NIS Chapter 03

Question 1

what is an unbounded medium?

Answer 1

a communication medium which has no inherent physical limitations.

Question 2

define cipher

Answer 2

a process that converts plain text into a ciphertext

Question 3

what are symmetric algorithms? Give three examples of such

Answer 3

WEP, TKIP, CCMP

A key is shared between both encrypting and decrypting party

Question 4

Why is it important to have a secure way of sharing the key?

Answer 4

since the key is shared, the key needs to be kept secret otherwise there is no point to the encryption

Question 5

What is asymmetric encryption ?

Answer 5

a type of encryption method that has a private key and a public key. One for encryption and one for decryption

Question 6

what technique does a stream cipher use?

Answer 6

plaintext is encrypted bit by bit

Question 7

what is a keystream?

Answer 7

This is a psuedorandom cipher bit stream that is combined with the plaintext

Question 8

What is WEP encryption?

Answer 8

• a type of stream cipher
• that uses the RC4 stream cipher to generate a keystream
• and uses xor to combine the plain text and generated stream

Question 9

What is a block cipher?

Answer 9

• ## takes in a fixed size length of data and encrypts it to the same length

Question 10

Is block ciphering a symmetric or asymmetric ciphering scheme?

Answer 10

symmetric

Question 11

What is the downside of putting a specific block through multiple iterations of encryption in order to increase security?

Answer 11

performance will be affected

Question 12

What are the 2 parts of the RC4 cipher?

Answer 12

The PRG and KSA

Question 13

How do the 2 parts of the RC4 work together? (4)

Answer 13

• a key is ran through the KS
• Which produces a state vector
• state vector is fed into the PRG which permutes/rearranges the vector
• XOR the resultant with the plaintext

Question 14

What was the general use case of the RC4 cipher?

Answer 14

weak hardware/lazy developers

Question 15

Is RC4 a stream cipher / block cipher?

Answer 15

stream

Question 16

What makes RC5 different from RC4? (2)

Answer 16

• variable block, variable and #rounds
• block cipher instead of stream

Question 17

Why is the Data Encryption Standard considered insecure>

Answer 17

• small key size

Question 18

4 facts about DES

Answer 18

• block cipher
• 64 key size
• 56 effective lenght
• 16 rounds on each block

Question 19

what is the difference between DES and 3DES

Answer 19

it is essentially DES run 3 different times using 3 keys

Question 20

What are the different key options for 3DES

Answer 20

• all keys are the same, all keys are unique, 2 keys are unique

Question 21

3 facts of AES

Answer 21

• supports 3 key sizes
• used as a security standard

Question 22

What 3 encryption methods operate in the 2 layer of the OSI model?

Answer 22

CCMP, TKIP, WEP

Question 23

What is the structure of 802.11 data frames?

Answer 23

-

Question 24

What is the payload of an 802.11 data frame reffered to as?

Answer 24

a MSDU

Question 25

What are the 3 intended goal of WEP?

Answer 25

- confidentiality - access control through static key - data integrity through checksum

Question 26

What is one major similarity between WEP and TKIP?

Answer 26

they both use the RC4 cipher

Question 27

What is the purpose of the RC4 cipher in encryption schemes?

Answer 27

used to generate a a stream cipher to XOR the plaintext

Question 28

What is an IV in context of WEP?

Answer 28

- a randomly generated bits that are combined with the secret key and used as seeding material for the RC4 cipher

Question 29

What is the difference between ICV and IV

Answer 29

ICV is used to check the integrity of of the plaintext, while IV is part of the seeding material for the RC4

Question 30

Draw the WEP encryption process

Answer 30

-

Question 31

Where is one of the weakness of WEP found concerning IV

Answer 31

in IV, a new IV is created for each data frame but there are only so many different IV combinations, that the values end up being reused

Question 32

Name 4 WEP encryption weaknesses

Answer 32

- IV collision attacks - Weak key (RC4 generates weak keys) - reinjection to accelerate IV collision attack - Bit flipping (weak ICV)

Question 33

Why was TKIP created?

Answer 33

To serve as a temporary replacement for WEP that wouldn't need any HW upgrades to implement

Question 34

How does TKIP modify WEP?

Answer 34

- Temporal keys: keys are dynamically allocated via a 4 way handshake instead of a static key - Sequencing: uses sequencing in order to avoid reinjection attacks - Key mixing: key mixing is used to create stronger seeding material for RC4 which avoids IV collisions - has stronger integrity because MIC protects against bit flipping attacks

Question 35

TKIP countermeasures?

Answer 35

- MIC failures are able to be logged so they can be examined - 60 second shutdown after 2 MIC failures - new temporal keys

Question 36

What is CCMP

Answer 36

a security protocol that was designed to replace WEP and TKIP

Question 37

What commonality between TKIP and WEP is different with CCMP?

Answer 37

AES is used as a block cipher instead of the RC4 streaming cipher

Question 38

In order to use AES, what must be predefined before encryption begins?

Answer 38

the methods for converting between messages and blocks during encryption and decryption or the "mode of operation" needs to be defined

Question 39

How does the ECB mode of operation work?

Answer 39

- each block is encrypted independently and the padding is added as needed. - the same block generates the same cipher

Question 40

How does the CTR mode work?

Answer 40

an arbitrary block is encrypted and XORed with the plaintext to produce the cipher text. identical blocks can produce different values

Question 41

What are the features of the AES in counter mode?

Answer 41

- allows for a block cipher to be treated as a stream cipher - can be encrypted in parallel -

Question 42

What security service does CCMP provide?

Answer 42

- integrity through CBCMAC - confidentiality \ (CTR) -authentication through keys - access control

Question 43

What are the inputs used by the CCMP integrity and encryption process?

Answer 43

- Temporal keys: PTK (unicast) and GTK(group and multicast) Packet Number: like the TKIP sequence #, protects from injection/replay - Nonce: a nonce is a value used to ensure the uniqueness of the encryption keys and initialization vectors (IVs) - 802.11 data frame - AAD used to verify integrity

Question 44

What do organisations that need higher end security typically?

Answer 44

Proprietary implementation that require custom sw installation

Question 45

Draw the WEP, WPA and WPA2 table

Answer 45

-

Question 46

Compare TKIP, WEP and CCMP in a table

Answer 46

-