Final Deck Flashcards
What are the four kinds of attackers?
- Rogue hackers
- Organized crime
- Insider threat
- Nation states
Rogue hackers
Hackers not affiliated with an organized group. Usually hacking on a moral basis or political agenda.
Doxxing
The practice of revealing private information publicly
Organized crime
Organized group attacking bigger targets. Ex. Bank theft, SWIFT hack.
Insider threat
Threat of hacker working within a corporation. Ex. Edward Snowden
Nation states
Countries using their resources to attack another country or corporation. Ex. Stuxnet.
What are the four aspects of good cryptography?
- Confidentiality
- Integrity (ensure contents haven’t been tampered with)
- Authenticity (prove who a message came from / who performed transaction)
- Non-repudiation (ensure party can’t back out of a transaction)
True or false: IP packets are encrypted by default
FALSE! They’re plaintext, like sending a postcard.
True or false: My computer’s communication is by default broadcast across the entire network.
True! Like the old telephones. Our computers can run in promiscuous mode and record other packets.
How was crypto classified historically?
As a munition until the 1990s when businesses needed to be able to encrypt their data.
What is the idea of crypto wars?
Gov wants special access to tech, and companies believe this makes the tech less secure. Ex. San Bernadino shooter –> FBI asking for backdoor.
Cryptography vs. cryptanalysis
Cryptography is the science of creating uncrackable codes. Cryptanalysis is the science of cracking them. Cat and mouse game!
Cryptology
Umbrella term covering cryptanalysis and cryptography
Steganography
The art of concealing information (NOT encrypting).
If I shave CJ’s head and write a message to her parents on her scalp, which “-ography” am I using?
Steganography. The information is hidden, but not encrypted.
If I write a secret letter to nacho in lemon juice and scramble the letters using a key, which “-ography” am I using?
Both steganography (writing in lemon juice) and cryptography (scramble the letters).
What are the two types of cryptography?
Substitution and transposition
I want to see Jeremy at Koelbel at 4:30. I write a letter to him saying “Teme ta lebelok ta rofu iytrhit” what type of cryptography am I using?
Transposition! I didn’t substitute any letters, I just moved them around.
Using substitution of a mod 28 alphabet and key = 15, what does the word “rat” become?
r (18) + 15 = 33 - 28 = 5
a (1) + 15 = 16
t (20) + 15 = 35 - 28 = 7
epg
Scytale
A stick with a certain number of sides. Wrap leather band with letters around stick to see message
A scytale is a form of ancient (transposition/substitution)
Transposition
How does the Caesar cypher differ from the Vignere cypher?
The Caesar cypher is much simpler and uses a fixed key to substitute letters. The Vignere cypher changes each letter differently.
What was Claude Shannon’s discovery?
He demonstrated that substitution and transposition, sufficiently combined, yield encrypted data that is indistinguishable from random data.
What is Kerckhoff’s Principle for encryption?
The secret is in the key, not the algorithm. Think of a door lock! It doesn’t matter if you know who makes the lock.
What is the opposite of Kerckhoff’s Principle?
Security through obscurity. Ex. DVD developed their own crypto.
What are three time tested public algorithms we discussed?
DES encryption
AES encryption
Diffie-Hellman (asymm key exchange, not encryption)
RSA (NSA has paid them off)
Where is Diffie Hellman used?
All web browsers for sites that use SSL. DH is used in the key exchange.
Keyspace
The set of all possible keys
What is the DES keyspace?
56-bit key, so 2^58. Originally had 128-bit, but NSA influenced them to weaken.
What is the AES keyspace
128-bit key, so 2^128. Assuming 350B guesses per second, it would take 1.2B times longer than age of the universe to crack.
What did Tesla do wrong in creating their key fob?
They used a proprietary crypto algorithm with only a 40-bit key. Could be cracked in seconds.
What are the three requirements for a one-time pad?
- Must be perfectly random
- Pad must be as long as the message
- Must be used only once
Should you trust a software product claiming to use one-time pads?
No! Computers are bad at generating random numbers.
Pseudo-random number generators (PRNG) and examples
Introducing entropy into the equation to generate more random numbers. Ex. move mouse around to create key, Cloudflare lava lamp and camera.
How does XOR work?
XOR: Exclusive OR. So if two inputs are (1 and 0) or (0 and 1) then output is 1. Otherwise output is 0. Not AND.
Block vs. stream ciphers
Stream ciphers encrypt data one bit at a time.
Block ciphers use transposition to move blocks to other same-size locations in a way that appears random.
Is block cipher encryption more efficient that steam cipher encrypting?
Yes! Block cipher is more efficient but not as secure.
Are AES and DES block or stream ciphers?
Block ciphers
Electronic Code Book (ECB) vs. Cipher Block Chaining (CBC)
ECB encrypts every block the same way every time - info can be gained through freq. analysis (you can see the penguin).
CBC uses XOR on plaintext with last encrypted block, requires an initialization vector.
What’s the initialization vector (IV) used in CBC?
IV is needed to create the first encrypted block. First encrypted block used for second, and so on…
What part of InfoSec can be equated to a digital fingerprint?
Hashing. It provides integrity!
What is hashing useful for?
Ensuring files are unchanged in transmission. Compare hashed file before and after transmission.
How should you store passwords on your database?
Store hashed passwords!
What’s another name for a hash and why does it have this name?
Message digest (md) bc a hash digests input of any size –> fixed-size output.
Avalanche effect
One small change to the input completely changes the output (hash)
Collision resistance
Two different inputs can’t have the same output (hash)
In the birthday question, how many people do we need to get a 50% chance of collision?
2^n = 365 –> n = 8.51. 2^n/2 –> 50% chance of collision. Only 2^4.2 which is about 23 people.
What did Flame malware do?
Performed an MD5 hash collision to hijack Microsoft server, MD5 was known to be broken! Had to be found within a millisecond. Was the work of Equation Group (NSA TAO)
How did Google force companies to switch their encryption to SHA-2 and why?
Chrome showed a warning that the site could be potentially dangerous if it was using SHA-1, which was already cracked. Businesses don’t want that!
What is hashing used for in web surfing?
Hashing is used for the browser SSL to ensure you’re at the site you think you are.
How long has key sharing been a problem?
The history of the world! Up to 1970