Cs458 Security Final Exam Fml

Front 1

What is kerckhoff's principle?

Back 1

The security of a cryptosystem should not rely on
a secret that’s hard (or expensive) to change

Front 2

What does mode of operation of block cipher indicate?

Back 2

• The choice of what to do with multiple blocks is called the mode of operation of the block cipher

Front 3

ECB(Electronic code book) is a mode of operation, what is special about it?

Back 3

encrypts each successive block separate (patterns can repeat)

Front 4

Alice can just claim that Bob made up the
message M, and calculated the tag T himself, what is this called?

Back 4

repudiation

Front 5

What's the difference between digital signature, and a Mac?

Back 5

Bob can prove these facts to a third party (additional property not satisfied by a MAC).

Front 6

What is tunneling?

Back 6

Tunnelling is the sending of messages of one protocol inside (that is, as the payload of) messages of another protocol, out of their usual protocol nesting sequence

Front 7

Is tcp-ip tunneling? Why?

Back 7

So TCP-over-IP is not tunnelling, since you’re
supposed to send TCP (a transport protocol) over IP (a network protocol; one layer down in the stack)

Front 8

Is ip-over-tcp tunneling? why?

Back 8

But IP-over-TCP is tunnelling (going up the stack
instead of down), as are IP-over-IP (same place in the stack), and

Front 9

Is PPP over DNS tunneling? Which layers does it involve?

Back 9

PPP (a link layer protocol; bottom of the stack) over DNS (an application layer protocol; top of the stack)

Front 10

______ is Useful for connecting a single laptop to a home network

Back 10

Transport mode

Front 11

In transport mode only ______ are encrypted
and authenticated

Back 11

• Only the contents of the original IP packet

Front 12

____ is Useful for connecting two networks

Back 12

Tunnel mode

Front 13

In VPN tunnel mode ______ are encrypted

Back 13

• The contents and the header of the original IP packet are
encrypted and authenticated; result is placed inside a
new IP packet destined for the remote VPN gateway

Front 14

How does a message that Alice sends via Tor look like?

Back 14

EK1(EK2(EK3(M)))

Front 15

How does a response from website to Alice look like? (she's using Tor)

Back 15

EK1(EK2(EK3(R)))

Front 16

What level of nimity do these have?

Government ID, SIN, credit card #, address

Back 16

Verinymity

Front 17

What level of nimity do these have?

• Noms de plume, many blogs

Back 17

• Persistent pseudonymity

Front 18

What level of nimity do these have?

• Prepaid phone cards, loyalty cards

Back 18

Linkable anonymity

Front 19

What level of nimity do these have?

• Cash payments, Tor

Back 19

Unlinkable anonimty

Front 20

In SSH what is the MAC?

Back 20

the session key

Front 21

There are two main ways to authenticate with ssh, what are they?

Back 21

1) Send a password over the encrypted channel
• The server needs to know (a hash of) your password

2) Sign a random challenge with your private signature
key
• The server needs to know your public verification key

Front 22

What's the benefit of using type I remailers?

Back 22

remailers removed the central point of trust

Front 23

What's the disadvantage of using type II remailers?

Back 23

you have to use a specific email client to construct constant-length messages

Front 24

• In order to use public-key encryption and digital
signatures, Alice and Bob must each have:

Back 24

• A public encryption key
• A private decryption key
• A private signature key
• A public verification key

Front 25

In public-key encryption and digital signature, Alice sends a message to Bob, what's the process?

Back 25

To send a message to Bob, Alice will:
• Write a message
• Sign it with her own signature key
• Encrypt both the message and the signature with
Bob’s public encryption key
• Bob receives this, and:
• Decrypts it using his private decryption key to yield
the message and the signature
• Uses Alice’s verification key to check the signature

Front 26

What does Database integrity involve?

Back 26

Database integrity
• Logical and physical integrity

(data not corrupted + recover from physical problems)

Front 27

Name four things that can help element integrity in database

Back 27

* Access control

* Element Check

* Change log

* Error detection codes

Front 28

Referential integrity ensures that there are no
_______

Back 28

dangling foreign keys

Front 29

What is the difference between security and precision in the context of databases?

Back 29

Security: Forbid any queries that access sensitive data,
even if (aggregated) result is no longer sensitive

Precision: Aggregated result should reveal as much
non-sensitive data as possible

Front 30

Compute query Q(c) (not -allowed) based on Q(T) (allowed) if q(c) matches fewer than k records

Back 30

q(C) = q(C or T) + q(C or not T) − q(S)
• Use right-hand side for computing q(C) if q(C)
matches fewer than k records

Front 31

Compute query Q(c) (not -allowed) based on Q(T) (allowed) if q(c) matches more than N-k records

Back 31

• q(C) = 2 ∗ q(S) − q(not C or T) − q(not C or not T)
• Use right-hand side for computing q(C) if q(C)
matches more than N − k records

Front 32

What is suppression in databases?

Back 32

• Suppression
• Suppress sensitive data from result

Front 33

What is concealing in databases?

Back 33

• Concealing
• Answer is close to actual value, but not exactly

Front 34

What is the n-item k-percent rule?

Back 34

• For the set of records that were included in the result, if there is a subset of n records that is responsible for over
k percent of the result, omit the n records from result

Front 35

• A query K has -differential privacy if for all
datasets D and D' :

(where D and D' differ in at most one row)

Back 35

the probability that K(D) has a particular output is at most

(e^ε) * the probability that K(D') has this output

Front 36

• Keeping existence hidden can lead ______ meaning _____

Back 36

polyinstantiation

to having
multiple records with the same primary key, but
different sensitivity

Front 37

What happens in non-truman semantics?

Back 37

• Non-Truman semantics:

the DBMS can reject queries that
ask for data the user is not
allowed to access

Front 38

What's the k-anonymity rule?

Back 38

• Ensure that for each released record, there are at least k − 1 other released records from which
record cannot be distinguished (where k ≥ 2)

Front 39

Quasi-identifier should be chosen such that
_____

Back 39

released records do not allow any re identification based on any additional data that attacker might have

Front 40

Give an example of Homogeneity attack

Back 40

Homogeneity attack
• If you know Bob (902**,196*-*-*) is in the table, then
Bob has cancer.

Front 41

Give an example of background attack

Back 41

• If you know Dave (904**,195*-*-*) is in the table, and that his risk for heart disease is very low, then Dave has cancer

Front 42

L-diversity property

Back 42

For any quasi-identifier, there should be at least "L" “well-represented” values of the sensitive fields

Front 43

Possibly still not good enough: t-closeness [2007]

Back 43

Ensure that the distributions of the values for any quasi-identifier are within t of the distribution for the whole table

Front 44

What are three things that should be in the policy?

Back 44

goal

responsibility

commitment

Front 45

risk exposure = _____ x _____

Back 45

= probability x impact