Introduction Flashcards Preview

Protocols and Algorithms for Network Security > Introduction > Flashcards

Flashcards in Introduction Deck (59)
Loading flashcards...
1
Q

Which are the main Security Goals?

A

(CADAC) Confidentiality, Accountability, Data Integrity, Availability, Controlled Access.

2
Q

What does Confidentiality mean?

A

Confidentiality means that data transmitted or stored should be only be disclosed to those entitled. Confidentiality of entitles is also referred to as anonymity..

3
Q

What does data integrity mean?

A

Data integrity means that it should be possible to detect any modification of data, as well as it requires to be able to identify the creator of some data.

4
Q

What does accountability mean?

A

Accountability means that it should be possible to identify the entity responsible for any communication event.

5
Q

What does availability mean?

A

Availability means that services should be available and function correctly.

6
Q

What does controlled access mean?

A

Controlled access mean that only authorized entities should be able to access certain services or information.

7
Q

Which are the main security threat types?

A

(REFILS) Repudiation (denial of communication acts), eavesdropping, forgery of information, impersonation (masquerade), loss or modification of information, sabotage.

8
Q

Explain masquerade/impersonation.

A

Masquerade or impersonation is when an entity claims to be another entity.

9
Q

Explain eavesdropping.

A

Eavesdropping is when an entity reads information it is not intended to read.

10
Q

Explain authorization violation.

A

Authorization violation is when an entity uses a service or resources it is not intended to use.

11
Q

Explain loss or modification of information.

A

loss or modification of information is when data is being altered or destroyed.

12
Q

Explain denial of communication acts (repudiation).

A

Denial of communication acts (or repudiation) is when an entity falsely denies its participation in a communication act.

13
Q

Explain forgery of information.

A

Forgery of information is when an entity creates new information in the name of another entity.

14
Q

Explain sabotage.

A

Sabotage is any action that aims to reduce the availability and/or correct functioning of services or systems.

15
Q

What does a detailed network security analysis needs?

A

A detailed network security analysis needs:

  1. evaluates the risk potential of the general threats to the entities using a network; and
  2. estimates the expenditure (resources, time, etc.) needed to perform known attacks.
16
Q

Why a detailed security analysis of a given network / configuration / specific protocol architecture would required/is important?

A
  1. Might be required in order to convince financially controlling entities in an enterprise to grant funding for security enhancements
  2. evaluates the feasibility and costs on different attacks and compares it to the cost of protection.
17
Q

What are the possible classification of attacks against protocols?

A

Passive and active attacks.

18
Q

What is an active attack?

A

An active attack is an attack which has active intervention of attackers. Ex.: man-in-the-middle attack, any manipulation of protocol (such as modification, insertion, deletion of packets), IP-spoofing, phishing…

19
Q

What is a passive attack?

A

A passive attack is an attack which the attacker is not involved in the protocol. Ex.: attacker observes the protocol, tries to gain information, eavesdropping attack, war-driving (sniffing at wireless network)

20
Q

Where can an attack happen in a layered protocol architecture?

A

In the interface (endsystem [initiator/responder], network) or in the layers (application layer, communication layer, etc).

21
Q

What is a cryptographic algorithm?

A

A cryptographic algorithm is a mathematical transformation of input data (e.g. data, key) to output data.

22
Q

Where are the cryptographic algorithms used?

A

Cryptographic algorithms are used in cryptographic protocols.

23
Q

What is a cryptographic protocol?

A

A cryptographic protocol is a series of steps and message exchange between multiple entities in order to achieve a specific security objective.

24
Q

What is a security service?

A

A security service is an abstract service that seeks to ensure a specific security objective.

It can be realized with the help of cryptographic algorithms and protocols.

25
Q

What are the main security services?

A

(ACINA) Access Control, Confidentiality, Integrity, Non-repudiation and Authentication.

26
Q

Explain the authentication security service.

A

The authentication security service ensures that an entity has the identity it claims to have. Ex.: Logon services (User/password), certificates, etc.

27
Q

Explain the integrity security service.

A

The integrity security service ensures that the data created by specific entities may not be modifies without detection. Ex.: Version Control systems, backup, checksums.

28
Q

Explain the confidentiality security service.

A

The confidentiality security service ensures the secrecy of protected data. Ex.: Encryption, security tokens.

29
Q

Explain the access control security service.

A

The access control security service ensures that each identity access only those services/information it is entitled to. EX.: ACL, file system permissions.

30
Q

Explain the non-repudiation security service.

A

The non-repudiation security service protects against that entities participating in a communication exchange can later falsely deny that the exchange occurred. Ex.: System log, digital certificates.

31
Q

Cite some general security supporting mechanisms.

A

Key management, random number generation, event detection/security audit trail, intrusion detection.

32
Q

Cite some communication specific security supporting mechanisms.

A

Traffic padding (adding bogus traffic to prevent traffic flow analysis), routing control (influencing the routing of packets in a network).

33
Q

What is cryptology?

A

Cryptology is the science concerned with communications in secure and usually secret form.

Kryptós - hidden
Lógos - word

34
Q

What is cryptography?

A

Cryptography is the study of the principles and techniques by which information can be concealed in ciphertext and later revealed by legitimate users employing a secret key.

35
Q

What is cryptanalysis?

A

Cryptanalysis (analýein = to loosen, to untie): the science (and art) of recovering information from ciphers without knowledge of the key.

36
Q

What is cipher’s definition?

A

Cipher is a method of transforming a message (plain text) to conceal its meaning. It is used as synonym for the concealed ciphertext. Ciphers are one class of cryptographic algorithms. The transformation usually takes the message and a (secret) key as input.

37
Q

Which are the main applications of cryptographic algorithms?

A

Data encryption and data signing.

38
Q

Define data encryption.

A

Data encryption transforms plain text data into ciphertext in order to conceal its meaning.

39
Q

Define data signing.

A

Data signing computes a check value or digital signature to a given plain- or ciphertext, that can be verified by some or all entities being able to access the signed data.

40
Q

All cryptographic algorithms can be used for encryption and data signing?

A

No. Some can be used for both purposes, but some are only secure and/or efficient for one of them.

41
Q

Which are the principle categories of cryptographic algorithms?

A

Symmetric cryptography (one key for en-/decryption or signing/checking), asymmetric cryptography (public and private key), cryptographic hash functions (do not use keys but simply compute a certain transformation of the input data).

42
Q

Cite some types of cryptanalysis.

A

Ciphertext only, known ciphertext/plaintext pairs, chosen plaintext or chosen ciphertext, rubber-hose cryptanalysis (violence, intimidation, coercion, torture), differential cryptanalysis and linear cryptanalysis.

43
Q

What are the main direction to do cryptanalysis of public key?

A

Computation of discrete logarithms and factorization of large integers.

44
Q

On average, how many possible keys have to be tried to succeed in a brute force attack?

A

Half of all possible keys.

45
Q

How can a encryption algorithm be classified?

A
  1. By the type of operations used for transforming plain text to cyphertext (substitution and/or transposition [re-arranges the elements in the plain text])
  2. By the number of keys used (symmetric or asymmetric ciphers)
  3. By the way in which the plain text is processed (stream or block ciphers)
46
Q

Give some examples of symmetric en-/decryption algorithms.

A

DES, AES, RC4

47
Q

Give some examples of asymmetric en-/decryption algorithms.

A

RSA, Diffie-Hellman, ElGamal

48
Q

Give some examples of Cryptographic hash functions

A

MD-5, SHA-1, CBC-MAC

49
Q

Which was the first cypher device?

A

Scytale: leader evolving a tapered baton.

50
Q

Explain the Vigenère Cipher

A

Based on a key, search for the letter you want to encrypt in the lines and check on the columns the key. The intersection between both is the cyphered letter.

51
Q

Where do the rotor principle was employed?

A

Enigma machine.

52
Q

In which kind of attack the knowledge of the en- /decryption key or its length is irrelevant?

A

Brute force attacks as well as rubber-hose.

53
Q

Considering Block Cipher and stream Cipher, which one is more efficient in terms of security?

A

Block ciphers are more secure, because they have more diffusion.

54
Q

Explain the avalanche effect.

A

Avalanche effect is the desirable property of cryptographic algorithms that given a slightly changed input, the output would change significantly.

55
Q

What is a possible real-world attack to the confidentiality?

A

Port scanning, dumpster diving (search on garbage), wiretapping, key logger, phishing and pharming, social engineering.

56
Q

What is a possible real-world attack to integrity?

A

Salami attacks (minor data security attacks that together result in a larger attack), man-in-the-middle, session hijack.

57
Q

What is a possible real-world attack to availability?

A

DoS, DDoS, syn/ICMP flood attacks, electrical power attacks, server room environment attacks.

58
Q

What is a possible real-world attack to accountability?

A

spoofing

59
Q

What is a possible real-world attack to access control?

A

Packet sniffing (data not encrypted), password attacks (dictionary or brute force).