Midterm 1 Flashcards
What does STRIDE stand for?
Spoofing user identify Tampering Repudiation Information disclosure (privacy breach or data leak) Denial of service (DoS) Elevation of privilege
What names do they use for the bad guys in computer security? What do they mean?
Eve – eavesdropper (passive attacker)
Mallory – active attacker
Trudy – intruder
What names do they use for the good guys in computer security?
Alice and Bob (no apparent meaning)
What kinds of defenses are there in computer security?
Confidentiality – prevent unauthorized access to data (reading)
Integrity – detect unauthorized modification/creation of data (writing)
Availability – prevent DoS attack, data delivered in timely manner and available when requested.
CIA is the acronym
What two components are there to access control? What do they entail?
Authorization – Is this really Alice or Bob?
Authentication – Does this user have authorization to complete the requested action?
What does repudiation/non-repudiation mean as a computer security threat?
Ability to later deny that an activity took place, or prevent someone from denying that an activity took place. In other words, covering your crimes or framing others for crimes. Involves cryptographic evidence used in court.
What are the three facets (sides) to security?
Prevention
Detection
Reaction
PDR
What is the principle of least privilege?
A system, application, or user should have permissions to do just what it needs to do and no more.
Why should there be redundancy in security?
You should always assume partial failure. Assume one layer of security will not always work. Use firewall, antivirus, disk encryption, and more all on top of each other.
What is an attack tree?
Used to reason about the threats to a system. Root node is the goal of attacker while child nodes are all the ways to achieve that goal. (More child nodes = more risk? Slide isn’t clear.)
What is security through obscurity?
Relying on the secrecy of the design of a system/sub-system as the main source of security. (Closed source code with/using code obfuscation – making it nonsensical?)
What is security through minority?
Using an unpopular tool. Attackers won’t know their way around it.
What does cryptography mean?
Hidden writing
What are the four cryptographic primitives (with acronyms)?
Symmetric Encryption (AES)
Public-Key Cryptography (RSA)
Secure One-Way Hash (SHA-256)
Message Authentication Code (MAC)
Name the three modern, strong encryption ciphers in the slides.
AES
RSA
Salsa20
What does encryption mean?
Transforming information so that its meaning is hidden. Requires “special knowledge” to retrieve.
What is the Caesar Cipher?
Shifting each letter in a message down a fixed number of spaces in the alphabet. (3 shifts right would turn A’s into D’s, D’s into G’s, ect.). Easily broken with a brute force approach. Only 25 different combinations in the English alphabet.
What is the Vigenère cipher
Using many Caesar Ciphers based on a key. Using a table of the alphabet, showing all 26 different combinations in tables and rows, use the row for the plaintext letter and the column of the corresponding key letter. The intersection of the row and column is the ciphertext letter. To decrypt, use the letter in the key to determine the column and find the corresponding letter in the ciphertext in that column. The row you end up on is the plaintext from the original message.
Describe the symmetric encryption model.
Alice and Bob both have the same key to lock and unlock a message. Alice encrypts the message with her key and sends a message to bob. The message is secure on the way to Bob, and then bob decrypts the message with the same key. Bob can now read the plaintext. The key must be kept secret for this to be secure.
What is a cryptographic hash function?
A function that takes data of any size and converts it into a “hash” (unreadable characters) that is a fixed size. This is typically one way and cannot be converted back to its original plaintext. Useful for passwords.
Describe message authentication code (MAC)
A message is sent through a MAC algorithm, which produces a unique output that only that message can produce. The message is sent with its unique output to a destination. The message is then sent through the same MAC algorithm. If the outputs are different, the message is proven different from the original and has been tampered with. Verifies the integrity of a message.
Describe public-key encryption (asymmetric encryption)
Alice and Bob each have a different public and private key. Information encrypted with the public keys can only be decrypted using the private keys, and information encrypted with the private keys can only be decrypted using the public keys. That means Alice can send a message encrypted with her private key, and only those with her public key can see it. Alice can also access messages Bob sends if she has access to his public key. (Might be incomplete definition.)
What does AES stand for?
Advanced Encryption Standard
What is affine transformation?
A transformation consisting of multiplication by a matrix followed by the addition of a vector
What is a “block” in the context of the AES?
A sequence of binary bits that comprise the input, output, State, and Round Key. The length of a sequence is the number of bits it contains. Blocks are also interpreted as arrays of bytes.
What is a cipher?
Series of transformations that converts plaintext to ciphertext using the Cipher Key
What is a cipher key?
Secret, cryptographic key that is used by encryption algorithms to make the output unique to that key. In AES, the key is used in the Key Expansion routine to generate a set of Round Keys; can be pictured as a rectangular array of bytes, having four rows and Nk columns. (Nk is the number of 32-bit words in the key. For reference, byte is 8 bits, word is 16 bits, doubleword is 32 bits, quadword is 64 bits. So Nk is number of doublewords. Total bits in cipher key divided by 32. Nk can be either 4, 6, or 8 in this standard, total of 128, 192, or 256 bits in the key.)