Midterm # 2 Flashcards
Authentication is?
The process of determining whether a user should be allowed access to a system.
Authentication question?
are you who you say you are?
authorization
are you allowed to do that?
The three authentication methods?
Something you know
Something you have
Something you are
How to prevent forward search attack
To prevent a forward search attack on a public key encryption we append random bits to the message before encrypting it
Salt?
Appending a non secret random value known as salt to each password before hashing it.
What is a salt?
a non secret value that causes identical password to hash to different values
What is a two factor authentication?
any authentication method that requires two out of the three “somethings” is known as a two factor authentication
what is the common criteria?
EAL1 through EAL7
what is EAL1
functionally tested
what is EAL2
Structurally Tested
What is EAL3
Methodically Tested and Checked
What is EAL4
Methodically Designed, Tested, and Reviewed
What is EAL5
Semiformally Designed and Tested
What is EAL6
Semiformally Verified Design and Tested
What is EAL7
Formally Verified Design and Tested
What are ACL’s?
Access control lists, columns
What is C-lists?
Capabilities, rows, subject trying to perform an operation
What are the advantages of capabilities?
with capabilities the association between users and files is built into the system. Capabilities are more complex to implement, and have higher overhead
what are the advantages of ACL
ACL based system, which is a separate method for associating users to files is required.
what is the confused deputy?
the confused deputy is a classic security problem. fooled by some other party into misusing its authority. the compiler is acting on Alice’s behalf.
Classification applies to…
Objects
Clearances apply to…
Subjects
Classification and Clearances order?
Top Secret
Secret
Confidential
Unclassified
what is BLP
Bella-LaPadula
What is Bella-LaPadula
is to capture the minimal requirements with respect to confidentiality, that any MLS system must satisfy
BLP consists of two statments
Simple Security Condition,
Property
What is Simple Security Condition
Subject S can read object O if and only if L(O) <= L(S)
What is Property
Star property, Subject S can write objects O if and only if L(S) <= L(O)
what is the point of compartments?
to further restrict information flow “across” security level, compartments enforce he need to know principle.
what is a covert channel?
communication path
what is captcha?
is a test that a human can pass, but a computer can not pass with a probability better than guessing.
what does firewall provide?
firewall provides access control for the network. Each type of firewall filters packets by examining the data up to a particular layer of the network protocol stack.
What are the five layers of packet filter?
application, transport, network, link, physical
what is the advantage of a packet filer
efficiency
concept of firewall?
firewall has no concept of state so each packet is treated independently of all others.
what do packet filters use?
they are configured using access control ists or ACLs
what is a port scan?
Trudy tries to determine which ports are open through the firewall
Application proxy?
the incoming packet is destroyed and a new packet is created in its place when the data passes trough the firewall.
Protocol what is bad?
it is a bad idea to have the two sides in a protocol do exactly the same thing, since this might open the door to an attack. small changes to a protocol can result in big changes in its security.
Remember..
You should not use the same key pair for signing as you use for encryption
how prevent MiM attack?
Alice and Bob can use their shared symmetric key K_AB, to encrypt the diffie hellman exchange
what is timestamp?
a time value
what is the benefit of timestamp?
is that we do not need to waste any messages exchanging nonces, assuming that the current time is known to both Alive and Bob.
Zero knowledge proofs
bobs cave which side
what is Fiat shamir?
relies on the fact that finding a square root modulo N is as difficult as factoring.
Why is it better to hash passwords with a salt than to hash passwords without a salt?
Not a secret, stored with passwords
dictionary attack more difficult
it creates more work for hacker
hacker can not use precomputed work.
why do we hash passwords with a salt rather than encrypt the password file?
store you have to encrypt the key, if you get the password file you get the key.
Password file is a single point of failure
What purpose do timestamps and nonces serve?
challenges used to verify authentication session PREVENT REPLAYS
Advantage of timestamp as compared to a nonce?
MORE EFFICIENT
One significant disadvantage of timestamp as compared to nonce?
CLOCK SKEW
time is a security concern
Lampson’s access control matrix, capabilities?
C-lists, rows and describe permissions for subjects
Lampsons access control matrix, ACLs?
Access control lists, are columns
2 advantages of C-lists over ACL’s
Easy to add or delete
easy to delegate permissions
2 advantages of ACLs over C-lists
Easier to implement
Easy to change permissions
Differences between Authentication and identification?
One to one VS one to many
subject compliance VS non subject compliance (data)
Which is easier and why? authentication or identification?
authentication is easier: Only one way for authentication Already know i am authenticating Comparisons to ONE with identification one to many, comparisons depends on data
Packet fileter
works at the network layer, attacker uses TCP ACK scan
Stateful packet fileter
works at the transport layer, attacker uses firewalk to send packets.
what is firewalk
to check for port opening, port scanning
Application proxy
works at the application layer, DLS attack can perform a port scanning
MIG
if bob and alice are doing the same thing you can get MIG
Method used to prevent covert channels are inherently weak. Is it better to use such weak methods or to do nothing at all?
better fuse weak , reduces bandwidth, EASY TO DO RELATIVELY
methods used for inference control are inherently weak. is it better to use weak or nothing?
Weak, reduces data leaks, EASY TO DO RELATIVELY
suppose that the only cryptosystem you have access to is known to be weak is it better to use this system to encrypt your data or to do nothing at all?
Do nothing at all , because you could flag it as import since the system is weak.
Why do we hash passwords that are stored in a password file?
so if the password file is stolen or accessed by trudy they can not determine the passwords and use it to log in to that system or other resources.
Why is it better to hash passwords than to encrypt the password file with a symmetric cipher?
hashes are one way and do not require that we decrypt any password files. Decrypting a password file would require that the key to be stored some where so that the system can automatically decrypt the file when verifying password. creates a security problem as to where to store the key.
Time stamps and nonces
are both used in security protocols to prevent replay attacks
Advantage of timestamp as compared to a nonce?
less messages required to achieve authentication as the nonce does not need to be exchanged.
Advantage of nonce as compared to timestamp?
Time stapts in the first case are security critical parameter and require a window of “opportunity” to account for clock skew. Nonce do not have that and it is a disadvantage.
One significant advantage of packet filter as compared to a stateful packet filter.
fast, less overhead s it does not monitor the state. stateful keeping track of state of lots of connections
Significant advantage of stateful packet filter as compared to packet filter.
prevents simple TCP ACK attack on firewall to determine if ports are blocked as the firewall will know that there is no valid session or state and reject the packet.
cost passwords are…
free
connivence passwords are…
easier for admin to reset pwd than to issue a new thumb
ECB
same plain text and same ciphertext
forward search prevented
padding with random bits prevents forward search attach, can not use a precomputed set of passwords, more work for trudy
No salt No dictionary
brute force, hash it and compare to all the passwords
yes salt
talk the salt hash it and compare work
work
size of dictionary / prob passwords in dictionary
2^10
1024
web cookies
cookie is provided by a website and stored on users machine, cookie indexes a database at website, cookies maintain STATE across sessions
web uses a what protocol
a stateless protocol HTTP
authorization is a form of
access control
ACL
Access control lists store matrix by column
ACLS
permissions tied to a file
capabilities
permissions tied to the user
ACLS
easier in changing files
Confused deputy
complier is acting on alices behalf, confusing her permission with Alice’s permissions overriding a bill for example
in practice…
ACLs are used more often
capabilities make it …
easy to delegate authority
Classifications apply…
to objets ressources
Clearances apply…
to subjects users
MLS is needed
when subjects and objects at different levels use on same system
MLS is a form of
Access Control
MLS enforces
Multilevel security enforces access control up and down
compartments enforce
enforce restrictions across, the need to know principle
Cover Channel
MLS designed to restrict legitimate channels of communication
Covert channel
desecrate means of communication, 1 it is there , 0 it is not there
a firewall is like a…
secretary
packet filter operates at the
network layer
stateful packet filter
operate at the transport layer, firewall will keep track then it can drop it
packet filer disadvantages
no concept of state cannot see TCP connections blind to application data less information to go on on going connections we do not see it just like ARP cacheing
dis advantage of stateful packet filter
can not see application data
slower than packet filtering
more work
state DoS is an issue
what is a proxy
something that acts on your behalf
Application proxy disadvantages
speed more work DoS
Application proxy advantages
complete view of connections and applications data
Filter bad data at application layer
webcookies make a
stateless protocol
application –>
user space
transport –>
os
network –>
os
link
NIC card
Physical
NIC card
client
speaks first
server
responds to clients request
spoofed email doesn’t have
authentication
UDP is
efficcent
TCP is
reliability
compartments help
need to know bases
UDP
certain delays long or short packets
botnet
compromised machines
botnet
can do DoS an spam
inference control
not too difficult to do
captcha the attacker
the attacker knows the algorithm, the data, except the random numbers
TCP 3-way
the TCP 3-way handshake makes denial of service DoS attacks possible
TCP three way handshake
first send SYN request
BACK SYN-ACK
ACK and data
ARP is
stateless
Ideal security protocol
Efficient
Precise
Robust
easy to implement, easy to use ,flexible
security protocol over a
Network layer, sending important information over the network back and forth attacker can replay messages.
challenge response
prevents replay, only alice can respond to properly Bob has to verify it. Number used one is a Nonce
Number used once
Nonce
another version of nonce
timestamps
diffie hellman
man in the middle has to happen in real time
nonce
generate it and send it current to prevent replay
Time stamp disadvantage
synchronization of clocks, network delay
Nonce
3 messages
timestamp
2 messages
Encrypt and sign with timestamp…..
insecure
sign and encrypt with nonce
secure
encrypt and sign with nonce
secure
sign and encrypt with timestamp
secure
Fiat shamir what is x
x = r^2 mod N
fiat shamir what is y
y = r * s^e mod N
fiat shamir what is v
v = S^2 mod N
what does bob verify in fiat shamir
y^2 = x * V^2 mod N
fiat shamir wha tis y ^2
y^2 = r ^2 * S ^(2e)
