Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CS6035 IIS > Security Protocols > Flashcards

Security Protocols Flashcards

1
Q

What 3 things are needed to communicate securely over the internet

A

the users must mutually authenticate each other
establish and exchangekeys
agree on cryptographic operations & algoirithms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What’s the process for message authentication with shared secret key for a session

A
  1. User 1 request to communicate w User2
  2. User 2 sends back a Challenge R1
  3. User 1 Sends an encrypted R1 using their shared secret key
  4. User 1 sends to User 2 a Challenge
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The challenges and responses for multiple sessions should be:

A

random, not easily repeatable or predictable

R1 & R2 should be large random values and
secret key should be protected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

In message authentication, what is a reflection attack

A

over multiple sessions, the attacker, not knowing the encrypted R1, can challenge the victim with R1, upon which the victim will automatically respond with encrypted R1. Attacker then uses that encrypted R1 as the response to the initial challenge

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How to defend against a reflection attack

A

use 2 separate keys, an initiator secret key and a response secret key
OR
use even #challenges for User1 and odd # challenges for User2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How might mutual authentication work for asymmetric encryption?

A
  1. User1 sends encrypted message using User2’s public key

2. User2 responds with decrypted message and also sends an encrypted message using User1’s public key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How are session keys made?

A

Encrypt a shared session key w the shared master key and send over OR
encrypt a shared session key w the public keys

this encrypted shared key w public key can be also signed (digital signature) by the author’s private key for authentication

Diffie Hellman could also be used as their “shared session key”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Key Distribution Center help to deal with scalability with master keys. How does session making and mutual authentication work in this case?

A

upon a request N1 & UserID,

KDC sends back encrypted: E(Ka,Ks|Request|N1|Encrypted(Kb,Ks|”Alice”))

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is Kerberos

A

authentication and access control in network
it is the Key Distribution Center
Shared Master key is the user’s master key stored on the KDC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CS6035 IIS (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions