CS338 Computer Security
Monday, 9 October 2023

+ In-class exam, Wednesday, October 11
- General philosophy on in-class exams
    - Stuff I want you to have in your head
        - YES "base64 encodes/rewrites arbitrary byte sequences
            as sequences of ASCII characters"
        - MAYBE "to encode, take each 3-byte chunk and turn it into
            4 6-bit chunks, and look those chunks up on a table"
        - NO "the letter Z represents the six bits 011001"
    - I'm happy if no more than 2-5 people are still working at
        the end of the exam
    - No tricks or intentionally obscure questions (at least I try)
    - Facts, yes. Also some "why" (e.g., why do we use certificates
        at all? why is it easier to secure an asymmetric key pair
        than a symmetric key?)
    - Fair game
        - Readings
        - Videos
        - Class notes
        - Assignments
    - Thinking about how to prioritize study
        - How important is this particular topic? Important enough
            for a 60-70-minute exam?
        - What did I emphasize in homework?
        - What did I emphasize in class?
        - What did I emphasize in the videos?

- Symmetric encryption
    - Key, plaintext, ciphertext
    - Be aware of the AES competition
    - Block ciphers
    - Block cipher modes
    - Names of a few important block ciphers: AES, DES, TripleDES, TwoFish...
    - Stream ciphers
    - Names of a couple important stream ciphers: ChaCha, RC4,...

- Diffie-Hellman key exchange
    - What's the purpose?
    - Steps: what do Alice and Bob do, in what order?
    - Why can't Eve get the key even if she sees every packet?
    - Steps: what do Alice, Mal, and Bob send in an adversary-in-the-middle attack?
        are Alice & Bob fooled?

- RSA
    - Of what does a key pair consist?
    - How do you create a key pair?
    - What mathematical relationships do the various numbers
        (n, e, d, p, q) have?
    - How do you encrypt/decrypt?
    - What are the limits on the size (in bits or bytes)
        of the messages that you can encrypt using
        a given RSA key?

- Public-key/asymmetric encryption in general
    - Notation I'll use: public key P, secret key S,
        encrypt/decrypt using the function E
        E(P, M) or E(S, M) for message M
    - What relationship is there between E, P, S?
    - How can a person use E and S to sign something?

- IP
    - What does "IP" stand for?
    - What's the purpose of IP?
    - What are the main items in an IP header?
    - What's an IP address?
    - What's the most obvious difference between IPv4 and IPv6?

- TCP
    - What does "TCP" stand for?
    - What's the purpose of TCP?
    - What's a port?
    - What are the main items in a TCP header?
    - If I want to send a server the payload "Hi there!", what stuff
        gets prepended (or appended?) to the payload?
    - What does ACK mean?
    - What are the steps in a TCP handshake?
        What particular items of data are being agreed upon during
        a TCP handshake?

- HTTP
    - What does "HTTP" stand for?
    - What's the purpose of HTTP?
    - What does a typical HTTP GET request look like?
    - What does a typical HTTP response look like?
    - What are "headers" in the HTTP context?
        (and be clear about the difference between our two
         uses of the word "header")
    - What are some commonly-included headers?

- TLS
    - What does "TLS" stand for?
    - What is the relationship between TLS and SSL?
    - What's the purpose of TLS?
    - What information is exchanged and negotiated during a
        TLS handshake?

- HTTPS
    - What does "HTTPS" stand for?
    - How is HTTPS related to HTTP and TLS?

- Cryptographic hashes
    - What do they do?
    - What are their essential properties?
    - Names of a few important ones: SHA-256, SHA-2, SHA-1, MD5,...
    - List a few applications of hashes
    - What are MACs (and what does "MAC" stand for?)?
    - How are MACs different from hashes?

- base64
    - What is it?
    - How does it work? (But see above for stuff you don't have to memorize)

- Miscellaneous
    - What are ASN.1, DER, PEM?
    - What do git add, status, commit, push, and pull do?
    - What does Wireshark do?
    - What's Kali Linux for?

======

+ TLS 1.3 handshake: DH + Certificate + Challenge
- We'll revisit on the takehome final
- ClientHello
    - misc. negotiations
    - key share (e.g., g, p, g^a mod p)
    - random number (the challenge)
- ServerHello
    - misc. negotiations
    - key share
    - certificate
    - certificate verification (response to the challenge)

=====
+ Ruben's question about public key distribution
"I know that the RSA public key can be found in a certificate for example, but is there a general way we've talked about public keys being distributed?"

+ Getting a certificate via Let's Encrypt