted third party, will only release with court order

Clipper chip: the name of the technology used in Escrow Encryption Standard.

• announced in 1993 by US Government
• created media firestorm and abandoned on 1996