**This is an old revision of the document!**

Exam 2

Location: In Class

Closed book, No notes

Study the lecture slides available on the web site, and other readings

Secure email (example of how we combine symmetric and asymmetric encryption to send an encrypted message). Understand the theory of how the two common systems we studied work and know the differences between them

TLS Handshake

• know protocol control flow (given a diagram, reason from it)
• know record format
• know what data is exchanged at what phases and it’s composition.
• session resumption and how it works, and why we do it
• be able to explain the parts of a cipher name e.g. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

Buffer Overflow Attacks

• Stack Smashing Attack
• Canaries
• What is a NOP sled? Why/How is it used?
• Defenses (Prevention, and Mitigation, and what the difference between these is)
• Understand x86 stack layout calling conventions as seen in assignments
• Shown some debugger output, be able to reason about the function call
 diagram and the state that the program is in and will be in

Binary extraction attacks and the use of a debugger.

Integer Manipulation Vulnerabilities

• Online vs. Offline attacks
• How to calculate the cost of an off-line attack
• Unix password files - how do they work?
• Lamport's Hash - how does it work? how to attack it?
• Salts - what and why?

Attacks against, and countermeasures for programs that hold passwords

Command Injection Vulnerabilities, prevention and mitigation techniques

Usability as a security problem - be prepared to give examples and explain

Ken Thompson compiler hack - how it works

Principle of Least Privilege and how it relates to Defense in Depth

ANYTHING in any of your projects, or homework assignments.

Remaining topics are for final exam

Social Engineering

• What is it?
• How to defend against it?

Review Exam 1 problems

• MAC/HMAC, hashes and how they are implemented, and how they are not the same