[opensource] Volunter for Potential Talks

Bill (William) Triest wtriest at chemistry.ohio-state.edu
Wed Jan 18 15:37:27 EST 2006


> Introduction to Encryption
> > Symetric key Encryption
> > Hashes (what they are, and mention two standards md5 and sha1)
> > Public / Private Key encrytpion (focusing on what signatures are
> > compared to encryption)
>    [...]
> 
> I'd be particularly interested in this talk.  I'd also be interested in 
> learning how these specific encryption algorithms are integrated with 
> protocols such as IPSEC, PPTP, CHAP, WEP, and WAP (for wireless).

During my independant study we talked about ipsec, and I've actually had
it come up during an interview.   Overall it would require I brush up a
bit (particularly because I've never used it). I would need more time to
prepare the talk, but I feel I could easily do it.

In hindsight, I probably should have included ipsec in the list of
topics, since it is an important method of generically securing data
communications.  As for your other protcols, I'll talk about them
specifically below.  I choose the group I did not only becuase they
were/are the one I am most familar with, but because they are the basis
that most people would expect you to know. On the encryption talk I
wasn't planning on talking about any implementations or even into small
details, but provide a big pictures which would serve as a basis for
being a better user of these technolgoies or as a foundation for further
indvidualized study (particularly public key/private key encryption and
signing vs encryption is important). In order to keep the talk
interesting to people who don't plan on doing fruther study I left of
things such as Diffie-Hellman key exchange (which is quite important to
several technologies and I personally find quite interesting).  

As for PPTP, I don't know much about it, but I'm not really a vpn fan
(and when I need to resort to such things, I usually just do port
forwarding over ssh as a poor man's VPN). In particular my understanding
of PPTP's implementation has security problems, so no new deployments
should occur.  This does *NOT* mean it shouldn't be discussed.  I would
argue it is critical to look at the failed protocols in order to help
evaluate new technolgies.  Its just not something I've looking into
before, and with my current work schedule its not something I realy want
to researh before giving my talk.

I don't know much about CHAP, but from my understanding it would be
fairly easy to present.  As for WEP and WAP, my independant study didn't
include wireless, but I've obviously followed the two scenerios pretty
closely.  I'm friends with some one quite versed in these matters, and
if there is enough interested specifically in enryption related to
wireless technology, I may try to have my friend present.  If there is
the interst, I would almost say wireless security would be a third
topic, and I realy think I would try to find an alternative presentor
(just because I know the University has people better versed in these
subjects).  Hopefully we could even do a demonstration of breaking wep
or wpa technology.  Honestly to understand this, I think you would want
to understand some of the encryption topics I listed earlier in order to
help with understanding the wireless stuff.

These are just my feelings about the technologies and there is a bit of
opinion mixed in with this message, so feel free to veto things I've
said and say we just want the wireless security stuff etc if this is
honestly how you feel.  This is your (plural meaning the members) club
so the topics should be things that the members find intersting.   I'm
just trying to provide my perspective because I did put some thought
into this.  Put you know the saying about opinions.

--Bill



More information about the Opensource mailing list