final exam

Question 1

what is a hash function

Answer 1

it is a mathematical function that converts a numerical input of arbitrary length into a compressed numerical output of constant size (called message digest or hash value)

Question 2

what are the applications of hash functions

Answer 2

password storage
integrity checks

Question 3

(TF) a has function is a psuedo random function

Answer 3

TRUE

Question 4

what are the three security properties in a hash function

Answer 4

1- pre-image resistance: given a has value, it should be hard to find a message to produce that hash value
2- second pre-image resistance: given a message, it should be hard to find another message to produce the same hash value
3- collision resistance: it should be hard to find any two messages that produce the same message value

Question 5

what is the birthday paradox, and how can it be leveraged?
how can it be avoided? (5)

Answer 5

the birthday paradox states that in a room of 23 individuals, the probability of 2 having the same birthday is almost 50%. this can be leveraged to find collisions in a hash function

to avoid the birthday attack:
- use larger output size
- use a different cryptographic technique
- use a salt
- use a keyed hash function
- use multiple hash functions

Question 6

what does sha stand for

Answer 6

Secure hash algorithm

Question 7

what are the 3 security goals

Answer 7

data privacy: adversary should not be able to read message M
data integrity: adversary should not be able to modify message M
data authenticity: message M should really be from Alice

Question 8

how does bit flipping affect CTR and CBC modes

Answer 8

CTR: flips a bit in plaintext
CBC: disrupts all the plaintext

Question 9

what is a MAC, and how does it differ from a basic hash function

Answer 9

Message authentication codes is a function that accepts arbitrary length message and a key and provides an output that act as fixed length code/tag
the receiver accepts or rejects a message based on these codes
we must MAC a message then encrypt

Question 10

what are the limitations of MAC, how can they be overcome

Answer 10

establishment of shared secret
inability to provide non-repudiation: since a third party cannot compute the MAC, we cannot tell if it was sent by A or forged by B

they can be overcome by public key based digital signatures

Question 11

what is authenticated encryption

Answer 11

an explicit block cipher mode that combines encryption and MAC operations
it takes plaintext, encryption key and MAC key and produces ciphertext and authentication tag
it outputs an error if the tag is invalid in decryption

Question 12

what is a reduced set of residues, and what is the name of the number of elements in the reduced set

Answer 12

is a set of numbers that are relatively prime to n (only prime factors)

Euler Totient function

Question 13

why was public key cryptography developed? (2)

Answer 13

key distribution: how to have secure conversations in general without having to trust your KDC with your key
digital signatures: how to verify that a message comes intact from the original sender

Question 14

what are some applications of public key cryptography (3)

Answer 14

encryption/decryption
key agreement/exchange
digital signature

Question 15

what methods can be used to distribute public keys (4) briefly describing each

Answer 15

• public announcement
  user broadcasts the key to a community. major weakness is forgery where anyone can claim to be the person they want while broadcasting
• publicly available directory
  users register to a secure online directory
  contains {name, public key} entries
  can replace key at any time
• public-key authority
  improve security by tightening over control of distribution of keys directory
• public-key certificates
  certificates allow key exchange without real time access to key authority. it binds identity to a public key with all contents signed by a trusted public key or certificate authority (CA)

Question 16

what is a public key infrastructure (PKI)

Answer 16

the set of hardware, software, people, policies and procedures needed to create, manage, store, distribute and revoke digital certificates based on asymmetric cryptography

Question 17

what is a digital certificate

Answer 17

a claim made by a CA
says what the server’s public key is
signed by the signing key of the certificate’s authority

Question 18

what are the certificate fields (7)

Answer 18

serial number
subject identity
public key
signing algorithm
issuer identity
validity period
signature

Question 19

what are the reasons for certificates revocation? (4)

Answer 19

company gets hacked (and there private key is compromised)
CA gets hacked
new business/affiliation name
company goes out of business

Question 20

what purposes does a digital signature serve

Answer 20

authentication
non-repuditation
integrity

Question 21

what is entropy

Answer 21

refers to the measure of randomness and unpredictability of a system

Question 22

what is the reason for using uniform random numbers in key generations

Answer 22

1- Brute force attacks on keys are very hard
2- if both ends of an RSA chose the same prime number, it would lead to a vulnerability

Question 23

How does a CSPRNG work. mention the security properties

Answer 23

a cryptographically secure pseudorandom number generator works by starting from an initial state s. the f function generates a new state iteratively and every state is then passed to a one way h function that acts as the output r

h is one way and shouldnt be able to guess s from r
f is one way and shouldn’t be able to guess si from si+1

Question 24

how to make brute force attacks even more difficult

Answer 24

discrete log based key/signature (q≥2b) (group size q => number of elements in a finite group)
finding x in g^x=hmodp where g, h and p are given

Elliptic curve key/signature (q>2b)

RSA key/signature
grows much faster than the others (128 -> 256 grows 15x)

hash (q>2b due to collisions q>b if we dont care about collisions)

Question 25

what is the minimum security level allowed by NIST

Answer 25

used to be 80 bits now its 112

Question 26

what are the factors for authentication (3)

Answer 26

something you have (token, smartcard)
something you know (password)
something you are (biometric)

Question 27

what are the (2) pros and (3) cons of a password

Answer 27

Pros:
inexpensive
simple

Cons:
have to generate them securely
have to store them securely
have to remember them

Question 28

how to calculate entropy in bits

Answer 28

entropy = log⁡2(NumberofPossibleCombinations) in bits.

Question 29

what is the use of a PBKDF2 and how does it work

Answer 29

a password based key derivation function is a key stretching algo and is used to make rainbow attacks computationally expensive

it takes the following inputs:
passphrase/klen/iterations (>1000) salt)

concatenates the salt to the passphrase value and hashes multiple iterations. the final value is then truncated to match the key length

Question 30

what is scrypt, list 2 pros and 2 cons

Answer 30

Scrypt is a cryptographic key derivation function designed to be memory intensive

Pros:
memory hard
becoming popular

Cons:
new and not well understood
difficult to understand and analyze

Question 31

what key stretching algorythms should be used today

Answer 31

PBKDF
scrypt
bcrypt

Question 32

what is a downgrade attack

Answer 32

an attack that seeks to cause a connection, protocol or cryptographic algorithm to drop to an older, less secure version

Question 33

what is a TLS and what does it provide

Answer 33

widely deployed security protocol just above the transport layer

it provides:
confidentiality: symmetric encryption
integrity: cryptographic hashing
authentication: public key encryption

Question 34

what are the 4 phases of a TLS handshake

Answer 34

establish security capabilities
authentication and public key exchange
secret key exchange and delivation
finish

Question 35

what are the components of a ciphersuit

Answer 35

Key agreement
signature scheme
block cipher and mode of operations
hash functions

Question 36

list the SSL TLS history

Answer 36

ssl:
1.0: not released
2.0: 1995, possible downgrade attacks (MITM), disallowed at 2011 (not published)
3.0: 1996, major redesign, SHA1 introduction, POODLE attack (first published)

TLS
1.0: 1999 different key delivation funcitons
1.1: 2006, better IV handling, mitigates CBC mode attacks
1.2: 2008, SHA256, AES-GCM
1.3: 2015

Question 37

what is contained in a phase 1 client hello and a server hello

Answer 37

client hello
highest SSl/TLS supported
highest cipher suits supported
client nonce
session ID

server hello
highest SSL/TLS supported
appropriate cipher suite
server nonce

Question 38

what is the ECDHE

Answer 38

eliptic curve deffi helman encryption

Question 39

what is a DSA/ECDSA

Answer 39

digital signature algorithm
eliptic curve DSA

Question 40

what is EDE

Answer 40

encrypt decrypt encrypt

Question 41

what happens in phase 2 of a TLS

Answer 41

server sends certificate message
server sends public key and signature (if using DHE/ECDHE)

client checks certificate chain and signature PK

Question 42

what happens in phase 3 of a TLS

Answer 42

1) Exchange pre-master secret:
if using RSA:
client generates 48 byte premaster secret, encrypts with the server’s public key and sends it over

if using DHE/ECDHE
both parties compute shared secret

2) derive master secret

3) derive symmetric keys (session keys)

Question 43

what are the 4 keys in a TLS? how are they created

Answer 43

Kc: encryption key for data sent from client to server
Mc: MAC key for data sent from client to server
Ks: encryption key for data sent from server to client
Ms: MAC key for data sent from server to client

Question 44

how to generate a master secret

Answer 44

PRF(pre-master-secret, “master secret”, CLIENTHELLO.random, SERVERHELLO.random)[0..47]

PRF: pseudo random function

Question 45

how to generate the key block in TLS (cryptographic key)

Answer 45

PRF(SECURITYPARAMETERS.master-secret, “key expansion”, SECURITYPARAMETERS.server_random+SECURITYPARAMETERS.client_random)

Question 46

what happens in a stage 4 TLS handshake

Answer 46

parties exchange an HMAC’d copy of the entire transcript to prevent a series MITM attacks

PRF(master-secret, finished-label, Hash(handshake-message))

server sends back an ecrypted session key

if the hashed values match, encrypted communication takes place

Question 47

what are the components of a TLS record encrypted message

Answer 47

length, data, MAC

Question 48

how does a TLS record encryption work

Answer 48

break teh data stream into blocks

MAC the data fragment and concatenate at the end of each block

concatenate all new blocks

encrypt the stream