Midterm 1 Flashcards

1
Q

What does STRIDE stand for?

A
Spoofing user identify
Tampering
Repudiation
Information disclosure (privacy breach or data leak)
Denial of service (DoS)
Elevation of privilege
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What names do they use for the bad guys in computer security? What do they mean?

A

Eve – eavesdropper (passive attacker)
Mallory – active attacker
Trudy – intruder

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What names do they use for the good guys in computer security?

A

Alice and Bob (no apparent meaning)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What kinds of defenses are there in computer security?

A

Confidentiality – prevent unauthorized access to data (reading)
Integrity – detect unauthorized modification/creation of data (writing)
Availability – prevent DoS attack, data delivered in timely manner and available when requested.

CIA is the acronym

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What two components are there to access control? What do they entail?

A

Authorization – Is this really Alice or Bob?

Authentication – Does this user have authorization to complete the requested action?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does repudiation/non-repudiation mean as a computer security threat?

A

Ability to later deny that an activity took place, or prevent someone from denying that an activity took place. In other words, covering your crimes or framing others for crimes. Involves cryptographic evidence used in court.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the three facets (sides) to security?

A

Prevention
Detection
Reaction

PDR

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the principle of least privilege?

A

A system, application, or user should have permissions to do just what it needs to do and no more.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Why should there be redundancy in security?

A

You should always assume partial failure. Assume one layer of security will not always work. Use firewall, antivirus, disk encryption, and more all on top of each other.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is an attack tree?

A

Used to reason about the threats to a system. Root node is the goal of attacker while child nodes are all the ways to achieve that goal. (More child nodes = more risk? Slide isn’t clear.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is security through obscurity?

A

Relying on the secrecy of the design of a system/sub-system as the main source of security. (Closed source code with/using code obfuscation – making it nonsensical?)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is security through minority?

A

Using an unpopular tool. Attackers won’t know their way around it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What does cryptography mean?

A

Hidden writing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the four cryptographic primitives (with acronyms)?

A

Symmetric Encryption (AES)
Public-Key Cryptography (RSA)
Secure One-Way Hash (SHA-256)
Message Authentication Code (MAC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Name the three modern, strong encryption ciphers in the slides.

A

AES
RSA
Salsa20

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What does encryption mean?

A

Transforming information so that its meaning is hidden. Requires “special knowledge” to retrieve.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is the Caesar Cipher?

A

Shifting each letter in a message down a fixed number of spaces in the alphabet. (3 shifts right would turn A’s into D’s, D’s into G’s, ect.). Easily broken with a brute force approach. Only 25 different combinations in the English alphabet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is the Vigenère cipher

A

Using many Caesar Ciphers based on a key. Using a table of the alphabet, showing all 26 different combinations in tables and rows, use the row for the plaintext letter and the column of the corresponding key letter. The intersection of the row and column is the ciphertext letter. To decrypt, use the letter in the key to determine the column and find the corresponding letter in the ciphertext in that column. The row you end up on is the plaintext from the original message.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Describe the symmetric encryption model.

A

Alice and Bob both have the same key to lock and unlock a message. Alice encrypts the message with her key and sends a message to bob. The message is secure on the way to Bob, and then bob decrypts the message with the same key. Bob can now read the plaintext. The key must be kept secret for this to be secure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is a cryptographic hash function?

A

A function that takes data of any size and converts it into a “hash” (unreadable characters) that is a fixed size. This is typically one way and cannot be converted back to its original plaintext. Useful for passwords.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Describe message authentication code (MAC)

A

A message is sent through a MAC algorithm, which produces a unique output that only that message can produce. The message is sent with its unique output to a destination. The message is then sent through the same MAC algorithm. If the outputs are different, the message is proven different from the original and has been tampered with. Verifies the integrity of a message.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Describe public-key encryption (asymmetric encryption)

A

Alice and Bob each have a different public and private key. Information encrypted with the public keys can only be decrypted using the private keys, and information encrypted with the private keys can only be decrypted using the public keys. That means Alice can send a message encrypted with her private key, and only those with her public key can see it. Alice can also access messages Bob sends if she has access to his public key. (Might be incomplete definition.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What does AES stand for?

A

Advanced Encryption Standard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is affine transformation?

A

A transformation consisting of multiplication by a matrix followed by the addition of a vector

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What is a “block” in the context of the AES?

A

A sequence of binary bits that comprise the input, output, State, and Round Key. The length of a sequence is the number of bits it contains. Blocks are also interpreted as arrays of bytes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What is a cipher?

A

Series of transformations that converts plaintext to ciphertext using the Cipher Key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What is a cipher key?

A

Secret, cryptographic key that is used by encryption algorithms to make the output unique to that key. In AES, the key is used in the Key Expansion routine to generate a set of Round Keys; can be pictured as a rectangular array of bytes, having four rows and Nk columns. (Nk is the number of 32-bit words in the key. For reference, byte is 8 bits, word is 16 bits, doubleword is 32 bits, quadword is 64 bits. So Nk is number of doublewords. Total bits in cipher key divided by 32. Nk can be either 4, 6, or 8 in this standard, total of 128, 192, or 256 bits in the key.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What does Nk represent in the AES? What are its possible values?

A

Nk is the number of 32-bit words in the cipher key. For reference, a byte is 8 bits, a word is 16 bits, a doubleword is 32 bits, and a quadword is 64 bits. So Nk is number of doublewords, the total bits in the cipher key divided by 32. Nk can be either 4, 6, or 8 in this standard, for a total of 128, 192, or 256 bits in the key.

29
Q

What does Nb represent in the AES? What are its possible values?

A

Number of columns (32-bit words) comprising the State, or number of doublewords in the original plaintext. For this standard, Nb = 4, or 128 total bits. In other words, the plaintext to be encrypted or decrypted must be 16 characters long.

30
Q

Define inverse cipher

A

Series of transformations that converts ciphertext to plaintext using the Cipher Key

31
Q

What is ciphertext?

A

The unreadable product of plaintext put through a cipher so unauthorized individuals cannot interpret it. Also used an input to the inverse cipher to be converted back to plaintext.

32
Q

Describe the state and its use in the AES

A

For this cipher implementation, the state is a 4 by Nb (also 4) byte array which the cipher’s transformations are performed on. It takes the 128 bit input and stores it appropriately into its 16 row and column spaces. The state indices S[r,c] are placed from the 128 bit input[r + 4c]. The cipher’s transformations are done on this two-dimensional byte array/matrix and then copied to the output like so: output[r + 4c] = state[r,c].

33
Q

What does the xtime() function do according to the FIPS 197 spec?

A

This performs a polynomial multiplication of 2. It is done by passing in the bits associated with the polynomial, performing a left shift, and performing an XOR bitwise operation on the result by {1b} (or 27, or 00011011). The XOR only happens if the most significant bit is set.

34
Q

What is the irreducible polynomial in the AES and what is it referred to as? Why is it irreducible?

A

It is referred to as m(x) = x^8 + x^4 + x^3 + x + 1, or 0x11b in hexadecimal notation. (Fill in why this is the irreducible polynomial)

35
Q

What does Nr represent in the AES? What are its possible values?

A

Nr is the number of rounds to be performed during the execution of the
algorithm. Nr is a function of Nk and Nb (just Nk in the AES implementation because Nb is constant):

Nr = 10 when Nk = 4, Nr = 12 when Nk = 6, and Nr = 14 when Nk = 8

36
Q

What are the four transformations performed on the state in the AES cipher?

A

1) Byte substitution using a substitution table (S-box) – subBytes()
2) Shifting rows of the State array by different offsets – shiftRows()
3) Mixing the data within each column of the State array – mixColumns()
4) Adding a Round Key to the State – addRoundKey()

37
Q

What are the transformations involved when making the AES key schedule?

A

With columns divisible by 4:
1) Like shift rows except with columns. Each value shifts up once in the column and wraps – rotWord()
2) Substitutes bytes with values in the sbox – subWord()
3) XOR with round constant – rcon()
Other columns after above transformations:
Equals column 4 spaces before XOR’ed with column 1 space before.

38
Q

What are the Authentication Encryption modes and how to choose them?

A

GCM – best rule of thumb. OpenSSL implementation, free and reliable, although a pain to implement personally
OCB – patented, so must pay a small fee. Sometimes used in commercial products
EAX – personal implementation (not recommended)
CCM – personal implementation (not recommended)

39
Q

What does “on-line” mean regarding Authentication Encryption modes?

A

“On-line” means you do not need to know the length of the message in advance before performing the encryption using the cipher mode.

40
Q

Describe the ECB cipher mode

A

Electronic Code Book Mode

If you need, for example, a strings of 256 bits put through the AES algorithm (only works on 128 bit strings), cut the long string in half, put them both through the algorithm, and reunite them.

Simple, can be run in parallel, but very vulnerable to attacks

41
Q

Describe the CTR cipher mode

A

Counter Mode

Encrypt values 0-n (counter) that have been concatenated with an IV/nonce (sort of like another key) through AES. Then XOR the result with the plaintext in segments.

Parallel encryption and decryption, preprocessing able to generate the keystream in advance

42
Q

Describe the CBC cipher mode

A

Cipher Block Chaining Mode

For each block of plaintext, XOR the current block with the ciphertext created from the previous block and then encrypt using AES. The first will XOR with an IV/nonce since i-1 does not exist yet.

Conceals plaintext patterns (fixes ECB), but need sequential encryption. Parallel decryption though.

43
Q

Describe the CFB cipher mode

A

Cipher Feedback Mode

x_0 is the nonce. Encrypt x_0, then XOR the first s plaintext bits with the first s result bits. Take that ciphertext and append it to the end of x_1. The beginning of x_1 that is empty is filled with the end of x_0, n-s values. Continue for all x values, where each x value is the end of the last x value + the portion s of previous cipher text.

Parallel decryption only

44
Q

Describe the OFB cipher mode

A

Output Feedback Mode

Just like CFB except the portion s placed on the end of the next x value is taken from the encryption result – not the ciphertext resulting after the XOR with the plaintext.

Preprocessing able to generate the keystream in advance

45
Q

What does IV mean in relation to cipher modes?

A

Initialization Vector
Used in some cipher modes to further encrypt a long message.
Must be known to sender and recipient
Must be random and unpredictable
Most importantly, never reuse a IV/nonce with the same key

46
Q

Which three cipher modes create a stream cipher with a block cipher?

A

CTR
CFB
OFB

47
Q

What is padding?

A

Adding bytes at the end of a plaintext input so all the blocks are of correct size. Both sending a receiving sides must be aware of the padding scheme used.

48
Q

What is a collision attack in hashing?

A

When an attacker finds two separate source messages that both hash to the same value. The expected time for this attack is 2^(n/2) where n is the number of bits in the hash digest.

49
Q

What is a pre-image attack in hashing?

A

When an attacker is given a specific hash value (usually the hash value of an intercepted message) and is asked to find a source message that hashes to that value. The expected time for this attack is 2^n where n is the number of bits in the digest.

50
Q

What properties are hash functions supposed to have?

A

1) It can be applied to a block of data of any size
2) It produces a fixed length of output
3) It is relatively easy to compute for any input
4) They should be one-way, meaning they can’t be converted back into the original message
5) Given a block of input, you should not be able to find another input that will result in the same hash value (weak collision resistance)
6) With no given inputs, you should not be able to find two inputs that will produce the same hash value (strong collision resistance)

51
Q

What do you call the inputs and outputs of a hash function?

A

Input – pre-image

Output – message digest, d, hash code, or hash value

52
Q

What is a pre-image attack?

A

First
Given a message digest, find a pre-image that produces the same digest
Property #4

Second
Given a pre-image, find another pre-image that will produce the same hash value as the first when put through the hash function
Property #5

53
Q

What is a collision attack?

A

Without any given pre-images, find two different pre-images that will produce the same hash value after being put through the hash function
Property #6

54
Q

What is GCM?

A

Galois Counter Mode

Authenticated Encryption method

It uses counter mode along with a MAC in order to encrypt a message and also authenticate it. This way, attackers can’t read the data or tamper with it. If they do tamper with it, the MAC will be different on the receiving end and the recipient will know the message has been changed.

55
Q

What is EtM?

A

Encrypt-then-MAC

Encrypt plaintext to get the ciphertext. Put the ciphertext through the hash function to get the MAC and append it to the ciphertext.

Used in SSHv2

56
Q

What is E&M?

A

Encrypt-and-MAC

Put the plaintext through both the encryption and hash function. Concatenate the results.

Used in SSH

57
Q

What is MtE

A

MAC-then-Encrypt

Put the plaintext through the hash function and append it to the original plaintext. Put that through the encryption process to get the ciphertext.

58
Q

What is EAX mode?

A

Uses counter mode and OMAC (One-key MAC) as an AEAD like GCM

59
Q

What is AEAD?

A

Authenticated Encryption with Associated Data

Provideds confidentiality, integrity, and authentication with associated data (e.g. message header), unlike just AE which doesn’t offer integrity. In other words just authenticated encryption ensures nobody will read data, but AEAD makes sure nobody has tampered with the data being sent either.

60
Q

What other uses are there for padding besides making message blocks appropriate sizes?

A

Disguise identical messages

Disguise message length

61
Q

What is diffusion in cryptography?

A

1 different bit making a big difference in the result after being encrypted.

62
Q

What are some useful applications of hashes?

A

Human-readable method to compare/verify data
Chaining events together – blockchain (ie Bitcoin)
Digital signatures and message authentication codes
Fundamental building block of many secure protocols

63
Q

Which current hash functions have been broken? Which are safe?

A

MD5 and SHA-0 have been broken and are not safe

SHA-1 has a weakness found and is not recommended

SHA-2 and SHA-3 have no known flaws (SHA-3 is backup plan if SHA-2 fails)

64
Q

Describe Merkle-Damgard Construction:

A

Look this up and describe

65
Q

What is a bit flipping attack?

A

An attacker flips bits on a ciphertext, so although they cannot read the message, the message has been altered so the receiver cannot read the real thing.

66
Q

What is an HMAC algorithm?

A

A shared key is attached to a message and the whole thing is sent through a hashing algorithm. The result is appended to the message and the shared key is left out went sent to its destination. When the message is received, the receiver can attach their shared key to the message without the MAC and compare the result with the message’s MAC. If they are the same, the message is authentic.

67
Q

What is recommended for use regarding encryption and using a MAC?

A

If you just need a MAC, use HMAC. If you need encryption and a MAC, use AEAD.

68
Q

What is Kerckhoff’s Principle?

A

A cryptosystem should be secure even if everything about the system, except the key, is public knowledge