final exam Flashcards

1
Q

what is a hash function

A

it is a mathematical function that converts a numerical input of arbitrary length into a compressed numerical output of constant size (called message digest or hash value)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what are the applications of hash functions

A

password storage
integrity checks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

(TF) a has function is a psuedo random function

A

TRUE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

what are the three security properties in a hash function

A

1- pre-image resistance: given a has value, it should be hard to find a message to produce that hash value
2- second pre-image resistance: given a message, it should be hard to find another message to produce the same hash value
3- collision resistance: it should be hard to find any two messages that produce the same message value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

what is the birthday paradox, and how can it be leveraged?
how can it be avoided? (5)

A

the birthday paradox states that in a room of 23 individuals, the probability of 2 having the same birthday is almost 50%. this can be leveraged to find collisions in a hash function

to avoid the birthday attack:
- use larger output size
- use a different cryptographic technique
- use a salt
- use a keyed hash function
- use multiple hash functions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

what does sha stand for

A

Secure hash algorithm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

what are the 3 security goals

A

data privacy: adversary should not be able to read message M
data integrity: adversary should not be able to modify message M
data authenticity: message M should really be from Alice

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

how does bit flipping affect CTR and CBC modes

A

CTR: flips a bit in plaintext
CBC: disrupts all the plaintext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

what is a MAC, and how does it differ from a basic hash function

A

Message authentication codes is a function that accepts arbitrary length message and a key and provides an output that act as fixed length code/tag
the receiver accepts or rejects a message based on these codes
we must MAC a message then encrypt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

what are the limitations of MAC, how can they be overcome

A

establishment of shared secret
inability to provide non-repudiation: since a third party cannot compute the MAC, we cannot tell if it was sent by A or forged by B

they can be overcome by public key based digital signatures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

what is authenticated encryption

A

an explicit block cipher mode that combines encryption and MAC operations
it takes plaintext, encryption key and MAC key and produces ciphertext and authentication tag
it outputs an error if the tag is invalid in decryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

what is a reduced set of residues, and what is the name of the number of elements in the reduced set

A

is a set of numbers that are relatively prime to n (only prime factors)

Euler Totient function

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

why was public key cryptography developed? (2)

A

key distribution: how to have secure conversations in general without having to trust your KDC with your key
digital signatures: how to verify that a message comes intact from the original sender

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

what are some applications of public key cryptography (3)

A

encryption/decryption
key agreement/exchange
digital signature

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

what methods can be used to distribute public keys (4) briefly describing each

A
  • public announcement
    user broadcasts the key to a community. major weakness is forgery where anyone can claim to be the person they want while broadcasting
  • publicly available directory
    users register to a secure online directory
    contains {name, public key} entries
    can replace key at any time
  • public-key authority
    improve security by tightening over control of distribution of keys directory
  • public-key certificates
    certificates allow key exchange without real time access to key authority. it binds identity to a public key with all contents signed by a trusted public key or certificate authority (CA)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

what is a public key infrastructure (PKI)

A

the set of hardware, software, people, policies and procedures needed to create, manage, store, distribute and revoke digital certificates based on asymmetric cryptography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

what is a digital certificate

A

a claim made by a CA
says what the server’s public key is
signed by the signing key of the certificate’s authority

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

what are the certificate fields (7)

A

serial number
subject identity
public key
signing algorithm
issuer identity
validity period
signature

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

what are the reasons for certificates revocation? (4)

A

company gets hacked (and there private key is compromised)
CA gets hacked
new business/affiliation name
company goes out of business

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

what purposes does a digital signature serve

A

authentication
non-repuditation
integrity

21
Q

what is entropy

A

refers to the measure of randomness and unpredictability of a system

22
Q

what is the reason for using uniform random numbers in key generations

A

1- Brute force attacks on keys are very hard
2- if both ends of an RSA chose the same prime number, it would lead to a vulnerability

23
Q

How does a CSPRNG work. mention the security properties

A

a cryptographically secure pseudorandom number generator works by starting from an initial state s. the f function generates a new state iteratively and every state is then passed to a one way h function that acts as the output r

h is one way and shouldnt be able to guess s from r
f is one way and shouldn’t be able to guess si from si+1

24
Q

how to make brute force attacks even more difficult

A

discrete log based key/signature (q≥2b) (group size q => number of elements in a finite group)
finding x in g^x=hmodp where g, h and p are given

Elliptic curve key/signature (q>2b)

RSA key/signature
grows much faster than the others (128 -> 256 grows 15x)

hash (q>2b due to collisions q>b if we dont care about collisions)

25
Q

what is the minimum security level allowed by NIST

A

used to be 80 bits now its 112

26
Q

what are the factors for authentication (3)

A

something you have (token, smartcard)
something you know (password)
something you are (biometric)

27
Q

what are the (2) pros and (3) cons of a password

A

Pros:
inexpensive
simple

Cons:
have to generate them securely
have to store them securely
have to remember them

28
Q

how to calculate entropy in bits

A

entropy = log⁡2(NumberofPossibleCombinations) in bits.

29
Q

what is the use of a PBKDF2 and how does it work

A

a password based key derivation function is a key stretching algo and is used to make rainbow attacks computationally expensive

it takes the following inputs:
passphrase/klen/iterations (>1000) salt)

concatenates the salt to the passphrase value and hashes multiple iterations. the final value is then truncated to match the key length

30
Q

what is scrypt, list 2 pros and 2 cons

A

Scrypt is a cryptographic key derivation function designed to be memory intensive

Pros:
memory hard
becoming popular

Cons:
new and not well understood
difficult to understand and analyze

31
Q

what key stretching algorythms should be used today

A

PBKDF
scrypt
bcrypt

32
Q

what is a downgrade attack

A

an attack that seeks to cause a connection, protocol or cryptographic algorithm to drop to an older, less secure version

33
Q

what is a TLS and what does it provide

A

widely deployed security protocol just above the transport layer

it provides:
confidentiality: symmetric encryption
integrity: cryptographic hashing
authentication: public key encryption

34
Q

what are the 4 phases of a TLS handshake

A

establish security capabilities
authentication and public key exchange
secret key exchange and delivation
finish

35
Q

what are the components of a ciphersuit

A

Key agreement
signature scheme
block cipher and mode of operations
hash functions

36
Q

list the SSL TLS history

A

ssl:
1.0: not released
2.0: 1995, possible downgrade attacks (MITM), disallowed at 2011 (not published)
3.0: 1996, major redesign, SHA1 introduction, POODLE attack (first published)

TLS
1.0: 1999 different key delivation funcitons
1.1: 2006, better IV handling, mitigates CBC mode attacks
1.2: 2008, SHA256, AES-GCM
1.3: 2015

37
Q

what is contained in a phase 1 client hello and a server hello

A

client hello
highest SSl/TLS supported
highest cipher suits supported
client nonce
session ID

server hello
highest SSL/TLS supported
appropriate cipher suite
server nonce

38
Q

what is the ECDHE

A

eliptic curve deffi helman encryption

39
Q

what is a DSA/ECDSA

A

digital signature algorithm
eliptic curve DSA

40
Q

what is EDE

A

encrypt decrypt encrypt

41
Q

what happens in phase 2 of a TLS

A

server sends certificate message
server sends public key and signature (if using DHE/ECDHE)

client checks certificate chain and signature PK

42
Q

what happens in phase 3 of a TLS

A

1) Exchange pre-master secret:
if using RSA:
client generates 48 byte premaster secret, encrypts with the server’s public key and sends it over

if using DHE/ECDHE
both parties compute shared secret

2) derive master secret

3) derive symmetric keys (session keys)

43
Q

what are the 4 keys in a TLS? how are they created

A

Kc: encryption key for data sent from client to server
Mc: MAC key for data sent from client to server
Ks: encryption key for data sent from server to client
Ms: MAC key for data sent from server to client

44
Q

how to generate a master secret

A

PRF(pre-master-secret, “master secret”, CLIENTHELLO.random, SERVERHELLO.random)[0..47]

PRF: pseudo random function

45
Q

how to generate the key block in TLS (cryptographic key)

A

PRF(SECURITYPARAMETERS.master-secret, “key expansion”, SECURITYPARAMETERS.server_random+SECURITYPARAMETERS.client_random)

46
Q

what happens in a stage 4 TLS handshake

A

parties exchange an HMAC’d copy of the entire transcript to prevent a series MITM attacks

PRF(master-secret, finished-label, Hash(handshake-message))

server sends back an ecrypted session key

if the hashed values match, encrypted communication takes place

47
Q

what are the components of a TLS record encrypted message

A

length, data, MAC

48
Q

how does a TLS record encryption work

A

break teh data stream into blocks

MAC the data fragment and concatenate at the end of each block

concatenate all new blocks

encrypt the stream