Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- • Definitions of security
- • Define adversary model, threat model, and security model
- • Create and critique security models for familiar systems
- • Define: confidentiality, integrity, availability, asset, participant, vulnerability, threat, adversary, defense, authorization, authentication
- • List, Define, and Identify types of attacker (i.e. casual user, cybercriminals, nation-state,
- etc.)
- • List, Define, and Identify the four archetype attacks and the five archetype defenses
- • Create and and articulate threat models for well-understood systems
- • Define the principle of adequate protection
- • Define: cryptology, cryptography, cryptanalysis, plaintext, ciphertext, encryption, decryption, key, keyspace, perfect secrecy
- • Define Kirckhoffs’s principle and why cryptosystems should conform to it
- • Identify key management problems
- • Explain OTP, how it offers perfect secrecy, and list issues that complicate its use
- • Give examples of how crypto systems fail in practice (From the Anderson Paper)
- • NOT: Understand symmetric cipher internals
- • Define stream cipher, block cipher, block size, permutation, substitution, confusion, diffusion
- • Explain the distinction between stream and block ciphers
- • List and explain potential problems with using stream ciphers
- • Explain, diagram, and identify pros and cons of ECB, CBC, and CTR cipher modes
- • Choose an application-appropriate symmetric cipher and mode.
- • Identify which cipher modes guarantee integrity
- • Create cryptographic constructions that provide integrity and authenticity
- • Identify and explain the three properties of a cryptographic hash function
- • Explain the significance of the birthday paradox to hash function security
- • Explain how HMAC works and why it is needed
- • Identify at least three applications of hash functions
- • Explain common uses of RSA
- • Explain the components of RSA public and private keys and their relationship
- • Given a small public/private key, encrypt/decrypt a message using RSA
- • Identify and explain the hard problem underlying RSA
- • Explain digital signatures, common uses, and compute a digital signature given a small RSA public/private key pair
- • Explain the differences between a digital signature and an HMAC
- • Explain the uses of Diffie-Hellman
- • Given a small modulus and base, complete both steps of a DH exchange
- • Identify and explain the hard problem underlying DH
- • Define and explain perfect forward secrecy
- • Explain Public Key Infrastructures and potential problems with their use
- • Explain the tradeoffs between “web of trust” and PKI models
- • Define authentication, credential (and 3 types)
- • Define and explain multi-factor authentication
- • Identify and explain common problems, attacks and defenses related to passwords and secret questions, including online and offline brute-force attacks
- • Identify examples of bearer-authenticators (“something you have”)
- • Identify examples of biometric authenticators and explain issues with their use
- • Explain web authentication protocols and security issues with their use
- • Explain cryptographic authentication protocols
- • Design and critique cryptographic authentication protocols
- – How to study: look at questions at end of KPS Chapter 11
- – Explain why a protocol authenticates a party
- – Identify flaws in a protocol (e.g., reflection, replay attacks)
- • Explain how tickets can provide single sign-on (SSO)
- • Explain attacks and defenses for:
- – TCP/IP message spoofing
- – sequence number guessing
- – source routing
- – other routing attacks
- – ICMP attacks (including “ping of death”)
- – ARP spoofing
- • Explain the “simplified” SSL protocol presented in class
- • Identify, explain, and compare key exchange methods
- • Explain and identify the six values generated for sessions
- • Explain the differences between server and mutual authentication
- • Identify attacks that circumvent SSL and/or TLS
- • Identify and explain two main types of VPNs
- • Identify, explain, and draw packets for the two modes and two protocols of IPsec packet processing (four total options)
- – Describe the protection provided to different fields
- • Define SA, SPI, SAD, SA Bundle, SPD
- • Describe the two phases of IKE
- • Describe the advantages and disadvantages of a split VPN
- • Define and compare stateless and stateful firewalls
- • Write a firewall policy (stateless or stateful) given a set of requirements
- – Evaluate a firewall a policy for a given packet
- • Define and compare signature vs. anomaly IDS
- • Define and apply the base rate fallacy
- • Draw ROC curves for a given detection system
- • Identify threats to DNS
- • Explain how DNS cache poisoning works (“vanilla” and “Kaminsky”)
- • Identify defenses against DNS attacks
- • Explain common routing security issues
- – Link cutting
- – Hijacking
- – Denial of service
- • Explain and Identify the principle security problems with BGP, including lack of authentication and how prefix highjacking is conducted.
- • Explain the mechanism and impacts of prominent BGP security incidents
- • Explain, compare, and contrast the different proposed solutions to defend BGP, including S-BGP and RPKI.
- • Express access control as subjects, objects, rights (SOR model) and draw an access control matrix
- • Explain the three properties of a reference monitor (tamperproof, complete mediation, simple enough to verify)
- • Explain the principle of least privilege, protection domain, protection state, and protection state operations
- • Compare and contrast MAC and DAC and relate the safety problem
- • Explain why RBAC is different than groups
- • Evaluate simple information flow control policies (e.g., BLP, Biba)
- • Identify practical issue with Clark Wilson
- • Compare and contrast ACLs and C-Lists, and identify when to use them.
- • Describe the basics of UNIX file system access control, including setuid
- • Explain the implication of monotonicity of access control policy w.r.t. checking and defining policy
- • Explain how capabilities address the confused deputy problem
- • Describe how to protect capabilities
- • Describe how Hydra uses capabilities and the implications
- • Evaluate Multics access control policy using rings and brackets
- • Construct protocols for cookie-based authentication
- • Identify the limitation of code-signing (e.g., Authenticode)
- • Describe different injection attacks (e.g., XSS, shell, filename, SQL) and fundamental cause
- • Describe solutions to injection attacks
- • Describe Same Origin Policy (SOP) and limitations
- • Describe Cross-Origin Resource Sharing (CORS), including where it is enforced and the implications
- • Describe modern browser architecture and isolations
- • Explain how browser extensions can impact security
- • Describe how mobile OSes differ from traditional Oses
- • Explain the importance of app security for smartphones
- • Explain methods and goals of mobile malware
- • Describe privacy problems in mobile apps
- • Contrast app permission models (install-time vs. runtime)
- • Explain the challenge of authentication on mobile devices
- • Compare and contrast static analysis and dynamic analysis approaches for analyzing apps
- • Explain the significance of metadata for security / privacy
- • Explain the Dining Cryptographer’s problem
- • Identify hardness assumptions (unconditional anonymity vs. computational anonymity)
- • Calculate degree of anonymity with sets and Shannon entropy (and know limitations)
- • Critique anonymizing proxies, Crowds, Onion Routing
- • Describe how anonymity systems can enable security attacks
- • Explain the significance of the referrer field to privacy
- • Describe the general rules for sending information to a Web server (and implications of getting it wrong)
- • Describe how Cookies are used for tracking (1st party vs 3rd party)
- • Describe Evercookies, Flash cookies, etc.
- • Explain how stateless tracking / fingerprinting works
- • Explain how advertising frameworks can be abused to target individuals
- • Describe the different types of advertising models
- • Describe tracking defenses, naming several
- • Explain what “Do Not Track” provides, and how this differs from common perception
- • Describe different techniques for private browsing and their caveats
- • Explain the challenges with self reporting (e.g., privacy paradox)
- • Explain the challenges with framing
- • Describe privacy segmentation techniques (e.g., Westin Index) and limitations
- • Describe privacy nudges
- • Explain why privacy harms are important to define and measure
- • Describe the AOL search log problem and its generalization
- • Explain collaborative filtering
- • Describe k-anonymity (at a high level) and its shortcomings
- • Describe l-diversity (at a high level) and its shortcomings
- • Describe t-closeness (at a high level) and its shortcomings
- • Describe differential privacy (at a high level)
Add Comment
Please, Sign In to add comment