Monday, November 05, 2012

Security concepts

  • What is the difference between pseudo-random numbers and real random numbers? PRNG and TRNG...
  • Is it even possible to create a true random number?
  • Why are random numbers important in cryptography?
  • What is the difference between hashing and encryption?
  • When would you use symmetric vs asymmetric encryption?
  • Does SSL / HTTPS use symmetric key or asymmetric key? What is session key?
  • What do you mean by 128-bit encryption? Is it the size of the symmetric key or asymmetric key?
  • What is the difference between digital signature and digital certificate?
  • What does a digital certificate contain? Also please explain how this all relates to the "Chain of Responsibility" design pattern?
  • What's the difference between a GUID generator and a random number generator?
  • When you install a digital certificate on the server, where is the private key stored?
  • What digital certs are installed on your brower? Who installs them and why are they required?
 Sample scenarios: What to do? Whose public / private key to use?
  • You want to send a encrypted message to a person
  • You want to digitally sign a document/message

i18N concepts

  • What is the difference between Unicode and UTF-16?
  • What is the significance of UTF-8? When to use it?
  • If Chinese characters are represented as 2 or 3 bytes, how will you find out the length of a string in Chinese? For e.g. for validating the length of a field on a form.
  • When do we need to use Base64 encoding?
  • If I need to make an application i18n enabled, besides label/message strings, what are the other areas (data-points) I need to take care of?
  • Can you open an unicode file (containing CJK chars) in notepad? If not, then why? What editors support unicode on your desktop?