indentification

Question 1

1 reason why does a service provider need to track the identity of users requesting its services

Answer 1

the user identity is a parameter in access control decision

user identities aren’t always necessary to access control

Question 2

2nd reason why does a service provider need to track the identity of users requesting its services

Answer 2

the user identity is recorded when logging security relevant events in an audit trail
identities are more useful in audit logs, for accountability

Question 3

entity authentication

Answer 3

process where one party is assured on the identity of a second party in protocol

Question 4

objectives of entry authentication

Answer 4

1. honest participant A can successfully authentication itself to the verifier B
2. Transferability: B can’t re-use A’s identification to impersonate A to another party
3. the probability that a third party C, distinct from A, playing the role of A, can cause B to accept A’s identity is negligible

Question 5

what is a relay attack

Answer 5

alice pays bob, bob thinks he’s sending alice’s payment info to alice, but really he’s sending it to chloe, who’s impersonating alice (relays authentication credentials) . Chloe sends that shit to dennis, the menace. Like, chloe? Chloe.

Question 6

what is a relay attack also called

Answer 6

also called a mafia fraud attack

Question 7

what is WEAK and SIMPLE authentication

Answer 7

password based
unilateral, meaning one entity proves its identity to the verifier
proves knowledge of the secret by giving up the secret

Question 8

what is strong authentication

Answer 8

• Involves mutual authentication; both parties take both the roles of claimant and verifier:
• Challenge-response protocols: sequence of steps to prove knowledge of shared secrets.
• Prove knowledge of secret WITHOUT giving up the secret

Question 9

salting

Answer 9

Salt is random data that is used as an additional input to a one-way function that “hashes” a password. Salts are used to safeguard passwords in storage. The primary function of salts is to defend against dictionary attacks. basically its a nonce.

Question 10

Password storage security relies on a cryptographic construct called one-way function

Answer 10

A one-way function 𝒇𝒇 is a function that is
relatively easy to compute but hard to
reverse.
• Given an input 𝑥𝑥 it is easy to
compute 𝑓𝑓(𝑥𝑥), but given an output 𝑦𝑦
it is hard to find 𝑥𝑥 so that 𝑦𝑦 = 𝑓𝑓(𝑥𝑥)

Hash functions are an example of one-way
function:
• A hash function 𝑓𝑓 takes an input 𝑥𝑥 of
arbitrary length, and produces an
output 𝑓𝑓(𝑥𝑥) of fixed length.

Question 11

Suppose H is a hash function. We say H satisfies:

Answer 11

 Pre-image resistant if given a hash value 𝑦𝑦, it is computationally infeasible to find 𝑥𝑥 such that 𝐻𝐻(𝑥𝑥) = 𝑦𝑦.
 Collision resistant if it is computationally infeasible to find a pair (𝑥𝑥, 𝑦𝑦) such that 𝑥𝑥 ≠ 𝑦𝑦 and 𝐻𝐻(𝑥𝑥) = 𝐻𝐻(𝑦𝑦).

Question 12

fucking dumb storing plaintext passwords

Answer 12

• Passwords stored in plaintext.
• Claimant’s password is checked against the
database of passwords.
• No protection against insider (system admin) or
an attacker who gains access to the system.
Hence dispute is possible!

Question 13

why are hashed and encrypted passwords good

Answer 13

• Passwords are encrypted, or hashed, and only
the encrypted/hashed passwords are stored.
• Claimant’s password is hashed/encrypted, and
checked against the database of
hashed/encrypted password.
• Some degree of protection against
insider/attacker

Question 14

passwords at the application level, why might it be eksies

Answer 14

passwords may be temporarily held in intermediate storage locations like buffers, caches or web pages

The management of these storage locations is normally beyond the control of the user; a password may be
kept longer than the user has bargained for

Question 15

what are the attacks on passwords

Answer 15

offline guessing attacks like exhaustive attacks and dictionary attacks

phishing and spoofing

Question 16

what is an offiline guessing attack

Answer 16

attack where attacker obtains the hashed passwords, then attempts to guess the passwords

This is a plausible threat, due to:
 many incidents of stolen (hashed) passwords as a consequence of hacks on servers.
 usage of the same passwords across different accounts; so compromise of a password for one account
affects other accounts.

Question 17

what is a brute force attack

Answer 17

Brute force guessing attack against passwords tries to guess password
by enumerating all passwords and their hashes in sequence, and check whether they match the target hashes.
 A measure against brute force attack is to increase the space of possible passwords, e.g., longer passwords, allowing more varieties of symbols (alphabets, numerals, signs).

Question 18

A measure of the strength of passwords against brute-force attack is based on what thing

Answer 18

the concept of entropy from information theory.
it’s log2 of the search space.
so er, like, “ Suppose the set of passwords 𝑋𝑋 is drawn from any 5 character strings, each character
ranges from ‘a’ to ‘z’.=, then search space is 26^5. so entropy is log2(26^5) which is 23.5. I guess bring a calculator.

erm, somehow, the approximate number of guesses needed is 2^23.5. okay I guess mathwise that makes sense when you consider the log

Question 19

how to prevent brute force attack

Answer 19

choose password with high entropy

Question 20

why do we suck at preventing brute force attack

Answer 20

 However, hashed passwords, especially for human-generated passwords, are still vulnerable to dictionary attack.
 This exploits weakness in human-chosen passwords, which tend to derive from words in natural languages.

Question 21

what is the pre computed hash table strategy for cracking hashed passwords

Answer 21

A strategy for cracking hashed passwords is to pre-compute a hash table, containing pairs of passwords and
their hashes.
• If we have 𝑘𝑘 password candidates and each hash has 𝑛𝑛 bit, then we have a table of size 𝑘𝑘 × 𝑛𝑛.
• This may not be practical if 𝑘𝑘 is large.

• Hash tables are often represented using a data structure called rainbow table.
• Not all hashes are stored; some will be computed from the stored hashes.
• Not all hashes are represented.
• Tradeoff between space requirement and query time

Question 22

Salting describe more pl0x

Answer 22

• To reduce the effectiveness of offline attacks using
pre-computed hashes, a salt is added to a password
before applying the hash function.
• A salt is just a random string.
• Each password has its own salt.
• The salt value is stored along with the hash of password+salt.
• So the salt is not secret.
• For a salt of 𝑛𝑛-bit, the attacker needs to precompute 2𝑛𝑛 of hashes for the same password.

Question 23

password policies rap

Answer 23

set a password a mass of words dont let it age
limit the logins and don’t default to basic (preset) names
then tell the user of who(is) trying to get his name
he’s gotta change he’s gotta make up a passphrase
or draw on a interface or he’ll pick some dogs outofa picture frame
pause
then tell he’s got an OTP
what’s an OTP
just one time just tell me

Question 24

alt forms of passwords rap

Answer 24

he’s gotta change he’s gotta make up a passphrase
or draw on a interface or he’ll pick some dogs up outta a picture frame
then tell he’s got an OTP
what’s on OTP
just one time just tell me

Question 25

OTP

Answer 25

 The one-time passwords scheme attempts to address a key weakness in the password-based
scheme: reuse of stolen passwords.
 The idea is to generate a list of passwords, and each password is used only once.
 We’ll discuss one scheme based on Lamport’s one-time passwords.
 Lamport’s scheme uses a one-way function, e.g., cryptographic hash, to generate a sequence of
passwords.

Question 26

phishing and spoofing

Answer 26

TLDR: Im telling secret’s to michael but he’s actually vicky
 Identification and authentication through
username and password provide unilateral authentication.
 Computer verifies the user’s identity but the user has no guarantees about the identity of the party that has received the password.
 In phishing and spoofing attacks, a party voluntarily sends the password over a channel, but is misled about the end-point of the channel.

Question 27

spoofing (as a joke)

Answer 27

fake login screen lol

Question 28

spoofing (as a serious_)

Answer 28

1. Attacker starts a program that presents a fake login screen and leaves the computer.
2. If the next user coming to this machine enters username and password on the fake login screen, these values are captured by the program.
    Login is then typically aborted with a (fake) error message
   and the spoofing program terminates.
    Control returned to operating system, which now prompts the user with a genuine login request.

Question 29

elaborate on counter measures against attacks like phishing and spoofing

Answer 29

I tell the user of who(is) trying to get his name
switch the beat
then I get a trusted path user’s never spoof’d it’s mutual
authentication
pause
see I key your back you key mine
CNTRLALTDELETE is a secure (attention line)

Question 30

Phishing regular

Answer 30

computer says: hi sir enter here upgrade your passwords make it clear

Question 31

phishing social engineering

Answer 31

TLDR: my name is vincent adultman

attacker impersonates ther user to trick a system operator into releasing the password to the attacker.

Question 32

how to protect the password file

Answer 32

Options for protecting the password file:
 cryptographic protection,
 access control enforced by the operating system,
 combination of cryptographic protection and access control, possibly with further measures to slow down dictionary attacks

Question 33

what is access control

Answer 33

1. Only privileged users must have write access to the password file.
   • Otherwise, an attacker could get access to the data of other users simply by changing their password, even if it is protected by cryptographic means.
2. If read access is restricted to privileged users, then passwords in theory could be stored unencrypted.
3. If password file contains data required by unprivileged users, passwords must be “encrypted”; such a file can still be used in dictionary attacks.
   • Thus modern Unix/Linux system hides the actual password file in /etc/shadow that is not accessible to non-privileged users.

Question 34

what are security tokens, say 4 things

Answer 34

offline devices that generate sequencess of seemingly random numbers
the number generation algo is deterministic but it’s dependant on a seed value and a challenge
seed values are secret and shared between the verifier and claimant. Challenges are provided by verifier each time the authentication is requested.
seed values are stored in tamper proof chips inside the tokens.

Question 35

what is the most secure solution for authenticating a person

Answer 35

biometric

Question 36

fingerprint authentication walk through the process

Answer 36

Enrolment: reference sample of the user’s fingerprint is acquired
at a fingerprint reader.
Features are derived from the sample: Fingerprint minutiae: end
points of ridges, bifurcation points, core, delta, loops, whorls, …
For higher accuracy, record features for more than one finger.
Feature vectors are stored in a secure database.
When the user logs on, a new reading of the fingerprint is taken;
features are compared against the reference features.

Question 37

what are the two purposes of biometric authentication

Answer 37

identification: 1:n comparison tries to indentify the user from a database of n people
Verification: 1:1 comparison checks whether there is a match for a given user

Question 38

talk about acceptance in biometric authentication

Answer 38

user is accepted if match is above a predefined threshold

Question 39

false match rate

Answer 39

number of successful false matches / number of attempted false matches

Question 40

false non match rate

Answer 40

number of rejected genuiine matches/ number of attempted genuine matches

Question 41

equal error rate

Answer 41

when FMR and FNMR are equal.

Currently, the best state-of-the-art fingerprint recognition schemes have an EER of about 0.5 - 2%

Question 42

what is neelu and 50Cent rapping on an song tgt about fingers

Answer 42

Currently, the best state-of-the-art fingerprint recognition schemes have an EER of about 0.5 - 2%

Question 43

how fingerprints have been stolen

Answer 43

In general, may be unique but they
are no secrets.
• In September 2013, hackers show
how to lift fingerprints from
iPhone 5s. Similar attacks also
apply to Samsung S5 phone.

Rubber fingers have defeated many
commercial fingerprint recognition
systems in the past.
• Minor issue if authentication takes
place in the presence of security
personnel.
• When authenticating remote users
additional precautions have to be
taken to counteract this type of
fraud.