 Okay, hi everyone. Just letting you know, I'm going to start this in just another minute. Hopefully, you can all hear this. If you don't have it open, open up the group chat channel and you can type questions to me at any time. Okay, well, we might as well get started. As you probably see from the screen, the first midterm is being held on March 5th and that's what we're assuming you have the most interest in at this point. The cutoff date for material is pretty much the previous class on March 3rd. So all material up to that point, again, I assume the professor will announce exactly more details. But anything up to that date will be covered on the midterm. It is, of course, no notes, closed book, no electronics whatsoever. Basically, just whatever you have in your head, plus what you can remember right down. The format of the test itself has not been completely determined. We'll get more details about this as we get close to that date. And just one other comment, we get this every year. This is a very large class. We don't really have people asking questions during the exam. If you see a mistake on the exam, please call us or if there's some factual problem. But if there's anything unclear on the exam, just make sure you write down what is your assumption. If you say this could be understood multiple ways. Say, assuming this means this, this is my answer to this question. And again, a professor is very lenient in those type of situations. We'll go from there. Before we go any further, does anyone have any questions either about the midterm itself or again, if you have any other questions about the last project or any other subject. But again, just if you do have any questions, anything quick, feel free to just, again, type it in and I'll stop or address your questions at the end. I'm basically just going to give a quick summary or quick review of a number of topics on the midterm. The practice midterm has just been posted and it's available on Piazza. This guide or this review does not really cover that practice midterm, but we of course hit some of the similar topics. A couple more recommendations on the exam. This exam is very concept heavy. It's really going to focus on if you understand the topics that have been discussed. We try to downplay coding, try to downplay memorization and try to stress what you understand, how you understand it, and what you can explain. If you want to review the best subject, of course, I think is the lecture slides, especially of course the 3, 4, and 5, the access control, cryptology, and authentication slides. You may of course want to review the recorded lectures, review all the slides, and so forth. There's again going to be a study guide. There is going to be multiple review sessions. Usually, of course, before the exam, the TAs are available to answer any questions you have. If you look through the practice exam, and again I highly recommend going through the study guide on your own and answering those questions on your own, those will be very similar in topic to what you'll see on the exam itself. And working through the study guide questions, you may end up actually looking at some of the concepts that will be on the exam itself as well. You're always welcome to bring the study guide into a TA session and ask us to give you answers to those topics or have us explain reasons. The undergrad TAs are also planning to have an additional session review. We have a quiz available, a little survey asking what areas you would want us to really focus on or talk about. What's the muddiest point? What are the most unclear topics in the material so far? Again, that meeting, signs, all that are announced on Piazza. Anyway, let me give you a couple examples. This is mostly from what Adam has used last year, my experience TAing this class last time. Couple things you might see are topics, questions again about access control lists, what they are, what they do, examples of systems that use it. Again, I'm not going to give you all answers here, but you can guess such as Unix systems use access control lists, access control matrices. There's going to be a lot of cryptography. Understanding again, what's the purpose of hash functions? How are hash functions different from encryption functions? What do hash functions accomplish? What is a good hash function? I mean, again, hash functions, of course, provide like an authentication signature to one way hash. You can generally encode something in one direction, take a longer message, convert it to a shorter message. Something that's really infeasible to reverse, exactly why that's infeasible to reverse and why that's valuable. It would be important to know. Lots again on authentication, authorization, determining again who you are versus what your authorizes to do. Giving a lot of good examples of those would be good. Act at the very beginning of the slides. Another good topic is CIA. What does CIA stand for? What do they mean? Why is it important? Again, why it's important. You can, of course, give much more details, but pretty much all attacks and all defenses for security can fall under one of these three categories. Looking at a list of your access control policies is also important. There were quite a few discussed and described in much detail. Just two of them, of course, are like mandatory access control, centralized access control, discretionary access control, where again discretionary, an owner of an object, owner of something determined to security versus centralized systems. Why would you use a certain method? Why would you prefer one method or another? What is one good for? What is one not good for? Lots of cryptography. I assume everything's been discussed on public key, private key encryption. What is a public key? What is a private key? How do you implement non-repudiation? This is another very good topic. What people can obviously understand very simply how you can encrypt a message using public key encryption. You encrypt it using the public key that you make available to everyone. You decrypt it using the private key, which in only the receiver or the owner of the key keeps. So therefore anyone can encode something, but only one person can decode it. But how do you use the same system to invoke non-repudiation? What if you want to say, here's a message that I have signed and it came from me and only came from me? And you just quick answer that question, you create a hash as a message. You encode it with the private key and then you can decrypt it with the public key. And since these are complementary keys that tells you that only this person owning that private key was able to encrypt something that can be decrypted with the public key. So it's a reverse encryption. You'll see possibly questions tied to the concepts of your programming assignments. And assignment two, assignment three especially. How did you accomplish breaking the Caesar cipher? How did you accomplish breaking the visionary cipher? Again, don't try to memorize exact steps. We're not going to have you write actual code on the exam. Try to downplay the amount of memorization needed and again, focus more understanding. Also, don't try to go too far into advanced steps of DES. Don't try to go through every individual step of the DES encryption process. Same with AES. Try to understand what the basic system is, what's significant about DES, what's wrong with it. Same thing with AES encryption. Again, some more topics include the one-time pad. What is it? Why is it a perfect encryption system? What's its weaknesses? When does it fail? What are rainbow tables? What are salts? Again, rainbow tables being pre-computed hashes. What are salts good for? Why are salts implemented? What are they? Again, I'm assuming this has been covered or will be covered pretty soon. Salts being extra randomized characters stored with your password that are designed to lengthen the password. Again, when you perform a hash function, it's much more difficult to reverse a longer string than a shorter string. Take your password plus this long salt, create a hash on a very long string, works much more effectively. Also, if your password table gets stolen, you've got randomized hashes. If you didn't have a salt, two people with the same password would have the same hash possibly. If you have the hash plus this long salt character, obviously you can't just compare and look for identical hashes in that table. Also, salts make rainbow tables worthless. You can't pre-compute hash tags if all of your hashes are computed with salts. What is a slow hash? Why is a slow hash important? If it takes like 300 milliseconds to calculate a hash for a certain password or key, what does that mean? That you stole a database of 100,000 user accounts with passwords and the accounts had all the hash values. But if you try one million passwords, brute forcing per account, that's 10 million times 100,000, take you quite a long time to brute force a database of hash functions and you will get very few keys out of it. Also, what are pre-image tags? What are other aspects of hash values, et cetera? EC, FLS, the abstract concept of an authentication system. All these, again, might have some questions about. We've seen a couple of questions in the classes already. Again, you have, of course, A being information that proves identity, C being the information that's around the computer, identity, F being the mapping function, L being the testing function that tests your identity as being selection, saying, how do I change this thing? And you'll see some questions possibly tied to, again, back on the slides where it asks again, if an attacker has a hash, wants to find a password, how would you express this in ACFLS? And if the attacker does not have the hash, but wants to try this password using a logon function to generate the correct hash, how is this expressed? And again, the answer to these two questions are right on the slide, the last slide for ACFLS. And that's basically a summary of a couple of things you might see. Again, this is the study guide to practice midterm has just been posted. So again, there are some confusions or some things that are difficult to see easily. So make sure you discuss, look at these answers carefully. Maybe discuss these answers between each other. We definitely don't mind you discussing the answers to these questions on the Piazza channel. And again, feel free to ask us any questions at all on either what the slides mean on answers as a practice midterm or on anything else. Pretty much all I have for my presentation here. Again, anyone have any questions about any of these subjects or anything on the exam? Okay, let me see if I can pull up DES real quick. I'm not seeing a great way to put this into the window. Let me see if I can switch off to slides. Okay, that should, I assume you guys can hopefully see the cryptology PowerPoint slides here. I'm basically just going to run down to 50 and onward. Whole point of DES or any real implementation of cryptology, and this gets back to the subject Adam mentioned why you never want to build a cryptology system yourself. Because there's always a tax possible on very simple encryption systems. So real encryption systems use some very complicated, multiple step system of, again, substitution transpositions that have a lot of properties that make breaking it or analyzing it difficult. DES was one of the earliest standards, as I mentioned here, standardized in 1976. And was strongly influenced by the NSA, which many people assumed had maybe some of the various purposes here. So NSA could possibly attack a bit of possible. Add, again, a 64 bit data block size, a 56 bit key runs through a number of very quick substitutions and transpositions. Again, as I mentioned earlier, the actual steps precisely of how these things work is not going to be on the exam since I mentioned that already. I'm not going to repeat and go through the lecture in details. But keep in mind that the purpose of having multiple rounds of transpositions and substitutions is that you randomize any type of analysis, any type of pattern that you could see in a slide. Any tax on either transposition or substitution, any English frequency that occur in the text would be completely lost by the time you go through just a couple of these rounds. Of course, the weakness of DES is that the key size is just simply too small. As computers got faster and faster, as I mentioned here, there was a system in 1988 where DES was cracked and they broke a DES key in two days. Modern computers, of course, can break DES much, much faster. There was a couple of quick extensions to DES, like triple DES, which did nothing more than run DES three times in a row. And the weaknesses of this small key size, horse, and other ways of analysis showed that DES was a flawed standard, was not usable, and we've later moved on to other types of, again, complicated encryption systems, such as AES and so forth. If I can answer your question, any specific questions about DES? And in practice, many different types of encryption systems have been broken over the years. There's nice laundry lists of former encryption systems, which are suggested that you no longer use. And of course, more modern ones that people still use today. Any other questions? Okay, let me pull that up here. See, I believe, instead of pulling up to practice midterm, I'm going to go ahead and just go to the very next slide here. I believe it's mentioned. Let me see. Again, just a brief summary of, again, two different techniques of running symmetric encryption, or either ECB encryption or CBC encryption. Again, I'm going to skip over a bunch of non-essentials. The gist of it, though, is that ECB is known as electronic codebooking, which is in a basic form, a very, very basic form of encryption. Basically takes your data, encrypts it directly, as you can see from their diagrams here. You take blocks of your plain text, burn it through whatever encryption system. Again, the encryption system used here is generic. You could apply anything where you have DES here. You could be using a more modern DES encryption system, for example. And then you take and you get your ciphertext. This is, again, the simple, direct method most people would assume. Break up your plain text into blocks, encrypt it, combine the blocks into your ciphertext. Modern systems use different techniques of making analysis more difficult. And again, it's independent of the actual encryption system. One technique is known as cyberblock chaining, such as shown here. The gist of it here in simple English is that every prior block that you encrypt is exored with every subsequent block. Again, you can apply any type of encryption here. And the purpose of this is twofold. Since all blocks are dependent on prior blocks, then you are required to decrypt one block at a time. You can't decrypt later blocks unless you decrypt prior blocks, which, again, breaks a lot of the parallel processing, a lot of the ability to use massive parallel processing to brute force your decryption system. And the second benefit of using a system such as this, such as cyberblock chaining, is it further scatters any type of pattern you can see in the text. You randomize or, again, encrypt your data dependent on both the encryption system, the plain text, and the prior blocks data. Any patterns that you see will definitely be scattered in later blocks. The first block here, as you can tell, is, again, you'll notice that IV that I mentioned, you have a certain IV key that is used to provide some sort of randomization to the very first block. Because without that, the first block would be pretty much straight encrypted by the encryption system as well. Exactly. So simple English. Yes, ECB mode is very simple, much less secure than CBC. CBC is much more secure because you're exploring each block. It's much more difficult to detect patterns. And it's much more difficult to brute force. Any other questions? Again, unfortunately, the final version of the midterm exam has not been made yet. There's been a bunch of discussions. Again, this is up to Adam, not myself. And because of a large classroom size, we may have a slightly different format. In the past, the midterm was very similar in style and structure to the practice midterm. And there's a chance that, again, the midterm will look the same as well. But yes, as far as number of questions, I'm expecting something fairly similar. But don't hold me to that. Let me see if I can pull that question up for you on the screen. Question about number four on the practice test. Let me see if I can load it here first. I assume everyone can see the question. I'm not going to read the question in its entirety. But the gist of it is, what type of access control mechanism do you use and why under this particular circumstance? And again, there's a number of access control messages, like originator control, access control, mandatory access control, discretionary access control, logical access control, role-based, et cetera. I don't have a total list of them here. The answer to this question is, which access control mechanism would use in this particular case? What I'd suggest doing to approach this question is, again, write down all the different type of access control methods discussed in class and understand basically what they're good for. Understand, basically, what the benefit or strengths or weaknesses of that particular approach is. And again, there might be more than one way to answer this question. Write down what access control method you think is most appropriate for this particular situation and why. I describe, again, details of what its strengths are, why it applies to this particular case. And again, this is more of a judgment call. You want to say, why your choice for which method is better than all the other types of access control methods? And you have to understand what all the other access control methods, strengths and weaknesses are in order to do that. Make sense? The question I have here is, can we email you later with a completed practice midterm for feedback? And we prefer not to do grading for you for your practice midterm. What we'd rather have you do is post, again, a couple questions, or if you want to post all the questions, or some questions in the Piata channel. I'd rather not, again, create complete midterms and tell you that, yes, your practice midterm is perfect or your practice midterm is not perfect, et cetera. Again, you're welcome to come to TA office hours and just discuss every single question with us in person, of course. Next question, public keys. One second, let me pull that up on the slides. I'm just going to run over these very, very quickly. The gist of public key encryption, again, it's already been mentioned that you have a public key that does a one-way encoding so that your public key can encrypt a message, but you cannot decrypt that message with that same public key. You require to use a second or separate private key to decrypt a message. So the simple concept is that when you publicize your public keys for everyone, anyone can encrypt a message with the public key. So the short version is, yes, you can simply, once you encrypt a version of the message with a public key, no one but the owner of the private key can decrypt it. The process of actually mathematically generating the public and private key is interesting. There are several versions of this. There's RSA, et cetera, which I again, I'm not going to go into in this particular case. It's extremely hard, mathematically intractable to take a public key and determine the private key. And it's the purpose of the encryption system and, of course, the weaknesses of the encryption system. If technology such as quantum computing somehow make it possible, it could break public key encryption pretty badly if you could simply take a public key and generate the private key from that. But as of this moment, it's incredibly difficult to do so. So the system is fairly secure. But again, showing the slide, you take a message, encrypt it with a public key, and the receiver, Bob, can decrypt it with their private key. You reverse the process for non-repudiation, as mentioned before. I'm not going to go into much more detail. If you want to both package message and encrypt it, you first use your key to, in this case, use Alice's private key to take maybe a hash of the message and sign it. And then encrypt the entire thing with Bob's message. So when Bob first decrypts the message with his key, he gets the internals of that message being Yvette saying, yes, I can take the public key of Alice and see that the message is signed. And I know that both Alice is the person who sent this key because only Alice can sign the message. Everyone else can de-sign the message. And I know I'm the only one who received the message because she encrypted it with my public key. And I'm the only one who can decrypt it. So in this particular case, if you do things in this particular order, you first encode the message with, if you're Alice, for example, encode the message with your private key, which signs the message. And then second step, encode the message just second time with Bob's public key. Bob does reverse. He first takes his private key to unwrap the outside of the message and then takes Alice's public key to unwrap the message again. He knows, first of all, that it came from Alice. He also knows the message. And an attacker such as Eve cannot do anything with this. Eve can't unwrap the outer package saying Eve cannot read the message because she doesn't have Bob's private key. Eve, also more importantly, cannot impersonate this message because Bob sees that the message is wrapped with Alice's public key or Alice's private key, which only Alice's public key can encrypt. So Eve cannot impersonate Alice either. Any questions about this? OK, again, I will be keeping the channel open until roughly 2 o'clock. OK, one more question. As far as the ciphers, will we only be asked to explain how we would approach solving them? I'm assuming for the purpose of your question you're referring to, I think it's my question five on the practice midterm. Questions about approaching the ciphers as far as the homework questions went. In general, yes, you're asked what approach you took, kind of taken outline of what steps in plain English, how you approached your program, how your program operated, what your program did to break, for example, in their case, a Caesar cipher, what's actual steps you did to decrypt the cipher text in with a Caesar cipher. You're not really asked to explain exactly what program in the language you use. You're not asked to explain anything specific in your detailed description, just maybe a couple of sentences at most of how your program operated, as if you were explaining it to someone else. Also, here's question number five on the practice midterm for your reference, this is what I was referring to. Again, this does not say that there won't be any discussion of other ciphers that were in the PowerPoint slides, but I don't believe you were asked to break any ciphers or go through the elaborate steps for anything else, besides the examples of the ones on your homework and the problems and the actual lab problems. Okay, so question five, will it be a good way to determine how it was decrypted, how it was encrypted? The 5.1, the first part of this question is actually not really tied to the homework. This, you need to, again, review the PowerPoint slides and just understand what is the main weakness of Caesar ciphers? What did you use to break the Caesar ciphers in the first place? If you were trying to determine, again, I'll just go ahead and give you the answers to this one. For 5.1, yeah, exactly, you do a character analysis. If you see some distribution of letters that looks not symmetric, some distribution of letters which shows certain characters repeated much more often than other characters, you do a frequency analysis and you see somewhat like a similar to a English pattern, letter distribution, or again, if that was a different language, German pattern or some other pattern of letter distribution, that pattern would be similar to the actual plaintext frequency analysis you perform in some way. And again, as already mentioned, yes, a character analysis would show some distribution, some uneven frequency distribution of symbols. And part two, one of the possible answers to part two would be yes, like you did in the assignment, try every shift until the English becomes valid. There are other answers to part two as well. You could also look at the actual frequencies and assign the most frequent terms to the most frequent terms in English and so forth. Okay, well, we have another five or six minutes. I am gonna go ahead and close the session down at two o'clock, but if anyone has any other questions, we'll be here for a little bit longer. Yeah, I'm going to go ahead and shut down this session. If you have any last questions you're typing up, please say something pretty quickly. And if not, good chatting with everyone and feel free to either contact us by Piazza or by email if you have any other questions on any of these subjects.