SSL, TLS, HTTPS and E2EE

Question 1

What are SSLs and TLSs

Answer 1

Encryption protocols designed to give communication security over a network or the internet

Question 2

What does SSL stand for?

Answer 2

Secure Socket Layer

Question 3

What does TLS stand for?

Answer 3

Transport Layer Security

Question 4

What security parameters does TLS provide?

Answer 4

Confidentiality
Integrity
Authentication

Question 5

What is special about the Diffie-Hellman Key exchange protocol

Answer 5

Forward Secrecy - A unique session key is generated with every session a user initiates

Question 6

What is the benefit of Forward Secrecy?

Answer 6

• Gives assurance that session keys aren’t compromised even if the public/private key is
• Only info in that one session will be compromised and not other sessions

Question 7

What does Forward Secrecy achieve in terms of messaging

Answer 7

if the private keys for a serve rare compromised, all previously sent messages cant be decrypted due to using different DH session keys

Question 8

What is a Ciphersuite

Answer 8

A combination of encryption algorithms used to secure a network connection

Question 9

What is SSL stripping?

Answer 9

A proxy looking for HTTPS redirects
Will intercept redirect and direct to http version of site

Question 10

What are some mitigations against SSL stripping?

Answer 10

Arpwatch
Tunneling
Browser settings for HTTPS
VLANs
Firewalls

Question 11

What is HTTPS in terms of HTTP

Answer 11

HTTPS is HTTP run over SSL or TLS

Question 12

What is a digital signature?

Answer 12

A value hash that has been encrypted with the issuers private key (e.g. DigiCert)

Question 13

How do you validate a digital signature

Answer 13

The SHA fingerprint (Hash) must be decrypted using the issuers public key and the decryption must match what’s on the issuers certificate

Question 14

How can HTTPS be exploited?

Answer 14

The issuance of fake certificates
Over 1400 CA’s trusted by Microsoft etc.
One will make a mistake (Symantic)
Nation states all have influence over CA’s and can issue trusted certificates

Question 15

What is Null byte poisoning? (Cetrificates)

Answer 15

When certificates are obtained by someone for a domain not actually owned by them
- Nation state surveillance

Question 16

What is Pinning used for?

Answer 16

A mitigation to certificate changes
- can tie a host with their expected x.509 cert or key so the host will only accept that one key
- no data exchanged if key differs
- used by banking apps to “lock out” unnecessary connections

Question 17

What is End-to-End Encryption (E2EE)

Answer 17

Where data encrypted by the sender can only be decrypted by the intended receiver

Question 18

What are some E2EE technologies?

Answer 18

PGP
SSL/TLS
OTR
SMIME

Question 19

What is the main goal of E2EE

Answer 19

Zero knowledge system ensuring that data cannot be revealed even if coerced or you wanted to

Question 20

True or False:
E2EE protects data that has been received

Answer 20

False:
Only protects data in transit
Other methods are needed to store and protect data after

Question 21

What is Steganography

Answer 21

The art of hiding data in another set of data
- Message hidden in the binary of a picture file when decoded

Question 22

Benefit of Steganography over Encryption

Answer 22

Encryption isn’t hidden at all, However steganography is covert

Question 23

What is the name for the file being used to hold Steganography data

Answer 23

A Carrier

Question 24

What method in Steganography allows for plausible deniability?

Answer 24

A Decoy Carrier
- Creating a decoy carrier with a fake message incase compromised or coerced

Question 25

What is important when choosing a file as a Carrier for Steganography?

Answer 25

Use a file that cannot be compared to its ‘original’
- Resize, crop and compress any downloaded photo first
- Use original photo

Question 26

What are the two easiest and most paramount security controls to implement first before anything?

Answer 26

1) Up-to-Date Patches
2) Strong Password