Shared Flashcard Set


Lecture 14 - Security PART 2
Alejandro Saucedo - Comp2008 Lecture 14 - Security PART 2
Computer Networking
Undergraduate 2

Additional Computer Networking Flashcards




What are the principles of Asymetric Encryption?
  • Uses public and private key
  • Public key decripts a message encrypted by the private key and vice-versa
What are the principles of Public Key Algorithms?
  • Public Key known by everyone
  • Private key kept secret
  • To send information, encrypt with public key and then it is decrypted by user at the other end with the private key
  • Authentication: Encrypt something with your private key, we can be sure its coming from a specific person, then it can be decripted using the public key
What are the principles of RSA?
  • The public key is e,N
  • The private key is d,N
  • Getting the numbers
    1. Pick 2 large prime numbers called p and q
    2. N = P*Q
    3. Z = (P-1)*(Q-1)
    4. e = any number relatively prime to Z
    5. e.d. mod Z = 1
  • Encryption using public key
    • Plaintexte mod N
  • Encryption with private key
    • Plaintextd mod N
What are the principles of Diffie-Hellman Key Exchange?
  • Allows 2 parties to agree on a shared session key on an unsecured line
  • Both parties do not give up their a and b values so it can't be evaesdropped
What is the algorithm for the Diffie-Hellman Key Exchange?
  1. Agree on 2 numbers, a large prime number m and an integer g
  2. Alice generates a large, random number a, and keeps it secret
  3. Alice computes X = ga mod m sends X to Bob
  4. Bob generates a large, random number b, and keeps it secret
  5. Bob computes Y = gb mod m and sends it to Alice
  6. Alice makes her session key = Ya mod m
  7. Bob makes his session key = Xb mod m
  • These keys are both equal
What is the man in the middle attack?
  • Not the same as meet in the middle attack
  • A person sits in the middle and intercepts all information before sending it on the other side
  • Middle person negotiates 2 different secret keys with both sides
What are message digests?
Message digests are a way to represent data. Every time you hash a value with a hashing algorithm you will get the same digest, but it is not possible to work backwards from a hash to obtain the original value. The hashing function should also be collission recistant, it should be unlikely that two messages produce the same hash.
What are the principles of message signing?
  • Digests are useful as the message can be 'signed' by your private key without having to encrypt the entire message
  • A sender gets the digest of a message
  • They can then encrypt the digest with their private key
  • The message is then sent with the digest
  • The receiver will take a digest of the message they receive
  • They will then decrypt the received message with the sender's public key
  • If the two digests are the same then the message was sent by the correct person and the message hasn't been changed
What is the algorithm for SHA-1?
  1. Split the message into 512-bit chunks
  2. 5 variables H0-H4 are predefined with a 32-bit number
  3. Repeat steps 4-17 for each 512-bit chunk
  4. We take the 16 32-bit words and make an 80-word array 'w'
  5. We initialize variables A-E with what's in H0-H4
  6. Repeat steps 6-12 for each word in the array
  7. temp = (A left rotate 5) + fi(B, C< D) + E + ki + w[i]
    1. Every 20 words fi is made a different combination of B, C  & D
    2. Every 20 words ki is a different constant
  8. E = D
  9. D = C
  10. C = (B left rotate 30)
  11. B = A
  12. A = temp
  13. H0 = H0 + A
  14. H1 = H1 + B
  15. H2 = H2 + C
  16. H3 = H3 + D
  17. H4 = H4 + E
  18. Final hash = H0+H1+H2+H3+H4

What are the principles of Authentication protocols?
  • Shared Secret Key Process
  • Public Key Process
  • Key Distribution Centre
  • X.509
What is the Shared Secret Key process?
  1. A and B share a key
  2. A unique nonce is used for each message
  3. A takes the hash of the message, the nonce and the secret key combined
  4. A sends the message, the hash and the nonce to B
  5. B takes the hash of the received message, the nonce and the secret key combined
  6. B compares it with the hash sent for validation

The nonce ensures the attacker cannot resend the same "Signaled" message because the nonce may only be used once

What is the Public Key Process?
  1. A hashes their message
  2. A encrypts the hash with their private key to make a signature
  3. A sends their message and signature to B
  4. B decrypts the hash using A's public key
  5. B hashes the message from A
  6. B compares the two hashes for validation
What is the K distribution centre?
  • Usually if N people need to communicate, N2 passwords are needed
  • KDC allows for only N passwords to be needed
  • A KDC is trusted if each user has a single secret shared with the KDC
  • A passes a on sender(A), receiver(B) and the session key encrypted in A's secret key to the KDC
  • The KDC then sends the message on to the receiver(B) with the sender(A) and the session key encrypted in B's secret key
  • The sender and receiver can then communicate without the KDC
  • This is vulnerable to replay attacks, but nonces or timestamps can be used to avoid this problem
What are the principles of X.509?
  • Allows you to be sure that the public key is form the person you think it is
  • A trusted certification authority certifies the public key for someone
  • Public keys are distributed with certificates
  • You append the message digest with the CA's private key
  • This uses chain of trust, a CA can be signed by a parent CA etc
  • You will eventually need to know the public key of a root CA
  • There are multiple root CAs and these are preloaded into computers and browsers
  • Root certificates sign themselves
What are the principles of Electronic Contracts?
  • Agreeing on a contract and a hash function
  • A and B both have a public and private key and a copy of the contract
    • Signing
    • Validating
What is the process of signing in an Electronic Contract?
  1. hash A is made of the contract
  2. A signs the contract
  3. B signs the contract
  4. A signs B's signature
  5. B signs A's signature
  6. The contract is stored with the doubly signed message digests
What is the process of validating a contract?
  1. Decrypt the two doubly signed message digests
  2. Compare to see if they are equal
Supporting users have an ad free experience!