security past exam 2
Terms in this set (36)
what are the three (3) most appropriate techniques that can directly contribute to the prevention of MITM attacks?
Merkle's puzzles provide an efficient mechanism for key exchange?
what are the attacks which specifically apply to authentication protocols.
If an efficient algorithm for integer factorisation is found, RSA would be insecure.
What is an appropriate AES key size for achieving medium-term protection against a very powerful attacker?
Asymmetric cryptography is useful for encrypting data on-the-fly.
Symmetric cryptography is very useful for encrypting large quantities of data efficiently
Fill in the blank:
"Zero Knowledge Proofs are designed to ___________________"
allow a prover to demonstrate knowledge of a secret while revelaing no information about the secret.
What is the goal behind ensuring the "freshness" of a message?
To prevent pre-computation attacks and/or a brute force on the message space
Symmetric crypto is very useful when creating digital signature protocols
Whatcan be used to achieve certificate revocation?
Symmetric cryptography is very useful when performing key distribution.
In general, asymmetric ciphers provide greater strength than symmetric ciphers for the same key length.
If an efficient algorithm for integer factorisation is found, Diffie Hellman would be insecure.
High levels of correlation between the input bits and output bits of S-boxes is good for security in symmetric ciphers.
The design goals of SSL were to first minimise load on the browser, then on the server.
What method is often used to ensure "freshness"?
Explain why it is necessary to use modern password hashing algorithms when securing passwords in a database. In your answer identify one such algorithm. (no more than 4 sentences)
Standard hashing algorithms (MD5, SHA1, SHA256) are not good enough for passwords:
- Hashing algorithms were designed to run fast
- Password hashes should ideally be slow to slow down brute-force attacks
- Brute forcing these algorithms is trivial even with a salt
bcrypt aims to make hashing more expensive by using more time. It is still vulnerable to hardware attacks, since iterated hashes are relatively easy to implement in hardware.
scrypt aims to make password hashing harder by using more space. It makes hardware implementations difficult by using vast amounts of memory
All digital signature protocols require the use of asymmetric cryptography
If an efficient algorithm for integer factorisation is found, AES would be insecure.
hat is an appropriate RSA key size for achieving medium-term protection against a very powerful attacker?
In order to achieve smallest file size, it's better to encrypt then compress, rather than compress then encrypt.
Provide a high level overview of the steps to acquire a valid SSL certificate. (4-5 steps)
1. Alice generates a public/private keypair.
2. Alice sends the public key to the CA.
3. The CA challenges Alice to see if she knows the private key.
4. The CA generates a certificate and sends it to Alice.
1024-bit ciphers are always stronger than 512-bit ciphers
Which of the following contributes to achieving Perfect Forward Secrecy in protocols such as SSL/TLS?
The homomorphic property of RSA enables it's use for achieving Perfect Forward Secrecy.
Which statement best describes a buffer overflow?
A software coding error which leads to an unexpected overwriting of memory
If an efficient algorithm for calculating discrete log is found, AES will not be secure.
If an efficient algorithm for calculating discrete log is found, Diffie Hellman will not be secure.
If an efficient algorithm for calculating discrete log is found, RSA will not be secure.
What can a system designer do to reduce the effectiveness of precomputation attacks when attempting to crack all passwords in the system?
salt the passwords
Was the "Heartbleed" OpenSSL security vulnerability an oversight in the design of the SSL protocol? What caused the vulnerability and how could it have been prevented?
Heartbleed is not an oversight on the actual SSL protocol or the design but rather on the implementation of the SSL protocol.
OpenSSL had an issue where the actual size of the payload of the message was not checked against the claimed size of the payload and hence an attacker would be able to request other pieces of information from the RAM in the midst of keeping an SSL connection alive.
This could have been prevented if the actual size of the payload was verified alongside the claimed size of the payload. This was patched in TLS 1.2
It would take roughly 40 quadrillion years to crack RSA-125
You connect to a website over HTTPS. It is using a valid TLS certificate which has been signed by a trusted CA and uses a sufficiently large public key.
We can be sure that the website is secure.
The Needham-Schroeder protocol solves the issue of key revocation
Asymmetric cryptography is more efficient than symmetric cryptography for key management in large systems.