Shared Flashcard Set

Details

CSE 465 test 2
exam 2
118
Computer Science
Undergraduate 4
10/22/2009

Additional Computer Science Flashcards

 


 

Cards

Term
Mandatory Access Control
Definition

Enforce a label-baesd policy:

  • Assign security label (level) to all data
  • Assign a security label (clearance) to each user
  • DBMS should make sure that all users have access to only those data for which they have a clearance
Term
Bell Lapadula Model
Definition
  • Simple-Security

Subject S can read object O only if

label(S) dominates label(O)

 

  • *(STAR)-Property

 

Subject S can write object O only if

label(O) dominates label(S)

Term
Trojan Horses
Definition
  • A Trojan Horse is rogue software installed, perhaps unwittingly, by duly authorized users
  • A Trojan Horse does what a user expects it to do, but in addition exploits the user's legitimate privileges to cause a security breach
Term
Trojan Horses
Definition
  • Trojan Horses are the most insidious threat
  • Viruses and logic bombs are examples of Trojan Horses
  • It is possibel to embed Trojan Horses in hardware and firmware
  • It is possible to embed Trojan Horses in critical system software such as compilers and Database Management Systems
Term
Reference Monitor Abstraction
Definition
  • It contains security classes of all objects and subjects
  • Whatever a subject accesses an object, it must do so via the reference monitor
  • It enforces the two MAC requirements
  • It is always running, cannot be bypassed, and cannot be tampered with

 

Term
BIBA Model
Definition
  • Simple-Integrity

Subject S can read object O only if
label(O) dominates label(S)

 

  • Star-Property

Subject S can write object O only if
label(S) dominates(O)

Term
Equivalence of BLP and BIBA
Definition
  • Information Flow in BIBA is downward
  • Information Flow in BLP is upward
  • Since up and down are relative BLP and BIBA are essentially equivalent
  • Lattice-based access control yields one way information flow, which can be used for confidentiality or integrity
Term
Isolated Classes
Definition
No information flow is allowed from one security class to a different security class
Term

High-low policy

 

Definition
  • There are only two security classes called for example, H (for high) and L(for low); all flows are allowed except that form high to low. In other words, high information is more sensitive than low information
Term

Denning's Axioms

 

Definition

<SC, ->, +O>

 

  • SC is finite
  • -> is a partial order on SC
  • SC has a lower bound L such as L -> A for all AŒ SC, That is, L is the lowest security class
  • +O is a least Upper Bound (lub) operator on SC
Term
Denning's Axioms Imply
Definition
  • SC is a universally bounded lattice
  • There exists a Greatest Lower Bound(glb) operator xO (also called meet)
  • There exists a highest security class H
Term
Lattices
Definition

Is a mathematical structure

 (see slide 9 of lecture 9)

Term
Chinese Wall Policy
Definition
  • Example of a commercial security policy for confidentiality
  • Mixture of free choice (discretionary) and mandatory controls
Term

Brewer-Nash

Chinese Wall Policy

Definition
  • BN Simple-Security
  • S can read O only if:

O is in the company datasetas some object previously read by S (ie., O is within the wall)

or

O belongs to a conflict of interest class within which S has not read any object (i.e., O is inthe open)

Term
Owner-Based DAC
Definition
  • owner has all-or-nothing power
  • spaghetti of intent
  • negative permissions make for messier spaghetti
  • trojan horses can subvert intent
Term
RBAC
Definition
  • A user's permissions are determined by the user's roles
  • rather than identity (DAC) or clearance (MAC)
  • roles can encode arbitrary attributes
  • Facilitates
  • administration of permissions
  • articulation of policy
  • ranges from very simple to very sophisticated
Term
Generalized access control models
Definition
  • HRU, Take-Grant, SPM, TAM
  • Type enforcement
  • Generalized framework for access control
Term
Cryptography
Definition
  • Cryptology means hidden writing
  • Comes from the Greek words (hidden or secret) and (writing)
  • A tool for cryptographic services
Term

Encryption

 

Definition
The process of coding a message such that its meaning is concealed
Term

Decryption

 

Definition
The process of transforming an encrypted message into the original form
Term
Cyrptosystem
Definition
a system for encryption and decryption
Term
Plaintext
Definition
a message in its original form
Term
Ciphertext
Definition
a message in the encrypted form
Term
Cryptographer
Definition
invents encryption algorithms -- good guys
Term
Cryptanalyst
Definition
attempts to break encryption algorithms --bad guys
Term
Cryptographic Technology
Definition

Secret-key encryption

Public-key encryption

Public-key digital signatures

Message digests

Public-key certificates

Key agreement protocols

Key recovery and archive

Term
Cryptogrphic Services
Definition
  • confidentiality
  • integrity
  • authentication
  • non-repudiation
  • management of security
Term
Cryptosystem
Definition
  • Quituple (E, D, M, K, C)
  • M set of plaintexts
  • K set of keys
  • C set of ciphertexts
  • E set of encryption functions e: M x K -> C
  • D set of decryption functions d: C x K -> M
Term

Classical Cryptopraghy

 

Definition
  • Sender, receiver share common key
    • Keys may be the same, or trivial to derive from one another
    • sometimes called symmetric cryptogrphy
  • Two  basic types
    • Transposition ciphers
    • Substitution ciphers
    • Combinations are called product ciphers
Term
Transposition Cipher
Definition

Rearrange letters in plaintext to produce ciphertext

Example (Rail-Fence Cipher)

Plaintext is HELLO WORLD

Rearrange as

HLOOL

ELWRD

Ciphertext is HLOOL ELWRD

Term
Substitution Cipher
Definition
  • Change characters in plaintext to produce ciphertext
  • Example (Caesar cipher)
    • Plaintext is HELLO WORLD
    • Change each letter to the third letter following it (X goes A, Y to B, Z to C)
      • Key is 3, usually written as letter 'D'
    • Ciphertext is KHOOR ZRUOG
Term
Passive attacks
Definition
  • observe but do not modify traffic
  • threat for confidentiality
Term
Active attacks
Definition
  • delete, add, and replay traffic
  • threat for confidentiality, integrity, authentication and non-repudiation
Term

Secret Key Cryptosystem

 

Definition
  • A and B can be people or computers
  • attacker is assumed to know E and D
  • confidentiality depends only on secrecy of the key
  • secret key systems do not scale well
    • with N parties we need to generate and distribute N*(N-1)/2 keys
Term
Long-Term keys
Definition
  • prolonged use increases exposure
Term
Session keys
Definition
  • short-term keys communicated by means of long-terms keys
Term

Secret Key

Cryptosystems

Definition
  • 64 bit data block size
    • DES: 56 bits
    • Triple DES: 112 bit key
    • IDEA: 128 bit key
    • Skipjack (Clipper):80 bit
    • RC2: variable size key
  • 128 bit data block size
    • Advanced Encryption Standard: 128, 192 or 256 bits
Term
Secret key cryptosystems more
Definition
  • Variable block size
    • RC5
      • 32, 64, or 128 block size
      • variable key size
      • variable numner of rounds
    • Advanced Encryption Standard under development
      • must support key-block combinations of 128-128, 192-128, 256-128
      • may support other combinations
Term
Cryptanalysis
Definition
  • ciphertext only
    • cryptanalyst only knows ciphertext
  • known plaintext
    • cryptanalyst knows some plaintext-ciphertext pairs
  • chosen plaintext
Term
Known plaintext Attack
Definition
  • 40 bit key requires 239 ≈ 5* 1011 trials on average (exportable from USA)
  • Trials/second    Timerequired

1              20,000years

103             20years

106             6 days

109           9 minutes

1012          0.5 seconds

Term
Dictionary Attacks
Definition
  • if keys are poorly chosen know plaintext attacks can be very simple
  • often the user's password is the key
  • in a dictionary attack the cryptanalyst tries passwords from a dictionary, rather than all possible keys
  • for a 20,000 word dictionary, 1 trial/second will crack a poor password in less then 3 hours
Term
Data Encryption Standard (DES)
Definition
  • 56 bit key
  • 64 bit block size
  • E and D are public
  • US Federal standard for sensitive but unclassified information
    • adopted as ANSI DEA (Data Encryption Algorithm)
Term
DES Conti.
Definition
  • Modes
    • ECB, CBC
  • Major weakness is key size of 56 bits
  • useful life can be extended by triple DES (effective key size 112 bits)
Term
Electronic Code Book is ECB Mode
Definition
  • ok for small messages
  • identical data blocks will be identically encrypted
Term
Cipher block chaining (CBC) Mode
Definition
  • Needs an Initialization Vector (IV) to serve as the first feedback block
  • IV need not be secret or random
  • Integrity of the IV is important, otherwise first data block can be arbitrarily changed
  • IV should be changed from message to message, or first block of every message should be distinct
Term

Public Key Cryptosystem

 

Definition
  • Solves the key distribution problem provided there is a reliable channel for communication of public keys
  • requires reliable dissemination of 1 public key/party
  • scales well for large-scale systems
Term
Public Key Encryption
Definition
  • confidentiality based on infeasibility of computing B's private key from B's public key
  • key sizes are large ( 512 bits and above) to make this computation infeasible
Term

RSA

(Rivest-Shamir-Adleman)

 

Definition
  • public key is (n,e)
  • Private key id d
  • encrypt: C = Me mod n
  • decrypt: M = Cd mod n

 

 

 

Term
RSA: Generation of Keys
Definition

choose 2 large (100 digit) prime numbers p and q

compute n = p*q

pick e relatively prime to Φ(n) which is (p-1)*(q-1)

compute d, e*d = 1 mod Φ(n), which means (e*d)-1 should be evenly divisble by Φ(n)

publish (n,e)

keep d secret ( and discard p,q)

Term
RSA VS. DES
Definition
  • RSA encrypts at kilobits/second
  • DES encrypts at megabits/second
  • This 1000-fold difference in speed is likely to remain independent of technology advances
Term
RSA Key Size
Definition
  • key size of RSA is selected by the user
    • casual 384 bits
    • commercial 512 bits not any more
    • military 1024 bits
Term
Digital Signatures in RSA
Definition
  • RSA has a unique property, not shared by other public key systems
  • Encryption and decryption commute
    • (Me mod n)d mod n = M  encryption
    • (Md mod n)e mod n = M  signature
  • Same public key can be use for encryption and signature
Term

NIST Digital Signature Standard:

to sign message m: private key x

Definition
  • choose random r
  • compute v = (gr mod p) mod q
  • compute s =(m+xv)/k mod q
  • signature is (s,v,m)

 

Term

NIST Digital Signature Standard:

to verify signature: public key y

Definition
  • compute u1 = m/s mod q
  • compute u2 = v/s mod q
  • verify that v = (gu1 *yu2 mod p) mod q
Term

Characteriscts of NIST Digital Signature Standard

 

Definition
  • Separate algorithms for digital signature and public-key encryption
  • signature does not repeat, since r will be different on each ocassion
  • same random number r is used for two messages, the system is broken
  • message expands by a factor of 2
  • if RSA signatures do repeat, there is no message expansion
Term

Diffie-Hellman
Key Agreement

 

Definition
  • security depends on difficulty of computing x given y=ax mod p
    called the discrete logarithm problem
Term
Summary of different Encryptions, Signatures, and agreement
Definition
  • Public- key encryption
    • RSA (Rivast-Shamir-Adleman)
  • Public-key Digital signatures
    • RSA
    • NIST DSS(Digital Signature Standard)
  • Public-key key agreement
    • Diffie-Hellman

 

Term
Message Digests: Motivation
Definition
  • Public-key technology is very slow
  • Public-key encryption
    • use public-key encryption to send a secret key with confidentiality
    • actual traffic is encrypted using secret key
  • Public-key digital signatures
    • cannot sign big messages
Term
Advantages of Message Digest
Definition
  • for performance reasons
    • sign the message digest
    • not the message
  • one way function
    • m=H(M) is easy to compute
    • M=H-1 (m) is hard to compute
Term
Weak Hash function for Message Digests
Definition
  • diffcult to find M' such that H(M')=H(M)
  • Given M, m=H(M) try messages at random to find M' with H(M')=m
    • 2k trials on average, k=64 safe to be
Term
Strong Hash function
Definition
  • difficult to find any two M and M' such that H(M')=H(M)
  • Try pairs of messages at random to find M and M' such that H(M)'=H(M)
    • 2k/2 trials on average, k=128 to be safe
Term
MD4, MD5 background info
Definition
  • proposed by Ron Rivest (of RSA)
  • MD5 is na improved version of MD4
  • 128 bit digest
  • simple, compact and fast

 

Term
NIST SHA Background info
Definition
  • 160 bit digest
  • similar to MD5
Term
What are secret-key technique to provide efficient?
Definition
  • Authentication
  • Integrity

 

 

Term
Disadvantage of MD?
Definition
  • Does not provide
    • non-repudiation
Term
HMAC Computation
Definition
  • HMACk (M) = h(K+o opad|| h(K+o ipad || M))
    • h is any message digest function
    • M message
    • K secret key
    • opad, ipad: fixed outer and inner padding
  • HMAC-MD5, HMAC-SHA
Term
Motivation to public-key Certificate
Definition
  • public-key encryption
    • sender needs public key of receiver
  • public-key digital signatures
    • receiver needs public key of sender
  • public-key key agreement
    • both need each other's public keys
Term
Key Distributions: Manual
Definition
  • Impractical
  • Inadequately
  • the user populations become large
Term
Key Distributions: Systematic
Definition
  • Scable and Controllable
  • Demand public-key certification authority(CA)
Term
What is Certificate?
Definition
  • A document containing a certified statement, especially as to the truth of something - literally
  • A collection of information plus a digital signature - electronic world
Term
Diffie- Hellman Key Agreement
Definition

k=ybxA mod p =yAxB mod p = axAxB

system constants: P: prime numbers, a: integer

Term
Basic Story for Users
Definition
  • Need to get CA's public key certificate
    • To verify CA's signature
  • Need to get a subscriber's public key certificate
    • To obtain the public key of a subscriber of CA
  • Need to get his own certificate from CA
    • To use mutual authentication as a certificate is presesnted across the internet
Term

Key-Pair Generation

 

Definition
  • Private key
    • Secure transfer to the key-pair holder's system
  • Public key
    • Secure transfer to one or more certification authorities as an input to certification authorities as an input to certificate generation functions
  • Types
    • Key-pair holder system
    • Central system
Term
KEY Distribution factors
Definition
  • Without needing to consider
    • Confidentialiality
    •  
      • No need to keep Public-key value confidential
    • Authentication and Integrity
      • CA's digital signature inside the certificate provides both authentication and integrity
Term
KEY DISTRIBUTION FACTORS Contd.
Definition
  • Trustworthiness
    • Important factor
    • A certificate is only useful if the public-key user is certain it trusts the certification authority to issue only valid certificates
  • Certificate Trust
    • how to acquire public key of the issuer to verify signature
    • whether or not to trust certificates signed by the issuer for this subject
Term

Different Types of Certification Authority

 

Definition
  • Single CA
    • Not pratical
    • Need to have sufficient knowledge of and an adequate relationship with all potential users 
  • Multiple CAs
    • Certificate chain or Certificate path
Term
What is a Validity period?
Definition
  • A restricted lifetime
  • To control cryptanalysis opportunity
  • To constrain the period vulnerability
Term

What is Revocation?

 

Definition
  • In the event of a know or suspected key comprise, it should be possible to protect users against continuing to use the public-key via a certificate
Term
Certificate Revocation Lists
Definition
  • CRLs issued periodically as per CA policy
    • blank CRLs can be issued
  • CRL distribution
    • pull method
    • push method
  • Immediate or real-time revocation
    • needs query to CA on every certificate use
    • maybe of for small closed communities
Term
Private-key protection
Definition
  • Tamper-resistant hardware or token
    • Smart card
    • PCMCIA card
      Authentication: physical token or biometric check
  • Storage in an encrypted data file within a system
    Authentication: password and PIN

 

Term
Cryptogrphic Services 1
Definition
  • Authentication
    • cannot be forged
  • Integrity
    • message cannot be altered
  • non-repudiation
    • only sender could have signed the message
  • management of security
Term
Cryptogrphic Services 2
Definition
  • confidentiality
    • secret key encryption
  • integrity, authentication, non-repudiation
    • public-key digital signatures, message digests, public-key certificates
  • management of security
    • all above, key-agreement protocols, key recover
Term
What is Steganography?
Definition
  • In Greek, it means "covered writing"
  • The art of hiding information in ways that prevent detection of hidden messages
  • While the goal of the cryptography system is to conceal the content of the messages, the goal of information hiding or steganogrphy is to conceal their existence
Term
What is Genome Steganography?
Definition
  • Encoding a hidden message in a strand of human DNA
Term
Hiding in Text?
Definition
  • Information hidden in documents by manipulating the positions of lines and words
Term
Hiding in Images/Videos?
Definition
  • Least significant bit insertion
  • making filtering
  • applying more sophisticated image processing algorithms
Term
Hiding in audio files
Definition
  • Data can be hidden in the audio files. Slight alterations on sound, such as tiny shifts in phase angle, speech cadence, and frequency, can transport hidden information, but are indiscernible to human senses
Term
Hiding in the disk space
Definition
Hiding the data in unused reserved space
Term
Hiding data in software and circuitry
Definition
Data ca nbe hidden in the layout of the code distributed in a program or the layout of electronic circuits on a board
Term
Hiding network packets
Definition
Hidden in packets transmitted through the internet
Term
Cryptographic Services
Definition
  • confidentiality
    • secret key encryption
  • integrity, authentication, non-repudiation
    • public-key digital signatures, message digests, public-key certificates
  • Management of security
    • all above, key-agreement, key recovery
Term
Cyprtography vs. Steganography
Definition
  • While the goal of the cryptography system is to conceal the content of the messages, the goal of information hiding or steganography is to conceal their existence
Term
Distributed System
Definition
  • We need end-to-end authentication which is safe from
    • at least passive wiretapping, and
    • active wiretapping for higher assurance
  • More generally we need two-way end-to-end authentication
Term

End-To-End

Authentication

Definition
  • Crypotgraphy based
  • Hardware assistance
    • smart card with reader
    • readerless see through device
    • calculator style device requiring additional key stokes
Term
Challenge Response
Definition
  • User and system share a secret function f (in practice, f is a known function with unkown parameters)
Term
One-Time Passwords
Definition
  • random passwords that are used only once
    • user unfriendly
    • computing device friendly
  • Bell Core's S/Key system
Term
Distributed Systems Advantages
Definition
  • Improved performance because of reduced contention for centralizrd resources
  • Increased availability, as the risk of the system failure is lower
  • Greater versatility through the combined processing of disparate platforms
Term
Distributed Systems disadvantages
Definition
  • The weakening of security
  • The increasing risk of security attacks
Term
Decentralized distributed systems
Definition
  • Connected or unconnected systems
  • Indepenedent copies of software
  • Independent copies of data
Term
Dispersed distributed systems
Definition
  • Interconnected systems
  • Same Software
  • Share the same data
Term
Cooperative distributes systems
Definition
  • Interconnected systems
  • Independent copies of software
  • Share the same data
Term
What is a Closed Distributed Environment?
Definition
  • Rely on each individual client workstation to assure the identity of users
  • Rely on each server to enforce a security policy UID
  • Require that client systems authenticate themselves to servers, but trust the client system concering the identity of its user
Term
Open Distributed Environment
Definition
  • Require the user to prove identity for each service invoked, also require that servers prove also require that servers prove their identity to clients
Term
Network Trust Models
Definition
  • Bilateral (Rhosts Model)
  • Consolidated (kerberos Model)
Term
What is Kerberos?
Definition
  • Authentication service
  • Part of project Athena of MIT
  • Intended to have thress componets to guard a network's gate
    • Authentication
    • Accounting
    • Audit
Term

Motivation for kerberos

 

Definition

Provide authentication between any pair of entities

By a trusted third-party

Term

KERBEROS DESIGN GOALS

IMPECCABILITY?

Definition
  • no cleartext passwords on the network
  • no client passwords on servers
  • minimum exposure of client key on workstation
Term

KERBEROS DESIGN GOALS

Containment?

Definition
  • compromise affects only one client (or server)
    • CONSOLIDATED KERBEROS MODEL
  • limited authentication lifetime (8 hours, 24 hours, more)
Term

KERBEROS DESIGN GOALS

Transparency?

Definition
  • password required only at login
  • minimum to existing applications
Term
KERBEROS
Two functional entities
Definition
  •  Authentication Server (AS)
    • Verify a user
    • Create a ticket-granting-ticket
  • Ticket granting Server (TGS)
    • Create a ticket for requested server
Term
Kerberos Notation
Definition
c client principal
s server principal
Kx x’s secret key
Kx,y session key for “x” and “y”
{m}EKx message m encrypted with X’s
secret key
Tx,y x’s ticket to use y
Ax,y authenticator from “x” to “y”
Term
Credentials : Ticket
Definition
  • Used to pass securely to the server the identity of the client
  •  Good for a single server
  • Possible to use multiple times within its lifetime
  • Client cannot decrypt this ticket
    • Zero knowledge of server’s secret key
  • Tc,s = {s, c, addr, timeo, life, Kc,s}EKs
  • addr can be used to ensure that the client using the
  • ticket is the same client to whom the ticket was issued.
Term
What is the Ticket Lifetime?
Definition
  • Life time is minimum of:
    • requested life time
    • max lifetime for requesting principal
    • max lifetime ofr requesting service
    • max lifetime of ticket granting ticket
  • Max lifetime is 21.5 hours
Term
CREDENTIALS :
AUTENTICATOR
Definition
  • Generated every time the client wishes to usea service on the server
  • Can only be used once (unlike a ticket)
  • Purpose : sealed plaintext proves that the client also knows the session key
  • Ac,s= {c, addr, timea,OSK}EKc,s
Term
KERBEROS PROTOCOL
Definition
  • First service a client accesses is the ticketgranting service
  • Additional services are accessed by getting tickets from the ticket-granting service
  • Shared client-server secret key can be used for confidentiality of each IP packet or each RPC
Term
SUMMARY OF KERBEROS
Definition
  • Step 1 (Client-Kerberos)
    • to obtain ticket-granting ticket
    • once per user logon session
  • Step 2 (Client-Kerberos)
    • to obtain service-granting ticket
    • once per type of service
  • Step 3 (Client-Server)
    • to obtain service
    • once per service session
Term
KERBEROS ENHANCEMENTS
Definition
  • Kerberos tickets are renewable, so service can be maintained beyond maximum ticket lifetime.
  • Ticket can be renewed until min of:
    • requested end time
    • start time + requesting principal’s max renewable lifetime
    • start time + requested server’s max renewable lifetime
    • start time + max renewable lifetime of realm
Term
Open Distributed Environment
Definition
  • Require the user to prove identity for each service invoked, also require that servers prove their identity to clients
Supporting users have an ad free experience!