Network Security Flashcards
what is meant by message integrity
sender and receiver want to ensure a message has not altered or been tampered with in transit or afterwards without detection
what is included in a passive attack
eavesdropping or intercepting messages
what is involved in an active attack
actively inserting messages into a connection
which is not easy
what is involved in an impersonation attack
spoof source address of packet
what is involved in hijacking attack
attacker inserting themselves in the middle, both sender and receiver still think they are talking to each other
what is plain text
original data
what is encrypted version of plain text called
ciphertext
encryption function
E(P) = C
decryption function
D(C) = P
for the cryptosystem to function, what must hold
D(E(P)) = P
ie must be able to reproduce the plaintext
does the lenght of the key determine its security
no its algorithm is also a key factor
what is the key space
all the possible values the key can take
encyrption function with key
E_k(P) = C
decryption function with key
D_k(C) = P
why does having a big key space mean more security
sequentially going through every key takes too long
ie. brute force attack not worth it
how do substitution ciphers work
each letter or group of letter is replaced by another group of letters to disguise it
three ways to attack on substitution ciphers
identify commonly occurring characters
commonly occuring bigrams
domain specific buzzwords eg system, login, password
three ways to attack on substitution ciphers
identify commonly occurring characters eg vowels
identify commonly occurring bigrams/digrams eg th, ie
identify domain specific buzz words eg system, login, password etc
does substitution ciphering preserve the order of text symbols
yes
how does vigenere cipher work
26x26 matrix
pick long word as key
use first letter of key to encrypt first letter of plain text
use second letter of key to encrypt second letter of plain text
when last letter of key is used, wrap around
how to break vigenere cipher
know length of key and when rotation happens
how do transposition ciphers work
re order the symbols rather than disguising them
process of transposition cipher
pick a key
write plain text in rows under the key
re order the columns
send in column
how many keys are there in symmetric key encryption
1
all parties share the same key
what is the main problem with symmetric key encryption
sender and receiver must agree to a secret key without anyone else finding out
examples of symmetric key algorithms
DES
triple DES
IDEA
AES
what does DES stand for
data encryption standard
what does a block cipher do
operates on a single chunk of data at a time
why is it important that the output is the same size or smaller than the input
encrypted data should not be bigger than input data
how many stages in DES
19
what is the first stage of the DES
fixed permutation (pbox)
what is the last stage of the DES
exact inverse of first stage permutation
what happens in the penultimate stage of DES
leftmost 32 bits exchanged with rightmost 32 bits
what are the 16 middle stages of DES Called
rounds
what happens in 16 rounds of DES
a version of the key is taken in, only 48 bits are used
old right half becomes new left half
old left half run through mixer with key and XORed with old left half becoming new right half
how long would it take to attack a key space of key length 52 bits by brute force
2^56 tries
how to improve DES to make it more secure
Triple DES or 3DES
making use of 2 or 3 keys
what is the problem with the fact that ECB independently ciphers blocks
determinisitic manner
encrypting independently is a lot of work
want some dependency between blocks that we encrypt
what is meant by a probabalistic output
the output should always be different even if the same data is put in
what does CBC stand for
cipher block chaining
how does cipher block chaining work
pass in plaintext
and initialisation vector
XOR initialisation vector with plaintext
XOR of this goes into box with key
this results in ciphertext
that ciphertext becomes initialisation vector for next block
so everything is now chained
what is essential for decryption in cipher block chaining
first initialisation vector
what is done with the first few blocks in case someone is listening in
dummy data sent
do you have to keep the initialisation vector secret
no
how is cipher block chaining slow
cannot go onto the next step until the previous cipher text has been generated
what does ofb stand for
output feedback
how does output feedback mode work
put intialisation vector through encryption box, this becomes next initialistion vector
XOR the plain text with whatever comes out of the encryption box
this becomes ciphertext
advantage of output feedback mode
can pre compute initialisation vectors
so as the packets come you can XOR them and things can be done much quicker
why is OFB mode a synchronous process
computations are independent of the plain text
what does CFB stand for
cipher feedback
how does cipher feeback mode work
similar to OFB but cipher text is fed back
initialisation vector sent into encryption box
result is XORed with plaintext to get ciphertext
cipher text becomes next initialisation vector
when is CFB mode used
when short plain text blocks are to be encrypted eg 8 bits long, ASCII character
eg between remote keyboard and a computer
which is the asynchronous stream cipher
cipher feedback mode
which is the asynchronous stream cipher
output feedback mode
what does AES stand for
advanced encryption standard
what is most common bit and key size for AES
128 bits
2^128 is too large to compute and test key space by brute force
how may rounds of cipher are there in AES
10 to 14 depending on key length
how many keys are there in asymmetric key cryptosystems
2
public key
private key
what to do if private key shared by accident
discard and create a new public key
example of public key cryptographic algorithm
RSA
properties of asymmetric key cryptosystems
- must be computationally easy to encipher or decipher a message given the appropriate key
- must be computationally infeasible to derive the private key from the public key
- need for exchanging private key eliminated
what does it mean that it must be computationally infeasible to derive the private key from the public key
it should be so hard it is not worth your while
is public key used for encryption or decryptionq
public
the public key of the person you wish to send encrypted message to
is private key used for encryption or decryption
decryption
only the person with that private key can decrypt
what is involved in a passive attack
eavesdropping (just observing messages)
how can passive attackers still obtain messages from encrypted messages
information from message length, frequency, hosts etc
what is involved in an active attck
modification of data
hacker pretends to be a different identity
hacker relays information between the other two
what is authentication
ensuring that the communicating entity is the one that it claims to be
what is a symmetric cipher model
sender and receiver have same secret key
what is asymmetric cryptography
sender and receiver use different keys
what does it mean if the ciphertext is computationally secure
cost of breaking cipher exceeds cost of information and time taken exceeds useful life of information
what is the greatest common divider (highest common factor) of two numbers that are relatively prime
1
what does the phi function calculate
phi(n)
how many numbers that are less than n are relatively prime to n
is the RSA algorithm deterministic or probabilistic
deterministic
a specific plaintext is always mapped to a specific ciphertext
is Fermat’s primality test always 100% accurate
no
what is the size of the chunks that ECB operates on at one time
64 bits
what are the flaws of ECB DES
small key, 2^56 for brute force attack
each block encrypted independently so vulnerable to substitution attack
deterministic
is CBC probabilistic or deterministic
probabilistic, depending on IV sed
what is a X-509 certificate
binds identity of a person/company with their public key
what are the contents of a x-509 certificate
identity of user
public key of user
digital signature on the above field with the key of the TTP (trusted third party)
why does the basis of x-509 certs assume that every user in the system is equipped with the public key of the TTP
these are embedded in the browsers themselves
what is the purpose of a x-509 certificate
allows one to verify the digital signature on the certificate to ensure the message is associated with the named user
what are certification authorities
trusted third parties that issue certificated
who issues certificates to to other CAs
the root CA
what is the order of an element a in group G
the smallest positive integer k for which
a ^ k = a * a * a * … a (mod G) = 1
what are the properties of a group
closure
associative
identity element
inverse element
what makes a group Abelian on top of the other properties
commutative
what does the closure property of a group mean
a, b, element G then (a op b) element G
if both a and b are elements of the group G, then the result of an operation (addition or multiplication) performed on a and b will also be an element of group G
what does the associative property of a group mean
a op (b op c) = (a op b) op c for all a, b, c elements G
what does the identity element property of a group mean
(a op e) = (e op a) = a for all a, e elements G
there is an element in every group that when an operation is performed with any other element in the group, the result will be that element
in additive groups it is 0
i.e. anything + 0 is itself
in multiplicative groups it is 1
i.e. anything * 1 is itself
what does the inverse element property of a group mean
(a * a^-1) = (a^-1 * a) = e for all a element G
i.e. all elements should have an inverse
what is the diffie hellman key exchange
a protocol that allows strangers to establish a shared symmetric key without having to meet and without a need for a cryptosystem to be in plave
what are the underlying reasons that the DHKE works
exponentiation is commutative
how is the DHKE vulnerable to attack
users aren’t authenticated
man-in-the-middle attack
what is the man in the middle attack in DHKE
both parties believe they are talking to each other across a secure channel
however the attacker is in the middle and can read and modify messages
how to defend against the man in the middle attack in DHKE
use digital certificates to verify the identity of the user you are communicating with
how is checksum vulnerable to attack
attacker can intentionally modify message to produce some equal checksum value and the receiver will not detect the change
what does it mean that a hash is a one way function
hash is irreversible
you cannot reproduce the input from the output
it is not meant to be decrypted
it is used as a unique digital fingerprint to check integrity of data
example of hash functions
SHA-1, SHA-2
advantages of symmetric key encryption
speed
little overhead
disadvantages of symmetric key encryption
distributing key securely
same key used for encryption and decryption
advantages of asymmetric key encryption
public key can be distributed openly so everyone can use it to encrypt data for the owner of the corresponding private key
disadvantages of asymmetric key encryption
slower
more overhead
