COMP2700 Cheat Sheet

Table of Contents

• Introduction
• Foundations of Computer Security
• Security Objectives
• Design Decisions
• Security Principles
• Security Management
• Identification and Authentication -- Slide 122
• Authentication
• Protocols
• Passwords
• Salting
• Policies
• Biometrics
• Failure Rates
• Scenario Analysis
• Identification
• Access Control -- Slide 176
• Access Operations
• Ownership
• Reference Monitors and Hardware Security -- Slide 202
• Unix Security -- Slide 233
• Software Security -- Slide 302
• SOLUTION SET
• Intro Cryptography -- Slide 415
• Symmetric Cryptography
• Modular Arithmetic
• The Ring
• Stream Ciphers & Block Ciphers -- Slide 455
• Stream vs Block
• Stream Ciphers
• Synchronous vs Asychronous
• Random Number Generators
• Block Ciphers
• Galois Field
• Group -- Slide 485
• Field -- Slide 487
• AES -- Slide 501
• AES Encryption Modes -- Slide 521
• Hash and MAC -- Slide 535
• Euclidean Algorithm
• RSA
• Public-Key and Discrete Logarithm -- Slide 618
• Digital Signatures -- Slide 644
• Key Establishment -- Slide 669
• Kerberos -- Slide 697

---

Introduction

Foundations of Computer Security

• Slide 41
• Prevention -> Take measures that prevent your assets from being damaged
• Detection -> Take measures so that you can detect when, how and by whom an asset has been damaged by
• Reaction -> Take measures so that you can recover from damage to your assets

Security Objectives

• Slide 44
• Confidentiality - Slide 45
  • Privacy - Slide 46
• Integrity - Slide 49
• Availability - Slide 52
• Authenticity
• Accountability - Slide 53
  • Non-Repudiation - Slide 54
  • Reliability and Safety - Slide 55

Design Decisions

• Slide 59

1. Where to focus the protection mechanism? - Slide 60
2. Where to place the protection mechanism? - Slide 61
   • Human-machine Scale - Slide 62, 64
     • Concentric protection rings. Centre -> more generic, outside -> more abstract (individual)
   • Onion Model - Slide 63
   • Data vs Information - Slide 65
3. Complexity vs Assurance - Slide 69
4. Centralized vs decentralized control - Slide 70
5. Protection of the 'layer' below - Slide 71

Security Principles

• No hard and fast rules

1. Simplicity - Keep it simple - Slide 79
2. Open Design - Security should not depend on secrecy (Security by obscurity is frowned upon) - Slide 80
3. Compartmentalisation - Organize resources into isolated groups of simialr needs - Slide 81
4. Minimum exposure - Minimize attack surface presented to an adversary - Slide 82
5. Least Privilege - Any component (and user) should operate with the least set of privileges to complete its job - Slide 83
6. Min Trust, Max Trustworthiness - Slide 84
7. Secure, Fail-safe Defaults - System should start and return t oa secure state in event of a failure - Slide 85
8. Complete mediation - Access to any object must be monitored and controlled - Slide 86
9. No Single Point of Failure - Build redundancy wherever and whenever possible - Slide 87
10. Tracability - Log security system events - Slide 88
11. Generating Secrets - Maximize entropy of secrets - Slide 89
12. Usability - Design usable security mechanisms - Slide 90

Security Management

• Slide 94

• Security is a people problem

  • Cannot be solved by technology alone

• Security measures need to be clear and well defined

• Security-awareness training needs to be part of the management process

• Security Policy: A statement that defines the security objectives of an organization - Slide 95

  • States what needs to be protected and how

• Measuring Security

  1. Obtain values for security relevant factors (measurement)
  2. Consolidate measurements into single value (security metrics) - Slide 96 & 97

• Risk Analysis - Slide 100

  • Comprehensive
  • Specific

  $Risk \; Assets \; * \; Threads \; * \; Vulnerabilities$

  • Calculation

    • Slide 115

  • Risk factors include: - Slide 103

    • Vulterability
    • Environment
    • Asset

  • Attacks

    • Likelihood depends on motivations

  • Quantitative or Qualitative? - Slide 104

    • Quantitative Risk Analysis -> Values taken from a mathematical domain
    • Qualitative Risk Analysis -> Values taken from domains without underlying mathematical structure

  • Assets

    • Should be identified and valued
      • Valuation (Monetary replacement costs) - Slide 106
    • Slide 105 for examples

  • Vulnerabilities - Slide 107 & 108

    • Weaknesses of a system, either exploitable by accident or intentionally

  • Threats - Slide 110

  • Mitigation - Slide 117

Identification and Authentication -- Slide 122

Authentication

• A process where one party (verifier) is assured of the identity of a second party (claimant) in protocol
  • Basis
    • What you know
    • What you have
    • Who you are

Protocols

• Slide 124
• Weak Authentication -> Unilateral
• Strong Authentication -> Mutual Authentication required

Passwords

• Hashes - Slide 125
• Storage - Slide 128
• Verification image - Slide 130
• Entropy - Slide 135
  • If given the choice to add more symbols or make it longer, make it longer

Salting

• Added to password before applying hash function
• A random string
• Stored in plaintext along with password
  • 

    
• Attacker would need to pre-compute $2^n$ hashes of the same password for a $n$-bit salt

Policies

• Slide 152

Biometrics

• Biometric systems must include an enrolment process
• Should not use biometrics for the sole basis for authentication
• Verification -> 1:1 - Comparison checks whether there is a match for a given user - Slide 163
• Identification -> 1:n - Comparison tries to identify the user from a database of n users - Slide 164

Failure Rates

• A value between 0 (no matching features) or 1 (all features match) should be assigned

• Slide 165 & 167

• False positive -> Accept wrong user -> Security Probelem

• False negative -> Reject legitimate user -> Usability Problem

Scenario Analysis

• Images in formula sheet

• Failure-to-capture-rate (FTC) -> Frequency of failing to capture a sample

• Failure-to-extract-rate (FTX) -> Frequency of failing to extract a feature from a sample

• Failure-to-acquire rate (FTA) -> Frequency of failing to acquire a biometric feature

• False accept rate (FAR) -> Rate for entrie biometric scheme

• False reject rate (FRR)

Identification

• False positive Identification rate for database with n persons -> Error rate increases as database size increases

Access Control -- Slide 176

• Security Policy -> Statement of what is and what isn't allowed - Slide 179

  • Requester -> Principal (slide 183)
  • Object -> Resource requested
  • Reference monitor -> Abstract machine enforcing access control

• Security Mechanism -> Method, tool, or procedure for enforcing a security policy

• Authentication -> Reference monitor verifies identity of the principal

• Authorization -> Reference monitor decides if access is granted or not

Access Operations

• Slide 184

Ownership

• Discretionary access control (DAC) -> Define an owner for each resource and let the owner set the policy

• Mandatory Access Control (MAC) -> Impose system wide policies on who are allowed access to what

Reference Monitors and Hardware Security -- Slide 202

• Reference Monitor - Slide 205

  • Complete mediation -> Must always be invoked

  • Tamper-proof -> Reference validation mechanism must be tamper-proof

  • Verifiable -> Small enough to be analysed and tested

  • Stuff on OS security

Unix Security -- Slide 233

• Discretionary access control -> Owner, group, other

• Principals -> UIDs and GIDs - Slide 239

• Permissions - http://permissions-calculator.org/

  • Default 0666 for new file
  • Umask and calculations - Slide 267
    • Common umask options - Slide 268

Software Security -- Slide 302

• Common Vulnerabilities - Slide 326

• Type Confusion - Slide 373

• Defenses - Slide 397

  • Safer functions
  • Canaries
  • Least Privilege

---

SOLUTION SET

https://tom.busby.ninja/understanding-cryptography-full-solution-set/

Intro Cryptography -- Slide 415

Symmetric Cryptography

• Encryption and decryption are inverse operations if the same key K is used on both sides

  • Key must be transmitted via secure channel

• Kerckhoff's Principle

A cryptosystem should be secure even if the attacker (Oscar) knows all details about the system with the exception of the secret key

• An adversary only needs to succeed with one attack

Modular Arithmetic

• Usually the smallest non-negative integer r is chosen as the remainder

• Modular division - Slide 442

The Ring

The ring $Z_m$

Rules on slide 444

• Closure -> Adding or multiplying any two numbers always results in a number in the ring
• Adding and multiplying are asssociative
  • Addition is also cumulative
• Distributive law holds
• Neutral element 0 with respect to addition
• Additive inverse element
• Neutral element 1 with respect to multiplication
• Multiplicative inverse exists for some but not all elements in $Z_m$
  • A ring is a structure which we can always add, subtract and multiply. We can only divide by certain elements (namely those for which a multiplicative inverse exists)
  • Multiplicative inverse exists only if:
    • $gcd(a,m)=1$, that is a is coprime or relatively prime to m
    • http://www.alcula.com/calculators/math/gcd/#gsc.tab=0
    • Slide 445

Stream Ciphers & Block Ciphers -- Slide 455

Stream vs Block

• Stream ciphers encrypt bits individually

• Lightweight

• Block ciphers always encrypt a full block

Stream Ciphers

• Encryption and decryption are the same function - Slide 458

• Encryption: -> $y_i = e_{s_i}(x_i) = xi + si \; mod \; 2$

• Decryption: -> $x_i = e_{s_i}(y_i) = yi + si \; mod \; 2$

Synchronous vs Asychronous

• Security depends entirely on key stream $s_i$

• Synchronous -> Key stream depends entirely on the key (+ maybe an IV)

• Asychronous -> Key stream depends also on the ciphertext

Random Number Generators

• Slide 463

Block Ciphers

• Confusion -> Encryption operation where relationship between ciphertext and plaintext is obscured

  • Substitution commonly used to achieve this

• Diffusion -> The influence of one plaintext symbol is spread over many ciphertext symbols to hide statistical properties of the plaintext

  • Bit permutation commonly used

• Idea is to use both, as by themselves they cannot provide security

Galois Field

Group -- Slide 485

• Every element has an inverse $-a$ such that $a + (-a) = 0 \; mod \; m$

Field -- Slide 487

• Finite Field -> Finite number of elements. Number of elements is the order or cardinality of the field

• Prime Field

  • Given a prime $p$, the integer ring $Z_p$ is a prime field, denoted by $GF(p)$
    • Elements are $0,...,p-1$
    • Addition and multiplication always performed modulo $p$
    • Multiplicative inverse always exists for non-zero elements of $Z_p$
  • Example on slide 490

• Extensition Field

  • Slide 492
  • AES finite field contains 256 elements, $GF(2^8)$ -> Extensition field of $GF(2)$
  • Addition -> Slide 493
  • Multiplication -> Slide 494
  • Inversion -> Slide 497

AES -- Slide 501

AES Encryption Modes -- Slide 521

Hash and MAC -- Slide 535

• Digital Signatures - Slide 541

  • Signing -> Requires private key
  • Signature Verification -> Requires public key

• Hash Functions - Slide 547

  • Three security properties

    a. Preimage resistance -> Computationally infeasible to find input $x$ such that $h(x)=z$, i.e. $h(x)$ is one-way

    b. Second preimage resistance -> Computationally infeasible to find any $x_2$ such that $x_1 \ne$x_2$

    c. Collision resistance -> Computationally infeasible to find pairs $x_1 \ne x_2$ such that $h(x_1) = h(x_2)$

Euclidean Algorithm

• Slide 597

RSA

• Slide 606

Public-Key and Discrete Logarithm -- Slide 618

• Order of an element - Slide 624

Digital Signatures -- Slide 644

Key Establishment -- Slide 669

• $N^2$ Distribution Problem -- Slide 677

• Certificates -- Slide 689

Kerberos -- Slide 697