ISS Oral
Gave my ISS(Information Security Systems) oral today..so putting up the Q&A's.BTW the subject deals with things like cryptography & network security.Post your guess of how much marks do you think I'll get(out of 50) as a comment to this post.For your reference..I am giving this scale..
------------------------------------------------------------------------------------
44 to 48 : Best
Above 40 : Good
Below 40:OK
Passing marks:20
------------------------------------------------------------------------------------
Q) Can you explain me the Diffie-Hellman algorithm?
A--> 1.I explained the key exchange problem in case of symmetric key cryptography.
2.I explained the algorithm in detail with n,g,X and Y...assuming Alice as sender and Bob as receiver...explained that finally we get K=g [raised to (xy) ] mod n on both sides..and hence the key is exchanged successfully.
3.Then I talked about the vulnerability of DH algo ie the man-in-middle attack..told that an intruder Trudy sitting between Alice and Bob can intercept messages and cause havoc..explained that Alice and Bob would then be communicating with Trudy..instead of amongst them.
Q)So can a third person sit between Alice and Trudy and cause the middle-man attack again?
A-->Yes, that too can happen.
Q)So it is a recursive process...
A-->Yes.The process can be recursive to any level.
Q)Then is there any solution to this problem?
A-->Yes.The man in middle attack basically exploits the weakness of Diffie- Hellman algorithm, that it does not provide any authentication.There is another key distribution protocol called as the Oakley key distribution protocol..which uses cookies for authentication.The initiator sends a random cookie to the receiver..which must be accompanied in the receiver's first response.So both parties authenticate each other using cookies and are therefore assured of their identities.Oakley key distribution is a part of IPSec.
Q)There is something called as DES.What is it?
A-->DES is a symmetric key encrption algorithm. It is a modified version of IBM's Lucifer.The US govt adopted it as a standard in 1976. DES is a block cipher ..the block size being 64 bits.The key is 64 bits long,but different keys are generated from the main key and used for each round.
Basically there are 3 steps in DES.Initial permutation (scrambling) ,16 rounds and then final permutation. In each round there are 5 sub-steps..key transforamtion,expansion permutation, s-box substitution,p-box permutation and XOR-swap.(Then I explained these steps in brief..LPT/RPT..etc.I wanted to explain in detail..but I felt that he was expecting only basics..so I cut short).
Q)If you have to device your own encryption algorithm,what are the design
issues you will need to consider?
A-->Firstly we will need to decide whether it is to be a symetric or asymmetric key encryption algortithm.(Explained merits & demerits of both).Then we will need to decide factors like key-size,block-cipher or stream cipher etc.All this will depend on for what purpose the algorithm will be used. We will also need to consider whether the algorithm will be actually used as hardware implementation or software implmentation. (I think the last line was unecessary.)
------------------------------------------------------------------------------------
44 to 48 : Best
Above 40 : Good
Below 40:OK
Passing marks:20
------------------------------------------------------------------------------------
Q) Can you explain me the Diffie-Hellman algorithm?
A--> 1.I explained the key exchange problem in case of symmetric key cryptography.
2.I explained the algorithm in detail with n,g,X and Y...assuming Alice as sender and Bob as receiver...explained that finally we get K=g [raised to (xy) ] mod n on both sides..and hence the key is exchanged successfully.
3.Then I talked about the vulnerability of DH algo ie the man-in-middle attack..told that an intruder Trudy sitting between Alice and Bob can intercept messages and cause havoc..explained that Alice and Bob would then be communicating with Trudy..instead of amongst them.
Q)So can a third person sit between Alice and Trudy and cause the middle-man attack again?
A-->Yes, that too can happen.
Q)So it is a recursive process...
A-->Yes.The process can be recursive to any level.
Q)Then is there any solution to this problem?
A-->Yes.The man in middle attack basically exploits the weakness of Diffie- Hellman algorithm, that it does not provide any authentication.There is another key distribution protocol called as the Oakley key distribution protocol..which uses cookies for authentication.The initiator sends a random cookie to the receiver..which must be accompanied in the receiver's first response.So both parties authenticate each other using cookies and are therefore assured of their identities.Oakley key distribution is a part of IPSec.
Q)There is something called as DES.What is it?
A-->DES is a symmetric key encrption algorithm. It is a modified version of IBM's Lucifer.The US govt adopted it as a standard in 1976. DES is a block cipher ..the block size being 64 bits.The key is 64 bits long,but different keys are generated from the main key and used for each round.
Basically there are 3 steps in DES.Initial permutation (scrambling) ,16 rounds and then final permutation. In each round there are 5 sub-steps..key transforamtion,expansion permutation, s-box substitution,p-box permutation and XOR-swap.(Then I explained these steps in brief..LPT/RPT..etc.I wanted to explain in detail..but I felt that he was expecting only basics..so I cut short).
Q)If you have to device your own encryption algorithm,what are the design
issues you will need to consider?
A-->Firstly we will need to decide whether it is to be a symetric or asymmetric key encryption algortithm.(Explained merits & demerits of both).Then we will need to decide factors like key-size,block-cipher or stream cipher etc.All this will depend on for what purpose the algorithm will be used. We will also need to consider whether the algorithm will be actually used as hardware implementation or software implmentation. (I think the last line was unecessary.)
posted by Anup @ 9:19 AM
17 Comments:
Make no mistake: Our mission at Tip Top Equities is to sift through the thousands of underperforming companies out there to find the golden needle in the haystack. A stock worthy of your investment. A stock with the potential for big returns. More often than not, the stocks we profile show a significant increase in stock price, sometimes in days, not months or years. We have come across what we feel is one of those rare deals that the public has not heard about yet. Read on to find out more.
Nano Superlattice Technology Inc. (OTCBB Symbol: NSLT) is a nanotechnology company engaged in the coating of tools and components with nano structured PVD coatings for high-tech industries.
Nano utilizes Arc Bond Sputtering and Superlattice technology to apply multi-layers of super-hard elemental coatings on an array of precision products to achieve a variety of physical properties. The application of the coating on industrial products is designed to change their physical properties, improving a product's durability, resistance, chemical and physical characteristics as well as performance. Nano's super-hard alloy coating materials were especially developed for printed circuit board drills in response to special market requirements
The cutting of circuit boards causes severe wear on the cutting edge of drills and routers. With the increased miniaturization of personal electronics devices the dimensions of holes and cut aways are currently less than 0.2 mm. Nano coats tools with an ultra thin coating (only a few nanometers in thickness) of nitrides which can have a hardness of up to half that of diamond. This has proven to increase tool life by almost ten times. Nano plans to continue research and development into these techniques due to the vast application range for this type of nanotechnology
We believe that Nano is a company on the move. With today�s steady move towards miniaturization we feel that Nano is a company with the right product at the right time. It is our opinion that an investment in Nano will produce great returns for our readers.
Online Stock trading, in the New York Stock Exchange, and Toronto Stock Exchange, or any other stock market requires many hours of stock research. Always consult a stock broker for stock prices of penny stocks, and always seek proper free stock advice, as well as read a stock chart. This is not encouragement to buy stock, but merely a possible hot stock pick. Get a live stock market quote, before making a stock investment or participating in the stock market game or buying or selling a stock option.
I read over your blog, and i found it inquisitive, you may find My Blog interesting. My blog is just about my day to day life, as a park ranger. So please Click Here To Read My Blog
While you read this, YOU start to BECOME aware of your surroundings, CERTIAN things that you were not aware of such as the temperature of the room, and sounds may make YOU realize you WANT a real college degree.
Call this number now, (413) 208-3069
Get an unexplained feeling of joy, Make it last longer by getting your COLLEGE DEGREE. Just as sure as the sun is coming up tomorrow, these College Degree's come complete with transcripts, and are VERIFIABLE.
You know THAT Corporate America takes advantage of loopholes in the system. ITS now YOUR turn to take advantage of this specific opportunity, Take a second, Get a BETTER FEELING of joy and a better future BY CALLING this number 24 hours a day.
(413) 208-3069
We must also steer clear of the distinctions superconscious and subconscious which have found so much favor in the more recent literature on the psychoneuroses, for just such a distinction seems to emphasize the equivalence of the psychic and http://startso11.info/wyszukaj+ustaw%C4%99+o+systemie+o%C2%9Cwiaty.html the conscious.. I remembered that on the day before she had http://startso11.info/dla+studenta.html told me that the Professor was going to a certain concert, and that she was also going there, in order to enjoy the sight of him.. He stood for http://startso11.info/pup.czluchow.eu.org.html a moment irresolute, for something was happening to him.. At least, I http://startso11.info/www.skrzynie.net.pl.html said, Mr.. I wept, until my spectacles were dimmed for that hopeless sorrow; but there was a pang beyond tears for those icy statues. http://startso11.info/wypoczynek+nad+morzem.html. Representation of the genital by structures, stairways, http://startso11.info/r%C3%B3%C5%BCnice+w+komunikacji+m%C4%99%C5%BCczyzn+i+kobiet.html and shafts.. Everybody felt that this was http://startso11.info/www.wizziar.pl.html everybody's business.. Accordingly he set out on this business, but was unsuccessful http://startso11.info/amb.html at two livery stables, the carriages being all out.. Van Kamp joined the women on the porch, and explained the attractively novel situation http://startso11.info/proton.html to them.. Brede, stood or sat http://startso11.info/CELOWNIK.html on one side or the other of that grape-trellis, and not one of them knew where his marriage-license was.. The war-cloud's rolling http://rebestal.info/blacha+krzemowa.html Dun , he answered.. Till this moment, indeed, that is the impression in http://startso11.info/everything+but.html Naguadavick.. Leonard, with whose exceeding beauty were united a countenance beaming with intelligence, and a manner that put every one at their ease http://startso11.info/www.prettl.cz.html immediately.. These folks stays here's long's they wants ter. http://startso11.info/golec+uorkiestra.html. I'll have to put you an' your wife in that, an' let your boy sleep with th' driver. http://startso11.info/e-om.html. We talked it http://startso11.info/ginsana.html over, and agreed that we were glad that we had not been obliged to take sides upon such insufficient testimony.. He called for his spyglass, and surveying the craft, saw that she came from http://startso11.info/www.horoskop.html the neighboring island.. After Uncle Billy http://startso11.info/www.je%C5%BCew.pl.html had won the only jack-pot deserving of the name, he was allowed to go blissfully to sleep with his hand on the handle of the big jug.. I am cheerful and in a confidential http://rebestal.info/delfin.html mood, and as I pass a troop of young officers I think to myself: None of you can have any designs upon me.. , were carefully pruned down about one-half, in order to eliminate the sectional http://startso11.info/biuro+matrymonialne+francja.html and class prejudice with which the book was dyed from end to end, he might consider its publication...
Hello.. Do you know how to Add Adsense Code Inside Single Post Only in XML Template? Visit your blog to learn how.. Have a nice thursday!
Download Full Version Software at AriesGames... http://ariesgames.blogspot.com
hello... hapi blogging... have a nice day! just visiting here....
Download Forum Poster V3 3.0 at FileAfro.com
http://www.fileafro.com/view_forum-poster-v3-30.html
hello... you may submit this blog to my webBlog Directory, keyworddir.info.. have a nice day!
Keyword Directory
Watch Natsha Naked!
Looking for Sex Partner in Davao City? Visit Here!
hi.. just dropping by here... have a nice day! http://kantahanan.blogspot.com
hi.. just dropping by here... have a nice day! http://kantahanan.blogspot.com/
Hi...Just droppin' by... If you are looking for ways to market your blog, I may help you in some way that I can. Visit Me Here! i will be glad to help you!
Hi... Looking ways to market your blog? try this: http://bit.ly/instantvisitors
thanks,this is my site
http://kaminyoon.blogspot.com/.. be a follower..more wedding ideas!
http://loveumuch143.blogspot.com/..learn how to love more deeper...be a follower..thanks..
Post a Comment
<< Home