ISS Oral
Gave my ISS(Information Security Systems) oral today..so putting up the Q&A's.BTW the subject deals with things like cryptography & network security.Post your guess of how much marks do you think I'll get(out of 50) as a comment to this post.For your reference..I am giving this scale..
------------------------------------------------------------------------------------
44 to 48 : Best
Above 40 : Good
Below 40:OK
Passing marks:20
------------------------------------------------------------------------------------
Q) Can you explain me the Diffie-Hellman algorithm?
A--> 1.I explained the key exchange problem in case of symmetric key cryptography.
2.I explained the algorithm in detail with n,g,X and Y...assuming Alice as sender and Bob as receiver...explained that finally we get K=g [raised to (xy) ] mod n on both sides..and hence the key is exchanged successfully.
3.Then I talked about the vulnerability of DH algo ie the man-in-middle attack..told that an intruder Trudy sitting between Alice and Bob can intercept messages and cause havoc..explained that Alice and Bob would then be communicating with Trudy..instead of amongst them.
Q)So can a third person sit between Alice and Trudy and cause the middle-man attack again?
A-->Yes, that too can happen.
Q)So it is a recursive process...
A-->Yes.The process can be recursive to any level.
Q)Then is there any solution to this problem?
A-->Yes.The man in middle attack basically exploits the weakness of Diffie- Hellman algorithm, that it does not provide any authentication.There is another key distribution protocol called as the Oakley key distribution protocol..which uses cookies for authentication.The initiator sends a random cookie to the receiver..which must be accompanied in the receiver's first response.So both parties authenticate each other using cookies and are therefore assured of their identities.Oakley key distribution is a part of IPSec.
Q)There is something called as DES.What is it?
A-->DES is a symmetric key encrption algorithm. It is a modified version of IBM's Lucifer.The US govt adopted it as a standard in 1976. DES is a block cipher ..the block size being 64 bits.The key is 64 bits long,but different keys are generated from the main key and used for each round.
Basically there are 3 steps in DES.Initial permutation (scrambling) ,16 rounds and then final permutation. In each round there are 5 sub-steps..key transforamtion,expansion permutation, s-box substitution,p-box permutation and XOR-swap.(Then I explained these steps in brief..LPT/RPT..etc.I wanted to explain in detail..but I felt that he was expecting only basics..so I cut short).
Q)If you have to device your own encryption algorithm,what are the design
issues you will need to consider?
A-->Firstly we will need to decide whether it is to be a symetric or asymmetric key encryption algortithm.(Explained merits & demerits of both).Then we will need to decide factors like key-size,block-cipher or stream cipher etc.All this will depend on for what purpose the algorithm will be used. We will also need to consider whether the algorithm will be actually used as hardware implementation or software implmentation. (I think the last line was unecessary.)
------------------------------------------------------------------------------------
44 to 48 : Best
Above 40 : Good
Below 40:OK
Passing marks:20
------------------------------------------------------------------------------------
Q) Can you explain me the Diffie-Hellman algorithm?
A--> 1.I explained the key exchange problem in case of symmetric key cryptography.
2.I explained the algorithm in detail with n,g,X and Y...assuming Alice as sender and Bob as receiver...explained that finally we get K=g [raised to (xy) ] mod n on both sides..and hence the key is exchanged successfully.
3.Then I talked about the vulnerability of DH algo ie the man-in-middle attack..told that an intruder Trudy sitting between Alice and Bob can intercept messages and cause havoc..explained that Alice and Bob would then be communicating with Trudy..instead of amongst them.
Q)So can a third person sit between Alice and Trudy and cause the middle-man attack again?
A-->Yes, that too can happen.
Q)So it is a recursive process...
A-->Yes.The process can be recursive to any level.
Q)Then is there any solution to this problem?
A-->Yes.The man in middle attack basically exploits the weakness of Diffie- Hellman algorithm, that it does not provide any authentication.There is another key distribution protocol called as the Oakley key distribution protocol..which uses cookies for authentication.The initiator sends a random cookie to the receiver..which must be accompanied in the receiver's first response.So both parties authenticate each other using cookies and are therefore assured of their identities.Oakley key distribution is a part of IPSec.
Q)There is something called as DES.What is it?
A-->DES is a symmetric key encrption algorithm. It is a modified version of IBM's Lucifer.The US govt adopted it as a standard in 1976. DES is a block cipher ..the block size being 64 bits.The key is 64 bits long,but different keys are generated from the main key and used for each round.
Basically there are 3 steps in DES.Initial permutation (scrambling) ,16 rounds and then final permutation. In each round there are 5 sub-steps..key transforamtion,expansion permutation, s-box substitution,p-box permutation and XOR-swap.(Then I explained these steps in brief..LPT/RPT..etc.I wanted to explain in detail..but I felt that he was expecting only basics..so I cut short).
Q)If you have to device your own encryption algorithm,what are the design
issues you will need to consider?
A-->Firstly we will need to decide whether it is to be a symetric or asymmetric key encryption algortithm.(Explained merits & demerits of both).Then we will need to decide factors like key-size,block-cipher or stream cipher etc.All this will depend on for what purpose the algorithm will be used. We will also need to consider whether the algorithm will be actually used as hardware implementation or software implmentation. (I think the last line was unecessary.)
posted by Anup @ 9:19 AM
3 Comments:
We must also steer clear of the distinctions superconscious and subconscious which have found so much favor in the more recent literature on the psychoneuroses, for just such a distinction seems to emphasize the equivalence of the psychic and http://startso11.info/wyszukaj+ustaw%C4%99+o+systemie+o%C2%9Cwiaty.html the conscious.. I remembered that on the day before she had http://startso11.info/dla+studenta.html told me that the Professor was going to a certain concert, and that she was also going there, in order to enjoy the sight of him.. He stood for http://startso11.info/pup.czluchow.eu.org.html a moment irresolute, for something was happening to him.. At least, I http://startso11.info/www.skrzynie.net.pl.html said, Mr.. I wept, until my spectacles were dimmed for that hopeless sorrow; but there was a pang beyond tears for those icy statues. http://startso11.info/wypoczynek+nad+morzem.html. Representation of the genital by structures, stairways, http://startso11.info/r%C3%B3%C5%BCnice+w+komunikacji+m%C4%99%C5%BCczyzn+i+kobiet.html and shafts.. Everybody felt that this was http://startso11.info/www.wizziar.pl.html everybody's business.. Accordingly he set out on this business, but was unsuccessful http://startso11.info/amb.html at two livery stables, the carriages being all out.. Van Kamp joined the women on the porch, and explained the attractively novel situation http://startso11.info/proton.html to them.. Brede, stood or sat http://startso11.info/CELOWNIK.html on one side or the other of that grape-trellis, and not one of them knew where his marriage-license was.. The war-cloud's rolling http://rebestal.info/blacha+krzemowa.html Dun , he answered.. Till this moment, indeed, that is the impression in http://startso11.info/everything+but.html Naguadavick.. Leonard, with whose exceeding beauty were united a countenance beaming with intelligence, and a manner that put every one at their ease http://startso11.info/www.prettl.cz.html immediately.. These folks stays here's long's they wants ter. http://startso11.info/golec+uorkiestra.html. I'll have to put you an' your wife in that, an' let your boy sleep with th' driver. http://startso11.info/e-om.html. We talked it http://startso11.info/ginsana.html over, and agreed that we were glad that we had not been obliged to take sides upon such insufficient testimony.. He called for his spyglass, and surveying the craft, saw that she came from http://startso11.info/www.horoskop.html the neighboring island.. After Uncle Billy http://startso11.info/www.je%C5%BCew.pl.html had won the only jack-pot deserving of the name, he was allowed to go blissfully to sleep with his hand on the handle of the big jug.. I am cheerful and in a confidential http://rebestal.info/delfin.html mood, and as I pass a troop of young officers I think to myself: None of you can have any designs upon me.. , were carefully pruned down about one-half, in order to eliminate the sectional http://startso11.info/biuro+matrymonialne+francja.html and class prejudice with which the book was dyed from end to end, he might consider its publication...
Hello.. Do you know how to Add Adsense Code Inside Single Post Only in XML Template? Visit your blog to learn how.. Have a nice thursday!
hello... hapi blogging... have a nice day! just visiting here....
Post a Comment
<< Home