Wähle die Ordner aus, zu welchen Du "Cybersecurity Foundations" hinzufügen oder entfernen möchtest
0 Exakte Antworten
61 Text Antworten
0 Multiple Choice Antworten
Karte wurde gelöscht
How does counter mode (CTR) work
Encrypting a counter to produce a stream cipher
can be parallelized
convert a block cipher into a stream
The message is not encrypted, a number is encrypted and uses the random number that comes out to XOR the message.
Standard mode for all encryption cipher (AES)
Which problem solves Diffie-Hellman
The problem is before a message can be encrypted the “secret key” must be shared with the communication partners over an insecure channel, this problem is solved with Diffie-Hellman
How does the Diffie-Hellman algorithm work
Alice and Bob agree on base parameters.
p = a large prime number, is very big usually 2048-bit or 4096-bit
= also a prime number must be a primiteve root of p e.g. 3 is a primiteve root of 7
Alice and Bob select numbers as private keys
Alice chooses a private value at random
Bob chooses a private value at random
The private vlaues must be between 1 and . Is a 2048-bit number, which is never told to anyone
Alice and Bob each calculate a public key
The public key is created using and to mathematically hide the private version.
The puvlic keys are swapped over the wire
Alice sends the result of the calculation:
Bob sends the result of the calculation:
The private key is combined with the others public key to create the shared “secret key”
The shared secret is usually called the pre-master secret. It’s used to derive session keys
Whats the shared secret if applying the Diffi-Hlleman with the following numbers
g = 3, p = 29
Alicey private key: 23
Bob private key: 12
24, Lösungsweg in den Folien 4 S. 53
What are the two main use cases of RSA
Encryption that only the owner of the public key can read. If you want to send a encrypted message to another network member just take his/her public key and encrypt the data with this key.
Signing that must have been performed by the owner of the private key. If you want to trust a server he can send a message encrypted with his private key and you know by encrypting the message with his public key that ist him/her
What is the discrete logarithm problem
3^29 mod 17 = x x is easy to determine
3^x mod 17 = 12 x is hard to determine, especially for big numbers, because the solution can only be found with brute force
The following variables for an RSA process are given, encrypt and decrypt the message "m" (89)
n=53*59 = 3127
c(MessageBob)= 893 mod 3127=1384
c(MessageBob) = 1384 13942011 mod 3127 = 89
This is an example from the presentation 5 starting at page 27
Tell some facts about RSA
RSA is very weak if encrypting short messages
Padding is added in short messages, optical asymmetric Encryption padding (OAEP) is the used
Introduces an IV into the process and then hashes it
The receiver will have to use the exact same padding to make sure the messages match up
It’s not common to see encryption done in RSA
RSA is 1000x slower than symmetric crypto systems
The following variables are given, what does a signature process look like if the signature of Alice is "SignatureAlice=42"
Tom: c(SignatureAlice)= 42^2753 mod 3233=3065
3065^17 mod 3233 = 42 => SignatureAlice=42
Bob: c(SignatureAlice)= 42^2753 mod 3233=3065
3065^17 mod 3233 = 42 => SignatureAlice=42
Alice: c(SignatureAlice)= 42^2753 mod 3233=3065
Lösungsweg Präsi 4 S.34
Signing is encrypting with the private key
Whats the problem with RSA in a few years
RSA is going to become slower because bigger keys will have to be used.
the main alternative is DSA (Digital Signature Algorithm) which uses
DSA only works for signing
it acts like RSA but uses mathematics similar to Diffie-Hellman
What is a hash funciton and why is it useful
Takes a message of any length and creates a pseudorandom hash with a fixed length.
Used for Message authentication, Integrity, passwords
A good hash algorithm is fast, but not too fast
Whats a strong hash function
Any linput length results in a fixed size hash.
1. it has to be quick but not too quick
2. it has to introduce diffusion => 1 change results in many
3. Given a hash, we can’t reverse it
4. Given a message and its hash, we can’t find another message that hashes to the same thing
5. We can’t find any two messages that have the same hash
MD5: is strong but creates collisions => broken
SHA1 / SHA2: is strong and currently not broken
Whats the current hash standard
SHA-2 256 bit or 512 bit
SHA-3 is not better or worser than SHA-2
Which hash functions should be used for passwords and why is SHA-2 not a good solution
SHA-2 is to fast a attacker can generate a lot of hashes and compare the outputs to the found password
A good solution for password hashes are the following algorithms
PBKDF2(Password-Based Key Derivation Function 2)
works similar to SHA-2 but the process is repeated e.g. 5000 times this makes it 5000 times slower. also these algorithms are hard to run on a GPU which makes it more difficult to parallel create hashes to gues the password.
Where are hashes used
message tampering is a common attack and with hashes it can be ensured that the message wasn't altered.
The hash of the message is added to the packet the receiver applies the hash function on the content and compares it to the received hash, if both of them are the same it's more likely that the data hasn't been changed
How does a DNS zone transfer attack work and why can it be harmfull
A DNS Zone transfer is a process where one DNS server copys parts of its databse to another DNS. This helps to have more than one server which can answer questions about a zone. The slaves ask for a copy by the master.
A DNS Zone transfer attack, is that you pretend to be a slave an get a copy of the DNS zone records.
Risk: The zone records, show a lot of internal topology information about the network, if someone wants to subvert (untergraben) the DNS with spoofing (falsche Identität verwenden) and poisoning, this is very helpful.
What is Red Team in the context of Cybersecurity
Offensive Cybersecurity, focus on penetration testing, assume the role of a hacker, show organizations what could be backdoors or exploits, common practice is that they are outside of the organization.
What is Blue Team in the context of Cybersecurity
Defensive Cybersecurity, Assessment (Bewertung) of network security, identification of possible vulnerabilities, find ways to defend, change and re-group defence mechanisms to make incidents responses much stronger. They are continuously improving the digital security infrastructure using security audits, log and memory analysis, pcap, risk intelligence data
Whats the idea behind risk management?
Reduce risk and support the mission of the organization.
It is impossible to design a risk-free environment
Significant risk reduction is possible often with little effort
Identifying factors that could damage or disclose data
Evaluating those factors in light of data value and countermeasure (Gegenmassnahme) cost
Implementing cost-effective solutions for mitigating(mildern) or reducing risks
Whats part of a risk analysis?
Evaluation, assessment, and the assignment of value for all assets of an organization
Examining (untersuchen) an environment for risks
Evaluating each threat event as to its likelihood of occurring and the cost of damage it would cause if it did occur
Assessing (bewerten) the cost of various countermeasures for each risk and creating a cost benefit report for safeguards to present upper management
Whats Risk mitigation?
reducing risk, implementation of safeguards and countermeasures to eliminate vulnerabilities
Whats Risk assignment
moving risk to another entity or organization
Whats Risk acceptance
risk tolerance, cost/benefit analysis shows that countermeasure costs too much