Part 1 Flashcards
What are the 3 aspects of the CIA triad?
Confidentiality: No unauthorised reading/learning of data.
Integrity: No unauthorised modification or destruction.
Availability: Timely and reliable access to data.
What is non-repudiation?
The assurance that an entity cannot deny having done an action.
What is authenticity?
Property of being genuine and being able to be verified.
What is accountability?
Property that an action should be able to be traced back to the entity that performed it.
What are the assets of a security system?
Software
Hardware
Data
Communication facilities and networks.
What are the 3 types of vulnerability?
Leaky: Unauthorised access
Unavailable: Slow, using becomes impossible/impractical
Corrupted: wrong thing/wrong answers
What is an attack?
A thread that is carried out.
What are the two attack classifications?
Active: Attempt to alter/affect operation of assets.
Passive: Attempt to learn/make use of information from a system.
What is an inside attack?
An attack initiated by an entity inside the security perimeter.
The entity has authorised access to the system.
What is an outside attack?
An attack initiated by someone outside the security perimeter.
What is a risk?
Measure of the extent to which an asset is threatened by a potential circumstance/event.
The likelihood of occurance.
What is a countermeasure?
An action that mitigates the effects of an attack/risk.
What is encryption?
Transformation of information using a secret.
What is access control?
Rules, policies and mechanisms that limit access to resources to those people/systems with a “need to know”.
What is a “need-to-know” determined by?
Identity
Role
What is authorisation?
Determining whether a person or system is allowed to access resources, based on an access policy.
What is authentication?
Determination of role/identity.
How can an entity be authentication?
Something they have (smart card)
Something they know (password)
Something they are (biometrics)
What is physical security?
The physical barriers and restrictions used to improve the security of resources and components.
What are examples of physical security?
Copper meshes in walls
Locks
Placement of computers in windowless rooms.
Sound dampening materials.
What are backups?
Periodic archiving of data to enable restoration in the event of failure.
What are checksums?
Functions turning a file into a numerical value.
What does a checksum function rely on?
The whole file.
Flipping a single bit should change the output.
What are computational redundancies?
Computers/storage devices that serve as fallbacks in the case of failures.
What is symmetric encryption?
Encryption using a single, secret key.
What is asymmetric encryption?
Encryption using a public-private key pair.
Public for encryption, private for decryption.
What is the RSA process?
- Choose 2 prime numbers (p and q).
- Calculate N (N = pq).
- Calcuate T (T = (p-1)(q-1)
- Choose numbers e,d where ed mod T = 1.
- PU = (N,e), PR = (N,d)
To encrypt: (message)^e
To decrypt: (message)^d
What is a digital signature?
Encryption of the hash of a message using the senders private key that can be used to authenticate their identity using their private key.
What is a Man-In-The-Middle attack?
An attack where communication is intercepted by a third party.
What is a primitive root?
N is a primitive root of the prime q if its powers mod q is an integer in the range 1-(q-1).
(2,13),(2,17)
What is a discrete logarithm?
i is the discrete logarithm of b:
b = a^i mod q
What is the diffe-hellman process?
Explain it.
What is the job of a certificate?
BInd a user/company identity to their public key.
What are the mandatory fields of a certificate?
Version Serial Number Signature Issuer Validity Subject Public Key
What is the PKI?
Public Key Infrastructure.
Set of hardware, software, people, processes and policies.
What is the role of the PKI?
Faciliate the creation of a verifiable association between a public key and the identity of the holder of the corresponding private key.
What cryptography does the PKI use?
Asymmetric
What is the job of the CA?
Certification Authority
Issue, revoke and distribute public key certificates.
How are certificates signed?
Using the private key of the CA.
What is the PKI repository?
A means of storing and distributing x.509 certificates and CRL, and managing updates to certificates.
What is the job of the RA?
Registration Authority.
Verify user request for a certificate.
What is the process of certificate issuance?
- RA verifies user request.
- User chooses PR, CA chooses PU.
- Certificate issued by CA.
What is the process of certificate usage?
1 . User fetches certificate.
- User fetches CRL.
- User checks that the certificate is valid using CRL.
- User checks the signature using certificate.
What are the reasons for certificate revocation?
Compromised private key
Company moves physical address
Expiration
HR reasons
What is a CRL?
Certificate Revocation List.
List of no longer valid certificates.
What are the issues of a CRL?
Expensive to distribute.
Updates not sent quickly enough to defend against atttacks.
Vulnerable to DOS attacks.
What are the mandatory fields of a CRL?
Version Signature This Update Next Update Revoked Certificates [ ]
What is TSL?
Transport Layer Security Protocol
What does the TLS provide?
Privacy and data integrity
What are the 2 protocols of TLS?
Handshake protocol.
Record protocol
What is the handshake protocol?
User sends: Client hello, protocol version, suite of supported cryptographic algorithms.
Server responds: Highest common version and suite, public key certificate (with key).
Client checks certificate, generates secret key and sends to server using its public key.
How does a client check the certificate of a server?
The certificate is signed by the private key of the CA, so can be verified using the public key of the CA which is included in browsers.
What is kerberos?
Network Authentication Protocol.
What encryption does kerberos use?
Symmetric encryption
What are the goals of kerberos?
Usrs password shouldn’t travel on the network.
Single login for a session
Client and servers mutually authenticate.
User passwords never stored
Authentication information centralised on the authentication server.
What is a realm in kerberos?
The users and services authenticated by a KDC.
What is a principal?
User, application server, sevices on the network.
What is a ticket in kerberos?
Proof of id for a user to access a service.
What is the KDC?
Key Distribution Center.`
What does the KDC store?
A database of principals and their master keys generated using their passwords.
Database is encrypted using the master key of the KDC.
What are the 3 components of the KDC?
Database
Authentication Server
Ticket Granting Server
What is phase 1 of Kerberos?
User requests ticket.
AS generates SA.
AS generates TGT: (Username, SA, T1)
AS encrypts TGT with KDC master key.
AS sends to user, encrypting with user’s key KA.
User logins in, KA generated from password.
User decrypts and obtains the TGT.
What are the limitations of Kerberos?
Single point of failure
Requires synchronised clocks
Assumes client’s workstation is secure
Vulnerable to password guessing
What are the 2 steps of User Authentication?
Identification, Verification
What are the problems with passwords?
Password Overload
Passwords can be guessed
Must be stored safely
Password reuse
How can an attack crack a password?
Brute Force Shoulder Surfing Dumpster Diving Guessing Interception Key Logging Social Engineering
What is phising? + countermeasure
Using a fake site to gain credentials to be used on a target site.
CM: Server-side authentication
What is interception? + countermeasure
Clear text information intercepted by an attacker (man in the middle)
CM: Encrypt communication among users and website.
What is keylogging?
Using software to record the keys typed by users.
Can get passwords from this.
E.g. Kidlogger, Revealer
What are the countermeasures for Shoulder Surfing and Dumpster Diving?
User Training and awareness
What are the 2 types of password attacks?
Offline/Online
How many combinations are the for a brute force attack?
(Length of alphabet)^(length of password)
What is an online dictionary attack?
An attack that tries passwords from a dictionary of words, common passwords, important words to the user (name, address, pet…) etc.
Not 100% guarenteed to crack the password, but can lead to less trials and time needed.
What are good countermeasures for password cracking?
Throttling
Locking
Protective Monitoring
Password Blacklisting (common passwords)
What is password strength?
The effectiveness of a password against a brute force attack.
What is password entropy?
nlog(A)/log(2)
What is an offline dictionary attack?
An attack that tries to crack passwords in a password file.
The attacker tries passwords from a dictionary of common passwords and compares the hashes.
What are the countermeasures for an offline dictionary attack?
Hashing
Salting
Password File access (only priviledged users)
Separation of user ids to passwords
What are the properties of a good hash function?
Non-reversible
Fixed length
Unique for each input
What is salting?
The process of adding random bits to a password, then hashing the result to make a brute force attack even harder.
What is the salting process?
- Compute hash of the password.
- Add salt (prepend/append).
- Hash the result.
- Store the hash and salt
What can be used to crack passwords?
Pwdump
L0phtcrack
What are the password cracking methods?
Brute force
Dictionary: Only as good as your dictionary
Hybrid
What is a reduction function? + examples
A function that transforms a hash into a new string (possible password0 to be hashed.
E.g : First 6 letters, first 6 characters, last 5 numbers etc.
What is the rainbow table process?
- Precompute hashes, apply red. funcs, compute hashes etc. to create the rainbow table. Only store first and last column.
- Apply last red. func to hash to crack.
- Check if result is in the table.
- If so, go to the start of that row, and compute the hashes until the plaintext is found. (Its the plaintext that generates the hash.)
- If not, apply the penultimate red. func, last red. func, check.
- Repeat until row is found.
- Go to the start of the row and calculate the hashes forward until the correct value is found.
Why are rainbow tables used?
They are a good trade off between time and space.
What is online and offline cracking?
Offline: Password of a program (zip file)
Online: Online service to crack (ssh) - Use hydra.
What are the security properties of privacy?
Confidentiallity, Integrity, Availability, Accountability
What must be considered with privacy?
The system as a whole: Software, Hardware, Physical Environment, Legal, Coroporate, Personnel
What is confidentiality?
Unauthorised reading/learning of data.
Presumes an access control security policy.
What is privacy?
Keeping individuals information confidential.
What is secrecy?
Keeping company information confidential.
What is anonimity?
True identity of an individual is not known and cannot be learned.
What is intrusion?
Invasive acts that threaten the solitude or tranquility of a person.
What is decisional inference?
Government’s incursion into the data subjects decisions regarding their private affairs.
What is surveillance?
The watching, listening to or recording of an individuals activies.
What is interrogation?
Various forms of questioning and probing for information.
What is aggregation?
Combining of data about a person.
What is identification?
Linking information to a particular individual.
What is insecuity?
Carelessness in protecting stored information from leaks and improper access.
What is secondary use?
The unconsensual use of data for purposes other than those for which the data was originally collected.
What is exclusion?
Failure to allow the data subject to know about the data that others have about them and participate in its handling and use.
What is a breach in confidentiality?
Breaking a promise to keep data confidential.
What is disclosure?
Releasing information that influences how an individual is jduged.
What is exposure?
Revealing nudity, greif or bodily functions.
What is increased accessibility?
Amplifiying accessibility of information.
What is blackmail?
The threat to relese personal information.
What is appropriation?
The use of someone’s identity in order to serve another’s aims.
What is distortion?
Dissemination of false/misleading information about an individual.
What is privacy as confidentiality?
Data anonymisation, secure messaging, anonymous communication, data minimisation.
What is privacy as control?
Annonymous credentials, privacy policy languages, purpose-based AC.
What is privacy as practice?
Feedback and awareness tools, privacy nudges, aid in privacy decision making.
What is a privacy policy?
Text that specifies how data may be used, under which conditions and what obligations this entails.
What are the privacy requirements?
AC requirements Actions required before access Actions that must be performed within a certain time period. Restrictions on further distribution of data. Restrictions on purpose of use. Limitations of retention time. Mandatory use of protection mechanisms Duties of keeping data up-to-date.
What are the 2 pet families?
Soft Privacy Technology
Assume trust of 3rd party. (AC, tunnel encryption)
Hard Privacy Technology
No trust of 3rd party. (Tor)
What is a data controller, data subject and data analyst?
Controller: Entity that collects, holds and controls the data.
Subject: Entities that the data is about.
Analyst: Entities that use the data for studies and predictions.
What are the 3 classifications of attributes?
Explicit (key) Identifiers: Name, NI
Quasi-identifierL DOB, Postcode
Sensitive: Medical records
What is k-anonimity?
A record must be indistinguishable from at least k-1 other records with the same quasi-identifier.
There must be at least k records with the same equivalence class.
If this holds for each quasi-identifer, a table is k-anonymous.
How can k-anonimity be achieved?
Generalisation: Making quasi-identifiers less specific. (>40). Partition ordered-value domains into intervals.
Supression: 478**, if there is too much loss with generalisation.
How can k-anonimity be attacked?
If the attacker has backgroud information (background knowledge attack).
If there is not enough diversity in sensitive attributes for each equivalence class. (Homogeniety attack).
What is l-diversity?
If an equivalence class has at least l well represented values, then it has l diversity. If all equivalence classes have l-diversity, the table is l-diverse.
What is distinct l-diversity?
Each equivalence class at at least l sensitive values for the field.
What is a limitation of l-diversity?
It doesn’t protect again senstive attribute disclosure.
Doesn’t consider overall distribution of sensitive values.
What is sensitive attribute disclosure?
The attacker can make broader claims about an individual. (Salary range, illness domain - mental illness, stomach illness)
This is a similarity attack.
What is t-closeness?
The distribution of sensitive values in each equivalence class should be within a threshold t of the original distribution.
What is differential privacy?
The probability of a result of a query being nearly the same, regardless of whether a individual is included in the dataset.
Why is a proxy not fully anonymous?
The proxy server knows where information is coming from and going to.
The sender is not known to the recevier and vice versea, but known to the proxy.
What is a VPN?
Virtual Private Network.
Can make computers outside a network be treated as if they are in the network.
What is encapsulation in a VPN?
The wrapping of a message for travel over a channel into a VPN. It is unwrapped once it arrives, and is then treated as normal network traffic.
Why are VPNs good?
Provide anonymity.
Can access sensitive resources from outside of a network.
Can be used to simulate current position to that of the server (US Netflix).
What is a mix network?
A routing protocol that sends traffic to different proxy servers to reach a final destination.
What is the process of a mix network?
- Path identified by the user, public keys of servers collected.
- Layers of encryption added to message using each public key.
- Message sent along the path.
Why is a mix network anonymous?
Each server only knows its direct neighbours in the path.
How are replied returned to the user?
The server sends the data to the last in the path, it encrypts the reply using a key given to it by the user when the first request was sent. Then the data is passed up the path, each with a new layer of encryption being given to it.
Once it reaches the user, it is decrypted.
What are the 3 nodes in Tor network?
Guard, relay, exit
What is the job of a Tor browser?
To provide a path of nodes for the user to use to send a message.
What is perfect forward secrecy?
Using keys of each server to encrypt the data, so no nodes can access the data.
What are the 2 types of relay node?
Bridge node: Unlisted
Advertised
How is 2-way anonimity achieved?
A rendezvous point is agreed on by a user and server. Messages are routed using paths to this point.
A server will register an Onion URL which can be accessed via a Tor browser. Server has introduction points, via a path, which is used to agree the rendezvous point.
What is the process of E-voting in Estonia?
Voter uses ID card and PinPad. ID card and PinPad used to create key. Key used to authenticate website. Users uses second key to confirm vote. Vote sent. Vote encrypted using PU of government or LA. Vote wrapped with voter's signature. Vote collected, unwrapped and mixed. All votes then counted.
What is homomorphic encryption?
Uses mathematical functions that allow for results to be found without decryption.
Where can AC be implemented?
Locally or over a network.
What is a security policy?
Defines which executions are allowed by which users/systems according to a set of measurable, high-level rules.
What is a security model?
A formal representation of a class of systems, highlighting security features.
What are 2 security models?
Code based
Database oriented.
What is Discretionary Access Control?
Principle: Users own resources and control access to them.
Each resource has a DAC list which specfies which entities have which access.
What are the issues of DAC?
Large systems are complex to manage.
Difficult to understand whether correct permissions have been given to the right users.
The objects and users change frequently, so their permissions need to be update frequently as well.
What is Mandatory Access Control?
Access control based upon security levels of subjects and objects.
Most systems use multi-level security policies.
Decisions are made by comparing security clearance of a subject with the security clearance of an object.
What does each subject have in a MAC system?
A clearance and “need-to-know”.
To access a resource, the subject must have a clearance level or higher than that of the resource, and contain all the “need-to-knows” of an object.
What is an RBAC?
Role-Based Access Control.
Access given to subjects based upon their role an organisation.
Permissions are assigned to roles.
What are the advantages of RBAC?
Distinct from user groups. Emphasis on responsibility Increases abstraction in policies (more managable) Simple Reduces user administration.
What are the types of RBAC?
Flat
Hierarchical
Constrained
What is the Chinese Wall Model?
Commercially inspired confidentiality model.
Uses conflict classes.
A user can only have access to one dataset within each conflict class.
What is blockchain?
A decentralised ledger of transactions, fully replicated over a trustless peer to peer network.
What are the transactions of blockchain?
Events of interest for a specific application.
What is bitcoin?
A decentralised cryptocurrency that transfers currency via blockchain, providing pseudo-anonimity.
How are transacrtions carried out in blockchain?
Transaction is broadcasted to the whole network.
All nodes verify the transaction.
Each replica updates its ledger.
What are digital signatures used for?
Verifiying the sender, and proving ownership of the UTXO.
How are transactions identified?
Using the addresses which are associated to a (PU,PR).
A wallet contains the key pairs associated to the addresses of a user.
What are the inputs for a transaction?
An amount of unspent bitcoin to be used for the transaction.
What is the UTXO?
Unspent Transaction Output
How is ownership of the UTXO proved?
Using digital signatures which verify the ownership of the private key associated to the address.
Why does having multiple address provide full anonymity?
A user can be profiled when different transactions are used for a UTXO.
Why is decentralisation good?
Doesn’t require trust
No single point of failure
No censorship
How are blocks created?
Miners choose which txns to include in a block.
Miners choose which block to use as previous.
Miners solve resource-intensive puzzle to compute Proof-of-Work (PoW).
New block is broadcast to the network.
Each node adds it to its local blockchain replica.
What is on a new block?
A number of transactions.
Reference to previous block (hash)
Random number (solution)
What is the puzzle?
Find a number s.t the hash of the block has a certain number of zeros as a most significant digit.
What are the insentives to mine?
Amount of bitcoin for the block.
Transaction fees.
How are branches dealt with?
They are allowed to grow until one becomes longer and is accepted; the others are rejected and the transactions are rolled back.
What is pooling?
The combination of computational power between groups of miners.
More chance of branches (and blocks) being accepted, so more fees.
Fees split between the group.
What are the advantages of blockchain?
Decentralised Reliable Pseudo-anonymity No need for trust Immutable history of txns.
What are the disadvantages of blockchain?
Not stablised
High transaction fees
Slow txn confirmation
Business may not be protected.
What is a smart contract?
A computerised txn protocol that executes the terms of a contract.
Digital representation of a legal contract that can be executed determinisically.
What is the life cycle of a contract?
Definition, Execution, Audit
What are the 4 conditions of a smart contract?
Integrity of Control: Accountability of contract enforcement
Democratic Control: Responsiblilty should be shared, no controlling party.
Non-repudiation: Cannot argue with any part of the execution.
Building of trust: Should start trustless, build and preserve for duration.
How does blockchain adhere to the conditions of smart contracts?
IoC: Transactions are immutable.
DC: Executedby all peers.
N-R: Transactions are immutable
BoT: PoW consensus builds trust.
What is ethereum?
Decentralised platform for executing smart contracts.
What are the 2 types of account for Ether?
Externally Owned Account
Contract
What is EOA used for?
Transferring cryptocurrency.
What can contracts do?
Update state
Carry out transactions to EOA/contracts
What is the cost of a smart contract?
Gas unit
What is a gas limit?
The maximum amount of gas units that a transaction is willing to pay.
What is a decentralised application?
An application whos backend runs on a decentralised P2P network.
Multiple stakeholders are willing to manage assets of interest accounding to a business logic encoded as smart contracts.
What is a permissioned blockchain?
A blockchain where the peers are invited.
Why are permission blockchains used?
Used in buisness, for company to company transactions.
They may not want to make the txns public.
What determines the creator of the next block in a permissioned blockchain?
Leader election
Which performance is better, permissioned or permissionless?
Permissioned
What does responsible distribution ensure?
No single point of failure
No priviledged nodes.