Hash Functions and Reduction Techniques

Questions and Answers

What is the primary purpose of a hash function in the context of creating rainbow tables?

To retrieve original inputs from hash values

To convert input into a fixed length value (correct)

To increase the length of data inputs

To generate random numbers for encryption

Which statement accurately describes the process of creating a hash chain?

A chain starts with an initial input, applies a hash function, then a reduction function, and repeats this process. (correct)

Hash values are directly reversed to obtain the original input.

Reduction functions produce unique hash values for every input.

Hash and reduction functions are applied in a sequence to generate a single fixed output.

What is the role of the terminator in a hash chain?

It is the final output of the last reduction function in the chain. (correct)

It serves as a shortcut for computing the initial input.

It is the initial input from which the hash chain starts.

It is the only hash value that can directly reverse to the original input.

How is the original input reconstructed from a terminator in a rainbow table?

By identifying the corresponding chain and following it from the beginning.

What is the output of a reduction function in the hash chain process?

A potential input for the next round of hashing.

What is one method by which an attacker can capture a user's session ID?

Interception of TCP/IP traffic

What happens during a session timeout?

The session ends after a predefined period of inactivity

Which attack involves the attacker creating a session ID and convincing the victim to use it?

Session fixation

How can HTTPS help in protecting session information?

By encrypting communication between client and server

What is session riding primarily associated with?

Forcing unwanted actions through CSRF

Which of the following is NOT a way to end a session?

User's internet disconnection

What type of attack allows an attacker to gain access using the rights of a legitimate user?

Session sniffing

What is indicative of session expiry?

Session cookie has a pre-set expiry date

What is a botnet?

A network of compromised computers controlled by malicious actors.

What characterizes IoT devices?

They are interconnected devices that exchange data through the internet.

What was the primary aim of most mobile malware attacks?

To steal personal data or financial information.

What is the primary function of sending a false TCP packet with the RST flag?

To terminate an existing connection.

Which mode of IPsec encrypts the entire packet, including the original IP header?

Tunnel mode

In a SYN Flood attack, what process is manipulated to overwhelm a server?

The TCP 3-way handshake process.

What is a blind attack in network security?

An attack that does not require receiving traffic from the attacked entity.

What is a common feature of IPsec?

Uses both encryption and signing of packets.

Which option describes the nature of IPsec support in IPv4 compared to IPv6?

Optional for IPv4, mandatory for IPv6.

How does IPsec promote data confidentiality?

By applying encryption mechanisms on a packet level.

What is the consequence of a SYN Flood attack on a server?

The server rejects valid connection requests.

What is the first step in establishing trust through virtual profiles on social media?

Creating a virtual profile

Which technique involves making a small request to gain compliance later?

Foot-in-the-door technique

How do fake social media profiles gain trust from their followers?

By actively engaging and delivering valuable content

The stochastic approach refers to what method in manipulating trust?

Randomly contacting individuals with plausible scenarios

What type of information is typically used in manipulating trust through insider tactics?

Non-confidential but specific internal information

Which method involves asking the target to perform seemingly harmless actions?

Request for controllable actions

Once a virtual profile has established trust, what deceptive action do they typically take?

They share links to harmful websites disguised as legitimate sources

Study Notes

Hash and Reduction Functions

• Hash functions convert input data into fixed-length values.
• Reduction functions transform hashed values back into potential new inputs, not an inverse of the hash.
• Hash chains utilize alternating hash and reduction functions, starting from an initial input and producing a terminal value after multiple iterations.

Rainbow Tables

• Hash chains are precomputed and stored in rainbow tables, alongside their original inputs.
• When an analyzed hash matches a terminator in the rainbow table, the corresponding chain can be traced back to reconstruct the original input.
• Each request to a server includes the session ID in the Cookie Header for tracking.

Session Management

• Sessions can end due to timeout, user-initiated logout, or expiry of session cookie.
• Session ID is crucial for identifying user requests.

Session Hijacking Techniques

• Intercepting TCP/IP traffic can expose session IDs.
• Listening to unsecured Wi-Fi communications may allow attackers to capture session IDs.
• Targeting network protocols (BGP/DNS) can lead to session ID extraction.
• Attackers can obtain SID from a user's device.

Session Sniffing and Fixation

• Session sniffing enables attackers to capture session tokens and impersonate users.
• Using HTTPS is recommended to protect data flow.
• Session fixation occurs when an attacker generates a SID and convinces a victim to use it, allowing the attacker to access victim's account.

Session Riding

• Session riding (CSRF) forces users to perform unintended actions by exploiting their logged-in state on a vulnerable application.

Botnets

• Botnets consist of networks of compromised computers, known as zombies, under the control of malicious actors, enhancing collective capabilities for attacks.

Internet of Things (IoT)

• IoT includes interconnected devices that communicate over the internet, improving efficiency and real-time data exchange.

WannaCry Ransomware

• WannaCrypt, or WannaCry, emerged in 2017, infecting over 230,000 computers in more than 150 countries.
• It encrypted files and demanded ransom in Bitcoin, exploiting the Windows vulnerability known as EternalBlue.
• Attacks significantly impacted essential sectors, including healthcare.

Mobile Malware

• Mobile attacks mostly target users to steal personal or financial information, often distributed through unofficial applications.
• Notable mobile malware includes the first virus (SYMBIAN/ARM) in 2004 and the first mobile botnet, Malent, in 2012.

Network Security Protocols

• IPsec ensures secure communication at the network layer, employing encryption for data confidentiality and integrity.
• It features transport and tunnel modes for flexibility in handling data packet encryption.

DoS Attacks

• SYN Flood is a type of DoS attack manipulating the TCP connection setup process, overwhelming servers with uncompleted connection requests.

Trust Manipulation Techniques

• Techniques include making small requests, leveraging internal information, prompting harmless actions, offering problem-solving assistance, and the stochastic approach of randomly contacting individuals.

Building Virtual Trust

• Establishing a virtual profile, building follower trust, delivering valuable content, and then exploiting that trust for manipulation are crucial steps.

BiTDefender Experiment

• Researchers created fake social media profiles to study trust manipulation.
• Fake accounts shared valuable content to build credibility before leading followers to dangerous websites disguised as legitimate sources.

Description

This quiz explores the concepts of hash and reduction functions, essential for efficiently reversing hash values. Learn how hash functions convert inputs into fixed lengths and how reduction functions propose potential inputs for further hashing. Understand the creation of hash chains and their significance in cryptography.