Final Study Guide

This is simply a guide of topics that I consider important for the final. I don’t promise to ask you about them all, or about any of these in particular; but I may very well ask you about any of these, as well as anything we discussed in class, in the discussion section, or that is in the readings (including the papers).

  1. Everything contained in the midterm study guide
  2. Confidentiality Models
    1. Bell-LaPadula Model
    2. Lattices and the BLP Model
    3. Tranquility
  3. Integrity Models
    1. Biba Model
    2. Clark-Wilson model
  4. Cryptography
    1. Types of attacks: ciphertext only, known plaintext, chosen plaintext
    2. Classical ciphers, Cæsar cipher, Vigenère cipher, one-time pad, AES
    3. Public key cryptosystems; RSA
    4. Confidentiality and authentication with secret key and public key systems
    5. Cryptographic hash functions
    6. Digital signatures
  5. Key Distribution Protocols
    1. Kerberos and Needham-Schroeder
    2. Certificates and public key infrastructure
  6. Authentication
    1. Passwords (selection, storage, attacks, aging)
    2. One-way hash functions (cryptographic hash functions)
    3. UNIX password scheme, what the salt is and its role
    4. Password selection, aging
    5. Challenge-response schemes
    6. EKE protocol
    7. Biometrics and other validation techniques
  7. Identity and Anonymity
    1. Users, groups, and roles
    2. Identity in certificates
    3. Host identity (on the web)
    4. Web cookies
    5. Tor
    6. Cypherpunk, mixmaster remailers
  8. Assurance
  9. Electronic voting

UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
ECS 153, Computer Security
Version of May 30, 2016 at 12:22AM

You can also obtain a PDF version of this.