CS 419 Exam info

When & where

The second exam will be held in our regular classroom on February 27, 2017. It will take up about half the lecture, starting approximately during the second half of the class period. Please be sure to arrive on time and do not plan on coming in just to take the exam. If you arrive after the exam has started, you will not be allowed to take it.

Exam rules

Be sure to arrive on time. If you arrive after the exam starts, you will not be allowed to take it.

This will be a closed book, closed notes exam. Calculators, phones, augmented reality glasses, laptops, and tablets are neither needed nor permitted. If you have these devices, you must turn them off, put them out of sight, and not access them for the duration of the exam.

No other electronic devices are permitted except for hearing aids, pacemakers, electronic nerve stimulators, other implanted medical devices, or electronic watches that function only as timekeeping devices or chronographs.

Bring a couple of pens or pencils with you. An extra pencil is affordable fault tolerance. If you want to splurge, the Palomino Blackwing 602 is considered by many to be one of the finest pencils available. The company advertises its key virtue as "half the pressure, twice the speed." If that claim is really true, using this product might help you complete the exam quicker. If you do not choose bring several extra pencils, you may want to bring a pencil sharpener. Palamino makes a companion Blackwing Long Point Sharpener. This, too, is pricey at $11.00. For a bit less money, you can get what looks like a clone: the Alvin Kum Long Point Pencil Sharpener. Both of these feature two-step sharpening: one for the wood case and another for the graphite core of the pencil. A truly beautiful sharpener is the El Casco Pencil Sharpener, but bringing this to class is really overkill, as is spending over $300 on a pencil sharpener. If you would like to learn the craft of pencil sharpening, there are several books available. The best of these may be How to Sharpen Pencils: A Practical & Theoretical Treatise on the Artisanal Craft of Pencil Sharpening for Writers, Artists, Contractors, Flange Turners, Anglesmiths, & Civil Servants by David Rees. Do not be intimidated by the omission of "students" in the title. You can read more about it at artisinalpencilsharpening.com. A video by David Rees is here. You are welcome to bring a full pencil sharpening travel kit to the exam but be aware that a proper sharpening routine may consume too much time during the exam and may be messy.

You are responsible for the material from since exam 1, weeks 5 through 9.

Topics

Topics that you should know and may be on the exam include:

App Confinement

  • Containers
    • Security components: namespaces, cgroups, capabilities
    • Benefits
      • Separate policy from enforcement
      • Helps avoid comprehension errors
  • Sandboxing
    • System call interposition
      • Hooks
      • Per-process policies
      • User-level (e.g., Janus) problem: TOCTTOU
    • NaCl (Chromium Native Client)
      • Goal
    • Java
      • roles of bytecode verifier, class loader, security manager
    • OS-level sandboxing
  • Virtual Machines
    • Process virtual machine: what is it? How does it differ from a VM?
    • What's a hypervisor (virtual machine manager)
    • Handling of privileged instructions with VMM in place
    • Native vs. hosted VM
    • Covert channel: what is it?

Malware

  • Worm vs. virus
  • Virus components: infection mechanism, payload, trigger
  • File infector virus
  • Boot sector virus
  • Infected flash drives: AutoRun, hacked firmware, and data leakage
  • Macro viruses
  • Trojan horses
  • Backdoors
  • Phishing, spear phishing
  • Keyloggers
  • I will not ask about JavaScript, source repositories
  • Rootkits: user & kernel mode rootkits
  • I will not ask about the Sony BMG rootkit
  • Hypervisor rootkit: what makes it more dangerous than other rootkits?
  • I will not ask you about the Red Pill (SIDT instruction)
  • I will not ask about Stuxnet
  • What's a 0-day attack?
  • Defenses
    • file protection (including MAC)
    • warning users
    • why they don't always work
    • Anti-virus software
      • Signature scanning
      • Polymorphic viruses: virus payload encryption
      • Sandboxing
      • Anomaly detection
    • removing admin rights from users
    • containers (but know there are problems)

Cryptography

  • definitions: authentication, integrity, nonrepudiation, confidentiality
  • definitions: plaintext, encryption, ciphertext, decription, cipher
  • understand: restricted cipher, public key cipher, symmetric cipher, symmetric key, public key, private key
  • Kerchoff's principle
  • Properties of a good cryptosystem
  • Classic cryptography
    • monoalphabetic substitution cipher; shift cipher
    • attacks: frequency analysis
    • polyalphabetic substitution cipher: Vigenère cipher
    • why is it better than a monoalphabetic substitution cipher
    • one-time pad why is it so secure?
  • What is perfect secrecy?
  • What is a stream cipher seeded pseudorandom number generator
  • What is a rotor machine? just know it's a symmetric polyalphabetic cipher
  • Transposition cipher recognize a skytale
  • What is a block cipher?
    • What is meant by "multiple rounds"?
    • What is a subkey?
    • What is meant by substitution-permutation?
    • I will not ask you how DES works but know it's a Feistel cipher
    • DES vs. 3DES
    • I will not ask you how AES works
    • Electronic Codebook mode (ECB) - problems with using it
    • Cipher Block Chaining mode (CBC)
    • Counter mode (CTR)
  • Understand how you use public & private keys
  • I will not ask you about how RSA works but know it's based on the complexity of factoring products of large primes.
  • RSA problems with using it for general purpose communication
  • Diffie-Hellman key exchange
    • You don't have to know the algorithm
    • Know that it's for key exchange and not encryption
    • Understand how public & private keys are exchanged (you don't need to know the formula)
    • Know that it is based on (a^b)mod c and its strength is based on our inability to find the inverse - do discrete logarithms
    • Advantage over using RSA for key exchange
  • Brute-force search for a key power of 2 complexity
  • What is a hybdrid cryptosystem? What's the advantage?
  • What is meant by forward secrecy?
  • What is meant by backward secrecy?
  • What are ephemeral keys vs. long-term keys?
  • What are session keys?
  • Understand the goals of differential and linear cryptanalysis
  • I will not ask you about Elliptic Curve Cryptography but understand it's a higher-performance, higher-security (fewer bits) alternative to RSA

Message Integrity

  • What is a one-way function?
  • What is a cryptographic hash function?
  • What are the properties of a cryptographic hash function?
  • I will not ask you about the difference between strong and weak collision resistance
  • I will not ask you how SHA-1 works
  • How does the birthday paradox affect the security of a hash function?
  • What is a Message Authentication Code (MAC)?
  • I will not ash you the formulat for HMAC but understand it's based on hashing the message and a secret key
  • Understand what a CBC-MAC is
  • What's a digital signature? How do you create one?

Key exchange

  • Use of a trusted third party with symmetric cryptography
  • Needham-Shroeder: understand the value of adding a nonce
  • Understand the value of adding a timestamp (you don't have to remember the names Denning-Sacco)
  • Understand the value of using session IDs (you don't have to remember the anames Otway-Rees)
  • Kerberos
    • Understand it uses a trusted third party
    • You don't have to know the protocol
    • Understand that you get an encryted session key and a ticket.
    • Understand what a ticket is (basically, the same session key encrypted for the service)
    • I will not ask about the Ticket Granting Server
  • Diffie-Hellman key exchange (see earlier notes)
  • Key exchange using public key cryptography

Authentication

  • Distinction between identification, authentication, & authorization
  • What are the three factors of authentication?
  • What is multi-factor authentication?
  • Password Authentication Protocol
    • How does it work?
    • What are the security problems?
    • Hashed passwords
    • Dictionary vs. brute force attacks
    • Precomputed hashes
    • Salt
    • Password recovery options
  • One-time Passwords
    • Sequence-based
      • Understand how one-way functions can be used to create a list of one-time passwords
    • Challenge-based
      • Know the basic steps of CHAP
      • What makes it secure over a network?
      • I will not ask you about MS-CHAP
    • Time-based
      • Have a basic understanding of how a SecurID token works: f(time, seed, PIN)
  • How are authentication protocols vulnerable to man-in-the-middle attacks?
  • How do you guard against man-in-the-middle attacks?
  • Identity binding: digital certificates
    • Know the purpose of a digital certificate
    • Understand distinguished name, certification authority, & signature
    • What is certificate chaining?
    • What is a root CA?
    • What is a certificate revocation list (CRL)?