Professional Documents
Culture Documents
Exam 2011 Winter A PDF
Exam 2011 Winter A PDF
236350
,"
'14.2.2011 ,
:"
:
: .
4 . .
6 , . .
.
10 .
. .
. .
!
1
AES - 1 ) 25'(
. AES" MixColumns- ShiftColumns -
ShiftRows . ShiftRows- ShiftColumns-
) 0( ,
,
. ShiftColumns-
:
.chosen-plaintext
plaintext attack
, chosen-plaintext , )(P,C
.
.
'
. (Number Mode) NBR :
)Ci=MiEk(i
:
Mn
M2
M1
C2
C1
Cn
...
. " "
. " .NBR
' " " .
' , ' '
' . '
) '( .
. Number Mode- NBR-
' " .
' . xor
Number Mode NBR
.ECB
. (Message Authentication Code) MAC .
NBR-MAC - CBC-MAC- . ,
MAC- M ) k
( Cn- .MAC- .
(1
(2
(3
(4
:
) |
|
=
)|
| =
)|
| =
) ! |
|
=
.
, IP- .
SA- .
- -256 .
- -256 .
! - DH- . #.
.
.
Diffie-Hellman .IKE
# $ :
)% &'()*+,(,-|./0
:
.
- -256 .
CKY CKY- , .
IKE IKE # # -
" .
. 1 1 - :
) 1 = 2+/3045 | | | | |
6
) 1 = 2+/3045 | | | | |
6
:
)SKEYID= = PRF AB |AC ) g EBEC |CKYG |CKYH |0
)SKEYIDJ = PRF AB |AC ) SKEYIDK |g EBEC |CKYG |CKYH |1
)SKEYIDM = PRF AB |AC ) SKEYIDJ |g EB EC |CKYG |CKYH |2
IKE ?IKE ,
, .
main mode.aggressive mode-
- 3 ) 25'(
Web- ,www.matchme.com ,MatchMe
. ,
. MatchMe SSL .
,MatchMe SSL session-
Telnet Authentication . ,
MatchMe .
. ?SSL
. .MatchMe
MatchMe " CA.
. (Telnet Authentication) Telnet .
MatchMe ? .
- .WeRTheBest ,
.SSL , SSL -
,session .Telnet Autentication ,
WeRTheBest CA , ) (X509v3 .
) ( SSL Session
.
, .proxy
. .
WeRTheBest CA- " .
. .MatchMe , ,WeRTheBest
.
)( .
?
. MatchMe .
- 4 ) 25'(
,
, .
) ,(File upload ) .(File download
, .
intgw :
>intgw f file u url d <up|down
url / file, ,
up- down upload .download
/ / home directory- .
,down file , ) ,(delete file
) ,(create . create ,
, .
,/logs/connection_log
intgw . connection_log- /
. ) (root
, ) (delete connection_log ).(create
.DAC .
.
) root ,(/
. root . root
) (read./logs-
. .
, ,root- /logs, ~sara) ~ehud- ,~u
,(u .read, write , delete, create
.
:
intgw f ~ehud/hacker_handbook.txt u malware.com/hacker_ hand_book.txt d down
.
" intgw-
" :
intgw f ~sara/very_neat_application u malware.com/sus d down
hacker ,
) (.
. .intgw
:
.1 , .
.2 :
intgw ?
.i
? ?
.ii
. .
,
intgw .
.
. - .