IT Security: Defense Against the Digital Dark Arts

What are the benefits of symmetric encryption?

-Easy to implement and maintain -Fast and efficient at encrypting and decrypting large amounts of data

How do many secure communication schemes take advantage of the relative benefits of both encryption types?

-an asymmetric encryption algorithm is chosen as a key exchange mechanism to transmit the symmetric encryption key or shared secret to keep it safe in transit. -once it's transmitted, symmetric encryption is used to transmit data quickly

Integrity

-keeping our data accurate and untampered with

Confidentiality

-keeping the data you have hidden from unwanted eyes Examples: -passwords

What are some other ideal qualities of cryptographic hash functions?

-quick to compute and efficient -Infeasible to reverse the function and recover the plain test -A small change in input should result in totally different output so that there is no correlation between the input change and the resulting output -function should not allow hash collisions, meaning two different inputs mapping to the same output

Frequency Analysis

-the practice of studying the frequency with which letters appear in a ciphertext -premise is that in written languages, some letters appear more commonly.

Asymmetric Encryption

-used in public key encryption, it is a scheme in which the key to encrypt data is different from the key to decrypt -each user generates a private key, then using that private key, a public key is derived -Once public/private key pairs are generated, they exchange public keys -strength is the computational difficulty of figuring out private keys from the public keys

What are the 3 concepts that an asymmetric cryptosystem grants?

1. confidentiality 2. authenticity 3. non-repudiation

Rootkit

A collection of software tools used by a hacker in order to mask intrusion and obtain administrator-level access to a computer or computer network. Can hide itself from the system.

Digital Signature Algorithm (DSA)

A common asymmetric encryption algorithm that is primarily used for creating digital signatures.

Vulnerability

A flaw in the system that could be exploited to compromise the system

What is the CIA triad?

A guiding principle to help develop security policies in the workplace and at home.

Substitution Cipher

A method of encryption and decryption in which each letter in the alphabet is replaced by another.

Email spoofing

A source masquerading around as something else. Often an email. Type of social engineering attack.

Ciphertext

A string of text that has been converted to a secure form using encryption.

Advanced Encryption Standard (AES)

A symmetric 128-bit block cipher that was approved by the NIST in late 2000 as a replacement for DES. -also supports 192-bit and 256-bit sizes

What's the benefit of asymmetric encryption vs symmetric encryption?

Allows secure communication over an untrusted channel

Stream Cipher

An algorithm that takes one character and replaces it with one character. 1:1 relationship between data in and data out. Faster than block ciphers, but can be less secure.

Elliptic Curve Cryptography (ECC)

An algorithm that uses elliptic curves instead of prime numbers to compute keys. -Able to achieve security with smaller keys that are comparable to larger keys in the traditional public key system

injection attacks

An attack that injects malicious code or commands. Common injection attacks are DLL injection, command injection, and SQL injection attacks. -Mitigated by good code development principles such as sanitizing data and validating input

Cross-Site Scripting (XSS)

An attack that injects malicious scripts into a Web application server to direct attacks at clients. Can steal log-ins and cookies.

Phishing Attack

An attack that uses deception to fraudulently acquire sensitive personal information by masquerading as an official-looking e-mail.

What is the RC4 NOMORE attack?

An attack that was able to recover an authentication cookie from a TLS-encrypted connection in just 52 hours.

Data Encryption Standard (DES)

An older type of block cipher selected by the United States federal government back in the 1970s as its encryption standard; due to its weak key, it is now considered deprecated. Designed by IBM. -symmetric 64-bit block cipher

Symmetric Key Algorithm

Any encryption method that uses the same key for both encryption and decryption.

Social Engineering Attack

Attack methods for tricking people into engaging in non-secure activities, such as clicking on links and downloading infected files or giving personal information

Why is key length important?

Because it defines the maximum potential strength of the system in the case of brute strength attacks

What does CIA stand for?

Confidentiality, Integrity, Availability

What else can asymmetric encryption be used for?

Creating a secure digital signature

How is cryptographic hashing different from encryption?

Cryptographic hash functions should be one directional. You input plain text into the hash function and get output that unintelligible, but you can't take the hast output and recover the plain text.

Botnets

Designed to utilize the power of the internet-connected machines to perform some distributed function. Ex.- botnets to mine bitcoins

What is another use for hashing with regards to databases?

Hashing can be used to identify duplicate data sets in databases or archives to speed up searching of tables or to remove duplicate data to save space

Ransomeware

Holds system hostage until demands are met. Ex.-WannaCry Ransomeware attack

What are the costs of using symmetric encryption?

If the key is compromised, then entire system is compromised and key must be changed at all end points

Trojan Horse

Malware that disguises itself as one thing but does something else. User has to execute it.

ROT 13

Monoalphabetic cipher that shifts characters 13 characters. Stands for Rotate 13. A would become N, B would become O, etc.

What's the cost of asymmetric encryption vs symmetric encryption?

More computationally expensive and complex. i.e. slower and uses more resources.

Can the private key from an asymmetric encryption be shared with anyone?

No, it's secret

RSA

One of the first practical asymmetric systems to be developed patented in 1983 and released to the public domain in 2000. -Specifies mechanisms for generation and distribution of keys along with encryption and decryption operation using these keys -key generation method depends on choosing two unique, random, and usually very large prime numbers

What is the most secure common safeguard to prevent unauthorized account access?

Passwords

Spear Phishing Attack

Phishing attack on specific target using personal info. Type of social engineering attack.

Ping Flood Attack

Ping utility used to send large number of echo request messages and overwhelms server as it can't keep up.

Security through obscurity

Relying upon the secrecy or complexity of an item as its security, instead of practicing solid security practices.

Tailgating Attack

Social engineering attack involving gaining access to a restricted area or building by following a real employee in.

What's the preferred encryption configuration for web browsers?

TLS 1.2 with AES GCM

SQL Injection Attack

Targets entire website if website is using SQL database. Attackers can potentially run SQL commands that allow them to delete website data, copy it, and run other malicious commands.

Encryption

The act of taking a message called plaintext and applying an operation to it, called a cipher, so that you receive a garbled, unreadable message as the output, called ciphertext.

encryption algorithm

The first part of a cipher. The underlying logic of process that's used to convert the plaintext into ciphertext.

Cryptoanalysis

The practice of trying to break an encrypted message.

What does it mean that the ideal cryptographic hash function should be deterministic?

The same input value should always return the same hash value

Key (cipher)

The second part of a cipher. Introduces something unique into your cipher

Cryptology

The study of cryptography

How is confidentiality granted through asymmetric encryption?

Through the encryption-decryption mechanism since the encrypted data is kept confidential and secret from unauthorized third parties

Evil Twin Attack

Tricks users into connecting to a network that is identical to yours, but controlled by traffic. Once connected, the attacker can monitor all traffic.

Spyware

Type of malware that is meant to spy on you. Reports on your data to other party. Key logger records every key stroke you make.

How are message authentication codes (MAC) different from digital signatures using public-key cryptography?

Unlike digital signatures using public-key cryptography, the secret key used to generate the MAC is the same one that is used to verify it

Can the public key from an asymmetric encryption be shared with anyone?

Yes

Ping of Death Attack

a DoS attack that works by sending a malformed ping to a computer. The ping would be larger in size than what the internet protocol was made to handle resulting in a buffer overflow. This would cause the system to crash and potentially allow the execution of malicious code.

Message Authentication Code (MAC)

a bit of information that allows authentication of a received message, ensuring that the message came from the alleged sender and not a third party masquerading as them. -also ensures the message wasn't modified in some way in order to provide data integrity

Denial-of-Service (DoS) Attack

a cyber attack in which an attacker sends a flood of data packets to the target computer, with the aim of overloading its resources

Man-in-the-middle Attack

a hacker placing himself between a client and a host to intercept communications between them. Common version is a "Session Hijacking" aka "Cookie Hijacking" that steals auth tokens

Blackhat Hacker

a malicious hacker who attempt to break into systems

Block Cipher

a method of encryption that processes blocks of data rather than streams. Slower than stream cipher, but more secure by default.

Baiting Attack

a physical attack on systems such as leaving a USB around for someone to pick up and stick into their computer. Type of social engineering attack.

Diffie-Hellman (DH) Key Exchange

a popular algorithm designed solely for key exchange that was named after co-inventors and is used as part of the Public Key Infrastructure (PKI) system.

HMAC (Keyed-Hash-Based Message Authentication Code)

a popular and secure type of MAC that uses a cryptographic hash function along with a secret key to generate a MAC

Decryption

a process that reverses encryption, taking a secret message and reproducing the original plain text

Rivet Cipher 4 (RC4)

a symmetric stream cipher that gained widespread adoption because of its simplicity and speed. Supports key sizes from 40-bits to 2048-bits. Cipher was shown to have weaknesses.

Caesar Cipher

a technique for encryption that shifts the alphabet by some number of characters (number of offset is key)

Hasing (or a hash function)

a type of function or operation that takes in an arbitrary data input and maps it to an output of a fixed sized called a hash or digest -You feed in any amount of data into a hash function and the resulting output will always be the same size, but the output should be unique to the input such that two different inputs should never yield the same output

Malware

a type of malicious software that can be used to obtain your sensitive information, or delete or modify files. Most common types include: trojans, rootkits, backdoors, botnets, viruses, worms, adware, and spyware

0-day vulnerability

a vulnerability that is not known to the software developer or vendor but is known to an attacker -Name refers to amount of time developer has to take care of vulnerability

Backdoor

a way to get into a system if other ways are not allow. commonly installed after gaining access if want to keep access

Rogue AP

an access point that is installed on the network with the network admin's knowledge (form of man-in-the-middle attack)

Attack

an actual attempt at causing harm to a system

Virus

attach themselves attach to programs and files and replicates itself over and over to spread as far as it can

DDoS attack (Distributed Denial of Service attack)

attack in which an attacker hijacks or manipulates multiple computers' processing power (through the use of zombies, bots, or drones) on disparate networks in the process of carrying out a DoS attack

Dictionary Attack

attack that tries out commonly used passwords from a dictionary

Whitehat Hacker

attempt to find weaknesses in a system and then alert the owners of the systems

How is authenticity granted through asymmetric encryption?

by the digital signature mechanism, as the message can be authenticated or verified that it wasn't tampered with.

Password Attack

common attack that utilizes software like password-crackers that try and guess your password

Worms

like viruses but instead of attaching themselves to spread, worms can live on their own and spread through the network. Example: lovebug email

Logic bomb

malware intentionally installed that runs when a certain set of conditions are met

Plaintext

normal text that has not been encrypted

MD5

popular and widely used hash function designed in the early 1990s as a cryptographic hash function -Operates on a 512-bit blocks and generates 128-bit hash digest -Design flaw discovered in 1992 and 2004 -No longer used widely today

Risk

possibility of suffering a loss in the event of an attack on the system

Initialization Vector (IV)

random data integrated into the encryption key with the resulting combined key then used to encrypt the data. Creates a one-time encryption key.

Adware

software that displays advertisements and collects data

Exploit

software that is used to take advantage of a security bug or vulnerability

Hacker

someone who attempts to break into or exploit a system

Kerckhoff's Principle

states that a cryptosystem or a collection of algorithms for key generation, encryption, and decryption operations that comprise a cryptographic service should remain secure, even if everything is known except for the key -Also known as Shannon's Maxim

What must happen for a key encrypted using an initialization vector to be decoded?

the IV must be sent in plantext along with the encypted message

How is non-repudiation granted through asymmetric encryption?

the author of the message isn't able to dispute the origin of the message meaning we can be assured the author is who they claim to be

Availability

the information we have is readily accessible to those people that should have it

Brute Force Attack

the password cracker tries every possible combination of characters

Threat

the possibility of danger that could exploit a vulnerability

Cyrptography

the practice of coding and hiding messages from a 3rd party

Steganography

the practice of concealing messages or information from observers without encryption

SYN flood attack

type of DoS attack in which a large number of SYN packets are sent to a server without ever acknowledging the SYN-ACK messages it receives back. This keeps the connection open and takes up the server's resources and preventing other users from connecting. Referred to as "half-open attacks"

DNS Cache Poisoning Attack

works by tricking a DNS server into accepting a fake DNS record that will point you to a compromised DNS server. It then feeds you fake DNS addresses when you try to access legitimate websites. It can also spread to other networks.