Domain 3: Security Engineering Flashcards
Ceaser Cipher
substitution cipher, shift 3 letters to the right
Four Fundamental Goals of Cryptography
Confidentiality, Integrity, Authentication, Nonrepudiation
Key space
defined by bit size. a 128 bit key has a value from 0 to 2^128
The Kerchoff Principle
a cryptographic system should be secure even if everything about the system, except the key, is public knowledge
Cryptovariables
cryptographic keys
Crptography
the art of creating and implementing secret codes and ciphers
Cryptanalysis
the study of methods to defeat codes and ciphers
Cryptology
Cryptography + Cryptanalysis
Boolean mathematics
defines rules used for bits and bytes
modulo function
remainder after division
One- way function
operation that easily produces output values for each possible combinations of input but makes it impossible to reverse engineer
Nonce
random number that acts as a placeholder variable, must be random and used one time only ex: Initialization Vector
IV
Initialization Vector - a random bit string as long as the block that is XORed with the message
Zero-knowledge proof
The magic door - watch someone go in one entrance and come back before buying their password
Work function
time and effort required to perform a complete brute-force attack, directly proportional to the security and protection of the crytosystem
Difference between Codes and Ciphers
codes are not meant to provide confidentiality
Transposition Ciphers
rearrange the letters of the plaintext
Substitution Cipher
replace each bit of plaintext with a different character
Ceaser Cipher encryption function
C = (P+3) mode 26
Vigenere Cipher
polyalphabetic - alphabet written 26 times
Period Analysis
examination of frequency based on the repeated use of the key
One-Time Pads
substitution cipher, use a different substitution alphabet for each letter
One-Time Pad encryption function
C = (P+K) mod 26, K = key
One-Time Pad Security Requirements (4)
Random, used once, physically protected, as long as the message
Running Key or Book Cipher
key is as long as the message itself and is often from a book
Block Ciphers
operate on chunks of messages
Steam Cipher
act on on bit at a time
Confusion
relationship btwn plaintext and ciphertext is so complicated that an attacker can’t determine the key
Diffusion
a change in the plaintext results in multiple changes spread through the ciphertext
Symmetric Key Algorithm Pros and Cons
Pro - Very Fast, used for bulk encryption
Cons - key distribution, does not implement non repudiation, not scalable, keys must be regenerated often
Symmetric Key Algorithm
relies on a shared key given to all members used to encrypt and decrypt, aka secret key and private key
Asymmetic Key Algorithm
public key, each user has a public and private key, receivers public key encrypts, receivers private key decrypts, also digital signature tech
Asymmetic Key Algorithm Pros and Cons
Pros - adding new users only requires 1 public-private key pair, easier to remove users, less key regeneration, provides integrity, authentication, nonrepudiation, key distribution is easy, no preexisting relationship is necessary
Cons - speed
Which key algorithm? Single shared key vs key pair Confidentiality, Integrity, Nonrepudiation, authentication vs Confidentidality Slow vs Fast Non Scalable vs Scalable In-Band vs Out of band exchange Bulk encyrption vs small blocks of data
Symmetic = Single shared key, Confidentidality, Fast, Non Scalable, Out of band exchange, Bulk encyrption Asymmetric = Key pair, Confidentiality, Integrity, Nonrepudiation, authentication, Slow, Scalable, In-Band, Small blocks of data
Message Digest
Summary of a messages content produced by hashing
Hashing provides ____
Integrity
DES
Data Encryption Standard - no longer secure, 64 bit block cipher with 5 modes of operation, key is 56 bits, uses 16 rounds of XOR operations to generate ciphertext
Symmetric Standards
DES, 3DES, IDEA, Blwofish, Skipjack, AES
DES Modes of Operation
Cipher Block Chaining Mode, Cipher Feedback Mode, Output Feedback Mode, Counter Mode, Electronic Codebook Mode
ECB
Electronic Codebook mode - least secure, simply encrypts block with same key, enemy could build a code book
CBC
Cipher Block Chaining Mode - each block is XORed with the ciphertext block proceeding it before encyrption, IV
CFB
Cipher Feedback Mode - streaming cipher version of CBC, real time operation, IV and chaining
OFB
Output Feedback Mode - same as CFB but XORs with a seed value, no chaining, uses previous seed value to determine next
CTR
Counter Mode - stream cipher, uses a counter for XOR operation
3DES
Triple DES - adapted version of DES
3DES Versions
DES - EEE3 = 168 bit key length
DES - EDE3 = 168 bit key length
DES - EEE2 = 112 bit key length
DES - EDE2 = 112 bit key length
DES-EEE3
encrypts plaintext 3 times using 3 different keys,
C= E (K1, E (K2, E (K3,P)))
DES-EDE3
C= E (K1, D (K2, E (K3,P)))
DES-EEE2
C= E (K1, E (K2, E (K1,P)))
DES-EDE2
C= E (K1, E (K2, E (K1,P)))
IDEA
International Data Encryption Algorithm = 64-bit block with 128 bit key, uses 52 16-bit subkeys, open to all, in PGP, same modes as DES
Blowfish
64 bit blocks of text, allows use of variable length keys ranging from 32 to 448 bits
Skipjack
64 bit block, supports escrow of encryption keys
AES
Advanced Encryption Standard - 3 key strengths, 128 bit (10 round of encryption), 192 bit (12 rounds), 256 bit (14 rounds). Processes 128 bit blocks
Block Size and Key Size: AES Rijndael Blowfish DES IDEA RC2 RC4 RC5 Skipjack 3DES Twofish
Block size and key size AES = 128 bit block, 128, 192 or 256 bit key Rijndael = Variable block, 128, 192 or 256 bit key Blowfish = 64 bit block, 32-338 bit key DES = 64 bit block, 56 bit key IDEA = 64 bit block, 128 bit key RC2 = 64 bit block, 128 bit RC4 = Streaming, 128 bit RC5 = 32, 64 or 128 bit block, 0-2040 bit key Skipjack = 64 bit block, 80 bit key 3DES = 64 bit block, 112 or 168 bit key Twofish = 123 bit, 256 bit key
Three Main methods to distribute Symmetric Keys
Offline distribution, Public key encryption, Diffie-Hellmen Key exchange
Fair Crytosystems Key Escrow
key is divided into two or more pieces and given to independent third parties
Escrow Encryption Standard Key Escro
provides gov’t with technical means to decrypt ciphertext
RSA
Most famous asymmetric algorithm - depends on the difficulty of factoring large prime numbers, key length of 1088 bits
El Gamal
asymmetric encryption, doubles the length of any message it encrypts
Asymmetric Key Algorithms
RSA, El Gamal, Elliptic Curve
Elliptic Curve
more difficult to solve, only 160 bit kit equivalent to 1088 RSA key. Good for small devices with less processing power
Hash Functions
take a long message and generate a unique output known as the message digest
5 Requirements for a Cryptographic Hash Function
- Input can be any length
- Output has a fixed length
- Hash Function in relatively easy to compute
- Hash Function is one-way
- Hash Function is collision free
SHA
Secure Hashing Algorithm, SHA 2 is the most secure
SHA-1 = 512 bit blocks, 160 bit message digest
SHA-256 = 512 bit blocks, 256 bit message digest
SHA-224 = 512 bit blocks, 224 bit message digest
SHA-512 = 1024 bit blocks, 512 bit message digest
SHA-382 = 1024 but blocks, 834 bit message digest
MD2
no longer used, 128 bit message digest
MD4
message padded to be 64 bits smaller than 512 bit multiple, 3 rounds of computation, 128 bit message digest, no longer used
MD5
512 bit blocks, same padding as MD4, reduce the speed, no longer secure, 128 bit message digest
Goals of Digital Signatures
Nonrepudiation and Integrity and Authentication
How to Digitally sign
Alice hashes plaintext, encrypt message digest using her private key (this is the digital signature), Append signed message digest to plaintext message, Send to Bob, Bob decrypts digital signature using Alice’s Public Key, Bob hases the plaintext message, Bob compares the decrypted message digest to his message digest
HMAC
Hashed Message Authentication Code implements a partial digital signature, integrity but not non repudiation
DSS
Digital Signature Standard - by NIST, aka FIPS 186-4
Certificates
provide communicating parties with the assurance that the people they are communicating with are who they claim to be - endorsed copies of an individuals public key
Certificate Authority
neutral organization which offer notarization services for digital certificates
Enrollment
the process of proving your identity to the CA to obtain a certificate
CRL
certificate revocation list
OCSP
Online Certificate Status Protocol - eliminates latency of CRL
Asymmetric Key Management
Choose encryption system wisely, select keys wisely, keep your private key secret, retire old keys, back up your key
If your email needs confidentiality, _________
encrypt the message
If your email needs integrity, ___________
hash the message
If your email needs authentication, integrity, and/or nonrepudiation
digitally sign the message
If your email needs confidentiality, integrity, authentication, and nonrepudiation
encrypt and digitally sign the message
PGP
Pretty Good Privacy is a secure email system combining CA concept with web of trust
S/MIME
Secure Multipurpose Internet Mail Extensions - de factor standard for encrypted email, uses RSA and X.509 certificates
Steganography
embed secret messages within another message
DRM
Digital Rights Management - uses encryption to enforce copyright restrictions on digital media
Link Encryption
used to protect data in transit - protects entire communication circuits by creating a secure tunnel between two points, encrypts header info so you need to decrypt at points
End to End Encryption
used to protect data in transit - protects comms between two parties, more susceptible to eavesdroppers, faster, does not encrypt header info, ex: TLS, Banking, VPN
IPsec
provides a complete infrastructure for secured network communications
IPsec AH
Authentication Header - provides assurances of message integrity and nonrepudiation
IPsec ESP
Encapsulating Security Payload - provides confidentiality and integrity
ISAKMP
Internet Security Association and Key Management Protocol - provides background security support services for IPsec by negotiating, establishing, modifying, and deleting SAs
Two modes of IPsec
Transport mode - only packet is encrypted
Tunnel mode - entire packet is encrypted
Security Association
created to set up IPsec, represents the communication session and records any config and status info about the session, need one SA for each direction of data flow
WEP
Wired Equivalent Privacy - protect comms within wireless LAN, outdates
WPA
WiFi Protected Access, improves on WEP by implementing Temporal Key Integrity Protocol, outdated
WPA
adds AES cryptography
Analytical Attack
algebraic manipulation that attempts to reduce the complexity of the algorithm
Implementation Attack
exploits weaknesses in implementation, focus on sw code
Statistical Attack
focuses on inability to produce totally random numbers
Frequency Analysis and the Ciphertext Only Attack
uses known letter frequencies
Known Plaintext Attack
Attacker has a copy of the plaintext and ciphertext
Chosen Ciphertext
attacker has ability to decrypt chosen portion of the ciphertext
Chosen Plaintext
attacker has the ability to encrypt plaintext messages
Meet in the Middle Attack
attacker uses a known plaintext and encypts, decrypts equivalent ciphertext and finds which keys match up
Man in the Middle Attack
attacker sits between two communication parties and intercepts communications
Birthday attack
finds flaws in one to one nature of hasing
Replay Attack
attacker intercepts message and later replays it to start a new session
Confinement
allows a process to read from and write to only certain memory location and resources aka sandboxing
Bounds
limits set on the memory addresses and resources it can access
Isolation
a process is confined through enforcing access bounds
Controls
uses access rules to limit the access of a subject to an object
Trusted System
a system in which all protection mechanisms work together to process sensitive data for many types of users while maintaining a stable and secure computing environment
Assurance
the degree of confidence in satisfaction of security needs
Security Model
gives software designers something against which to measure their design and implementation
Trusted Computing Base
a combination of hw, sw and controls that work together to enforce your security policy, provide methods to access resources inside and outside TCB
Security Perimeter
an imaginary boundary that separated the TCB from the rest of the system, prevents insecure comms, need trusted paths for secure comms
Reference Monitor
part of the TCB that validates access to every resource prior to granting access requests
Security Kernel
collection of components in the TBC that work together to implement reference monitor functions
State Machine Model
a system that is always secure no matter what state it is in
Information Flow Model
designed to prevent unauthorized, insecure, or restricted information flow
Noninterference Model
loosely based on information flow, concerned with how the actions of a subject at a higher security level affect the system state of the actions of a subject at a lower security level
Take-Grant Model
shows how rights can be passed from one subject to another or from a subject to an object
Access Control Matrix
table of subjects and objects that indicated the actions or functions that each subject can perform on each other
Bell-LaPadula Model
No read up, No write down, enforced through DAC, confidentiality is upheld
Biba Model
No read down, no write up, Integrity is up held
Clark-Wilson Model
objects can only be accessed through an interface
Brewer and Nash (Chinese Wall)
blocks conflicting data/access based on competition
Goguen-Meseguer Model
subjects are allowed only to perform predetermined actions against predetermined objects
Sutherland Model
prevents interference in support of integrity, defines states
Graham-Denning Model
secure creation and deletion of both subjects and objects
TCSEC or Rainbow Series
set of standards that attempted to specify minimum acceptable security criteria
ITSEC
European Model, more focused on integrity and availability
TCSEC Categories
A = Verified Protection (all phases of development are evaluated), B= Mandatory Protection (security labels, Bell La-Padula Model), C = Discretionary Protection (basic controls and complete documentation), D = Minimal Protection
Red Book
TCSEC for networks
Green Book
password creation and management guidelines
Common Criteria
global effort to validate products,
Structure of Common Criteria
Part 1: Intro and General Model
Part 2: Security Functionality Requirements
Part 3: Security Assurance
CC Evaluation Assurance Levels (EAL 1- EAL 7)
EAL1 - Functionally Tested
EAL2 - Structurally Tested
EAL3 - Methodically Tested and Checked
EAL4 - Methodically Designed, Tested and Reviewed
EAL5 - Semi-formally Designed and Tested
EAL6 - Semi-formally Verified, Designed and Tested
EAL7 - Formally Verified, Designed, and Tested
PCI-DSS
Payment Card Industry - Data Security Standard, requirements for improving security of electronic payment transactions
ISO
International Organization of Standardization
Certification
comprehensive evaluation of the technical and nontechnical security features of an IT system
Accredidation
management reviews the certification information and decides if it meets the security needs of the org
Virtualization
used to host one or more OSs within the memory of a single host computer
TPM
Trusted Platform Module - store and process cryptographic keys for the process of hard drive encryption
Fault Tolerance
ability of a system to suffer a fault but continue to operate
Fault Tolerance is generally achieved through the use of _________
RAID
Hardware
tangible part of the system
Multitasking
handle two or more tasks at once (not truly multitasking)
Multiprocessing
harnessing the power of more than one processor
Multiprogramming
pseudosimultaneous execution of two tasks on a single processor, , special software, usually large scale systems
Multithreading
multiple tasks performed in a single process (i.e. opening multiple word docs)
Single State Systems
use policy mechanisms to manage different levels of info, handle one level at a time
Multistate Systems
handle multiple security levels simultaneously
Protection Rings
Ring 0- highest level of privilege, kernel/Memory
Ring 1 - Other OS Components
Ring 2 - Drivers, protocols
Ring 3 - User Level programs and apps
Dedicated Security Mode
Valid Clearance, Access Approval, & Need to Know for all info
Security Modes Need 2 things _____
MAC environment & physical control
System High Security Mode
Valid Clearance & Access Approval for all info, Need to Know for some info
Compartmented Security Mode
Valid Clearance and Need to Know for all info, access approval for any info
Multilevel Security Mode
Not all users have clearance, access approval and need to know for all info
ROM
Read Only Memory - has PROM, EPROM, Flash Memory
RAM
Random Access Memory - readable and writable, volatile
Registers
On board memory
Secondary Memory
magnetic, optical or flash based media that contain data not immediately available to the CPU
Memory Security Issues
data retention, controlling access, ability to get data off of chips
Storage Media Security
Data remanence, sanitization issues, prone to theft
Firmware
software that is stored in a ROM chip, BIOS and device firmware
Applet
code objects sent from a server to a client to perform some action
Java Applets
programs transmitted over the internet to perform operations on remote systems
ActiveX Controls
proprietary Microsoft tech, no sandbox restrictions
Aggregation
combine records from one or more tables to produce potentially useful info , combine low level info and can get higher level info
Interference
use deductive capability to combine prices of nonsensitive data to get classified data
Data Mining
comb through data warehouses and look for potentially correlated info
Data Warehousing
large databases to store large amount of info
Data Analytics
science of raw data examination with the focus of extracting useful info out of bulk info
Cloud Computing
processing and storage are performed elsewhere over a network connection
Platform as a Service
operating system as a cloud based service
Software as a Service
Google Docs, Office 365
Infrastructure as a Service
platform + computing services
Grid Computing
groups of processors that work together to reach a specific goal
P2P
networked app solutions that share tasks and workload
ICS
Industrial Control System
DCS
Distributed Control Systems - large scale environment from a single location
PLC
Programmable Logic Controllers - single purpose digital computers
SCADA
Supervisory Control and Data Acquisition - stand alone device or networked
Application Control
device mgmt solution on mobile device that limits installation of apps
Storage Segmentation
isolate the OS and preinstalled apps from user apps and data
Asset Tracking
maintain oversight over an inventory
MDM
Mobile Device Management - push or remove apps, manage data, config settings
Ways to Secure Mobile Devices
MDM, Storage Segmentation, Asset Tracking, Disabling Unused Features, Remote Wiping, FDE, etc.
Application Whitelisting
Implicit Deny
BYOD Concerns
data ownership, support ownership, patch mgmt, AV mgmt, forensics, privacy, on-boarding/off-boarding, adherence to corporate policy, user acceptance, Infrastructure considerations, legal concerns, Acceptable Use Policy, Camera/Video
Embedded Systems
a computer implemented as part of a larger system ex: smart TVs, HVAC controls, smart appliances, etc.
Cyber-physical
any computational device that can cause a movement to occur
Methods of Securing Embedded Devices
Network Segmentation, Security Layers, App Firewalls, Manual Updates, Firmware Version Control, Wrappers, Control Redundancy and Diversity
Network Segmentation
controlling traffic among networked devices to isolate the static environment - VLANS, MAC Address, IP Addresses, TCP/UDP ports
Layering
Protection Mechanism Used to separate functions based on security, only allow communications through specific interfaces
Abstraction
object-oriented programming, “black-box” doctrine, don’t need to know the details of how the object works just how to use it
Data Hiding
data existing at one level of security is not visible to processes running at different security levels
Process Isolation
requires the operating system provide separate memory spaces for each process, prevents reading and writing to other processes
Hardware Segmentation
similar to process isolation but enforces through physical access controls
Principle of Least Privilege
run in user mode whenever possible
Separation of Privilege
least privilege for admins
Covert Channel
method used to pass info over a path not normally used for communication, best way to detect is to analyze audit logs
Covert Timing Channel
alters system component performance or modifies a resources timing
Covert Storage Channel
writes data to a common storage area where another process can read it
Maintenance Hooks
entry points into a system known only by developer (back doors)
Data diddling attack
attacker makes small, random, or incremental changes to data
Salami Attack
stealing small amounts of money from accounts
Time of Check
time at which the subject checks the status of the object
Time of Use
time at which the procedure accesses the object
TOCTTOU
Time of check to time of use- attacker replaces original object with another inbetween TOC and TOU
Faraday Cage
enclosure that acts as an EM capacitor
Critical Path Analysis
define necessary supporting elements for operations
Technology Convergence
systems merge over time and perform similar or redundant
A proper level of security must be planned and designed before __________
construction begins
Administrative Physical Security Controls
facility construction, site management, awareness training, emergency response…
Technical Physical Security Controls
access controls, CCTV, IDS, HVAC, etc.
Physical Physical Security Controls
fencing, lighting, locks, dogs, guards, etc.
Functional order of physical security control types
- Deterrent
- Denial
- Detection
- Delay
MTTF
Mean time to failure - expected typical functional lifetime of the device
MTTR
Mean Time to Repair - time to repair device
MTBF
Mean time between failures - time between first and any subsequent failures
Premises Wire Distribution Room
Wiring closet
Server rooms should be located at the _____ of the building
Core
Heartbeat Sensor
communication pathway is constantly or periodically checked
TEMPEST Measures (3)
Faraday Cage, White Noise, Control Zone
Control Zone
implementation of either a Faraday Cage or white noise generation or both to protect a specific area in a environment
UPS
Uninterruptible Power Supply - self charging battery
Fault
Momentary loss of power
Blackout
complete loss of power
Sag
Momentary Low voltage
Brownout
Prolonged low voltage
Spike
Momentary high voltage
Surge
prolonged high votlage
Inrush
initial surge of power usually associated with connecting to a power source
Noise
steady interfering power disturbance or fluctuation
Transient
short duration of line noise disturbance
Clean
nonfluctuating power
ANSI Power Standards for Brownout
allow for 8% drop in power btwn source and facility meter and 3.5% drop between the facility meter and wall outlet
Temp and Humidity for rooms
60-70 degrees F, 40-60% humidity
Abrupt system shutdown happens at ______ static volts
2000
Destruction of data stored on hard drives happens at ____ static volts
1500
Scrambling of monitor displays happens at ______ static volts
1000
Destruction of sensitive circuits happens at ______ static volts
40
Fire Extinguisher Classes
A: Common combustibles; Water, Soda Acid
B: Liquids; CO2, Halon, Soda Acid
C: Electrical; CO2, Halon
D: Metal: Dry Powder
Wet Pipe System
always full of water, immediate discharge
Dry Pipe System
contains compressed air, discharges water
Deluge System
dry pipe, larger amount of water
Preaction System
combination dry and wet pipe - most approriate to use
What kind of cryptography does SSL/TLS use?
Hybrid but Asymmetric over Symmetric
What kind of cyrptography does SSL/TLS use for data exchange?
Symmetric
What kind of cyrptography does SSL/TLS use for key exchange?
Asymmetric
What is the formula for symmetric cryptography?
[N*(N-1)]/2
What is the formula for asymmetric cryptography?
2N
Name the 6 testable asymmetric algorithms
RSA, DSA, ECC, El Gamal, Diffue Hellmen, Knapsack