1/84
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced | Call with Kai | Chat |
|---|
No analytics yet
Send a link to your students to track their progress
What is confidentiality in network security?
It ensures that only the sender and the intended receiver can understand the message
What is authentication in network security?
It confirms the identity of the sender/receiver.
What is message integrity in network security?
It ensures that a message has not been altered during transmission
What does access and availability mean in network security?
Network services must be accessible and available to all users.
What are some common goals of network security?
Confidentiality, authentication, message integrity, and access/availability.
What are things "bad guys" can do?
Eavesdrop, hijacking, spoofing, DOS/DDOS, impersonation/fake messages
What techniques help provide message integrity?
Extensions of checksumming techniques from transport and data link protocols.
What is plaintext in cryptography?
The original, readable message before encryption or after decryption.
What is ciphertext?
The unreadable, encrypted version of the message.
What are two main ways an attacker can analyze saved ciphertext?
Statistical analysis, brute-force attack.
What is a brute-force attack in cryptography?
Trying all possible keys to decrypt the ciphertext.
What is a substitution cipher?
A cipher that replaces elements of the plaintext with other symbols.
What is a monoalphabetic cipher?
A type of substitution cipher where each letter of the plaintext is always replaced with the same letter of ciphertext.
What is symmetric key cryptography?
A cryptographic method where both sender and receiver share the same secret key.
What is public key cryptography?
A cryptographic method where the encryption key is public and the decryption key is private.
In public key cryptography, who can encrypt messages and who can decrypt?
Anyone can encrypt a message using the public key, but only the receiver with the private key can decrypt it.
What is a block cipher?
A symmetric encryption method that processes fixed-size blocks of bits (e.g., 64 bits) and encrypts each block independently.
What is the main idea of Cipher Block Chaining (CBC)?
To use a single Initialization Vector (IV) and then chain the ciphertexts by XORing each plaintext block with the previous ciphertext block before encrypting.
What security issue exists with public key encryption regarding sender identity?
Anyone can send messages to Bob using his public key, so it does not guarantee the identity of the sender.
First you must verify a message’s ___, then you can verify its ___.
Integrity, authenticity
What is message integrety?
It means we can tell if a message has been changed.
What does encryption primarily provide in communication?
Confidentiality.
What two things must Bob verify to authenticate a message from Alice?
1. The message originated from Alice.
2. The message wasn't changed in transit.
What is the purpose of a Message Authentication Code (MAC)?
To ensure message integrity and authentication using a shared secret key.
What is a challenge in using MACs?
Distributing the shared secret key securely.
What is a digital signature?
A cryptographic method to prove the origin and integrity of a digital message.
What two key properties must digital signatures have?
Verifiability and nonforgeability.
What type of cryptography is used in digital signatures?
Public-key cryptography.
Key difference between MACs and Digital Signatures?
MACs use shared secrets and hash functions; digital signatures use public/private key pairs and encryption.
Which is lighter: MAC or Digital Signature?
MAC, because it doesn't involve public-key encryption.
What is the purpose of public key certification?
To certify that a public key belongs to a specific entity, ensuring trust in secure communications.
Why is public key verification important in public key cryptography?
Because it prevents attackers from impersonating others by submitting their own public key as someone else's.
What is a Certification Authority (CA)?
A trusted entity that verifies identities and issues certificates binding public keys to those identities.
What type of encryption is typically used to encrypt the actual message in secure email?
Symmetric key encryption, because public key encryption is not efficient for encrypting large amounts of email data.
How is the symmetric key shared securely with the email receiver?
It is encrypted using the receiver's public key.
How can a sender ensure the integrity of the message and authenticate themself to the receiver in a secure email?
By hashing the message and encrypting the hash using their own private key.
What encryption method is used to securely deliver the symmetric key?
Public key encryption using the recipient's public key.
How is confidentiality, authentication, and integrity combined in secure e-mail?
Sign the hash of the message, encrypt it using symmetric encryption, and send the symmetric key encrypted with the receiver's public key.
What is a challenge in secure e-mail regarding public key use?
Securely distributing public keys and ensuring their authenticity.
What is TLS and what layer does it secure?
TLS (Transport Layer Security) is a widely used protocol that secures communication at the transport layer. It replaced SSL.
What three main security services does TLS provide and how?
Confidentiality (symmetric encryption), integrity (cryptographic hashing), and authentication (public key cryptography).
What are the four key components of a secure transport-layer protocol like TLS?
Handshake, key derivation, data transfer, and connection closure.
What types of attacks can target the TCP data stream?
Re-ordering (segments reordered by an attacker), and replay attacks.
How does TLS defend against TCP-level reordering and replay attacks?
By using encrypted sequence numbers and a single use nonce.
What is a truncation attack in TLS?
It's when an attacker forges a TCP connection close segment, making one or both parties believe the communication ended early.
How does TLS defend against truncation attacks?
By using record types and a specific record type for signaling connection closure.
What are the 3 goals of the TLS handshake phase?
1. Establish TCP connection
2. Authenticate server identity
3. Exchange a shared master secret
What is the Master Secret (MS) in TLS?
A secret value used to derive encryption and MAC keys.
How does TLS handle data integrity during transfer?
By breaking data into records, adding HMAC (Hashed Message Authentication Code), and encrypting each record.
Why not just encrypt the whole TCP stream at once?
Because we need to verify integrity continuously, not just at the end.
What layer of the network stack does IPsec operate at?
The network layer (IP layer).
What is the primary use of IPsec?
To encrypt and authenticate IP traffic between two hosts.
What are the two modes of operation in IPsec?
Transport mode and tunnel mode.
What does IPsec encrypt in transport mode?
Only the payload of the IP datagram (not the header).
What does IPsec encrypt in tunnel mode?
The entire IP datagram; header and payload.
What happens to an encrypted datagram in tunnel mode?
It is encapsulated in a new datagram with a new IP header.
Which IPsec mode is used for VPNs?
Tunnel mode.
What does VPN stand for?
Virtual Private Network.
How does tunnel mode relate to VPNs?
Tunnel mode hides the original IP datagram inside a new one, creating a secure "tunnel"
What kind of entities can IPsec secure datagrams between?
IPsec can secure traffic between hosts, routers, or a host and a router.
Why is network-layer security called "blanket coverage"?
Because it protects all types of traffic, not just a single application or protocol.
What 3 services can IPsec provide?
1. Source authentication
2. Data integrity
3. Replay-attack prevention
What is a Virtual Private Network (VPN)?
A secure communication system built over the public Internet, using encryption (via IPsec) to protect traffic.
How does traffic behave within a VPN institution?
Internal traffic uses regular IPv4, but traffic crossing the public Internet is encrypted with IPsec.
What does the receiving VPN client do with the IPsec datagram?
It decrypts the payload, verifies integrity, and passes it to the upper-layer protocol.
Why is security especially important in wireless networks?
Because attackers can sniff data just by being within the transmission range.
What common security techniques are used in both 802.11 and 4G/5G?
Nonces for authentication, Cryptographic hashing for integrity, Symmetric key encryption for data
What are two critical security concerns in 802.11 networks?
Mutual authentication and Encryption of link-layer frames
What is mutual authentication in Wi-Fi?
Both the device authenticates the network and the network authenticates the device.
What three components are involved in Wi-Fi authentication?
Mobile device, Access Point (AP), and Authentication Server (AS)
What is a firewall?
A firewall is a hardware/software system that filters traffic between a trusted internal network and the Internet.
What are the three goals of a firewall?
(1) All traffic must pass through it, (2) only authorized traffic is allowed, and (3) the firewall itself must be secure.
What are the three types of firewalls?
Traditional packet filters (stateless), stateful filters, and application gateways.
Where is a firewall usually placed?
At the entry/exit point of a network, like the border router.
What is a packet filter?
A firewall that checks each packet based on rules and allows or blocks it.
What factors can packet filters examine?
IP addresses, port numbers, protocol types, TCP flags, and ICMP types.
What is an access control list (ACL) in firewalls?
Table of rules, applied top to bottom to incoming packets.
What happens when a packet matches an ACL rule?
The specified action (allow or deny) is applied, and the rest of the rules are skipped.
What is a stateful packet filter?
A firewall that tracks TCP connection states and makes filtering decisions based on connection status.
What does a connection table do in a stateful firewall?
It records active TCP connections to allow only valid packets related to them.
Why are stateful filters better than traditional packet filters?
They prevent malicious packets (e.g., spoofed ACKs) that traditional filters may let through.
How do stateful filters handle idle connections?
They assume a connection has ended if there is no activity for a certain time
What is an application gateway?
firewall component that inspects application-layer data and enforces policies based on user identity and app-level info.
What can application gateways do that packet filters can't?
They can filter traffic based on user identity and application-level behavior, not just IP or port numbers.
What are 3 disadvantages of application gateways?
They require one gateway per app, can become performance bottlenecks, and need client awareness of the gateway.