TTM4137: Informasjonssikkerhet i trådløse nett
This is the questions for the 2016 exams. 50% of the exam will be a subset of these questions. The regular questions + answers can be found in the 2015 section. (tip: control+f to search). 2016 answers are currently under construction, press edit to help answer. These are from the 3 essays.
What is the variable A in GPS navigation messages used for? GPS
List two simple attacks on GPS. GPS
- Spoofing and jamming
List three advanced attacks on GPS. GPS
- Data Level Attacks : modify valid GPS signals to change the the satelite position, date etc.
- Operating System Attacks
- Dependent System Attacks : change device clock by a little.
Which frequency is used by the GPS L1 signal? GPS
- civilians can use the L1 signal which has the frequency of 1575.42 MH
What is GPS jamming? GPS
- Jamming: transmitting noise in the same frequency so that receivers can no longer distinguish satellite signals from the noise.
What is GPS spoofing? GPS
- GPS receivers are fed false information from rogue sources resulting in inaccurate navigation.
Which network protocol depends on GPS? GPS
-Network Time Protocol (NTP)
What is Enhanced ShockBurst? Wireless keyboards - A link layer protocol used in many newer logitec chips.
Is traffic to and from a Logitech Unifying Receiver encrypted? Wireless keyboards
- The USB reciver/transmitter you plug into the computer. Unifying Receiver protocol does not thoroughly validate input.
How many messages are exchanged in the Logitech pairing protocol? Wireless keyboards 7
Which encryption algorithm is used by Logitech wireless keyboards? Wireless keyboards
- Logitech keyboards use 128-bit AES encryp-tion. (not everything gets encrypted though)
What kind of keyboard packets from Logitech wireless keyboards are not encrypted? Wireless keyboards
- Mouse movements, Multimedia key packets (packets that control volume, media playback, browser navigation etc.)
What is the length of a normal, encrypted keyboard packet from Logitech wireless keyboards? Wireless keyboards
- 22 bytes long
What is the main challenge for connecting IoT devices to 802.11i Enterprise networks? EAP-NOOB
- Lack of UI
What is the most significant difference between EAP-NOOB and other available EAP methods? EAP-NOOB
- Unlike any other EAP methods currently available, EAP-NOOB does not assume or require any pre-con gured authentication credentials such as symmetric keys or certi cates.
Is EAP-NOOB vulnerable to MiTM attacks on the Diffie-Hellman key agreement? EAP-NOOB
- EAP-NOOB use user-assisted out-of-band (OOB) to protect against MiTM attacks. MiTM attacks are not easy and would often require phisical access to the supplicant to either modify or spoof the OOB message.
Which of the following statements is a security assumption for EAP-NOOB? EAP-NOOB
Why does an EAP-NOOB execution span multpiple EAP sessions? EAP-NOOB
Which generic NAI string is used by the client in EAP-NOOB? EAP-NOOB
What are the states in the EAP-NOOB state machine? EAP-NOOB Unregistrered , Waiting for OOB , Recived OOB , Reconnecting , registrered.
How are the fragmentation and chopchop attacks different from the PTW attack? Chopchop attacks allows you to decrypt packages without knowing the key, and exploits IV reuse. PTW helps find the key
How does initialization vector (IV) reuse compromise confidentiality? When you have two identical IVs you can XOR the two encrypted messages and get the two XOR-ed plaintexts. If you then know some parts of the plaintext that is always the same (based on protocol this can be e.g. header fields with the IP-address etc) you can guess the actual plaintexts.
How does the integrity check value (ICV) in WEP protect against message modification? It computes a checksum of the data that is to be transmitted, and encrypts this checksum with the data. However, it is possible to flip bits in both data and ICV.
How does WEP provide replay protection? It doesn’t.
How is the integrity check value (ICV) in WEP computed? ICV is a integrity check value that is computed from the data before it is encrypted.
How long is the integrity check value (ICV) in WEP? 4 bytes.
How many messages are exchanged in the WEP shared key authentication? 4 messages.
Is the same key used for authentication and encryption in WEP? Yes, and the fact that the master key is used for both authentication and encryption is a known weakness.
What is the length of the WEP initialization vector (IV)? 24 bit
What is the major weakness in WEP, exploited by the PTW attack used in the lab? No protection against message replay
What is the problem with the WEP authentication protocol (which is therefore rarely used in practice)? It transmits a challenge to the user, and the user sends the encrypted challenge back. There is no replay-protection, and therefore an attacker can authenticate by replaying the messages.
Which encryption algorithm is used in WEP? RC4 stream cipher.
What is ARP re-injection used for in the attacks on WEP? Speeding up IV generation.
What is the consequence of the PTW attack on WEP? The secret key is recovered. WPA
Does WPA support TKIP, CCMP or both? Specifically, the Temporal Key Integrity Protocol (TKIP) was adopted for WPA. WPA2 replaced WPA. In particular, it includes mandatory support for CCMP. I.e. WPA supports only TKIP.
How does the counter mode operation of a block cipher E() work?
E(i) XOR Mi
How is the PMK distributed in RSN? It can be pre-shared or distributed by an upper layer.
What are the input elements to the pseudo-random function used to compute the PTK? Master Key (256 bit) Nounce A Nounce B Address A Address B
What is 'Michael' in WPA/RSN? Message integrity code used in TKIP.
What is an RC4 weak key? A weak key is a key where a disproportionate number of bits in the first few bytes of the key stream were determined by a few bites in the key itself. One can negate weak keys by discarding the first 256 bytes of the keystream.
What is an RSN group key? Messages that is multicasted to all devices is encrypted with a group key allowing all authenticated devices to decrypt the message.
What is the block length of AES as used in RSN? AES used in CCMP has a 128 bit block size.
What is the key size of AES as used in RSN? 128bit
Which RADIUS attribute contains the encrypted Pairwise Master Key (PMK) in WPA?
PKM-AUTH-Key (?) WPS How many messages are exchanged in the WPS in-band registration protocol? 8 messages.
What is the purpose of the first two messages of the WPS in-band registration protocol? Diffie-Hellman key exchange
Which three entities participate in the WPS configuration process? Enrollee, registrar and AP
Does CCMP provide confidentiality, integrity, or both? CCMP uses CCM that combines CTR for data confidentiality and CBC-MAC for authentication and integrity.
How is IEEE 802.11 CCMP nonce input constructed? It is constructed from the priority, sender MAC address and sender packet number.
How is the 128 bits start value of the counter for CCMP encryption initialized in RSN?
The counter is initialized by adding the flag value, nonce and counter together. The counter starts at 1 and increments by one for every block.
How is the 64-bit message integrity code (MIC) value in CCMP derived from the 128-bit final block?
we only keep the lower 64 bits.
How long is the PTK when CCMP is used? 384 bit.
How long is the CCMP header, and how long is the packet number contained in this header?
The CCMP header is 8 bytes, packet number contained in the header is 6 bytes.
Is the complete MAC PDU encrypted by the CCMP? No, the MAC header and the CCMP header are not encrypted
The PTK is a collection of several keys. List these keys and their length when CCMP is used: 4-way handshake keys: EAPOL Authentication - key confirmation key 128bit EAPOL Encryption - key encryption key 128bit CCMP data key Data integrity and encryption 128bit Total PTK length: 384 bit.
What are the five input values to the CCMP Decryption block? CCMP header Source address Data length Encrypted MPDU data Packet number (aka PN or sequence number)
What are the four input values to the CCMP Encryption block? CCMP header Source address Data length MPDU data
What is a mutable field in CCMP? Immediately prior to transmission, some of the field of the IEEE 802.11 header is updated to meet transmission rules. Those files that are subject to such changes are called mutable fields and are excluded from the MIC computation.
What is the 128-bit start value for RSN CCMP encryption? The start value for CCMP is a 128 bit packet. This includes flag - 8bit priority - 8bit source address - 48bit packet number - 48bit counter - 16bit
What is the format of the first block used for the CBC-MAC computation in CCMP?
The block is 16 bytes. The first byte is a flag, the 13 following are a nonce that is formed by combining sender packet number, MAC address and priority, and the last two bytes indicate the length of the plaintext data.
Which block cipher mode of operation is used for AES in RSN? AES is used in CTR mode.
Which cryptographic algorithm is used by CCMP? AES
Which cryptographic algorithm is used in counter mode with cipher block chaining message authentication code protocol in CCMP? AES (?)
Which parts of an MPDU encrypted under CCMP are not encrypted? The MAC header and CCMP header are not encrypted. TKIP
How long is the IV used in TKIP? 48 bit.
How long is the PTK when TKIP is used? 512bit 128 bit, four keys
How many TKIP sequence numbers does a receiver keep track of? 1?
Is they MIC key be recovered in the attack on TKIP by Beck & Tews? Beck and Tews recovered the MIC in their attack, and used it to transmit some packets.
The PTK is a collection of several keys. List these keys and their length when TKIP is used: Data encryption key - 128 bit Data integrity key - 128 bit EAPOL-Key Encryption key - 128 bit EAPOL-Key Integrity Key - 128 bit
What are the consequences of the chopchop-like attack on TKIP by Beck & Tews? It is possible to decrypt plaintext without knowing the key.
What properties of TKIP are exploited in the chopchop-like attack on TKIP by Beck & Tews?
A weakness in the ICV (Checksum)
Which standard actually enabled practical DoS attacks on 802.11i TKIP? Integrity Attack Response Countermeasure. MIC failure is logged, TKIP assumes active attack if two failures occur within 60 s. Attack response: The station deletes its keys, disassociates, waits for 60 s, and then establish new pairwisekeys and reassociates.
Which cryptographic algorithm is used by TKIP? RC4 stream cipher.
Will TKIP accept a frame with a TKIP sequence counter value which is 14 less than the largest one seen so far? No, it uses IV sequence for duplicate detection
Does EAP-SIM provide mutual authentication? EAP-SIM use a SIM authentication algorithm between the client and an Authentication, Authorization and Accounting (AAA) server providing mutual authentication between the client and the network.
How are EAP messages transported between the authenticator and the authentication server in RSN? Encapsulated in TCP/IP - RADIUS
How are EAP messages transported between the supplicant and authenticator in WPA/RSN? EAPOL
How many EAP-TLS messages are exchanged in an EAP-TLS handshake?
What is Extensible Authentication Protocol (EAP)? A set of encapsulation messages for upper layer authentication methods
What is EAPOL, and how is it used in WPA/RSN? It’s a protocol for encapsulating EAP messages between the supplicant and authentication.
What encapsulates EAP messages in RSN? EAPOL (EAPOW) encapsulates EAP messages over LAN/WLAN and adds some management messages
What are the four types of EAPOL messages used in WPA/RSN? EAPOL-Start: supplicant multicast ask for authenticator MAC addr. Authenticator responds EAP-Request Identity in EAPOL-Packet EAPOL-Packet: The authentication protocol messages EAPOL-Key: Authenticator supplies cryptokeys to supplicant (example: the 4-way-handshake protocol) EAPOL-Logoff: Supplicant disconnects
What is the length of the Kc value used in EAP-SIM? 64-bit The Kc key is originally intended to be used as an encryption key over the air interface, but in this protocol, it is used for deriving keying material and is not directly used.
What is the purpose of the EAPOL 4-way handshake? The four-way handshake is designed so that the access point (or authenticator) and wireless client (or supplicant) can independently prove to each other that they know the PSK/PMK, without ever disclosing the key and then generate a PTK (Pairwise Transient Key)
What is the purpose of the first phase of PEAP? Creating a TLS connection.
What is the purpose of the second phase of PEAP? ”Inner auth.” User authentication communicated through the secure channel, e.g. by username and password.
Which identity does the EAP-Identity response in EAP-SIM contain? The identity response is sent by the the mobile device as response of an Identity reqeust sent by the Access Point, so it contains the IMSI of the device (TMSI if is not the first time that this event occurs)
Which security method is used in the first phase of PEAP? TLS 802.11 What is the technical problem in the session hijacking threat in 802.11/WLAN?
Which frame types are cryptographically protected by 802.11i? Data frames.
Which frame types are cryptographically protected by 802.11w? Data and management frames.
What type of 802.11 authentication does Algorithm Number 0 or 1 indicate? None and WEP (?)
Which message type triggers a transition to 802.11 State 1? Deauthentication notification
Which protocol state will an 802.11 STA be in after having received a deauthentication notification message? State 1
How many states does the 802.11 State Machine contain? Which three entities participate in 802.1X access control? Supplicant(requesting entity), network access server(NAS) and authentication server(AS) Unsorted
What is the Rijndael algorithm? AES-encryption. Symmetric encryption algorithm.
What kind of security capabilities are supported in a transitional security network (TSN)? Transitional security network supports both RSN and WEP systems.
Does Windows 10 Wi-Fi Sense allow sharing of 802.11i keys? Yes, but not WPA2-enterprise.
Does Windows 10 Wi-Fi Sense enforce access control to wireless networks? From wiki: For block ciphers, repeated IV values devolve the encryption scheme into electronic codebook mode: equal IV and equal plaintext result in equal ciphertext.
How many messages are exchanged in a group key handshake? 2 Messages. The AP sends the new GTK to each STA in the network. The GTK is encrypted using the KEK assigned to that STA, and protects the data from tampering, by use of a MIC. The STA acknowledges the new GTK and replies to the AP.
What are the consequences of the fragmentation attacks, e.g., by Bittau et al. ?
Which of the following is a security concern with Windows 10 Wi-Fi Sense? Some issues are that you may not trust all your contacts on skype, outlook and facebook. Also, when you give an actual key to someone, they might carelessly share this with all of their friends.
Telefon SAE - System Architecture Evolution The core network architecture of 3GPP's LTE wireless communication standard LTE - Long-Term Evolution Basicly 4G UE - User Equipment MME - Mobility Management Entity Is the key control-node for the LTE access-network HSS - Home Subscriber Server A central database that contains user-related and subscription-related information EPS - Evolved Packet System
Does GSM provide mutual authentication? Though the authentication process on GSM is giving a reasonable security level but have some drawbacks such as: 1. overloading the network traffic and increasing the call set up time 2. Not support the mutual authentication
What are the RAND, SRES and Kc values in an EAP-SIM triplet? The A3/A8 authentication and key derivation algorithms that run on the SIM can be given a 128-bit random number (RAND) as a challenge. The SIM runs operator-specific algorithms, which take the RAND and a secret key Ki (stored on the SIM) as input, and produce a 32-bit response (SRES) and a 64-bit long key Kc as output. The Kc key is originally intended to be used as an encryption key over the air interface, but in this protocol, it is used for deriving keying material and is not directly used.
Does the use of TMSIs protect the IMSI from active attackers? No.
What are the inputs of the authentication function A3 used in GSM? Ki and RAND
What is the output of the authentication function A3 used in GSM? SRES/XRES (32 bit signed message)
How is the subscriber identity protected from radio channel eavesdropping in GSM? The network provides temporary subscriber identities to the USIMs AKA TMSI
How long is the session key Kc used in GSM? 64bit
What are the consequences of the false base station attack on GSM? Attackers can monitor all traffic and get the user's IMSI number.
What are the three most important security features in GSM? User authentication, radio channel confidentiality and temporary identities
Where is the secret user key Ki used in GSM stored? It is stored on the SIM.
What is the length of the user’s secret key in GSM technology? 128 bit
Which function is used to generate the key Kc in GSM? A8
Which GSM entities store the secret user keys Ki? SIM and AuC
Which values are sent from the HLR/AuC to the VLR during GSM authentication? Triplet (RAND, XRES, Kc) UMTS
Do 3G/UMTS networks provide mutual authentication? Yes
Can a 3G USIM work in an LTE UE handset? Yes
Explain the purpose and output of the functions f0-f9 used in UMTS. f0 - Random challenge f1 - MAC-A f1 - MAC-S f2 - SRES f3 - Cipher Key f4 - Integrity Key f5 - Anonymity Key f5 - Anonymity Key f6 - Identity encryption f7 - Identity decryption f8 - AES in counter mode - f9 - Integrity protection using CBC-MAC
How does the 3G/UMTS authentication improve the security over the GSM authentication? Mutual authentication Integrity checks
How does the USIM authenticate the network during 3G/UMTS authentication? The AUTN (Authentication Token) sent from the VLR is checked by the USIM.
What are the end points of user data encryption in UMTS? UE and RNC
What are the inputs to the f8 algorithm used in UMTS, and what are their lengths? CK -128 bit Length Count-C - (Frame counter) - 32bit Identity - 5bit Direction - 1bit
What are the inputs to the f9 algorithm used in UMTS, and what are their lengths? IK - 128bit Message FRESH - Random number - 32bit Count-i - 32bit Direction - 1bit
What are the MILENAGE functions in UMTS used for? Message and user authentication/confirmation Session key generation
What are the three functional requirements for UMTS authentication? Mutual authentication Securing the radio channel communication User identity confidentiality
How is the subscriber identity protected from radio channel eavesdropping in UMTS? Using temporary ID - TSMI
What is the content and use of the UMTS AUTS parameter? SQN xor AK MAC-S Resynchronization when the SQN check fails on the MS side
What is the length of the cipher key CK used in UMTS? 128 bits
What are the two basic strategies for creating SQNs in 3G/UMTS networks? Individual SQN Global SQN based on a global counter (global time etc)
What happens if the result of the UTRAN algorithm negotiation is that the user equipment (UE) and network have no encryption algorithms in common? Establishes a connection without encryption.
What happens if the result of the UTRAN algorithm negotiation is that the user equipment (UE) and network have no integrity protection algorithms in common? The connection is shut down immediately by the network
How long are the cipher key (CK) and integrity key (IK) used in UTRAN, and how are they obtained if a GSM SIM is used to access a UTRAN? CK - 128bit - f3 IK - 128bit - f4 The Kc is expanded to create both CK and IK by conversion functions in the ME and CN.
Is mutual authentication provided when a SIM is used to access a UTRAN? No, the GSM SIM cannot authenticate the base station.
Which three modes does the confidentiality algorithm in UMTS support? RLC-Transparent RLC-Unacknowledged RLC-Acknowledged
Which UMTS entities implement the functions f1-f5, f1 and f5? USIM and AuC
Which UTRAN layer provides integrity protection? RRC layer
Which UTRAN layers provide encryption? MAC and RLC Layer
What are the consequences of the redirection attack against UMTS authentication? Downgrades from UMTS to GSM and collects the IMSI. The IMSI is then used to get a AUTN that can be used to disable encryption (?)
List the message authentication codes (MACs) used in UMTS and explain their purpose. MAC-A - Generated by f1 - Network authentication, used to generate AUTN MAC-I - Generated by f9 - Used for integrity checking MAC-S - Computed by client to verify MAC-A
How is the mode of the 3GPP f9 algorithm different from the CBC-MAC mode? CMC-MAC uses zero IV while f9 uses SQN XOR AK and FRESH (?) f9 takes as input paramaters such COUNTER utilized for achieving replay protection, and FRESH used to protect the initial values of COUNTER. (?)
How long is the keystream block output by the f8 algorithm? Depends on the length parameter
How many rounds does the KASUMI cipher use? 8
How is the initial RRC connection request message sent in UMTS Security Setup Procedure? When RRC Connection Establishment procedure is started, the last message, RRC Connection Setup Complete includes the UE Capability information. The UE Security capability informs the network about the UEAs and the UIAs that the UE supports. The GSM classmark information is also important and it provides along with other stuff, the GSM security algorithms supported. This message also has the START list that contains the START value for the CS and the PS domain.
In which mode of operation is KASUMI used for constructing the 3GPP f8 key stream generator? Combining Counter-mode and OFB-mode
Sketch the 3GPP f8 stream cipher structure, using the KASUMI function as a black box. Sketch the 3GPP f9 cipher structure, using the KASUMI function as a black box.
What is the 3GPP value OP, and what is the length of this value? Optional pre shared key that the operators can use. It’s probably 128 bit.
What is the bit length of the permanent subscriber key K in UMTS? 128 bit
Which values are sent from the AuC to the VLR/SGSN during 3G/UMTS authentication? RAND AUTN XRES CK IK
Where is the sequence number (SQN) used in 3G/UMTS networks generated? UE and AuC (?)
What is the block size of the KASUMI function used by the f8 algorithm? 64-bit
What is the output of the UMTS f9 algorithm? 32 bit MAC-I
What is the purpose of the sequence number (SQN) used in 3G/UMTS networks? Preventing replay attacks
What kind of cipher is KASUMI? A5/3 (Feistel cipher)
Where are the UMTS functions f1-f5, f1 and f5 implemented? USIM and AuC
What is the block length of the block cipher used by MILENAGE? Up to the operator. AES is recommended which uses block sizes of 128 bit. (?)
Which cipher mode does the 3GPP f8 stream cipher use? OFB with additional counter.
What was the underlying assumption for the MILENAGE security analysis? The kernel function must be a secure block cipher.
Why can the USIM be removed from the rest of the UE? The UE manufacturing and lifecycle can be managed independently from the personalization and subscription process.
Why must the USIM implementation be tamper-proof? To facilitate the mobile operator with secure computation and storage at the UE side EPS How does the EPS authentication improve the security over the 3G/UMTS authentication? Cannot downgrade to GSM.
Does a successful run of EPS authentication achieve mutual authentication between mobile station and serving network? Yes
Does EPS provide end-to-end data security? No
How is backward key separation achieved during handovers over X2 connections in EPS? A new key is derived from the old key.
How is forward key separation achieved during handovers over X2 connections in EPS? The target eNB receives a fresh key from MME immediately after handover
How is the EPS key derivation function constructed? SHA-256
The end points of the user data encryption in EPS are The UE and eNB(Base station)
What are the end points of signalling encryption in the EPS access stratum? The UE and the eNB (Usikkert!)
What are the end points of signalling integrity in the EPS non-stratum access? The UE and the MME
Is the network domain security for the core network sufficient to protect the UMTS/LTE authentication and key agreement messages against parallel session attacks? No, the network domain services does not necessarily protect against parallel session attacks.
Which values are sent from the HSS to the MME during the LTE/EPS authentication protocol?
RAND AUTN XRES Kasme
Where does the key derivation function KDF of EPS reside? In the UE and the HSS / In the UICC and the HSS
What is cryptographic network separation (in EPS)? Kasme is bound by the SNid, which means the AV is bound to the serving network. EPS AV is unusable by GRAN and UTRAN.
Why is the NAS Security Mode Command message in EPS never encrypted? The messages are sent before encryption keys have been established. They are Integrity protected.
What is Snow 3G and why is it used in UMTS and EPS? Stream cipher. Is good stuff.
Will 3G USIMs work with EPS UE handsets? Yes
Which encryption schemes are specified in EPS? SNOW and AES
Why are the keys CK & IK generated in EPS even though they are not directly used? To provide backward compatibility with UMTS, and they are used in the KDF function to generate Kasme.
Why does EPS provide a more complex key hierarchy than UMTS and GSM?
Can the security header in MAPsec be encrypted? Why/why not? No. The MAPsec header must be processed at the receiving end.
What is a call session control function (CSCF)? A SIP server or proxy used in IMS
What is lawful interception? Lawful interception (LI) is obtaining communications network data pursuant to lawful authority for the purpose of analysis or evidence.
Which authentication method is used by IMS? UMTS Authentication and Key Agreement (AKA)
Which CSCF handles SIP registration requests and informs the Home Subscriber Server (HSS)? S-CSCF
Which UTRAN layer provides handovers, preparations for handovers to GSM and cell reselection? RRC Various Can a keyed checksum be used as message authentication code? Yes (?)
Does breaking collision resistance of a hash function imply breaking pre-image resistance or the other way around? No but the other way around (?)
Does breaking collision resistance of a hash function imply breaking second pre-image resistance or the other way around?
Does EPID have a mechanism for key revocation? Private key revocation (Revealed Key List) Ex: Private key is corrupted and is published Revocation check performed by verifier Verifier Local Revocation using name base Ex: Verifier can revoke a Pseudonym for his name (Nf) Revocation check performed by verifier Signature based revocation (Signature Revocation List) Issuer and/or verifier decide that they no longer want to accept signatures from whatever signed a “revoked” message with pseudonym Bf For each future signature, Member signs as normal Member proves he didn’t sign the revoked message Member proves his pseudonym with base B is not Bf Retains same anonymity and unlinkability properties
Intuitively, what does it mean for a message authentication code to be 'existentially unforgeable against chosen message attacks'?
Is a stream cipher as secure as the one-time pad? No. A stream cipher is bound to repeat at some point , while a OTP never repeats. If you could generate a stream cipher with a truly random output, it could be used as a OTP.
Is a stream cipher malleable? Yes, but you need to make all changes at both the sender and receiver.
Is the CBC-MAC a secure message authentication code if the IV is constant 0 ? Yes
What are the advantages of the counter mode of encryption, e.g., in comparison to the CBC mode? CTR allows for parallel encryption and errors do not propagate to the next block.
What are the entities in EPID? Issuer + revocation manager (often merged) member verifier
What are the general steps performed by intrusion detection systems for mobile ad-hoc networks? Data collection Detection Response
What are the problems with Intrusion Detection System in real life?
What are the two main security functionalities of a smart card? Key Strength Authentication (?)
What is Internet Key Exchange? Internet Key Exchange (IKE or IKEv2) is the protocol used to set up a security association (SA) in the IPsec protocol suite. IKE uses X.509 certificates for authentication - either pre-shared or distributed using DNS (preferably with DNSSEC) and a Diffie–Hellman key exchange - to set up a shared session secret from which cryptographic keys are derived. In addition, a security policy for every peer which will connect must be manually maintained
What is the difference between a checksum and a cryptographic message authentication code? A checksum can be (re-)computed by an attacker, the authentication code cannot
What is the difference between a smart card and a SIM? SIM is a subset of smart cards
What is the main difference between wired and wireless Intrusion Detection Systems in terms of functionality? You can physically protect wired points. People can set up their own AP and abuse man in the middle
What is the problem with MAC Sequence Number Analysis in Intrusion Detection Systems? Each class in QoS has its own sequence number. An attacker can hijack the session when a user goes offline as well.
What is the purpose of the EPID 'join' procedure? Each member obtains a unique EPID private key.
Why is it a security requirement that the USIM implementation must be tamperproof? Because the USIM can be removed from the UE and analyzed/ tampered with (?) To facilitate the mobile operator with secure computation and storage at UE side.
Why is it not sufficient to base the construction of a one-way function f on an NP-hard problem (i.e. Where inverting f requires solving an NP-hard problem)? NP-hardness only guaranties that there exists one value that is NP hard to compute.
Why is the UICC normally easily removable from the mobile station?