ITM820 Midterm

What is the primary goal of confidentiality in security?

Preserving authorized restrictions

When does a loss of confidentiality occur?

When there is unauthorized disclosure of information

What does a loss of integrity involve?

Unauthorized modification or destruction of information

What does availability ensure in security?

Reliable access to information

What does a loss of availability involve?

Disruption of access to or use of information

Authenticity verifies what?

The genuineness of a message or its originator

What is the security goal of accountability?

Trace actions to an entity

What must systems keep records of?

Activities to permit later forensic analysis

The essential network and computer security requirements include?

Confidentiality, integrity, availability, authenticity, and accountability

Describe the 3 impact levels

Low ↔ Limited adverse effect

Moderate ↔ Serious adverse effect

High ↔ Severe or catastrophic effect

Why is computer security considered complex?

Subtle mechanisms are needed

In developing security mechanisms what must one always consider?

Potential attacks

Users often perceive little benefit from security investment until what happens?

A failure occurs

What are the categories of computer system assets?

Hardware, software, data

What do data assets include?

Files, databases, and security-related data such as password files

What is a leaky system?

A system where unauthorized access to information occurs

What is a passive attack in security?

Learning information without altering resources

Who is an outside attack initiated by?

An unauthorized or illegitimate user

What does a countermeasure aim to do?

Prevent, detect, or recover from security attacks.

Why are fundamental security design principles important?

Guide development of protection mechanisms

What is one fundamental security design principle?

Least astonishment

What is a formal security policy?

A statement of rules and practices

What are the four complementary courses of action in security implementation?

1⃣ Prevention

2⃣ Detection

3⃣ Response

4⃣ Recovery

How does the NIST Computer Security Handbook define assurance?

Degree of confidence in measures

What does symmetric encryption use the same key for?

Encryption and decryption

DES and AES are examples of what?

Block encryption algorithms

What are the two requirements for secure use of symmetric encryption?

Strong algorithm and secure key exchange

In symmetric encryption what is the secret key used as?

It is used as input to the encryption algorithm

What happens if an opponent knows the encryption algorithm and has access to ciphertexts?

They cannot decipher it

What must secret keys do?

They must be obtained securely and kept secure to prevent compromise of communication

What is a symmetric encryption scheme's five main components?

Plaintext, encryption algorithm, secret key, ciphertext, and decryption algorithm

What is the role of the plaintext in symmetric encryption?

Original message or data

What does the encryption algorithm do to the plaintext?

Performs substitutions and transformations

For a given message two different secret keys will produce what?

Two different ciphertexts

What are the four steps of the decryption algorithm in symmetric encryption?

1⃣ Receive ciphertext

2⃣ Input secret key

3⃣ Reverse transformations

4⃣ Output original plaintext

What does a cryptanalytic attack rely on in symmetric encryption?

The algorithm's nature

What does a brute-force attack involve?

It involves trying every possible key

On average a brute-force attack requires what?

Trying half of all possible keys to succeed

What are the most commonly used symmetric encryption algorithms based on?

Block ciphers

How does a block cipher process plaintext?

In fixed-size blocks

Name three examples of block ciphers

DES, 3DES, AES

Describe DES

DES uses a 64-bit plaintext block and a 56-bit key to produce a 64-bit ciphertext block

What key size does 3DES use?

168 bits

Why was AES developed as a replacement for DES?

It is faster and more secure

What bit key size does the current version of AES use?

A 256-bit key size

What is a stream cipher?

Combines plaintext with keystream

How does a stream cipher compare to a block cipher?

A properly designed stream cipher can be as secure as a block cipher of comparable key length

What is the primary advantage of stream ciphers over block ciphers?

They are faster

What is the most popular stream cipher?

RC4

Describe each cipher and its typical use case

Block cipher ↔ File transfer

Stream cipher ↔ Browser/Web link

What type of attack does encryption protect against?

Passive attack

When is a message authentic?

When it is genuine and comes from its alleged source

Why is symmetric encryption alone insufficient for data authentication?

Reordering blocks is possible

What is a message authentication code (MAC)?

A small block of data generated using a secret key

What is the purpose of a MAC in data authentication?

Verify message integrity

What happens If a MAC matches the calculated code?

The receiver is assured the message is from the alleged sender

Describe each algorithm with its use in generating a MAC

DES ↔ Old encryption standard

AES ↔ More secure and faster

What is the key difference between a MAC and a hash function?

MAC uses a secret key

How can a message digest be encrypted?

Using symmetric or public-key encryption

What are the two advantages of using public-key encryption for message authentication?

Digital signature and no key distribution

What does a keyed hash MAC use?

A secret key to generate a hash code without encryption

How is the secret key incorporated into a keyed hash MAC?

As a prefix and suffix

What is the primary purpose of a hash function?

Produce a fingerprint of data

What must a hash function be?

Computationally easy to compute for any given input

What is one way referred to in a hash function?

A property that is computationally infeasible to find an input for a given code

What does second preimage resistance ensure in a hash function?

No alternative message with the same hash

What does a strong collision-resistant hash function make infeasible?

To find any pair of inputs with the same hash value

Which hash function is currently the most widely used?

SHA-256

What is a hash function that satisfies the first five properties called?

Weak hash function

What does a strong hash function satisfy?

It satisfies all six properties of a hash function

What does a strong hash function protect against?

An attack in which one party generates a message for another party to sign

How many bits does SHA-1 produce in its hash value?

160

Describe the SHA-2 versions by their hash value lengths in order

1⃣ SHA-256 (256 bits)

2⃣ SHA-384 (384 bits)

3⃣ SHA-512 (512 bits)

The SHA-2 and SHA-1 versions use the same of what?

Modular arithmetic and logical binary operations

What has SHA-1 shown to be?

It has shown to be far weaker than its 160-bit hash length suggests

What happens when a user enters a password?

The hash of that password is compared to the stored hash value for verification

What type of preimage resistance is required for intrusion detection?

Weak second preimage resistance

Describe the four steps for using public-key cryptography

1⃣ Each user generates a pair of keys.

2⃣ Each user places one key in a public file.

3⃣ Bob encrypts a message using Alice's public key.

4⃣ Alice decrypts the message using her private key.

What don’t private keys in public-key cryptography need to do?

They dont need to be distributed to all users

What type of cipher is RSA?

Block cipher

What is the Diffie-Hellman algorithm not used for?

Encryption purposes

What does the Diffie-Hellman algorithm allow?

It allows two users to securely reach agreement about a shared secret

Which hash function does the Digital Signature Standard (DSS) use?

SHA-1

What can the Digital Signature Algorithm (DSA) not be used for?

For both encryption and key exchange

What is a competing system to RSA that offers equal security for a smaller bit size?

Elliptic Curve Cryptography

How does the confidence level compare between ECC and RSA?

The confidence level in ECC is not yet as high as that in RSA

What does a digital signature ensure?

That the data block has not been altered since signing

Describe the digital signature algorithms

DSA ↔ Based on discrete logarithms

RSA Digital Signature Algorithm ↔ Based on the RSA algorithm

ECDSA ↔ Based on elliptic-curve cryptography

What is a digital envelope used for?

Protecting a symmetric key

How is the one-time key used in a digital envelope?

The one-time key is encrypted using public-key encryption with Alice’s public key

What is an example of a digital envelope?

PGP which is used to encrypt email messages.

What are the two steps in the authentication process?

Identification and verification

What is user authentication?

The process of verifying a claimed identity

User authentication is distinct from what?

Message authentication

Describe the authentication methods with an example

Something the individual knows ↔ Password

Something the individual possesses ↔ Smart card

Something the individual is ↔ Fingerprint

Something the individual does ↔ Typing rhythm

What is the term for biometric recognition based on fixed physical characteristics?

Static biometrics

What do managing passwords and tokens involve?

Significant administrative overhead

What are some problems associated with biometric authenticators?

False positives

Describe the concepts related to user authentication

Assurance level ↔ Organization’s degree of certainty in user identity

Potential impact ↔ Effect of a security breach

Areas of risk ↔ Mapping between impact and assurance

What does an assurance level describe in user authentication?

Degree of certainty