What are the the security features of the CIA model?
- Confidentiality
- Message integrity
- End-point authentication
- Operational security
What does confidentiality provide?
Only the sender and the intended receiver should be able to understand the contents of the transmitted message.
What does message integrity provide?
Ensure that the content of their communication is not altered, either maliciously or by accident, in transit. Extends checksumming from the transport layer.
What does end-point authentication provide?
Both the sender and the receiver should be able to confirm the identity of the other party involved in the communication - to confirm that the other party is indeed who or what they claim to be.
Why are keys important to network security?
Because encryption algorithms and protocols are known, published and standardized. Thus, nothing prevents a intruder from exploiting these methods.
In layman’s terms what does Ka(m) do?
Encrypt message ‘m’ with key ‘Ka’
What does this represent: Kb(Ka(m))
The decryption of Ka’s message ‘m’
What is the property of a symmetric key system?
Ka and Kb are known to both hosts. They are identical and secret.
How does a public key system works?
- One of the keys is known to the world (i.e. public)
- The other key is known to either host A or B (not both)
What is a ciphertext-only attack?
Intercept the ciphertext message and use statistical analysis to break the encryption theme.
What is a known-plaintext attack?
When you have a priori knowledge of certain combinations of the content of the message.
What is a chosen-plaintext attack?
When you have access to plaintext message and the encrypted version.
Block ciphers are used for what major Internet protocols?
- PGP (e-mail)
- SSL (TCP connections)
- IPsec (network layer security)
What is a good measure to prevent brute force attacks with block ciphers?
Increase the size of the ‘blocs’ being encrypted.
Example
Block size 3 –> 40,320 permutations
(2^3 = 8 = 8!)
Block size 64 –> 1.8446744e+19… hard to brute force
Why are block cipher tables not a feasible solution?
Host A and Host B would have to hold a table (example) of 2^64 values. If they were to change, they would need to change the table again.
At a high level how what are the steps for public key encryption?
- Host A gets the public key from Host B
- Encrypts its message Kb+(m)
- Send encrypt message to Host B
- Host B decrypts the message with its private key Kb-(Kb+(M))
What are two conceptual issues with public key encryption?
- Someone can intercept the Kb+(m) and break it with know public key protocols
- The private key host has no way to identify who is sending the message (e.g. is Alice (good) or Trudy (bad))
What is the feature of the RSA algorithm sets it apart?
Extensive use of arithmetic operations using modulo-n arithmetic
Why does RSA provides great security but can’t guarantee it?
Because it relies on the fact that there are no known algorithms for quickly factoring a number.
Conversely, it is not known where or not there exist fast algorithms for factoring a number. E.g. government secret.
What is the property of a cryptographic hash function?
Computationally infeasible for an intruder to substitute one message for another message that is protected by the hash function. e.g. H(x) = H(y)
What are the two major hash algorithms?
MD5 (message digest 5)
SHA-1 (secure hash algorithm)
What are the three steps of using a hash function?
- Host A creates message ‘m’ and hashes it H(m)
- Host A appends the hash to message ‘m’ -> (m, H(m)). Sends it to Host B
- Host B receives (m, h) and calculates H(m). If H(m) = h - message integrity achieve (not really, there’s a flaw))
What is a flaw with just using hash functions?
A third host, Host C, could send a message using a ‘bogus’ message and the hash would check out, thus Host B could think the message was sent by Host A.
What is needed to perform message integrity in addition to hash functions?
A shared secret between Host A and Host B –> authentication key.
