# CS 419 Exam info

# When & where

The third exam will be held in our regular classroom on
**November 4, 2019**.
It will take up about half the lecture, starting
approximately during the second half of the class period.
**Please be sure to arrive on time**
and do not plan on coming in just
to take the exam. If you arrive after the exam has started, you
will **not** be allowed to take it.

Be sure to bring a pencil!

# Exam rules

Be sure to arrive on time. If you arrive after the exam starts, you will not be allowed to take it.

This will be a closed book, closed notes exam. Calculators, phones, augmented reality glasses, laptops, and tablets are neither needed nor permitted. If you have these devices, you must turn them off, put them out of sight, and not access them for the duration of the exam.

No other electronic devices are permitted except for hearing aids, pacemakers, electronic nerve stimulators, other implanted medical devices, or electronic watches that function only as timekeeping devices or chronographs.

Bring a couple of pens or pencils with you.
The exam will be scanned, so use a pen only if you are supremely confident in not changing your mind.
An extra pencil is affordable fault tolerance.
If you want to splurge, the Palomino Blackwing 602
is considered by many to be one of the finest pencils available. The company
advertises its key virtue as "half the pressure, twice the speed." If that
claim is really true, using this product might help you complete the exam quicker.
If you do not choose bring several extra pencils, you may want to bring a pencil sharpener. Palamino makes
a companion Blackwing Long Point Sharpener.
This, too, is pricey at $11.00. For a bit less money, you can get what looks like a clone: the
Alvin Kum Long Point Pencil Sharpener.
Both of these feature two-step sharpening: one for the wood case and another for the graphite
core of the pencil.
A truly beautiful sharpener is the
El Casco Pencil Sharpener, but bringing this
to class is really overkill, as is spending over $300 on a pencil sharpener.
If you would like to learn the craft of pencil sharpening, there are several
books available. The best of these may be
*How to Sharpen Pencils: A Practical & Theoretical Treatise on the Artisanal Craft of Pencil Sharpening for Writers, Artists, Contractors, Flange Turners, Anglesmiths, & Civil Servants*
by David Rees.
Do not be intimidated by the omission of "students" in the title.
You can read more about it at artisinalpencilsharpening.com.
A video by David Rees is here.
You are welcome to bring a full pencil sharpening travel kit to the exam but be aware that a proper sharpening
routine may consume too much time during the exam and may be messy.

# Past exams

You can use my recent exams as a guide to what this exam may look like. Expect a bunch of multiple-choice questions.

# Study guide

You are responsible for the material from since exam 1, weeks 5 through 9.

I've prepared a study guide
that attempts to cover **most** of the material you should know.
The guide is not a substitute for the lectures, assignments, lecture material, and other reading matter.
My goal is to put most of the information you need to know in as
concise a form as possible, with more elaboration in areas where
textbook coverage may be lacking.

# Topics

Topics that you should know and may be on the exam include:

## Malware

- Be familiar with terms: adware, spyware, ransomware, DDoS, zero-day, n-day, social engineering
- Worm vs. virus
- Virus components: infection mechanism, payload, trigger (logic bomb)
- Infiltration mechanisms
- Code vulnerabilities, social engineering, modified compilers, modified USB firmware, ...
- Where viruses live
- File infector virus
- Bootloader (or boot sector) virus
- Infected flash drives: AutoRun, hacked firmware, and data leakage
- Macro viruses
- Trojans
- Backdoors
- I will not ask about JavaScript, source repositories
- I will not ask about the Sony BMG rootkit
- Rootkits: user & kernel mode rootkits
- Hypervisor rootkit: what makes it more dangerous than other rootkits?
- I will not ask you about the Red Pill (SIDT instruction)
- I will not ask about Stuxnet
- Gathering information via malware
- Phishing, spear phishing
- Keyloggers
- Deceptive websites
- Defenses
- file protection (including MAC)
- warning users
- why they don't always work
- Anti-virus software
- Signature scanning
- Polymorphic viruses: virus payload encryption
- Behavioral analysis
- Removing admin rights from users
- Containers (but know there are problems)
- Countermeasures: packers, polymorphism, triggers.

## Cryptography

- Terms:
- authentication, integrity, nonrepudiation, confidentiality
- plaintext, encryption, ciphertext, decription, cipher
- restricted cipher (secret algorithm), public key cipher, symmetric cipher, symmetric key, public key, private key

- Kerckhoffs's principle
- Properties of a good cryptosystem
- Classic cryptography
- Monoalphabetic substitution cipher; shift cipher
- Attacks: frequency analysis
- Polyalphabetic substitution cipher: VigenĂ¨re cipher
- Why is it better than a monoalphabetic substitution cipher?
- One-time pad: why is it so secure?
- What is perfect secrecy and what is needed to achieve it?
- What is a stream cipher and a keystream? Seeded pseudorandom number generator.
- What is a running key?
- What is a rotor machine? Just know it's a symmetric polyalphabetic cipher.
- Transposition cipher: Have a basic idea of what it does.
- What is a block cipher?
- What is meant by an
*iterative cipher*and*multiple rounds*? - What is a subkey?
- What is meant by substitution-permutation?
- What is meand by
*confusion*and*diffusion*? - What is an s-box?
- What is the general idea behind a Feistel cipher?
- I will not ask you how DES works but know it's a Feistel cipher
- DES vs. 3DES
- I will not ask you how AES works
- Block cipher modes
- Electronic Code Book mode (ECB) - problems with using it
- Cipher Block Chaining mode (CBC)
- Counter mode (CTR)
- Understand the goals of differential and linear cryptanalysis
- Key distribution
- Why is it a problem?
- What is meant by a
*trapdoor function*? - Public key cryptography
- Understand how you use public & private keys
- I will not ask you about how RSA works but know it's based on the complexity of factoring products of large primes.
- Some problems with using RSA for general purpose communication
- Diffie-Hellman key exchange
- You don't have to know the algorithm
- Know that it's for key exchange and not encryption
- Understand how public & private keys are exchanged (you don't need to know the formula)
- Know that it is based on (a^b)mod c and its strength is based on our inability to find the inverse - do discrete logarithms
- Advantage over using RSA for key exchange
- Brute-force search for a key: power of 2 complexity
- What is a hybrid cryptosystem? What's the advantage?
- What is meant by forward secrecy?
- What are ephemeral keys vs. long-term keys?
- What are session keys?
- I will not ask you details about Elliptic Curve Cryptography but understand it's a higher-performance, higher-security (fewer bits) alternative to RSA

## Message Integrity

- What is a one-way function?
- What is a cryptographic hash function?
- What are the properties of a cryptographic hash function?
- What is pre-image resistance?
- What does it mean to be collision resistant?
- I will not ask you about the difference between strong and weak collision resistance
- I will not ask you how SHA-1 or SHA-2 work
- How does the birthday paradox affect the security of a hash function?
- Hash pointers: tamper-proof data
- How do they differ from normal pointers?
- What is a tamper-evident log, or blockchain?
- What is a Merkle tree?
- Message Authentication Codes
- What is a Message Authentication Code (MAC)?
- I will not ask you the formulat for HMAC but understand it's based on hashing the message and a secret key
- Understand what a CBC-MAC is
- Digital signatures
- What is a digital signature? How do you create one?
- What are the properties of a digital signature?
- What are the three basic operations you need to create and use digital signatures?
- What is a session key?
- How can a public key serve as an anonymous identity?

## Key exchange

- Diffie-Hellman key exchange (see earlier notes)
- Key exchange using public key cryptography
- Use of a trusted third party with symmetric cryptography
- Needham-Schroeder: understand the value of adding a nonce
- Understand the value of adding a timestamp (you don't have to remember the names Denning-Sacco)
- Understand the value of using session IDs (you don't have to remember the names Otway-Rees)
- Kerberos
- Understand it uses a trusted third party
- You don't have to know the protocol in detail but understand the phases and data you get
- Understand that you get an encryted session key and a ticket
- Understand what a ticket is (basically, the same session key encrypted for the service)
- Understand what a Ticket Granting Server does (provides tickets for all services other than giving the user a ticket for the TGS)
- Certificates
- How do certificates serve as non-anonymous identities?
- Understand that a certificate contatins identifying information, a public key, the CA's identification, and CA's signature
- What is a CA (Certification Authority)?
- What is certificate revocation?
- Signed software
- Understand the principle
- Advantage of per-page signatures

## Authentication

- Distinction between identification, authentication, & authorization
- What are the three factors of authentication?
- What is multi-factor authentication?
- Password Authentication Protocol
- How does it work?
- What are the security problems?
- Hashed passwords
- Dictionary vs. brute force attacks
- Precomputed hashes
- Salt
- Password recovery options
- One-time Passwords
- Sequence-based
- Understand how one-way functions can be used to create a list of one-time passwords
- Challenge-based
- Know the basic steps of CHAP
- What makes it secure over a network?
- I will not ask you about MS-CHAP (Microsoft's implementation)
- Time-based
- Have a basic understanding of how time-based one-time passwords (TOTP) work: f(time, key)
- I will not ask you about SecurID cards
- Public key authentication
- FIDO U2F (from the assignment)
- What is it's purpose?
- High-level protocol
- How are authentication protocols vulnerable to man-in-the-middle attacks?
- How do you guard against man-in-the-middle attacks?
- Signed software
- Understand the principle
- Advantage of per-page signatures

## Bitcoin and Blockchain

- Double spending problem
- Distributed ledger: blocks and blockchains
- Role of Merkle trees and blockchains
- User identification ("addresses")
- Role of mining and proof of work
- Handling competing chains
- What is a 51% attack?