Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Cybersecurity > Week 3 > Flashcards

Week 3 Flashcards

1
Q

Cryptography

A

where security engineering meets mathematics. It gives us the tools that underlie most modern security protocols

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Encryption

A

The process of transforming information (plain text) using an algorithm (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key: the result of encryption is termed cipher text

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Information Security Concerns

A

Confidentiality, Integrity, Availability, Auditability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Elements of Access Control

A
  • Identification
  • Authentication
  • Authorization
  • Nonrepudiation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Cryptography components: hash function:

A

generate unique number; easy; non-traceable
•e.g. Hash(m) = mod(m, n), remainder after dividing by n, for n prime Hash(‘hello’) = mod(8 5 12 12 15, 127) = 100
•If message changes, so does the hash. E.g. Hash(‘hallo’) = 92

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Cryptography components: Symmetric key algorithms:

A

Parties have the same key

Symmetric key like (DES, 3DES, AES)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Public key algorithms:

A

Parties have complementary key values

Public key ciphers (like RSA); digital signatures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Symmetric Key Cryptography

A

In conventional cryptography, key k is used both for encryption (E) of plain text m and for decryption (D) of cipher text c

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Key management

A

Refers to mechanisms to bind a person to a key. Mechanisms for generation, maintenance and revocation of keys.

Problems:
Key distribution, secrecy, usability, storage (2-factor authentication)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Public key cryptography

A
  • Uses a pair of two related keys (PK, SK)
  • Public key (PK): published and distributed
  • Secret key (SK): private and unique
  • It does not matter if someone intercepts PKb. It is public
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Advantages of PK Cryptography

A

•Communication partners who do not know each other can send secure messages to each other, provided
1.the secret key is really kept secret by its owner
2.the public key is unambiguously linked to its owner.
•This can be established by a chain of trust(compare procedures for collecting a passport)
•Messages can be electronically signed enabling implementation of authentication and non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Usage of Public key cryptography

A

Confidentiality: Only Bob has SKb to decrypt cipher text
•Authentication:(1) Use secure key distribution to uniquely link PKB to Alice. e.g. chain of trust, using certificate authorities (CA). or (2) Use SKA to encrypt (signature) Anyone with PKAcan test. •Integrity:Alice makes a unique ‘hash’ of the message, encrypts the message and sends it all securely along. Bob decrypts and recalculates the hash himself; Bob compares to find differences (SHA-1 algorithm)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Strength of RSA

A
  • Encryption is based on numbers n and f, so the public key is a pair (f, n)
  • The private key is the pair (d, n); n is publicly known
  • Statement: anyone who knows the public key of RSA and is able to factor the number n, can also find d
  • So the relative strength of RSA is based on the difficulty of factoring n in its two prime factors.
  • Key distribution remains crucial. Consider a man-in-the-middle attack. Suppose Trudy can intercept messages between Alice and Bob. She receives PKB, makes a fake SKA’ and PKA’ and sends PKA’ to Bob. Bob will then communicate with Trudy as if it is Alice. This can be avoided by digital certificates from a public key infrastructure, and by regularly comparing certificates.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Usage of Public key cryptography (double key pair)

A

Same as public key cryptography, however besides PKb encrypted and SKb decrypted;

PKbSKa encrypts, and SKbPKa decrypts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Purpose of a signature

A

to authenticate a message

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Governance of PKI

A

-PKI (Public Key Infrastructure)

  • Infrastructure and governance mechanism for establish secure key exchange
  • Procedures for linking keys (certificates) to natural person
  • Governance structure: hierarchy of certificate authorities

*Weaknesses are often in key management and governance structure

17
Q

Protocols

A

Rules for interaction

Evaluation a protocol:

  • Is the threat model realistic?
  • Does the protocol deal with it?

E.g. parking garage lets regular users authenticate and open barriers.

Garage G sends a nonce N; Token T sends return message to garage G, with name T, and T,N encrypted with key KT
G -> T : N
T -> G : T {T,N}KT

18
Q

Two-factor authentication

A

Use two factors out of:

  • “What you have” (physical device)
  • “What you know” (password)
  • “What you are” (biometrics)
19
Q

SP networks

A

Substitution - Permutation Networks

Block ciphers: use confusion (adding unknown key values) and diffusion (spreading plaintext information through the cipher text)

  • Block size
  • Enough rounds
  • Design-of S-boxes

S-box: scrambles bits in an entire block, according to a predefined pattern

20
Q

Advanced Encryption Standard (AES)

A

NSA has since 2005 approved AES with 128-bit keys for protecting information up to ‘secret’ level and with 192-bit or 256-bit keys for ‘top secret’.

AES is an SP-Network

  1. KeyExpansion
  2. AddRoundKey
  3. Repeat
  4. Final round
21
Q

Feistal cipher (DES)

A

Has a ladder structure, input is split up into two blocks, left half and a right half

22
Q

DES continued

A
  • DES algorithm is widely used in banking and other payment applications
  • Each round is a combination of expansion, key mixing and S-boxes
  • Criticism: key is too short
  • Brute force, will need 2^56 encryptions and an average of 2^55 encryptions. Available for $20 million in 1977
23
Q

3DES

A

Solution to the problem of DES’ key length: use DES multiple times on message M

Heavily used by banks, still. Most new systems use AES, but banking technology still relies on 8-byte blocks

24
Q

Overview Algorithms

A

Symmetric (parties have the same key):

  • AES: preferred standard
  • DES: insecure
  • 3DES: still widely used

Asymmetric (public-private key) (parties have complementary key values)

  • Diffie-Hellman: theoretical
  • RSA: preferred standard
25
Q

Bruce Schneier remarks

A

Bruce Schneier: algorithms have a “margin of safety”. We must recognise that with enough computing power and time, it is possible to break any algorithm, but if we continue to work together and stay on top of computational performance, we can find new algorithms to replace old ones.

26
Q

Conclusions cryptography

A

-Hash functions: unique code
-Symmetric key encryption: sender and receiver share the same key, security relies on key distribution procedure
-Public key encryption (asymmetric):
sender has a public key; only receiver has private key. Public key may be intercepted

27
Q

Conclusions cryptography: use of keys to ensure security concerns:

A
  • Confidentiality (key)
  • Integrity (compare hash)
  • Authenticity (signature)

Key management and governance are crucial (Diginotar)

Cybersecurity (13 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions