Network Security

Question 1

what is meant by message integrity

Answer 1

sender and receiver want to ensure a message has not altered or been tampered with in transit or afterwards without detection

Question 2

what is included in a passive attack

Answer 2

eavesdropping or intercepting messages

Question 3

what is involved in an active attack

Answer 3

actively inserting messages into a connection

which is not easy

Question 4

what is involved in an impersonation attack

Answer 4

spoof source address of packet

Question 5

what is involved in hijacking attack

Answer 5

attacker inserting themselves in the middle, both sender and receiver still think they are talking to each other

Question 6

what is plain text

Answer 6

original data

Question 7

what is encrypted version of plain text called

Answer 7

ciphertext

Question 8

encryption function

Answer 8

E(P) = C

Question 9

decryption function

Answer 9

D(C) = P

Question 10

for the cryptosystem to function, what must hold

Answer 10

D(E(P)) = P

ie must be able to reproduce the plaintext

Question 11

does the lenght of the key determine its security

Answer 11

no its algorithm is also a key factor

Question 12

what is the key space

Answer 12

all the possible values the key can take

Question 13

encyrption function with key

Answer 13

E_k(P) = C

Question 14

decryption function with key

Answer 14

D_k(C) = P

Question 15

why does having a big key space mean more security

Answer 15

sequentially going through every key takes too long

ie. brute force attack not worth it

Question 16

how do substitution ciphers work

Answer 16

each letter or group of letter is replaced by another group of letters to disguise it

Question 17

three ways to attack on substitution ciphers

Answer 17

identify commonly occurring characters

commonly occuring bigrams

domain specific buzzwords eg system, login, password

Question 18

three ways to attack on substitution ciphers

Answer 18

identify commonly occurring characters eg vowels

identify commonly occurring bigrams/digrams eg th, ie

identify domain specific buzz words eg system, login, password etc

Question 19

does substitution ciphering preserve the order of text symbols

Answer 19

yes

Question 20

how does vigenere cipher work

Answer 20

26x26 matrix

pick long word as key

use first letter of key to encrypt first letter of plain text

use second letter of key to encrypt second letter of plain text

when last letter of key is used, wrap around

Question 21

how to break vigenere cipher

Answer 21

know length of key and when rotation happens

Question 22

how do transposition ciphers work

Answer 22

re order the symbols rather than disguising them

Question 23

process of transposition cipher

Answer 23

pick a key

write plain text in rows under the key

re order the columns

send in column

Question 24

how many keys are there in symmetric key encryption

Answer 24

1
all parties share the same key

Question 25

what is the main problem with symmetric key encryption

Answer 25

sender and receiver must agree to a secret key without anyone else finding out

Question 26

examples of symmetric key algorithms

Answer 26

DES
triple DES
IDEA
AES

Question 27

what does DES stand for

Answer 27

data encryption standard

Question 28

what does a block cipher do

Answer 28

operates on a single chunk of data at a time

Question 29

why is it important that the output is the same size or smaller than the input

Answer 29

encrypted data should not be bigger than input data

Question 30

how many stages in DES

Answer 30

19

Question 31

what is the first stage of the DES

Answer 31

fixed permutation (pbox)

Question 32

what is the last stage of the DES

Answer 32

exact inverse of first stage permutation

Question 33

what happens in the penultimate stage of DES

Answer 33

leftmost 32 bits exchanged with rightmost 32 bits

Question 34

what are the 16 middle stages of DES Called

Answer 34

rounds

Question 35

what happens in 16 rounds of DES

Answer 35

a version of the key is taken in, only 48 bits are used

old right half becomes new left half

old left half run through mixer with key and XORed with old left half becoming new right half

Question 36

how long would it take to attack a key space of key length 52 bits by brute force

Answer 36

2^56 tries

Question 37

how to improve DES to make it more secure

Answer 37

Triple DES or 3DES
making use of 2 or 3 keys

Question 38

what is the problem with the fact that ECB independently ciphers blocks

Answer 38

determinisitic manner

encrypting independently is a lot of work

want some dependency between blocks that we encrypt

Question 39

what is meant by a probabalistic output

Answer 39

the output should always be different even if the same data is put in

Question 40

what does CBC stand for

Answer 40

cipher block chaining

Question 41

how does cipher block chaining work

Answer 41

pass in plaintext

and initialisation vector

XOR initialisation vector with plaintext

XOR of this goes into box with key

this results in ciphertext

that ciphertext becomes initialisation vector for next block

so everything is now chained

Question 42

what is essential for decryption in cipher block chaining

Answer 42

first initialisation vector

Question 43

what is done with the first few blocks in case someone is listening in

Answer 43

dummy data sent

Question 44

do you have to keep the initialisation vector secret

Answer 44

no

Question 45

how is cipher block chaining slow

Answer 45

cannot go onto the next step until the previous cipher text has been generated

Question 46

what does ofb stand for

Answer 46

output feedback

Question 47

how does output feedback mode work

Answer 47

put intialisation vector through encryption box, this becomes next initialistion vector

XOR the plain text with whatever comes out of the encryption box

this becomes ciphertext

Question 48

advantage of output feedback mode

Answer 48

can pre compute initialisation vectors

so as the packets come you can XOR them and things can be done much quicker

Question 49

why is OFB mode a synchronous process

Answer 49

computations are independent of the plain text

Question 50

what does CFB stand for

Answer 50

cipher feedback

Question 51

how does cipher feeback mode work

Answer 51

similar to OFB but cipher text is fed back

initialisation vector sent into encryption box

result is XORed with plaintext to get ciphertext

cipher text becomes next initialisation vector

Question 52

when is CFB mode used

Answer 52

when short plain text blocks are to be encrypted eg 8 bits long, ASCII character

eg between remote keyboard and a computer

Question 53

which is the asynchronous stream cipher

Answer 53

cipher feedback mode

Question 54

which is the asynchronous stream cipher

Answer 54

output feedback mode

Question 55

what does AES stand for

Answer 55

advanced encryption standard

Question 56

what is most common bit and key size for AES

Answer 56

128 bits

2^128 is too large to compute and test key space by brute force

Question 57

how may rounds of cipher are there in AES

Answer 57

10 to 14 depending on key length

Question 58

how many keys are there in asymmetric key cryptosystems

Answer 58

2

public key
private key

Question 59

what to do if private key shared by accident

Answer 59

discard and create a new public key

Question 60

example of public key cryptographic algorithm

Answer 60

RSA

Question 61

properties of asymmetric key cryptosystems

Answer 61

• must be computationally easy to encipher or decipher a message given the appropriate key
• must be computationally infeasible to derive the private key from the public key
• need for exchanging private key eliminated

Question 62

what does it mean that it must be computationally infeasible to derive the private key from the public key

Answer 62

it should be so hard it is not worth your while

Question 63

is public key used for encryption or decryptionq

Answer 63

public

the public key of the person you wish to send encrypted message to

Question 64

is private key used for encryption or decryption

Answer 64

decryption

only the person with that private key can decrypt

Question 65

what is involved in a passive attack

Answer 65

eavesdropping (just observing messages)

Question 66

how can passive attackers still obtain messages from encrypted messages

Answer 66

information from message length, frequency, hosts etc

Question 67

what is involved in an active attck

Answer 67

modification of data

hacker pretends to be a different identity

hacker relays information between the other two

Question 68

what is authentication

Answer 68

ensuring that the communicating entity is the one that it claims to be

Question 69

what is a symmetric cipher model

Answer 69

sender and receiver have same secret key

Question 70

what is asymmetric cryptography

Answer 70

sender and receiver use different keys

Question 71

what does it mean if the ciphertext is computationally secure

Answer 71

cost of breaking cipher exceeds cost of information and time taken exceeds useful life of information

Question 72

what is the greatest common divider (highest common factor) of two numbers that are relatively prime

Answer 72

1

Question 73

what does the phi function calculate

phi(n)

Answer 73

how many numbers that are less than n are relatively prime to n

Question 74

is the RSA algorithm deterministic or probabilistic

Answer 74

deterministic

a specific plaintext is always mapped to a specific ciphertext

Question 75

is Fermat’s primality test always 100% accurate

Answer 75

no

Question 76

what is the size of the chunks that ECB operates on at one time

Answer 76

64 bits

Question 77

what are the flaws of ECB DES

Answer 77

small key, 2^56 for brute force attack

each block encrypted independently so vulnerable to substitution attack

deterministic

Question 78

is CBC probabilistic or deterministic

Answer 78

probabilistic, depending on IV sed

Question 79

what is a X-509 certificate

Answer 79

binds identity of a person/company with their public key

Question 80

what are the contents of a x-509 certificate

Answer 80

identity of user
public key of user
digital signature on the above field with the key of the TTP (trusted third party)

Question 81

why does the basis of x-509 certs assume that every user in the system is equipped with the public key of the TTP

Answer 81

these are embedded in the browsers themselves

Question 82

what is the purpose of a x-509 certificate

Answer 82

allows one to verify the digital signature on the certificate to ensure the message is associated with the named user

Question 83

what are certification authorities

Answer 83

trusted third parties that issue certificated

Question 84

who issues certificates to to other CAs

Answer 84

the root CA

Question 85

what is the order of an element a in group G

Answer 85

the smallest positive integer k for which

a ^ k = a * a * a * … a (mod G) = 1

Question 86

what are the properties of a group

Answer 86

closure

associative

identity element

inverse element

Question 87

what makes a group Abelian on top of the other properties

Answer 87

commutative

Question 88

what does the closure property of a group mean

Answer 88

a, b, element G then (a op b) element G

if both a and b are elements of the group G, then the result of an operation (addition or multiplication) performed on a and b will also be an element of group G

Question 89

what does the associative property of a group mean

Answer 89

a op (b op c) = (a op b) op c for all a, b, c elements G

Question 90

what does the identity element property of a group mean

Answer 90

(a op e) = (e op a) = a for all a, e elements G

there is an element in every group that when an operation is performed with any other element in the group, the result will be that element

in additive groups it is 0
i.e. anything + 0 is itself

in multiplicative groups it is 1
i.e. anything * 1 is itself

Question 91

what does the inverse element property of a group mean

Answer 91

(a * a^-1) = (a^-1 * a) = e for all a element G

i.e. all elements should have an inverse

Question 92

what is the diffie hellman key exchange

Answer 92

a protocol that allows strangers to establish a shared symmetric key without having to meet and without a need for a cryptosystem to be in plave

Question 93

what are the underlying reasons that the DHKE works

Answer 93

exponentiation is commutative

Question 94

how is the DHKE vulnerable to attack

Answer 94

users aren’t authenticated

man-in-the-middle attack

Question 95

what is the man in the middle attack in DHKE

Answer 95

both parties believe they are talking to each other across a secure channel

however the attacker is in the middle and can read and modify messages

Question 96

how to defend against the man in the middle attack in DHKE

Answer 96

use digital certificates to verify the identity of the user you are communicating with

Question 97

how is checksum vulnerable to attack

Answer 97

attacker can intentionally modify message to produce some equal checksum value and the receiver will not detect the change

Question 98

what does it mean that a hash is a one way function

Answer 98

hash is irreversible

you cannot reproduce the input from the output

it is not meant to be decrypted

it is used as a unique digital fingerprint to check integrity of data

Question 99

example of hash functions

Answer 99

SHA-1, SHA-2

Question 100

advantages of symmetric key encryption

Answer 100

speed
little overhead

Question 101

disadvantages of symmetric key encryption

Answer 101

distributing key securely

same key used for encryption and decryption

Question 102

advantages of asymmetric key encryption

Answer 102

public key can be distributed openly so everyone can use it to encrypt data for the owner of the corresponding private key

Question 103

disadvantages of asymmetric key encryption

Answer 103

slower
more overhead