Learning Objectives
Topic 1. Basic Concepts
- Be able to give examples of contributing factors to network security problems.
- Be able to explain the following concepts:
- Three (CIA) security objectives: confidentiality, integrity, availability
- security policies, security mechanisms, security assurance
- Three general types of security mechanisms: prevention, detection, and tolerance
- Threat, vulnerability, risk
- Threat model, attack model
- Be able to give example interpretations of the three security objectives in specific context
- Be able to give examples and their explanations of security services (encryption, authentication, integrity, non-repudiation, access control, intrusion detection, etc.)
- Be able to explain what is security by obscurity and why it is bad
Topic 2. Basic Cryptography
- Be able to draw a diagram to explain what are plaintext, ciphertext, encryption, decryption, and key.
- Be able to explain the four kinds of cryptanalysis techniques: ciphertext only analysis, known plaintext analysis, chosen plaintext analysis, and chosen ciphertext analysis.
- Be able to explain what are unconditional security, computational security, and one-time pad.
- Be able to explain the following types of cryptography and difference between them:
- Secret key cryptography
- Public key cryptography
- Hash functions
- Be able to explain what are block cipher and stream cipher.
- Be able to give four examples for the application of secret key cryptography.
- Be able to give four examples for the application of public key cryptography.
- Be able to give four examples for the application of hash functions.
Topic 3. Secret Key Cryptography
- Be able to draw a figure to explain and illustrate Feistel cipher.
- Be able to explain why consecutive permutations (or consecutive substitutions) do not enhance the security of encryption.
- Be able to expalin what are confusion and diffusion and how they are generally achieved in Feistel ciphers.
- Be able to describe the basic facts of DES and AES, including block size, key size, general structure, number of rounds, and brief history.
- Be able to explain and use the DES subkey generation algorithm, the DES per-round expansion algorithm, and S-Boxes.
- Be able to explain the AES state, S-Box, inverse S-Box, MixColumn and inverse MixColumn function, and sub-key generation.
- Be able to explain what are avalanche effect, DES weak keys and semi-weak keys.
- Be able to expalin and draw figures to illustrate the following block cipher modes of operations:
- Be able to describe the chaining dependency, error propagation, and error recovery properties for the above block cipher modes of operations.
- Be able to explain the meet-in-the-middle attacks against double DES.
- Be able to explain and draw a figure to illustrate triple DES, triple DES in CBC mode with CBC on inside and outside.
- Be able to explain and draw figures to illustrate how block cipher can achieve (1) message authentication only, (2) both message authentication and encryption with authentication tied to plaintext, and (3) both message authentication and encryption with authentication tied to ciphertext.
- Be able to explain the Data Authentication Algorithm achieved with DES in CBC mode.
Topic 4. Hash Functions
- Be able to explain what is a hash function and the properties of hash functions, including one-way property, weak collision free property, and strong collision free property.
- Be able to explain the birthday paradox problem, birthday attacks, why the size of hash function must be at least 128 bits.
- Be able to describe the following applications of hash functions
- File authentication
- User authentication (assuming two users share a secret key)
- Commitment using hash functions
- Message encryption
- Digital signature
- Be able to explain how to build hash using block cipher through block chaining techniques, its weakness due to meet-in-the-middle attacks, and how the meet-in-the-middle attack can be launched.
- Be able to describe the MD5 hash function, including the hash image size, the padding procedure, the block size, the processing of each message block, and the security concerns of MD5.
- Be able to describe the SHA-1 hash function, including the hash image size, the padding procedure, the block size, the processing of each message block, and the security concerns of SHA-1.
- Be able to describe the HMAC message authentication algorithm.
- Be able to describe the extension attack against the hash-based authentication algorithm using H(k|M|padding).
Topic 5. Basic Number Theory and Public Key Cryptography
- Be able to explain the concept of greatest common divisor (GCD) and use Euclid algorithm to calculate GCD manually.
- Be able to apply extended Euclid algorithm manually.
- Be able to perform modular arithmetics.
- Be able to explain what is multiplicative inverses and use extended Euclid algorithm to calculate multiplicative inverse.
- Be able to explain Fermat's theorem and Euler's theorem, and use them to speed up modular exponentiation.
- Be able to explain the Totient function and calculate the Totien function for given integers.
- Be able to explain the order of an integer modular n.
- Be able to explain what are a primitive root and discrete logrithms, and manually calculate discrete logrithms for small integers.
- Be able to describe key generation, encryption, decryption, signature generation, and signature verification operations in RSA algorithm. Be able to manually perform these operations for small numbers.
- Be able to describe the probable-message attack against RSA
and how PKCS #1 defeats this attack.
- Be able to describe the timing attack against RSA and how blinding defeats this attack.
- Be able to describe key generation and key exchange for Diffie-Hellman (D-H) protocol. Be able to manually perform these operations for small numbers.
- Be able to explain what is man-in-the-middle attack against D-H protocol and how to prevent it.
- Be able to describe D-H protocol in phone book mode.
- Be able to describe how D-H protocol is used for encryption.
- Be able to explain key generation, signature generation, and signature verification in DSA algorithm. Be able to manually perform these operations for small numbers.
Topic 6. Identification and Authentication
- Be able to explain the concepts of authentication and identification. Be able to give examples of authentication mechanisms.
- Be able to explain general approaches for authentication in large networks using trusted intermidiaries (KDC and CA), and explain what are KDC, CA, and CRL.
- Be able to explain the general basis of user authentication (what the user knows, where the user can be reached, what the user is, and what the user has).
- Be able to explain what is password based user authentication, threats to password based authentication, how to store user passwords in computer systems.
- Be able to explain dictionary attacks (both online and offline). Be able to describe the password salt mechanism used to mitigate dictionary attacks and its effectiveness against online and offline dictionary attacks.
- Be able to explain the one-time password mechanisms, including S/Key and time synchronized authentication tokens.
- Be able to explain biometrics based user authentication and give examples of such approaches. Be able to explain the key metrics for biometrics authentication, including false positives and false negatives.
- Be able to explain typical attacks against authentication protocols, including eavesdropping, deleting, forging, modifying, replaying, reflection attacks, and delaying attacks. Be able to illustrate the above attacks using examples. Be able to describe defenses against the above attacks.
- Be able to describe the Needham-Schroeder protocol. Be able to explain the "old-key attack" against the Needham-Schroeder protocol and the three countermeasures (timestamp, expanded N-S, and Ottay-Ree protocol).
Topic 7. Trusted Intermediaries
- Be able to explain the general way KDC based trusted intermediaries are used.
- Be able to describe the Kerberos V4 protocol, and explain which parts of the protocol help achieve (1) centralized authentication service, (2) protection of user passwords, and (3) anti-replay attack capability.
- Be able to describe Kerberos inter-real authentication.
- Be able to explain the general way PKI is used.
- Be able to explain what is a CA, and describe the ways that multiple CAs are organized in large networks.
- Be able to explain what is CRL and delta CRL.
Topics 8.1-2 IPsec and IKE
- Be able to describe the IPsec architecture, IPsec Security Association (SA), SA bundle, Security Parameter Index (SPI). Explain the purpose of Security Policy Database (SPD), Secure Association Database (SAD), and Internet Key Exchange (IKE) modules in the IPsec architecture.
- Be able to describe the IPsec Authentication Header (AH) and Encapsulating Security Payload (ESP) protocols as well as Tunnel and Transport modes.
- Be able to describe the difference in the authentication capabilities provided by AH and ESP.
- Be able to describe the anti-replay feature in IPsec ESP.
- Be able to explain the IPsec outbound processing and inbound processing.
- Be able to explain the security principles for Internet key management, particularly the property of Perfect Forward Secrecy (PFS). Be able to describe the (only known) way to achieve PFS (ephemeral D-H).
- Be able to describe the separation of key establishment and key management in Internet key management.
- Be able to describe the SKIP protocol for sessionless IPsec key management.
- Be able to describe the Oakley key establishment protocol and explain the mechanisms to defeat (1) resource clogging attacks (i.e., Cookie), (2) replay attacks (i.e., nonce), and (3) man-in-the-middle attacks (i.e., with authentication).
- Be able to explain high-level issues of ISAKMP protocol, including the protocol structure (2 phases), protocol message construction (i.e., with different types of payloads), and exchange types. Be able to explain the following ISAKMP exchanges: basic exchange, ID protection exchange, authentication only exchange, aggressive exchange, and informational exchange.
- Be able to explain the IKE protocol, including the phase 1 exchanges using (1) signature authentication, (2) authentication with public key encryption, (3) authentication with revised public key encryption, and (4) authentication with pre-shared key in both main mode and aggressive mode. In each case, be able to explain how authentication is achieved, how PFS is achieved, and how ID protection is achieved.
Topic 8.3 SSL/TLS
- Be able to explain the basic facts of SSL/TLS, including its protocol architecture, its subprotocols and their objectives, basic SSL functionalities (authentication, secrecy, compression, generation and distribution of keys, security parameter negotiation), and SSL connection and session.
- Be able to describe the SSL record protocol operations (outbound and inbound).
- Be able to describe the SSL handshake protocol operations (4 phases), the generation of master secret and cryptographic parameters.
- Be able to describe the change cipher spec protocol, and explain how the cryptographic parameters negotiated in the handshake protocol take effect through the change cipher spec protocol.
- Be able to give examles of application protocols that run on top of SSL (https, smtps, nntps, ftps, pop3s, imaps).
Topic 8.4 Firewalls and IDS (Not included in final exam)
- Be able to explain the following concepts:
- firewall
- DMZ
- firewall capabilities, including logging traffic, network address translation, encryption/decryption, application payload transformation
- limitations of firewalls
- Be able to explain basic firewall technologies, including
- packet filters
- session filters
- application-level proxies
- circuit level proxies
- Be able to explain the following basic concepts on IDS
- Anomaly detection
- misuse detection (or signature-based detection, rule-based detection)
- False positive rate
- False negative rate
- Host-based IDS
- Network-based IDS
- Base rate fallacy
©2011
Peng Ning . All rights reserved.