Vocabular / Concepts

Question 1

What is the purpose of the Diffie-Hellman protocol ? (2 points)

Answer 1

• securely establish a shared secret key between two parties over an insecure communication channel
• allows two parties to generate a common key without having to transmit the key itself, thus preventing interception by eavesdroppers

Question 2

What is a digital signature ?

Answer 2

Message authentication + a measure to counter repudiation by the source

Question 3

(Threat, Security Service, Comments, Mechanism)

Interception

Answer 3

Security Service : confidentiality
Comments : information is accessible only to authorized users
Mechanism : encryption

Question 4

(Threat, Security Service, Comments, Mechanism)

Fabrication

Answer 4

Security Service : authentication
Comments : ensuring the identity of an entity / message not altered
Mechanism : authentication protocols

Question 5

(Threat, Security Service, Comments, Mechanism)

Modification

Answer 5

Security Service : integrity
Comments : message is not tampered with
Mechanism : digital signature (e.g. RSA)

Question 6

(Threat, Security Service, Comments, Mechanism)

Repudiation

Answer 6

Security Service : non-repudiation
Comments : the entity can’t deny sending/receiving a message
Mechanism : digital signature

Question 7

(Threat, Security Service, Comments, Mechanism)

Unauthorized access

Answer 7

Security Service : access control
Comments : prevention of unauthorized use of resources
Mechanism : access control list, roles

Question 8

(Threat, Security Service, Comments, Mechanism)

Interruption / Denial of service

Answer 8

Security Service : availability
Comments : services always available to authorized users
Mechanism : replication, more bandwidth, better hardware

Question 9

Type of attack : Traffic analysis

Answer 9

Passive

Question 10

Type of attack : Release of content

Answer 10

Passive

Question 11

Type of attack : Replay

Answer 11

(intercept a transmission and repeat it, e.g. for ID theft)

Active

Question 12

Type of attack : Modification of messages

Answer 12

Active

Question 13

Type of attack : Denial of service

Answer 13

Active

Question 14

Type of attack : Masquerade

Answer 14

(steal ID to pretend to be someone else)

Active

Question 15

Outline a Man-in-middle attack for the Diffie-Hellman protocol

Answer 15

1. Darth prepares for the attack by generating two random private keys Xd1 and Xd2 and then computing the corresponding public keys Yd1 and Yd2
2. Alice transmits Ya to Bob
3. Darth intercepts Ya and transmits Yd1 to Bob. Darth also calculates K2 = YA^Xd2 mod q
4. Bob receives Yd1 and calculates K1 = Yd1^Xb mod q
5. Bob transmits Yb to Alice
6. Darth intercepts Yb and transmits Yd2 to Alice. Darth calculates K1 = Yb^Xd1 mod q
7. Alice receives Yd2 and calculates K2 = Yd2^Xa mod q

Question 16

Sample Kerberos Exchange

Answer 16

C→AS : Hi, Jain would like to use the network today.
C←AS : Here is a day pass for Jain.
C→TGS : Jain would like to communicate with PrintServer. Attached is his day pass.
C←TGS : Here is the ticket for Jain to communicate with PrintServer. It includes a session key.
C→PrintServer : Hi, Jain wants to communicate with you, here is the ticket.
C←PrintServer : Perfect, let us use the session key that was in your ticket.

Question 17

Where is SSL used ?

Answer 17

Widely in web, to secure HTTP

Question 18

What are the layers of the SSL protocol ?

Answer 18

Two layers :
- SSL Record Protocol : secure, reliable channel
- upper layer = carrying : Handshake, Alert protocol, HTTP, Any other app.

Question 19

What is a “session” in the SSL protocol ?

Answer 19

• 1 client + 1 server
• to define a set of cryptographic / security parameters shared among multiple connections
• used to avoid the expensive negotiation of new security parameters for each connection

Question 20

What is a “connection” in the SSL protocol ?

Answer 20

• 2 peers (equal roles)
• transient (temporary and short-lived)
• 1 connection associated with 1 session

Question 21

What are the 4 phases of the SSL Handshake Protocol ?

Answer 21

1. Establishing security capabilities
2. Server authentication and key exchange
3. Client authentication and key exchange
4. Finalizing the Handshake protocol

Question 22

What is the goal of the SSL Alert Protocol ?

Answer 22

To warn the user that something went wrong, and directly provide insight on the problem with codes for alert messages (2 bytes)

Question 23

What is the layer of IPsec ?

Answer 23

Network layer

Question 24

What is contained in IPsec ?

Answer 24

AH: Authentication Header
ESP: Encapsulating Security Payload
IKE: Internet Key Exchange

Question 25

What is the use of AH + ESP in the scope of IPsec ?

Answer 25

Protection for IP traffic
AH → integrity + authentication
ESP → confidentiality

Question 26

What is the use of IKE in the scope of IPsec ?

Answer 26

To set up keys and algorithms for AH and ESP

Question 27

What are the two modes of IPsec ?

Answer 27

transport and tunnel

Question 28

What machines are connected in the transport mode for IPsec ?
What additional requirements are needed ?
What is a typical application ?

Answer 28

end-to-end security between two hosts (usually client ↔ gateway)
Requires IPsec support at each host (extra software)
PC to remote host

Question 29

What machines are connected in the tunnel mode for IPsec ?
What additional requirements are needed ?
What is a typical application ?

Answer 29

gateway ↔ gateway security
Internal traffic behind gateways not protected
Only requires IPsec support at gateways
VPN

Question 30

What does the SSL Handshake Protocol provides ?

Answer 30

• confidentiality (shared secret key for encryption)
• message integrity (using a MAC with the secret key)

Question 31

What are the attacks attempts to alter system resources or affect their operation ?

Answer 31

Active attacks

Question 32

What are the attack attempts to learn or make use of information from the system but does not affect system resources ?

Answer 32

Passive attacks

Question 33

What are the attack attempts that aim the disruption of access to or use of information or an information system ?

Answer 33

DDoS (Distributed Denial-of-Service)

Question 34

What are the attack attempts that aim to do unauthorized modification or destruction of information ?

Answer 34

Integrity attack

Question 35

Concerning Kerberos, when Bob receives a Ticket from Alice, how does he know it came from Alice?

Answer 35

It contains Alice’s name encrypted by the TGS-Bob secret key.

Question 36

Concerning Kerberos, when Alice receives a reply, how does she know it came from Bob and that it’s not a replay of an earlier message from Bob ?

Answer 36

It has a nonce (e.g., time stamp) encrypted with the session key.

Question 37

Concerning Kerberos, what does the Ticket contain that allows Alice and Bob to talk securely?

Answer 37

It contains the session key encrypted by the TGS-Bob secret key.

Question 38

What is a False Positive in the scope of intrusion detection systems ?

Answer 38

A legitimate action mistakenly flagged as malicious

Question 39

What is a False Negative in the scope of intrusion detection systems ?

Answer 39

A malicious action mistakenly unnoticed (or flagged as benign)

Question 40

Is public-key encryption more secure from cryptanalysis than symmetric encryption ?

Answer 40

No, they have different purposes so not comparable

Question 41

Is a one-time pad unbreakable ?

Answer 41

Yes if it is used correctly (only one use of the key, truly randomly generated key)

Question 42

Must it be relatively difficult to recognize and verify the digital signature ?

Answer 42

No, it must be easy to recognize for anyone who has access to the associated public key. Its security relying on the difficulty to forge a signature.

Question 43

Can an individual Security Association (SA) implement both the Authentication Header (AH) and the Encapsulating Security Payload (ESP) protocols ?

Answer 43

No, in IPsec, they are typically associated with either one of them, not both.

Question 44

Is a metamorphic virus a software that can be shipped unchanged to a heterogeneous collection of platforms and execute with identical semantics ?

Answer 44

No, it’s a virus that changes its shape and structure after each infection to avoid detection by an anti-virus software.

Question 45

What are two major vulnerabilities for the Diffie-Hellman protocol, and how to prevent them ?

Answer 45

• Man-in-the-Middle attack → use digital signatures
• perfect forward secrecy (if attacker manages to get A or B private key, he can decrypt the whole conversation) → use ephemeral keys

Question 46

Suppose A sends a message to B using RSA, but also needs to provide authentication. Explain how to use RSA to provide both confidentiality and authentication.

Answer 46

M → sign using A’s private key → encrypt using B’s public key → C

Question 47

Show how SSL reacts to the following three attacks: replay, password sniffing and IP spoofing.

Answer 47

Replay : Timestamp + sequence numbers
Password sniffing : end-to-end encryption
IP Spoofing : mutual authentication

Question 48

How does SSL deals with a man-in-the-middle attack ?

Answer 48

Authentication: Uses digital certificates to verify server identity

Question 49

How does SSL deals with a SYN flooding attack ?

Answer 49

SYN Cookies: Delays resource allocation until connection is verified.
Rate Limiting and Filtering: Limits incoming SYN request rates.
Intrusion Detection and Prevention Systems (IDPS)

Question 50

Can a honeypot machine be used by its legitimate owner to run standard services?

Answer 50

No because running standard services on honeypots exposes real data to potential compromise if the honeypot is attacked (which is its purpose)

Question 51

Is the purpose of compression of plaintext prior to encryption into ciphertext to reduce the amount of ciphertext which is vulnerable whilst in transit over the internet?

Answer 51

• reduce data size (for transport and to increase encryption efficiency)
• but it also enhances security (e.g. by removing patterns)

Question 52

2 advantages of Diffie-Hellman

Answer 52

• no need for a prior shared exchange
• obtain secret key without exchanging the key itself

Question 53

Explain how the man-in-the-middle attack is mitigated when Diffie-Hellman is used
in the TLS and IPSec, respectively.

Answer 53

TLS : Handshake → digital certificate → authentication

IPsec : mutual authentication