Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
34 Cards in this Set
- Front
- Back
Four types of security attacks
|
1.) Interruption - Interrupt flow of data
2.) Interception - Flow of traffic isn't modified but we receive all traffic data 3.) Modification -> Data from sender goes to us, we modify it and send it to receiver 4.) Fabrication -> Reciver thinks they are talking to sender but we are faking as sender |
|
Man in the middle
|
We make alice believe she is talking to bob and bob believe he is talking to alice bu really we are intercepting everything and sending whatever we want to both of them
|
|
Free Rider/ Free Loader
|
A peer that gets service but never helps
|
|
Lazy Middle Man
|
Provide some of the work but never finish
|
|
passive attack
|
We read and intercept data but don't modify it or send any
|
|
Active attack
|
Can intercept and read data but also sends out data
|
|
Host compromise
|
All information about the host is accessible by the hacker
|
|
communication compromise
|
Only information about the communication network is known to the hacker
|
|
Internal and External Attack
|
Internal can impersonate a system process
|
|
Destructive or Non-desctructive
|
Non-destructive allows the message to still reach the destination
|
|
symmetric key
|
same key is used for encryption / decryption
|
|
assymetric ckey
|
public key used to encode, privte to decode
|
|
One-way function
|
Given x, it is easy to compute F(X) but given F(X) it is hard to determine x
|
|
Trap-Door function
|
Given F(X), it is easy to calculate X if we know some trapdoor function where g(f(x)) = x
|
|
One-way weakly collision free hash function
|
given x, it is hard to compute a different y s.t. H(X) = H(Y)
|
|
One way hash function
|
Hash function is one to one rather than many to one
|
|
One way strongly collision free
|
Given a hash function, it is hard to compute different x and y s.t. H(x) = H(y)
|
|
Weak key
|
Key that does not encode well
|
|
Complement key
|
complement(f(x)) = f(complement(x))
|
|
Related keys
|
A pair of keys that are related by some difference, allows a set of keys to not be checked
|
|
Security Service
|
a service that increases the security of processing systems and information flow
|
|
Authentication
|
Requirement by which a process securly transfers its identity to another
|
|
Privacy
|
The requirement by which communication is possible that can be decoded only by the processes that agree to communicate
|
|
Integrity
|
The requirement by which a recipient can prove to itself that the message is what was indeed sent
|
|
Non-Repudiation
|
The requirement by which a recipient can prove to anyone that the message was indeed sent by the sender
|
|
Obliviousness
|
The requirement by which a process may perform a set of operations but not be sure which one (or more) of them was correctly performed
|
|
Information Flow
|
The requirement by which a high-level process cannot communicate any information to a low-level process, directly or indirectly
|
|
Unconditional Security
|
no matter how much computation is available, cipher cannot be broken since ciphertext provides insufficient information to uniquely determine the corresponding plaintext
-One time pad -No statistical representation -Can only use key once |
|
Computational Security
|
given limited computing resources (e.g. time needed for calculations is greater than age of universe), the cipher cannot be broken
|
|
Two requirements for symmetric encryption
|
1.) Strong algorithm
2.) Only sender/receiver must know code |
|
block cipher
|
Message is broken into multiple blocks (same size) which are encrypted
|
|
Stream cipher
|
whole message is looked at bit by bit, key size of message length required
|
|
DES
|
Data Encryption Standard
Block Cipher 64 bit message 56 bit key -Easy in hardware slow in software -Feistal structure |
|
DES F function
|
Expand 32 bit message, XOR with 48 bit key, pass through S box to get 32 bits and pass through final permutation
|