NIS Chapter 03 Flashcards
what is an unbounded medium?
a communication medium which has no inherent physical limitations.
define cipher
a process that converts plain text into a ciphertext
what are symmetric algorithms? Give three examples of such
WEP, TKIP, CCMP
A key is shared between both encrypting and decrypting party
Why is it important to have a secure way of sharing the key?
since the key is shared, the key needs to be kept secret otherwise there is no point to the encryption
What is asymmetric encryption ?
a type of encryption method that has a private key and a public key. One for encryption and one for decryption
what technique does a stream cipher use?
plaintext is encrypted bit by bit
what is a keystream?
This is a psuedorandom cipher bit stream that is combined with the plaintext
What is WEP encryption?
- a type of stream cipher
- that uses the RC4 stream cipher to generate a keystream
- and uses xor to combine the plain text and generated stream
What is a block cipher?
- ## takes in a fixed size length of data and encrypts it to the same length
Is block ciphering a symmetric or asymmetric ciphering scheme?
symmetric
What is the downside of putting a specific block through multiple iterations of encryption in order to increase security?
performance will be affected
What are the 2 parts of the RC4 cipher?
The PRG and KSA
How do the 2 parts of the RC4 work together? (4)
- a key is ran through the KS
- Which produces a state vector
- state vector is fed into the PRG which permutes/rearranges the vector
- XOR the resultant with the plaintext
What was the general use case of the RC4 cipher?
weak hardware/lazy developers
Is RC4 a stream cipher / block cipher?
stream
What makes RC5 different from RC4? (2)
- variable block, variable and #rounds
- block cipher instead of stream
Why is the Data Encryption Standard considered insecure>
- small key size
4 facts about DES
- block cipher
- 64 key size
- 56 effective lenght
- 16 rounds on each block
what is the difference between DES and 3DES
it is essentially DES run 3 different times using 3 keys
What are the different key options for 3DES
- all keys are the same, all keys are unique, 2 keys are unique
3 facts of AES
- supports 3 key sizes
- used as a security standard
What 3 encryption methods operate in the 2 layer of the OSI model?
CCMP, TKIP, WEP
What is the structure of 802.11 data frames?
-
What is the payload of an 802.11 data frame reffered to as?
a MSDU
What are the 3 intended goal of WEP?
- confidentiality
- access control through static key
- data integrity through checksum
What is one major similarity between WEP and TKIP?
they both use the RC4 cipher
What is the purpose of the RC4 cipher in encryption schemes?
used to generate a a stream cipher to XOR the plaintext
What is an IV in context of WEP?
- a randomly generated bits that are combined with the secret key and used as seeding material for the RC4 cipher
What is the difference between ICV and IV
ICV is used to check the integrity of of the plaintext, while IV is part of the seeding material for the RC4
Draw the WEP encryption process
-
Where is one of the weakness of WEP found concerning IV
in IV, a new IV is created for each data frame but there are only so many different IV combinations, that the values end up being reused
Name 4 WEP encryption weaknesses
- IV collision attacks
- Weak key (RC4 generates weak keys)
- reinjection to accelerate IV collision attack
- Bit flipping (weak ICV)
Why was TKIP created?
To serve as a temporary replacement for WEP that wouldn’t need any HW upgrades to implement
How does TKIP modify WEP?
- Temporal keys: keys are dynamically allocated via a 4 way handshake instead of a static key
- Sequencing: uses sequencing in order to avoid reinjection attacks
- Key mixing: key mixing is used to create stronger seeding material for RC4 which avoids IV collisions
- has stronger integrity because MIC protects against bit flipping attacks
TKIP countermeasures?
- MIC failures are able to be logged so they can be examined
- 60 second shutdown after 2 MIC failures
- new temporal keys
What is CCMP
a security protocol that was designed to replace WEP and TKIP
What commonality between TKIP and WEP is different with CCMP?
AES is used as a block cipher instead of the RC4 streaming cipher
In order to use AES, what must be predefined before encryption begins?
the methods for converting between messages and blocks during encryption and decryption or the “mode of operation” needs to be defined
How does the ECB mode of operation work?
- each block is encrypted independently and the padding is added as needed.
- the same block generates the same cipher
How does the CTR mode work?
an arbitrary block is encrypted and XORed with the plaintext to produce the cipher text. identical blocks can produce different values
What are the features of the AES in counter mode?
- allows for a block cipher to be treated as a stream cipher
- ## can be encrypted in parallel
What security service does CCMP provide?
- integrity through CBCMAC
- confidentiality \ (CTR)
-authentication through keys - access control
What are the inputs used by the CCMP integrity and encryption process?
- Temporal keys: PTK (unicast) and GTK(group and multicast)
Packet Number: like the TKIP sequence #, protects from injection/replay - Nonce: a nonce is a value used to ensure the uniqueness of the encryption keys and initialization vectors (IVs)
- 802.11 data frame
- AAD used to verify integrity
What do organisations that need higher end security typically?
Proprietary implementation that require custom sw installation
Draw the WEP, WPA and WPA2 table
-
Compare TKIP, WEP and CCMP in a table
-
