Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
45 Cards in this Set
- Front
- Back
What is kerckhoff's principle? |
The security of a cryptosystem should not rely on
|
|
What does mode of operation of block cipher indicate? |
• The choice of what to do with multiple blocks is called the mode of operation of the block cipher |
|
ECB(Electronic code book) is a mode of operation, what is special about it? |
encrypts each successive block separate (patterns can repeat) |
|
Alice can just claim that Bob made up the |
repudiation |
|
What's the difference between digital signature, and a Mac? |
Bob can prove these facts to a third party (additional property not satisfied by a MAC).
|
|
What is tunneling? |
Tunnelling is the sending of messages of one protocol inside (that is, as the payload of) messages of another protocol, out of their usual protocol nesting sequence
|
|
Is tcp-ip tunneling? Why? |
So TCP-over-IP is not tunnelling, since you’re |
|
Is ip-over-tcp tunneling? why? |
But IP-over-TCP is tunnelling (going up the stack |
|
Is PPP over DNS tunneling? Which layers does it involve? |
PPP (a link layer protocol; bottom of the stack) over DNS (an application layer protocol; top of the stack) |
|
______ is Useful for connecting a single laptop to a home network
|
Transport mode |
|
In transport mode only ______ are encrypted |
• Only the contents of the original IP packet |
|
____ is Useful for connecting two networks |
Tunnel mode |
|
In VPN tunnel mode ______ are encrypted |
• The contents and the header of the original IP packet are |
|
How does a message that Alice sends via Tor look like? |
EK1(EK2(EK3(M))) |
|
How does a response from website to Alice look like? (she's using Tor) |
EK1(EK2(EK3(R))) |
|
What level of nimity do these have? Government ID, SIN, credit card #, address
|
Verinymity |
|
What level of nimity do these have? • Noms de plume, many blogs |
• Persistent pseudonymity |
|
What level of nimity do these have? • Prepaid phone cards, loyalty cards |
Linkable anonymity |
|
What level of nimity do these have? • Cash payments, Tor |
Unlinkable anonimty |
|
In SSH what is the MAC? |
the session key |
|
There are two main ways to authenticate with ssh, what are they?
|
1) Send a password over the encrypted channel
|
|
What's the benefit of using type I remailers? |
remailers removed the central point of trust |
|
What's the disadvantage of using type II remailers? |
you have to use a specific email client to construct constant-length messages |
|
• In order to use public-key encryption and digital |
|
|
In public-key encryption and digital signature, Alice sends a message to Bob, what's the process? |
To send a message to Bob, Alice will: |
|
What does Database integrity involve? |
Database integrity
(data not corrupted + recover from physical problems) |
|
Name four things that can help element integrity in database |
* Access control * Element Check * Change log * Error detection codes |
|
Referential integrity ensures that there are no |
dangling foreign keys |
|
What is the difference between security and precision in the context of databases? |
Security: Forbid any queries that access sensitive data,
Precision: Aggregated result should reveal as much |
|
Compute query Q(c) (not -allowed) based on Q(T) (allowed) if q(c) matches fewer than k records |
q(C) = q(C or T) + q(C or not T) − q(S) |
|
Compute query Q(c) (not -allowed) based on Q(T) (allowed) if q(c) matches more than N-k records |
• q(C) = 2 ∗ q(S) − q(not C or T) − q(not C or not T) |
|
What is suppression in databases? |
• Suppression |
|
What is concealing in databases? |
• Concealing |
|
What is the n-item k-percent rule? |
|
|
• A query K has -differential privacy if for all
|
the probability that K(D) has a particular output is at most (e^ε) * the probability that K(D') has this output |
|
• Keeping existence hidden can lead ______ meaning _____
|
polyinstantiation
to having |
|
What happens in non-truman semantics? |
• Non-Truman semantics: the DBMS can reject queries that
|
|
What's the k-anonymity rule? |
• Ensure that for each released record, there are at least k − 1 other released records from which |
|
Quasi-identifier should be chosen such that |
released records do not allow any re identification based on any additional data that attacker might have |
|
Give an example of Homogeneity attack |
Homogeneity attack
|
|
Give an example of background attack |
• If you know Dave (904**,195*-*-*) is in the table, and that his risk for heart disease is very low, then Dave has cancer |
|
L-diversity property |
|
|
Possibly still not good enough: t-closeness [2007]
|
Ensure that the distributions of the values for any quasi-identifier are within t of the distribution for the whole table |
|
What are three things that should be in the policy? |
goal responsibility commitment |
|
risk exposure = _____ x _____ |
= probability x impact |