don't use Flashcards
Digital signature require what?
Public Key infrastructures (PKI)
X.509 V.4 is for what?
Certificate Standard
HMAC
Hashed Message Authentication Code (no PKI Used)
Certificates are Digitally signed by who?
(CA) Certificate Authority
The steps in a SSL / TLS connection?
- The client makes a SSL Session
- The Server provides its Certificate with its public key
- the client encrypts with the servers public key
- the server decrypts wit it’s private key.
Main Hashing Algorithms and bit size
- MD-5 128 bits
- SHA-1 160 Bits
- SHA-256 256 Bits
OCSP ?
Online Certificate Status Protocol
( Certificate Revocation)
How to tell if a Certificate has been Revoke
- Online Certificate Status Protocol (OCSP)
2. CRL (downloadable list from CA)
Two Documents produce the same Hashed # ?
A collisions
An Attempt to Cause Collisions
Birthday Attacks (Hashing)
Certificates help to prevent what ?
Man in the middle attacks
Symmetric Stream Crypto
RC-4 Used on WEP
4 parts of the Public Key infrastructures (PKI)
- (CA) Certificate Authority
- (RA) Registration Authority
- Certificate Repository
- Certificate Revocation list
A Very Efficient Crypto?
ECC Elliptical Curve Cryptography
what Cryptography is used on Low CPU powered devices?
ECC Elliptical Curve Cryptography
Secure Key-Agreement Without Pre-shared Secrets
Diffie Hellman
First Asymmetric Algorithm
Diffie Hellman
Use Factorization
RSA use a Trap-Door function for it
Digital signature use what Algorithm
RSA
What are the 6 Asymmetric Algorithm
- RSA
- DSA
- ECC = Elliptical Curve Cryptography
- El Gamall
- DH = Diffie Hellman
- Knapsack
Bulk Encryption use What Cryptography Type?
Symmetric
Cryptography used for Key Encryption and distribution
Asymmetric
Asymmetric Algorithm Key Formula
2N
Symmetric Algorithm Key Formula
N=(N-1) /2
SSL / TLS use what for Key Exchange
Asymmetric Algorithm
SSL / TLS use what for Data Exchange
Symmetric Algorithm
In Asymmetric How do we get Authenticity?
Senders Private Key
In Asymmetric How do we get Non-Repudiation?
Hash Encrypted by Senders Private Key
In Asymmetric How do we get Privacy?
Receivers’s Public Key
What is a Digital signature made with?
A hash with the Sender’s Private Key
A Private Key Crypto?
Asymmetric
IDEA
Used by PGP
An Symmetric Algorithm &
Block Algorithm
3DES
Algorithm type?
Block or stream?
# of rounds?
Symmetric Algorithm
Block Algorithm
48 Rounds
3DES was replaced by?
AES
BlowFish
Algorithm type?
Block or stream and size?
# of rounds?
Symmetric Algorithm
Block Algorithm
64-bit block size
48 Rounds
BlowFish
Algorithm type?
Block or stream and size?
# of rounds?
Symmetric Algorithm
Stream Algorithm
no rounds
Symmetric Algorithm only gives you what?
Privately
Stream Ciphers use What?
XOR
XOR
if values are:
A like = 0 value
Different = 1 value
Block Crypto have to be what type of Algorithm ?
Symmetric Algorithm
Symmetric Block Algorithms are?
- AES - Standard
- 3DES - More cpu intenced (slower)
- P2P - IDEA used in mail
the slower Algorithm is?
Asymmetric
Other names for Symmetric Algorithm?
- Private Key
- Secret Keys
- Share Keys
- Session Keys
Shared Key Crypto?
Symmetric Algorithm
Kerchoff’s Principle Means?
Keep the Key Secret, The algorithm is Publicly known. ** Openness **
What is Diffusion in Block cipher ?
Transposition
*** Plain Text is Added with the Cipher text
What is Confusion in Block cipher ?
Relates to Subtitution
** Good Strong Math)
Diffusion and Confusion is used in what?
Symmetric Algorithm Block cipher
Two Primary Attributes To Symmetric Algorithm Block cipher?
Diffusion and Confusion
Another way to say Cipher?
Algorithm
The 5 Desirable qualities of an Algorithm
- Diffusion
- Confusion
- Avalanche = A charter change Cascades through the text
- Permutations = Rounds
- openess = Kerchoff’s Principle
Algorithm rounds are also called ?
Permutations
Sue-do Randam Numbers is also called?
Initialization Vector
Security Services provided by Cryptography?
P = Privacy A= Authenticity I = Integrity N= Non-Repubiation
Authenticity does what?
Verifies the Claimed Identity
The 4 Requirements for Vernam Cipher (one Time Pad)
- The Key must be used only once.
- The Pad Must be al least as long as the Message
- Key Pad is Statistically Unpredictable
- The key Pad must be delivered and stored securely.
The only unbreakable Mathematically cryptography is?
Vernam Cipher (One Time Pad)
The Cipher that the first letter of the key is matched up against the first letter of the message?
Polyalphabetic Cipher
VIGNERE
First Polyalphabetic Cipher ?
VIGNERE
A cipher that was wrapped rounded a rod?
Scytale The size (diameter) of the rod was the secret key
A cipher that are subject to pattern analysis
Substitution Ciphers
Caesar Cipher
Caesar Cipher was what type of Cipher?
Substitution Cipher shift characters (3) spaces
The Security Model That Protects Integrity?
BIBA Model and Clark-Wilson
The Security Model That enforces well-formed transactions?
Clark-Wilson
Clark-Wilson uses what for Separation of duties?
API’s
The Main stream Security Mode is ?
Clark-Wilson
NON-DOD
the Down Data’s Dirty is what Security Mode?
BIBA Model
- Integrity Axiom means what?
NO Write UP
BIBA Model
The Processor Functions in What Ring?
Ring 3
What Ring is the User Mode in?
Ring 3
What Ring is the Privileged Mode in?
Ring 0
The 5 types of CPU executions?
- Multi programming (windows 3.1)
- Multitasking
- Multitheading
- Multiprocessing
- Multi-core processors
The Two types of Multitasking?
Cooperative
Preemptive
Cooperative Multitasking does not do what?
no isolation of the individual processes
Very high speed memory used for storage by the CPU is called?
Registers
Execution or CPU Cycle is when?
The Control Unit and ALU performs the mathematical or logical operations on the DATA
Used by the Processor to keep track of which instruction code have been processed and what ones will be processed next
Instruction Pointer
CPU Fetch?
When the Control unit gets the instructions from the System Memory.
The 4 CPU cycles?
- Fetch
- Decode
- Execute
- Store
TCB ?
Trusted Computer Base
It secures the cpu, memory, OS Kernel and Firmware.
It Delineates the trusted and untrusted components within a computer system
Security Perimeter
*** It Isolates the TCB
Isolates the Trusted Computer Base (TCB)?
Security Perimeter
Security Kernel
The Enforcer
Enforces the Reference Monitor Concept
performs the mathematical or logical operations on the DATA it gets from memory
ALU
What are the 3 Elements of the Trusted Computer Base (TCB)
- Security Perimeter
- Reference Monitor
- Security Kernel
Is an Abstract Machine concept that mediate ALL access between SUBJECTS and OBJECTS
Reference Monitor
THE Rules
Windows 10 Falls under what TCSEC Level
C
the operation Mode that use a Reference Monitor to control Access?
Multilevel
Operation Mode that enforces an AIRGAP
Dedicated
Which Security Feature prevents an Covert Channel?
NON Interference
Called the Orange Book
TCSEC
Trusted Computer System Evaluation Criteria
TCSEC
Trusted Computer System Evaluation Criteria
NO Read Down and No Write UP, is what Security Model?
BIBA Model
What Model uses ALPHA, BETA GAMMA
The Lattice-Based Access Controls
What security model does not prevent unauthorized alterations of High-Level Data?
Bell-Lapadula Model
NO READ UP and NO Write DOWN is what Security Model?
Bell-Lapadula Model
what Security Model protects Confidentialy?
Bell-Lapadula Model
Simple Security Property is ?
NO READ UP
- Security Property is ?
NO WRITE Down
Strong * Property is
NO READ / Write UP or Down
A Security Model will dictate what?
How a system will enforce security
The main security models are?
- Bell-Lapadula
- BIBA
- Clack-Wilson
Static Ram is used For?
CACHE
It uses a specific voltage to indicate a Bit Value of 1
Flash memory
Ram that looks ahead, and fetches the next block at the same time?
(EDO DRAM)
Extended Data Out DRAM
RAM the Synchronizes it self with the cpu clock for faster communucations?
Synchronous DRAM (SDRAM)
Makes up the Majority of computer RAM
DRAM
RAM that does not need to be continuously refreshed?
STATIC RAM (SRAM)
SRAM
STATIC RAM
RAM that need to be continuously refreshed?
DRAM = Dynamic RAM
DRAM
Dynamic RAM
Memory speed is represented in?
NS = Nanoseconds
Lower the NS the faster the Memory is.
The Two modes that Multi-processing units can operate in?
Symmetric
Asymmetric
The Symmetric Multi-processing mode
All processors are load balanced
(most common)
The Asymmetric Multi-processing mode
The processors can be completely dedicated to a task or application.
The Multi-processing mode used if Time-sensitivity is a must.
Asymmetric
The CPU Mode that allows anything to happen?
Kernel / privilege mode
privilege mode is also called?
Kernel mode or supervisor mode
user mode is also called?
problem state
The two CPU Mode?
privilege mode
User Mode
What is a list of pointers to process called?
Stack
Where is the Stack Pointer and program counter Helded at?
Special Registers
What Register points to the next instructions to be Executed?
Program Counter register
What are the 3 types of Registers?
- General Registers
- Program Counter Registers
- Special Registers
Inside of a Computer is called?
ALU
ALU
Algorithmic Logic Unit (ALU)
What are the different View of an overall System?
- Functionality
- performance
- Interoperability
- Security
A collection of Document types to Document an Architecture in a formal manner?
(AD) Architecture Description
What Register holds variables and temporary results that the ALU will use as it executes instructions?
General Registers
PSW?
Program stats word
What is held in the special Registers?
(PSW) Program stats word
What component retains stored Data longer when cooled?
RAM
EEPROM
Electrically Erasable Programmable read only Memory
EPROM
Erasable Programmable read only Memory
what type of memory Uses a light to flash
(EPROM) Erasable Programmable read only Memory
PROM
Programmable read only Memory
what type of memory and only be written once?
(PROM) Programmable read only Memory