Return-Path: william@bourbon.usc.edu Delivery-Date: Thu May 13 13:57:46 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i4DKvkqB011692 for ; Thu, 13 May 2004 13:57:46 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i4DKwrYU009963 for ; Thu, 13 May 2004 13:58:53 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i4DKwrfA009961 for cs530@merlot; Thu, 13 May 2004 13:58:53 -0700 Date: Thu, 13 May 2004 13:58:53 -0700 From: william@bourbon.usc.edu Message-Id: <200405132058.i4DKwrfA009961@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CSCI 551 letter grade ... Hi, The e-mail that was sent a few minutes ago with the subject line "CSCI 551 letter grade" was suppose to have the subject line of "CSCI 530 letter grade". Sorry about the typo! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu May 13 07:42:00 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i4DEg0qB004723 for ; Thu, 13 May 2004 07:42:00 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i4DEh7YU025157 for ; Thu, 13 May 2004 07:43:07 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i4DEh7nn025155 for cs530@merlot; Thu, 13 May 2004 07:43:07 -0700 Date: Thu, 13 May 2004 07:43:07 -0700 From: william@bourbon.usc.edu Message-Id: <200405131443.i4DEh7nn025155@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: HW3 regrade... Hi, I'm not sure if the grader has informed you of your revised HW3 scores. So, what I'm going to do is to e-mail your HW3 scores to you individually soon (just like the way it was announced to you earlier on). I should be able to send you your grades for the class (and for the final exam and the term paper) early this afternoon. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed May 5 14:05:14 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i45L5EqB016639 for ; Wed, 5 May 2004 14:05:14 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i45L67YU010689 for ; Wed, 5 May 2004 14:06:07 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i45L674Y010687 for cs530@merlot.usc.edu; Wed, 5 May 2004 14:06:07 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i45L67YU010684 for ; Wed, 5 May 2004 14:06:07 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i45L67HI010680 for ; Wed, 5 May 2004 14:06:07 -0700 Message-Id: <200405052106.i45L67HI010680@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: AES Rijndael - Number of rounds Date: Wed, 05 May 2004 14:06:07 -0700 From: william@bourbon.usc.edu Hmm... I can't find where it says that the first round is not a full round in the book. (Good thing the number of rounds is really not that important conceptually.) -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Wed, 5 May 2004 07:28:38 -0700 (PDT) From: Jon Schifman To: william@bourbon.usc.edu Subject: Re: AES Rijndael - Number of rounds I believe on this issue, we previously discussed that they are both correct. The book includes the first round which is not a full round in its statement of 10/12/14. It is a different type of round (I think). If you are interested, please look up clarification, because I'm not sure. Both should be correct answers though. -Jon --- william@bourbon.usc.edu wrote: > Someone wrote: > > > Network Security - Kaufman et.al on Pg 84 states > that there > > are 10/12/14 rounds for Rijndael. But the > lecture notes > > (lec 5 - Slide 11 of 12) say that it's 9/11/13. > > Which one is correct? > > Hmm... I would think that the book is correct. > > > And what do we write if a qn. on this appears in > exam? > > This particular question will not appear in the > exam. > -- > Bill Cheng // bill.cheng@usc.edu > > __________________________________ Do you Yahoo!? Win a $20,000 Career Makeover at Yahoo! HotJobs http://hotjobs.sweepstakes.yahoo.com/careermakeover Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed May 5 05:44:15 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i45CiFqB007567 for ; Wed, 5 May 2004 05:44:15 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i45Cj8YU024527 for ; Wed, 5 May 2004 05:45:08 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i45Cj8xQ024522 for cs530@merlot.usc.edu; Wed, 5 May 2004 05:45:08 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i45Cj8YU024516 for ; Wed, 5 May 2004 05:45:08 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i45Cj8vA024512 for ; Wed, 5 May 2004 05:45:08 -0700 Message-Id: <200405051245.i45Cj8vA024512@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: AES Rijndael - Number of rounds Date: Wed, 05 May 2004 05:45:07 -0700 From: william@bourbon.usc.edu Someone wrote: > Network Security - Kaufman et.al on Pg 84 states that there > are 10/12/14 rounds for Rijndael. But the lecture notes > (lec 5 - Slide 11 of 12) say that it's 9/11/13. > Which one is correct? Hmm... I would think that the book is correct. > And what do we write if a qn. on this appears in exam? This particular question will not appear in the exam. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed May 5 05:41:03 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i45Cf3qB007486 for ; Wed, 5 May 2004 05:41:03 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i45CftYU021276 for ; Wed, 5 May 2004 05:41:55 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i45CftAk021274 for cs530@merlot.usc.edu; Wed, 5 May 2004 05:41:55 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i45CftYU021271 for ; Wed, 5 May 2004 05:41:55 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i45Cft6L021267 for ; Wed, 5 May 2004 05:41:55 -0700 Message-Id: <200405051241.i45Cft6L021267@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Stream cipher vs One time pad Date: Wed, 05 May 2004 05:41:55 -0700 From: william@bourbon.usc.edu Someone wrote: > Applied Cryptography - Bruce Schneier Pg 200 states that CFB > mode is a block cipher that can also be implemented as a > stream cipher. He then goes on to explain that stream ciphers > are hose in which encryption can be done in units smaller > than blocks. I thought that this deserved your perusal. I'm sure there are many definitions for every term out there. Since Applied Cryptography is not a required textbook, let's stick to the lectures for this class. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Tuesday, May 4, 2004 9:15 pm Subject: Re: Stream cipher vs One time pad > Someone wrote: > > > I guess in CFB it violates the fact that its computing the key on > > the fly, as in the one time pad is not precomputed. > > > > For eg if we have a 8 byte data block m1m2m3m4m5m6m7m8 and we > > have one time pad k1k2k3k4k5k6k7k8 to generate cipher > > c1c2c3c4c5c6c7c8. message arrives one by one (i.e. m1 followed by > > m2 etc). Also lets assume encrypting one byte of message takes 10 > > sec while exoring one byte of message takes 0.1 sec then in OFB > > once we get message, we take 0.1 sec to encrypt each block (since > > we already have the pad) while in CFB we take 10 seconds to > > encrypt m1 and then take 0.1 secs to exor it, so even if we had > > all other data available(say within 5 secs of arrival of m1) we > > couldnt encrypt it just because we were waiting for c8. Thats the > > problem with CFB especially when applications like video > > conferencing is concerned. > > The definition of one time pad is (slide 13 of lecture 4): > > a long random (or pseudo-random) string used to encrypt > a message with simple XOR > > Therefore, for a one time pad, the key stream must *not* be > a function of the message. > > In CFB mode, the key stream is a function of the message. > Therefore, it is not a one time pad. > -- > Bill Cheng // bill.cheng@usc.edu > > > > -----Original Message----- > From: william@bourbon.usc.edu [william@bourbon.usc.edu] > Sent: Tuesday, May 04, 2004 8:00 PM > To: cs530@bourbon.usc.edu > Subject: Re: Stream cipher vs One time pad > > Someone wrote: > > > Could you please tell if one time pad and stream cipher are > > both encryption schemes? > > You can encrypt with one time pad and you can encrypt > with stream cipher. So, the answer is yes. > > > If no then is it that stream cipher is the scheme where it *uses* > > one time pad, i.e. in a way the one time pad is the one time key. > > If yes then > > - what is the diff between the two keys. > > One time pad is a more of a concept. Stream cipher is a way > to generate/approximate a one time pad (not as secure as the > true one time pad). > > > - which scheme is CFB, which is OFB? > > These are just modes of DES. > > DES in OFB mode can be used as a stream cipher. > > Question to you: why DES in CFB mode is *not* a stream > cipher? Which definition of a stream cipher does it > violate? > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed May 5 05:35:04 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i45CZ4qB007362 for ; Wed, 5 May 2004 05:35:04 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i45CZuYU015243 for ; Wed, 5 May 2004 05:35:56 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i45CZufv015241 for cs530@merlot.usc.edu; Wed, 5 May 2004 05:35:56 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i45CZuYU015238 for ; Wed, 5 May 2004 05:35:56 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i45CZu5w015228 for ; Wed, 5 May 2004 05:35:56 -0700 Message-Id: <200405051235.i45CZu5w015228@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: openssl PMkey Date: Wed, 05 May 2004 05:35:56 -0700 From: william@bourbon.usc.edu Someone wrote: > I assume we will be expected to know how the PMkey is used in > openssl. I assume you mean SSL and not openssl. Then then answer is yes. > Do you expect us also to know how it is computed? No. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue May 4 21:15:06 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i454F6qB030343 for ; Tue, 4 May 2004 21:15:06 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i454FvYU029840 for ; Tue, 4 May 2004 21:15:57 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i454Fv05029838 for cs530@merlot.usc.edu; Tue, 4 May 2004 21:15:57 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i454FvYU029835 for ; Tue, 4 May 2004 21:15:57 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i454FvqE029831 for ; Tue, 4 May 2004 21:15:57 -0700 Message-Id: <200405050415.i454FvqE029831@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Stream cipher vs One time pad Date: Tue, 04 May 2004 21:15:57 -0700 From: william@bourbon.usc.edu Someone wrote: > I guess in CFB it violates the fact that its computing the key on > the fly, as in the one time pad is not precomputed. > > For eg if we have a 8 byte data block m1m2m3m4m5m6m7m8 and we > have one time pad k1k2k3k4k5k6k7k8 to generate cipher > c1c2c3c4c5c6c7c8. message arrives one by one (i.e. m1 followed by > m2 etc). Also lets assume encrypting one byte of message takes 10 > sec while exoring one byte of message takes 0.1 sec then in OFB > once we get message, we take 0.1 sec to encrypt each block (since > we already have the pad) while in CFB we take 10 seconds to > encrypt m1 and then take 0.1 secs to exor it, so even if we had > all other data available(say within 5 secs of arrival of m1) we > couldnt encrypt it just because we were waiting for c8. Thats the > problem with CFB especially when applications like video > conferencing is concerned. The definition of one time pad is (slide 13 of lecture 4): a long random (or pseudo-random) string used to encrypt a message with simple XOR Therefore, for a one time pad, the key stream must *not* be a function of the message. In CFB mode, the key stream is a function of the message. Therefore, it is not a one time pad. -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- From: william@bourbon.usc.edu [mailto:william@bourbon.usc.edu] Sent: Tuesday, May 04, 2004 8:00 PM To: cs530@bourbon.usc.edu Subject: Re: Stream cipher vs One time pad Someone wrote: > Could you please tell if one time pad and stream cipher are > both encryption schemes? You can encrypt with one time pad and you can encrypt with stream cipher. So, the answer is yes. > If no then is it that stream cipher is the scheme where it *uses* > one time pad, i.e. in a way the one time pad is the one time key. > If yes then > - what is the diff between the two keys. One time pad is a more of a concept. Stream cipher is a way to generate/approximate a one time pad (not as secure as the true one time pad). > - which scheme is CFB, which is OFB? These are just modes of DES. DES in OFB mode can be used as a stream cipher. Question to you: why DES in CFB mode is *not* a stream cipher? Which definition of a stream cipher does it violate? -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue May 4 21:05:11 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i4545BqB030149 for ; Tue, 4 May 2004 21:05:11 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i45462YU019874 for ; Tue, 4 May 2004 21:06:02 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i454622C019872 for cs530@merlot.usc.edu; Tue, 4 May 2004 21:06:02 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i45462YU019869 for ; Tue, 4 May 2004 21:06:02 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i454624p019859 for ; Tue, 4 May 2004 21:06:02 -0700 Message-Id: <200405050406.i454624p019859@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: edge sampling and ICMP trackback Date: Tue, 04 May 2004 21:06:02 -0700 From: william@bourbon.usc.edu Someone wrote: > I have some questions about the edge sampling and ICMP > trackback... How does it work? > > I have gone through the lectures and still don't really > understand it. > > For edge sampling, is that something that the router append the > IP address and increase the header to the header of the package? > Or it is something for changing the end IP address and source IP > address each time when it transverse to another router and let > the router remember the path? The packet size does not change. It uses the ID field of the IP packet. > How to do the XORing IP addresses to reduce space requirements to > 37 bits? Is the graph is the example on showing how XORing > operation works? The four bits are just for illustration. What > information are we going to include? Is that the first 1000 and > last 1100... and some bits around?? If it is, what bits around > should it store? Alefiya used a very small and simple example during her lecture. If you are interested in learning the details, please see the [Savage01a] in the reading list. > Also, the ICMP trackback, why the inital ttl must be 255? What is > the partial path information? how the victim reconstruct the > attack path? I'm not familiar with ICMP traceback. I don't remember why it must be 255. May be you should go back to the lecture. > In slide 43 of the same lecture, it mention the edge sampling > does not work with fragmentation and AH... What AH stands for? > What does piggybacks trackbacks means ? AH is the Authentication Header when IPsec is used. Piggyback means getting a piggyback ride. When a little kid sit on top of an adult's shoulders, it's called a piggyback ride. For Edge Sampling, the traceback information is getting a piggyback ride from an IP packet (using the ID field). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue May 4 20:03:50 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i4533oqB029021 for ; Tue, 4 May 2004 20:03:50 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i4534fYU022712 for ; Tue, 4 May 2004 20:04:41 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i4534fOY022710 for cs530@merlot.usc.edu; Tue, 4 May 2004 20:04:41 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i4534fYU022705 for ; Tue, 4 May 2004 20:04:41 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i4534f3B022697 for ; Tue, 4 May 2004 20:04:41 -0700 Message-Id: <200405050304.i4534f3B022697@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: is SET single or multi root? Date: Tue, 04 May 2004 20:04:41 -0700 From: william@bourbon.usc.edu Someone wrote: > Hi Prof, In the 3/8 lecture pg 10, you mention that there are 2 > version of X.509 but is SET classified as single or multi? > because it seems to be a little bit of both -> SET is the root, > but all other companies also need to get together to sign a > certifcate. *or* is SET a seperate model (i.e. not OSI model: > since you mention that SET is another organization)? I guess you can consider it to be a separate model. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue May 4 19:59:24 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i452xNqB028929 for ; Tue, 4 May 2004 19:59:23 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i4530FYU018216 for ; Tue, 4 May 2004 20:00:15 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i4530Ft7018214 for cs530@merlot.usc.edu; Tue, 4 May 2004 20:00:15 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i4530FYU018211 for ; Tue, 4 May 2004 20:00:15 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i4530FS2018207 for ; Tue, 4 May 2004 20:00:15 -0700 Message-Id: <200405050300.i4530FS2018207@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Stream cipher vs One time pad Date: Tue, 04 May 2004 20:00:15 -0700 From: william@bourbon.usc.edu Someone wrote: > Could you please tell if one time pad and stream cipher are > both encryption schemes? You can encrypt with one time pad and you can encrypt with stream cipher. So, the answer is yes. > If no then is it that stream cipher is the scheme where it *uses* > one time pad, i.e. in a way the one time pad is the one time key. > If yes then > - what is the diff between the two keys. One time pad is a more of a concept. Stream cipher is a way to generate/approximate a one time pad (not as secure as the true one time pad). > - which scheme is CFB, which is OFB? These are just modes of DES. DES in OFB mode can be used as a stream cipher. Question to you: why DES in CFB mode is *not* a stream cipher? Which definition of a stream cipher does it violate? -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue May 4 19:49:34 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i452nYqB028737 for ; Tue, 4 May 2004 19:49:34 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i452oQYU008327 for ; Tue, 4 May 2004 19:50:26 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i452oQnj008323 for cs530@merlot.usc.edu; Tue, 4 May 2004 19:50:26 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i452oQYU008316 for ; Tue, 4 May 2004 19:50:26 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i452oQ16008312 for ; Tue, 4 May 2004 19:50:26 -0700 Message-Id: <200405050250.i452oQ16008312@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: agent based authorization Date: Tue, 04 May 2004 19:50:25 -0700 From: william@bourbon.usc.edu Someone wrote: > In reference to the same below, the slide says ... > > Client on host G instantiates agent for principal P, > submits it to H as Q/P@G > Q acts on behalf of P at G > > I was wondering, shouldn't it be Q acts on behalf of P at H ? P is at G! (I guess this is confusing because English is ambiguous.) -- Bill Cheng // bill.cheng@usc.edu At 04:35 PM 5/4/2004 -0700, you wrote: >Someone wrote: > > > In your A-B A slides from lecture 20 page 1, I am getting a bit > > lost. The line that reads "Client on host G instantiats agent > > for pricipal P, submits it to H as Q/P@G": who is the principal P? > > Is this referring to client's idenity on host H? > >Client is just a piece of software. Principle P is the entity >(such as a person or a process) that's trying to gain access. Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue May 4 16:34:54 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i44NYsqB025234 for ; Tue, 4 May 2004 16:34:54 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44NZjYU013430 for ; Tue, 4 May 2004 16:35:45 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i44NZjtH013428 for cs530@merlot.usc.edu; Tue, 4 May 2004 16:35:45 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44NZjYU013425 for ; Tue, 4 May 2004 16:35:45 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i44NZjQh013421 for ; Tue, 4 May 2004 16:35:45 -0700 Message-Id: <200405042335.i44NZjQh013421@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: agent based authorization Date: Tue, 04 May 2004 16:35:45 -0700 From: william@bourbon.usc.edu Someone wrote: > In your A-B A slides from lecture 20 page 1, I am getting a bit > lost. The line that reads "Client on host G instantiats agent > for pricipal P, submits it to H as Q/P@G": who is the principal P? > Is this referring to client's idenity on host H? Client is just a piece of software. Principle P is the entity (such as a person or a process) that's trying to gain access. > Since agents are created on H when objects are created > there, how does this instantiation take place? By copying the entire code of the agent. > Does it automatically occur when > the host G client attempts to use an object on H as principle P, The client software running on G needs to name an object on H. Then the "system" will do the instantiation for the right agent. > and then the agent acts on behalf of P from there? I think i > understand the idea behind agents, but am a little unclear on the > exact parties involved. Thank you, This is like a distributed objects system (such as Microsoft's .NET framework). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue May 4 14:55:43 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i44LthqB023363 for ; Tue, 4 May 2004 14:55:43 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44LuYYU009383 for ; Tue, 4 May 2004 14:56:34 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i44LuY7O009381 for cs530@merlot.usc.edu; Tue, 4 May 2004 14:56:34 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44LuYYU009378 for ; Tue, 4 May 2004 14:56:34 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i44LuYLs009374 for ; Tue, 4 May 2004 14:56:34 -0700 Message-Id: <200405042156.i44LuYLs009374@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: CISL Date: Tue, 04 May 2004 14:56:34 -0700 From: william@bourbon.usc.edu Someone wrote: > Are we responsible for identifying CISL > S-expressions like Rules, Verbs, Conjunctions, etc.? Only to the extend covered by the lectures. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue May 4 14:55:05 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i44Lt5qB023353 for ; Tue, 4 May 2004 14:55:05 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44LtuYU009128 for ; Tue, 4 May 2004 14:55:56 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i44LtucO009126 for cs530@merlot.usc.edu; Tue, 4 May 2004 14:55:56 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44LtuYU009123 for ; Tue, 4 May 2004 14:55:56 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i44LtufX009119 for ; Tue, 4 May 2004 14:55:56 -0700 Message-Id: <200405042155.i44LtufX009119@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: no certificates trust model for certification Date: Tue, 04 May 2004 14:55:56 -0700 From: william@bourbon.usc.edu Someone wrote: > in your 3/8 slides page 11 and lecture you briefly went over out > of band key distribution, stating that it is possible to use ssh > -keygen and then copy the public key over to the destination > machine. Could you please elaborate on what "out of band" > distribution means and what the actual process is? How is this > secure? Out-of-band is just the opposite of "within-band". It's a term borrowed from communication. Within-band means "using the normal communication channel". Therefore, out-of-band means "outside the normal communication channel". One way to do out-of-band key distribution is to put a key on a floppy and hand it to another person (who can install the key on a remote machine). This is probably the most secure way of key distribution, given that you can recognize who the other person is. But the problem with this approach is that it's not scalable. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue May 4 14:49:53 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i44LnrqB023229 for ; Tue, 4 May 2004 14:49:53 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44LoiYU007217 for ; Tue, 4 May 2004 14:50:44 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i44LoiYP007215 for cs530@merlot.usc.edu; Tue, 4 May 2004 14:50:44 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44LoiYU007212 for ; Tue, 4 May 2004 14:50:44 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i44LoiAn007208 for ; Tue, 4 May 2004 14:50:44 -0700 Message-Id: <200405042150.i44LoiAn007208@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: First order statistics, Public key Vs Private key Date: Tue, 04 May 2004 14:50:44 -0700 From: william@bourbon.usc.edu Someone wrote: > I am a bit confused about first order statistics. > > What is the difference between first order statistics being same and first > order statitics being isomorphic? Permutation suffers from former while > substitution suffers from latter (1/21) slides # 7,8. > Is the problem of same first order statistics inherent in permutations? Let's say that you have only 4 letters (a, b, c, and d) in your alphabet. The first order statistics tells you that they occur with the following frequency: a: 40% b: 30% c: 20% d: 10% If I only use permutation, the first order statistics of the ciphertext would be: a: 40% b: 30% c: 20% d: 10% This is *identical* to the first order statistics of the plaintext. If I use substitution (b for a, a for c, d for b, and c for d), the first order statistics of the ciphertext would be: b: 40% d: 30% a: 20% c: 10% This is *isomorphic* to the first order statistics of the plaintext. > Also please tell me if iam wrong in saying that: > -in DES we cannot do statistical analysis (first order) because encryption > occurs in blocks of 8 bytes. Therefore statistical analysis of 8th order are > needed. This is correct if we are talking about blocks of 8 bytes (DES is not relavent here). > But why is doing 8th order statistical analysis hard (i couldnt > understand the eg in class when you said even if we get data from all the > books in the library, we wont be able to do so)? Exactly! Even if you get data from all the books in the library, you will not get enough statistics! (If all you need is digram, you can get it from War and Peach. But if you need octogram, there is not enough books written for that.) -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue May 4 12:58:21 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i44JwLqB021215 for ; Tue, 4 May 2004 12:58:21 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44JxC0J016191 for ; Tue, 4 May 2004 12:59:12 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i44JxCa4016189 for cs530@merlot.usc.edu; Tue, 4 May 2004 12:59:12 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44JxB0J016186 for ; Tue, 4 May 2004 12:59:11 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i44JxBRN016182 for ; Tue, 4 May 2004 12:59:11 -0700 Message-Id: <200405041959.i44JxBRN016182@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: tree based batching Date: Tue, 04 May 2004 12:59:11 -0700 From: william@bourbon.usc.edu Someone wrote: > sorry a typo... I meant DSA But in DSA, my understanding is that R cannot be separated from DS[R] (just like the openssl example I gave before). It's possible that you can do a home-grown version of DSA that can accept R externally. But this would be the same as sending {R}K_priv and K_pub. All digital signature schemes that I know of would require R to be included in the message because the purpose is for authentication. If R is not included, what would it be authenticating? I think we've discussed this long enough. You are right that we don't have to include R. But we cannot just have DS[R] and not R (because no DS that I know of do this, although it can be done in theory). So, if we don't include R, we should send {R}K_priv and K_pub instead. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Tuesday, May 4, 2004 12:30 pm Subject: Re: tree based batching > Someone wrote: > > > If the hash has been altered, we will get a wrong R, and hence > > whatever formula (as in DES), we are trying to satisfy, will not > > be satisfied. Thus we can know that something wrong is going on. > > I'm not sure what you have in mind when you said DES. > DES cannot be used in digital signature because it's > secret-key cryptography. > -- > Bill Cheng // bill.cheng@usc.edu > > > > ----- Original Message ----- > From: william@bourbon.usc.edu > Date: Tuesday, May 4, 2004 11:09 am > Subject: Re: tree based batching > > > Someone wrote: > > > > > I got your point. But what I was saying is just that, the > > > receiver can calculate R itself, using the hash values sent > > > to it. > > > > Yes it can, but how does it know that the R it calculates > > is correct? For example for C1 on slide 4 of lecture 13, > > let's say an attacker changed H(I2). Now C1 will calculate > > the wrong R. If there is no R to compare and assuming that > > you cannot get R from DS[R] (using decryption), then how > > can C1 know that nothing has been altered? > > If the hash has been altered, we will get a wrong R, and hence > whatever formula (as in DES), we are trying to satisfy, will not > be satisfied. Thus we can know that something wrong is going on. > > > So, you either need R and DS[R] or {R}K_priv and K_pub. Just > > DS[R] won't work. > > -- > > Bill Cheng // bill.cheng@usc.edu > > > > > > > > > > > > ----- Original Message ----- > > From: william@bourbon.usc.edu > > Date: Tuesday, May 4, 2004 3:50 am > > Subject: Re: tree based batching > > > > > Someone wrote: > > > > > > > Even if we don't know how to decrypt DS[H(m)], still in any > > > > Digital signature system, we will verifying the signature, > > > > doing some calculations as in DSA, using values of R and > > > > DS[h(m)]. But the point still remains, that R is redundant, > > > > as it can be obtained from the info about the other hashes. > > > > I still can't figure out, why we have to send R, to make > > > > Tree based hashing generic? > > > > > > For example, if we use the "smime" command in openssl to > > > generate a digital signature: > > > > > > openssl smime -sign -in R -signer PUBLICCERT -inkey PRIVATE_KEY > > > > > > where PUBLIC_CERT is the public key certificate file and > > > PRIVATE_KEY is the private key file (such as cacert.pem and > > > cakey.pem on slide 11 of lecture 10). If it is done this > > > way, then R and DS[R] will be in the output (also, the public > > > key certificate will be included in the output, I think). If > > > you strip off R from the output, there would be no way to > > > verify just DS[R] using openssl. So, in order to be general, > > > R should be included. > > > > > > I guess if you don't send R and DS[R] but instead send > > > {R}K_priv and K_pub (where {R}K_priv means encrypting R > > > with the private key, and K_pub being the public key), > > > then you can also do the verification. So, you are right > > > that you don't have to send R. But you have to send > > > something else. The scheme we mentioned in class sends > > > R and DS[R] because DS[R] is not equivalent to {R}K_priv. > > > -- > > > Bill Cheng // bill.cheng@usc.edu > > > > > > > > > > > > ----- Original Message ----- > > > From: william@bourbon.usc.edu > > > Date: Monday, May 3, 2004 9:36 pm > > > Subject: Re: tree based batching > > > > > > > Someone wrote: > > > > > > > > > In that case even during normal single digital signature we > > > > > should send H(m). But we dont becuase we rely on the fact > > > > > that by decrypting DS[H(m)] with the public key, we will get > > > > > H(m) and then perform the check. > > > > > > > > What I meant was that in class we say that DS[m] is > > > > *basically* encrypting H(m) with the private key. But this > > > > is not the case for digital signature system such as DSA. > > > > What we have mentioned in class is the basic principle. > > > > > > > > Therefore, if we want tree-base batching to scheme to work > > > > with any DS systems, then we must be more generic and cannot > > > > rely on the fact the one can "decrypt digital signature" > > > > since such a thing is not available for systems like DSA. > > > > -- > > > > Bill Cheng // bill.cheng@usc.edu > > > > > > > > > > > > > > > > > > > > ----- Original Message ----- > > > > From: william@bourbon.usc.edu > > > > Date: Monday, May 3, 2004 8:35 pm > > > > Subject: Re: tree based batching > > > > > > > > > Someone wrote: > > > > > > > > > > > In lecture 13, slide 4 why do we need to send R along with the > > > > > > message. The client will be able to generate R as it has > all teh > > > > > > other required hashes. It can just match the R it gets from > > > > > > decrypting DS[R] with the public key and the R that it can > create > > > > > by combining the hashes in the message. > > > > > > > > > > In general, you cannot descrypt DS[R] and get R; therefore, > > > > > you must send R so you can check! (Some sigital signature > > > > > schemes will perform a function on R first and then perform > > > > > another function of the result using the private key.) > > > > > -- > > > > > Bill Cheng // bill.cheng@usc.edu > > > Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue May 4 12:29:57 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i44JTvqB020665 for ; Tue, 4 May 2004 12:29:57 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44JUm0J016083 for ; Tue, 4 May 2004 12:30:48 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i44JUm7d016081 for cs530@merlot.usc.edu; Tue, 4 May 2004 12:30:48 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44JUl0J016078 for ; Tue, 4 May 2004 12:30:47 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i44JUljt016074 for ; Tue, 4 May 2004 12:30:47 -0700 Message-Id: <200405041930.i44JUljt016074@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: tree based batching Date: Tue, 04 May 2004 12:30:47 -0700 From: william@bourbon.usc.edu Someone wrote: > If the hash has been altered, we will get a wrong R, and hence > whatever formula (as in DES), we are trying to satisfy, will not > be satisfied. Thus we can know that something wrong is going on. I'm not sure what you have in mind when you said DES. DES cannot be used in digital signature because it's secret-key cryptography. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Tuesday, May 4, 2004 11:09 am Subject: Re: tree based batching > Someone wrote: > > > I got your point. But what I was saying is just that, the > > receiver can calculate R itself, using the hash values sent > > to it. > > Yes it can, but how does it know that the R it calculates > is correct? For example for C1 on slide 4 of lecture 13, > let's say an attacker changed H(I2). Now C1 will calculate > the wrong R. If there is no R to compare and assuming that > you cannot get R from DS[R] (using decryption), then how > can C1 know that nothing has been altered? If the hash has been altered, we will get a wrong R, and hence whatever formula (as in DES), we are trying to satisfy, will not be satisfied. Thus we can know that something wrong is going on. > So, you either need R and DS[R] or {R}K_priv and K_pub. Just > DS[R] won't work. > -- > Bill Cheng // bill.cheng@usc.edu > > > > > > ----- Original Message ----- > From: william@bourbon.usc.edu > Date: Tuesday, May 4, 2004 3:50 am > Subject: Re: tree based batching > > > Someone wrote: > > > > > Even if we don't know how to decrypt DS[H(m)], still in any > > > Digital signature system, we will verifying the signature, > > > doing some calculations as in DSA, using values of R and > > > DS[h(m)]. But the point still remains, that R is redundant, > > > as it can be obtained from the info about the other hashes. > > > I still can't figure out, why we have to send R, to make > > > Tree based hashing generic? > > > > For example, if we use the "smime" command in openssl to > > generate a digital signature: > > > > openssl smime -sign -in R -signer PUBLICCERT -inkey PRIVATE_KEY > > > > where PUBLIC_CERT is the public key certificate file and > > PRIVATE_KEY is the private key file (such as cacert.pem and > > cakey.pem on slide 11 of lecture 10). If it is done this > > way, then R and DS[R] will be in the output (also, the public > > key certificate will be included in the output, I think). If > > you strip off R from the output, there would be no way to > > verify just DS[R] using openssl. So, in order to be general, > > R should be included. > > > > I guess if you don't send R and DS[R] but instead send > > {R}K_priv and K_pub (where {R}K_priv means encrypting R > > with the private key, and K_pub being the public key), > > then you can also do the verification. So, you are right > > that you don't have to send R. But you have to send > > something else. The scheme we mentioned in class sends > > R and DS[R] because DS[R] is not equivalent to {R}K_priv. > > -- > > Bill Cheng // bill.cheng@usc.edu > > > > > > > > ----- Original Message ----- > > From: william@bourbon.usc.edu > > Date: Monday, May 3, 2004 9:36 pm > > Subject: Re: tree based batching > > > > > Someone wrote: > > > > > > > In that case even during normal single digital signature we > > > > should send H(m). But we dont becuase we rely on the fact > > > > that by decrypting DS[H(m)] with the public key, we will get > > > > H(m) and then perform the check. > > > > > > What I meant was that in class we say that DS[m] is > > > *basically* encrypting H(m) with the private key. But this > > > is not the case for digital signature system such as DSA. > > > What we have mentioned in class is the basic principle. > > > > > > Therefore, if we want tree-base batching to scheme to work > > > with any DS systems, then we must be more generic and cannot > > > rely on the fact the one can "decrypt digital signature" > > > since such a thing is not available for systems like DSA. > > > -- > > > Bill Cheng // bill.cheng@usc.edu > > > > > > > > > > > > > > > ----- Original Message ----- > > > From: william@bourbon.usc.edu > > > Date: Monday, May 3, 2004 8:35 pm > > > Subject: Re: tree based batching > > > > > > > Someone wrote: > > > > > > > > > In lecture 13, slide 4 why do we need to send R along with the > > > > > message. The client will be able to generate R as it has all teh > > > > > other required hashes. It can just match the R it gets from > > > > > decrypting DS[R] with the public key and the R that it can create > > > > > by combining the hashes in the message. > > > > > > > > In general, you cannot descrypt DS[R] and get R; therefore, > > > > you must send R so you can check! (Some sigital signature > > > > schemes will perform a function on R first and then perform > > > > another function of the result using the private key.) > > > > -- > > > > Bill Cheng // bill.cheng@usc.edu > > Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue May 4 11:08:21 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i44I8LqB019200 for ; Tue, 4 May 2004 11:08:21 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44I9C0J015081 for ; Tue, 4 May 2004 11:09:12 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i44I9CW7015079 for cs530@merlot.usc.edu; Tue, 4 May 2004 11:09:12 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44I9C0J015076 for ; Tue, 4 May 2004 11:09:12 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i44I9BNg015071 for ; Tue, 4 May 2004 11:09:12 -0700 Message-Id: <200405041809.i44I9BNg015071@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: tree based batching Date: Tue, 04 May 2004 11:09:11 -0700 From: william@bourbon.usc.edu Someone wrote: > I got your point. But what I was saying is just that, the > receiver can calculate R itself, using the hash values sent > to it. Yes it can, but how does it know that the R it calculates is correct? For example for C1 on slide 4 of lecture 13, let's say an attacker changed H(I2). Now C1 will calculate the wrong R. If there is no R to compare and assuming that you cannot get R from DS[R] (using decryption), then how can C1 know that nothing has been altered? So, you either need R and DS[R] or {R}K_priv and K_pub. Just DS[R] won't work. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Tuesday, May 4, 2004 3:50 am Subject: Re: tree based batching > Someone wrote: > > > Even if we don't know how to decrypt DS[H(m)], still in any > > Digital signature system, we will verifying the signature, > > doing some calculations as in DSA, using values of R and > > DS[h(m)]. But the point still remains, that R is redundant, > > as it can be obtained from the info about the other hashes. > > I still can't figure out, why we have to send R, to make > > Tree based hashing generic? > > For example, if we use the "smime" command in openssl to > generate a digital signature: > > openssl smime -sign -in R -signer PUBLICCERT -inkey PRIVATE_KEY > > where PUBLIC_CERT is the public key certificate file and > PRIVATE_KEY is the private key file (such as cacert.pem and > cakey.pem on slide 11 of lecture 10). If it is done this > way, then R and DS[R] will be in the output (also, the public > key certificate will be included in the output, I think). If > you strip off R from the output, there would be no way to > verify just DS[R] using openssl. So, in order to be general, > R should be included. > > I guess if you don't send R and DS[R] but instead send > {R}K_priv and K_pub (where {R}K_priv means encrypting R > with the private key, and K_pub being the public key), > then you can also do the verification. So, you are right > that you don't have to send R. But you have to send > something else. The scheme we mentioned in class sends > R and DS[R] because DS[R] is not equivalent to {R}K_priv. > -- > Bill Cheng // bill.cheng@usc.edu > > > > ----- Original Message ----- > From: william@bourbon.usc.edu > Date: Monday, May 3, 2004 9:36 pm > Subject: Re: tree based batching > > > Someone wrote: > > > > > In that case even during normal single digital signature we > > > should send H(m). But we dont becuase we rely on the fact > > > that by decrypting DS[H(m)] with the public key, we will get > > > H(m) and then perform the check. > > > > What I meant was that in class we say that DS[m] is > > *basically* encrypting H(m) with the private key. But this > > is not the case for digital signature system such as DSA. > > What we have mentioned in class is the basic principle. > > > > Therefore, if we want tree-base batching to scheme to work > > with any DS systems, then we must be more generic and cannot > > rely on the fact the one can "decrypt digital signature" > > since such a thing is not available for systems like DSA. > > -- > > Bill Cheng // bill.cheng@usc.edu > > > > > > > > > > ----- Original Message ----- > > From: william@bourbon.usc.edu > > Date: Monday, May 3, 2004 8:35 pm > > Subject: Re: tree based batching > > > > > Someone wrote: > > > > > > > In lecture 13, slide 4 why do we need to send R along with the > > > > message. The client will be able to generate R as it has all teh > > > > other required hashes. It can just match the R it gets from > > > > decrypting DS[R] with the public key and the R that it can create > > > > by combining the hashes in the message. > > > > > > In general, you cannot descrypt DS[R] and get R; therefore, > > > you must send R so you can check! (Some sigital signature > > > schemes will perform a function on R first and then perform > > > another function of the result using the private key.) > > > -- > > > Bill Cheng // bill.cheng@usc.edu > Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue May 4 11:00:44 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i44I0iqB019048 for ; Tue, 4 May 2004 11:00:44 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44I1W0J015017 for ; Tue, 4 May 2004 11:01:32 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i44I1WNb015015 for cs530@merlot.usc.edu; Tue, 4 May 2004 11:01:32 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44I1W0J015012 for ; Tue, 4 May 2004 11:01:32 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i44I1WdC015008 for ; Tue, 4 May 2004 11:01:32 -0700 Message-Id: <200405041801.i44I1WdC015008@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: GAA-API Date: Tue, 04 May 2004 11:01:32 -0700 From: william@bourbon.usc.edu Someone wrote: > How detailed should our knowledge be of GAA-API? In > lecture, you discuss specific methods used by the API, > 3 phases of condition evaluation, etc.. > These are very detailed specifics to cover without > having used the GAA-API in practice. Since GAA-API is not in the textbooks and there was no assigned readings, you are only responsible for what was discussed in the lectures. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue May 4 04:03:40 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i44B3dqB011376 for ; Tue, 4 May 2004 04:03:40 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44B4T0J013499 for ; Tue, 4 May 2004 04:04:29 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i44B4SH5013495 for cs530@merlot.usc.edu; Tue, 4 May 2004 04:04:28 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44B4S0J013492 for ; Tue, 4 May 2004 04:04:28 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i44B4S76013488 for ; Tue, 4 May 2004 04:04:28 -0700 Message-Id: <200405041104.i44B4S76013488@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: regarding Restricted Proxies.. Date: Tue, 04 May 2004 04:04:28 -0700 From: william@bourbon.usc.edu Someone wrote: > On Slide 17 of lecture 21, its given that: > > Two kinds of proxies > 1. proxy key needed to exercise bearer proxy > 2. restrictions limit use of a delegate proxy > > Are these really 2 kinds of proxies or they are 2 components > of Proxy? > Because after reading the slide and listening your comments > regarding the slide it doesn't seem that they are 2 types of > proxies. > > The paper(of Prof Neuman) at this site mentions that they are > 2 parts of a restricted proxy. > > http://citeseer.ist.psu.edu/16261.html (Page 2 of the paper) I think you are correct. Good catch! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue May 4 03:49:27 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i44AnRqB010728 for ; Tue, 4 May 2004 03:49:27 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44AoH0J012936 for ; Tue, 4 May 2004 03:50:17 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i44AoHAV012934 for cs530@merlot.usc.edu; Tue, 4 May 2004 03:50:17 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44AoH0J012931 for ; Tue, 4 May 2004 03:50:17 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i44AoHMp012927 for ; Tue, 4 May 2004 03:50:17 -0700 Message-Id: <200405041050.i44AoHMp012927@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: tree based batching Date: Tue, 04 May 2004 03:50:16 -0700 From: william@bourbon.usc.edu Someone wrote: > Even if we don't know how to decrypt DS[H(m)], still in any > Digital signature system, we will verifying the signature, > doing some calculations as in DSA, using values of R and > DS[h(m)]. But the point still remains, that R is redundant, > as it can be obtained from the info about the other hashes. > I still can't figure out, why we have to send R, to make > Tree based hashing generic? For example, if we use the "smime" command in openssl to generate a digital signature: openssl smime -sign -in R -signer PUBLICCERT -inkey PRIVATE_KEY where PUBLIC_CERT is the public key certificate file and PRIVATE_KEY is the private key file (such as cacert.pem and cakey.pem on slide 11 of lecture 10). If it is done this way, then R and DS[R] will be in the output (also, the public key certificate will be included in the output, I think). If you strip off R from the output, there would be no way to verify just DS[R] using openssl. So, in order to be general, R should be included. I guess if you don't send R and DS[R] but instead send {R}K_priv and K_pub (where {R}K_priv means encrypting R with the private key, and K_pub being the public key), then you can also do the verification. So, you are right that you don't have to send R. But you have to send something else. The scheme we mentioned in class sends R and DS[R] because DS[R] is not equivalent to {R}K_priv. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Monday, May 3, 2004 9:36 pm Subject: Re: tree based batching > Someone wrote: > > > In that case even during normal single digital signature we > > should send H(m). But we dont becuase we rely on the fact > > that by decrypting DS[H(m)] with the public key, we will get > > H(m) and then perform the check. > > What I meant was that in class we say that DS[m] is > *basically* encrypting H(m) with the private key. But this > is not the case for digital signature system such as DSA. > What we have mentioned in class is the basic principle. > > Therefore, if we want tree-base batching to scheme to work > with any DS systems, then we must be more generic and cannot > rely on the fact the one can "decrypt digital signature" > since such a thing is not available for systems like DSA. > -- > Bill Cheng // bill.cheng@usc.edu > > > > > ----- Original Message ----- > From: william@bourbon.usc.edu > Date: Monday, May 3, 2004 8:35 pm > Subject: Re: tree based batching > > > Someone wrote: > > > > > In lecture 13, slide 4 why do we need to send R along with the > > > message. The client will be able to generate R as it has all teh > > > other required hashes. It can just match the R it gets from > > > decrypting DS[R] with the public key and the R that it can create > > > by combining the hashes in the message. > > > > In general, you cannot descrypt DS[R] and get R; therefore, > > you must send R so you can check! (Some sigital signature > > schemes will perform a function on R first and then perform > > another function of the result using the private key.) > > -- > > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue May 4 03:27:05 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i44AR5qB010323 for ; Tue, 4 May 2004 03:27:05 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44ARs0J012766 for ; Tue, 4 May 2004 03:27:54 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i44ARs7V012764 for cs530@merlot.usc.edu; Tue, 4 May 2004 03:27:54 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44ARs0J012761 for ; Tue, 4 May 2004 03:27:54 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i44ARs7n012757 for ; Tue, 4 May 2004 03:27:54 -0700 Message-Id: <200405041027.i44ARs7n012757@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Mid term question paper... Date: Tue, 04 May 2004 03:27:54 -0700 From: william@bourbon.usc.edu Someone wrote: > I could not finish the Midterm exam in the stipulated time > and as such do not know about the questions that i could > not even read. The structure and format of the final exam will be similar to those of the midterm exam. I expect you to have thorough and clear understanding of the subjects for which you are responsible. > I request you to please post the midterm question paper > on the course website. I am not sure if it is possible > for you to post the solutions too. I'm sorry, but I will not post either. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue May 4 03:21:20 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i44ALKqB010208 for ; Tue, 4 May 2004 03:21:20 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44AMA0J012706 for ; Tue, 4 May 2004 03:22:10 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i44AMAZJ012704 for cs530@merlot.usc.edu; Tue, 4 May 2004 03:22:10 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i44AMA0J012701 for ; Tue, 4 May 2004 03:22:10 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i44AMA2s012697 for ; Tue, 4 May 2004 03:22:10 -0700 Message-Id: <200405041022.i44AMA2s012697@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: arvrubin Date: Tue, 04 May 2004 03:22:10 -0700 From: william@bourbon.usc.edu Someone wrote: > Are we responsible for http://arvirubin.com/passport.html Only for what's covered in the lectures. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon May 3 21:56:47 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i444ulqB004325 for ; Mon, 3 May 2004 21:56:47 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i444vb0J011738 for ; Mon, 3 May 2004 21:57:37 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i444vbRh011736 for cs530@merlot.usc.edu; Mon, 3 May 2004 21:57:37 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i444va0J011733 for ; Mon, 3 May 2004 21:57:36 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i444vaqS011729 for ; Mon, 3 May 2004 21:57:36 -0700 Message-Id: <200405040457.i444vaqS011729@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Question on Bistro Date: Mon, 03 May 2004 21:57:36 -0700 From: william@bourbon.usc.edu Someone wrote: > In Lecture 4/26 slides# 24,25 someone asked that there would be same > bottleneck problem if taxpayers start sending files as soon as they receive > their e-tickets. I understand that since Internet is big, only a few users > will send files to a certain(local) bistro. But then cant we just get rid of > step 1? For eg just encrypt the document and upload to local bistro. Bistro > timestamps and just stores it and then later on it can be pulled by or > pushed to the destination bistro- The load still remains distributed, so why > do step one at all. Obviously the local bistro can then change the file > (because no SHA1 now) but why is trusting a local bistro (all bistros) a > problem, since the same code is running on destination bistro too ? > > Does this go back to slide #18 bullet #3 where you say one service provider > doesnt have to trust another, which in this case would mean the IRS cannot > trust the local ISPs? You got it exactly right! It's about trust. Anyone can download and install a bistro (and modify the code). The point of step (1) is for the destination server to give timestamp and say that "this submission made the deadline". If there is no step (1), then let's say H&R Block in Downtown Los Angeles uses a bistro for their customers. Now they provide this great service to their customers that even though they submit their tax returns one week late, they will tell IRS that the tax returns were submited on time (by changing the clock on *their* bistro server). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon May 3 21:48:46 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i444mkqB004167 for ; Mon, 3 May 2004 21:48:46 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i444na0J011684 for ; Mon, 3 May 2004 21:49:36 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i444naRx011682 for cs530@merlot.usc.edu; Mon, 3 May 2004 21:49:36 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i444na0J011679 for ; Mon, 3 May 2004 21:49:36 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i444nYtU011675 for ; Mon, 3 May 2004 21:49:36 -0700 Message-Id: <200405040449.i444nYtU011675@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: bistro Date: Mon, 03 May 2004 21:49:34 -0700 From: william@bourbon.usc.edu Someone wrote: > can the bistro system accept submissions for different > events at the same time (same day) .? Yes. Actually, for this semester, one of our CS 530 HW has exactly the same deadline as one of the project in my CS 551 class. > can the bistro system accept submissions for different > agencies with different events on the same day ? Sure. For each event, each destination server has a private view of all submissions that's for this event. It does not know about any other events. (It will just treat any other data gathering events as normal Internet traffic.) -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon May 3 21:45:04 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i444j4qB004086 for ; Mon, 3 May 2004 21:45:04 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i444js0J011659 for ; Mon, 3 May 2004 21:45:54 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i444jsdH011657 for cs530@merlot.usc.edu; Mon, 3 May 2004 21:45:54 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i444jr0J011654 for ; Mon, 3 May 2004 21:45:53 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i444jrWX011650 for ; Mon, 3 May 2004 21:45:53 -0700 Message-Id: <200405040445.i444jrWX011650@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: REG: Passport Cookies Date: Mon, 03 May 2004 21:45:53 -0700 From: william@bourbon.usc.edu Someone wrote: > In Lecture 18, Slides 8,9 the passport protocol sets up the cookie two > times, once in the client (step 6) and second in the client's browser > (step 8), can you please explain what is the difference between the two > cookies. A cookie is automatically sent to a server if the prefix of the requesting URL matches the prefix stored in the cookie. The cookie in message 6 has a prefix of the passport server (so it's only useful for talking to the passport server) and the cookie in message 8 has a prefix of the merchant server (so it's only useful for talkingn to the merchant server). The cookie in message 6 is used by the client so that the next time it contacts the passport server, it does not need steps 4 and 5. The cookie in message 8 is used by the client so that the next time it contacts the same merchant server, it will not be redirected to the passport server. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon May 3 21:35:47 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i444ZlqB003894 for ; Mon, 3 May 2004 21:35:47 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i444aZ0J011607 for ; Mon, 3 May 2004 21:36:35 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i444aZss011605 for cs530@merlot.usc.edu; Mon, 3 May 2004 21:36:35 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i444aZ0J011602 for ; Mon, 3 May 2004 21:36:35 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i444aZnb011598 for ; Mon, 3 May 2004 21:36:35 -0700 Message-Id: <200405040436.i444aZnb011598@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: tree based batching Date: Mon, 03 May 2004 21:36:35 -0700 From: william@bourbon.usc.edu Someone wrote: > In that case even during normal single digital signature we > should send H(m). But we dont becuase we rely on the fact > that by decrypting DS[H(m)] with the public key, we will get > H(m) and then perform the check. What I meant was that in class we say that DS[m] is *basically* encrypting H(m) with the private key. But this is not the case for digital signature system such as DSA. What we have mentioned in class is the basic principle. Therefore, if we want tree-base batching to scheme to work with any DS systems, then we must be more generic and cannot rely on the fact the one can "decrypt digital signature" since such a thing is not available for systems like DSA. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Monday, May 3, 2004 8:35 pm Subject: Re: tree based batching > Someone wrote: > > > In lecture 13, slide 4 why do we need to send R along with the > > message. The client will be able to generate R as it has all teh > > other required hashes. It can just match the R it gets from > > decrypting DS[R] with the public key and the R that it can create > > by combining the hashes in the message. > > In general, you cannot descrypt DS[R] and get R; therefore, > you must send R so you can check! (Some sigital signature > schemes will perform a function on R first and then perform > another function of the result using the private key.) > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon May 3 20:34:25 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i443YPqB002780 for ; Mon, 3 May 2004 20:34:25 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i443ZE0J011279 for ; Mon, 3 May 2004 20:35:14 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i443ZE4V011277 for cs530@merlot.usc.edu; Mon, 3 May 2004 20:35:14 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i443ZE0J011274 for ; Mon, 3 May 2004 20:35:14 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i443ZEaZ011270 for ; Mon, 3 May 2004 20:35:14 -0700 Message-Id: <200405040335.i443ZEaZ011270@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: tree based batching Date: Mon, 03 May 2004 20:35:14 -0700 From: william@bourbon.usc.edu Someone wrote: > In lecture 13, slide 4 why do we need to send R along with the > message. The client will be able to generate R as it has all teh > other required hashes. It can just match the R it gets from > decrypting DS[R] with the public key and the R that it can create > by combining the hashes in the message. In general, you cannot descrypt DS[R] and get R; therefore, you must send R so you can check! (Some sigital signature schemes will perform a function on R first and then perform another function of the result using the private key.) -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon May 3 20:12:57 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i443CvqB002305 for ; Mon, 3 May 2004 20:12:57 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i443Dj0J011015 for ; Mon, 3 May 2004 20:13:45 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i443DjQS011013 for cs530@merlot.usc.edu; Mon, 3 May 2004 20:13:45 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i443Dj0J011010 for ; Mon, 3 May 2004 20:13:45 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i443DjbM011006 for ; Mon, 3 May 2004 20:13:45 -0700 Message-Id: <200405040313.i443DjbM011006@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: x11 connection rejected regrading Date: Mon, 03 May 2004 20:13:45 -0700 From: william@bourbon.usc.edu Someone wrote: > 10 points off out of 25, which is how much? 40%. Professor, I'm > sorry to say so but don't you think you need to do some > *rethinking* on this. I mean, for a bug which has nothing to do > with the actual implementation of security techniques (e.g.- sha1 > hash, 3des, etc.) used in the "edit" functionality. Moreover, > inspite of this bug, our programs run perfectly on other accounts > except the grader's. You are expecting us to know all the > intricacies of C and Unix in a "security systems" class. Since you brought up the point that this is a *security* class, you should be happy that 100% wasn't deducted because you *corrupt memory*! This is independent of UNIX or C. How can you say "run perfectly" when you corrupt memory? Just because you don't see the bug, doesn't mean the program runs perfectly. > I understand that the fact that some students took care of this > bug, forces you to take some points off from those who didn't for > fairness. No! You are missing the point! The point is that we need to *modify the code after deadline*. It's not fair to let you modify the code with small penalty unless we also let everyone modify their code with small penalty! Why is this fairness thing so hard to understand? > But deducting 40% off for this kind of bug sounds to be > really unreasonable. > > I think you should reasonably (from the perspective of a security > systems instructor and not a C/Unix instructor) divide those 25 > points of "edit" into each of its sub-components and then decide > how much points does "the code which prevents this highly debated > bug to occur" deserve. That is the number of points you should be > deducting for this bug. This is what you call *reasonable*? May be it's reasonable because you are personally involved. To be fair, we cannot take suggestions from each student about how to grade base on each student's bugs! > And if you think that the reasonable > number of points for this kind of bug is 10 out of the total 25, > then I have no words to say. It is very reasonable given that we need to *modify your code* (which is the point of this whole discussion) after the deadline. If you can find a way so that we don't have to modify your code and still proceed to grade, you will lose less points (even though it is still a memory corruption bug). If we cannot proceed and we have to *modify your code*, you lose 10 points to begin. My fall back position would to be not allow modifications. That would also be *fair*. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon May 3 17:48:07 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i440m7qB032154 for ; Mon, 3 May 2004 17:48:07 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i440mu0J010554 for ; Mon, 3 May 2004 17:48:56 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i440muOB010552 for cs530@merlot.usc.edu; Mon, 3 May 2004 17:48:56 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i440mu0J010549 for ; Mon, 3 May 2004 17:48:56 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i440mq3A010545 for ; Mon, 3 May 2004 17:48:56 -0700 Message-Id: <200405040048.i440mq3A010545@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Homeworks 1 & 3 on Final Date: Mon, 03 May 2004 17:48:52 -0700 From: william@bourbon.usc.edu Someone wrote: > I was wondering what parts of homework assignments 1 & 3 would be > applicable to the final. For example, would we have to remember > which openssl functions we used in our programs? No. > I assume you > would most likely expect us to understand how we designed the > smartcard and the interface for it and the way we feed data > chunks (or data blocks) into the encryption functions. Yes. Things like that I expect you to know. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon May 3 17:37:04 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i440b4qB031928 for ; Mon, 3 May 2004 17:37:04 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i440bn0J010379 for ; Mon, 3 May 2004 17:37:49 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i440bnkV010377 for cs530@merlot.usc.edu; Mon, 3 May 2004 17:37:49 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i440bn0J010374 for ; Mon, 3 May 2004 17:37:49 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i440bn0V010370 for ; Mon, 3 May 2004 17:37:49 -0700 Message-Id: <200405040037.i440bn0V010370@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Agent Based Authorization Date: Mon, 03 May 2004 17:37:49 -0700 From: william@bourbon.usc.edu Someone wrote: > When we talk about Agent Based Authorization (Lecture 20 page1) > does it follow Jini architecture. I'm not familiar with the Jini architecture so I cannot answer this question. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon May 3 16:45:53 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i43NjrqB030959 for ; Mon, 3 May 2004 16:45:53 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i43Nkg0J009458 for ; Mon, 3 May 2004 16:46:42 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i43NkgAs009454 for ; Mon, 3 May 2004 16:46:42 -0700 Message-Id: <200405032346.i43NkgAs009454@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: x11 connection rejected regrading In-Reply-To: My message of "Mon, 03 May 2004 16:29:00 PDT." <200405032329.i43NT07u009125@bourbon.usc.edu> Date: Mon, 03 May 2004 16:46:42 -0700 From: william@bourbon.usc.edu Hi, I just want to add that *if* you have a way for the grader to by-pass your bug (without modifying your code) and continue to test the rest of your code, then you will only get a small deduction for this bug. (But you cannot ask the grader to try too many different things because he has limited time.) -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Mon, 03 May 2004 16:29:00 -0700 From: william@bourbon.usc.edu To: cs530@bourbon.usc.edu Subject: Re: x11 connection rejected regrading Someone wrote: > > Someone raised the issue of fairness and convinced me that > > it's not fair to allow some students to modify their code > > while some other students do not even have a chance to do so. > > > > Therefore, in order to make the grading more fair, the > > penalty for such modifications much be severe. > > > > I apologize for speaking too soon and in a way that was > > not fair to all students. > > Apology accepted, but please allow me to retort. The > modifications of the > code in this case is not a general fix to any problem, but to > facilitate further > grading of programs exhibiting this specific bug. This is to say > hey, this bug > is definitely here, we will take off these points, but now we > need to proceed > with grading the rest of the program. So why then should the > penalty for said > bug be suddenly jacked up because it requires a very specific > code change? It was not jacked *up* because the alternative is to receive a zero because we cannot grade that part of the code. > There is no question of fairness because you are penalizing the > same bug > equally for everyone. Let me reiterate: this isnt a code change > to fix code > that didnt originally run when we submitted it, it is simply to > address a > problem that slipped by some of us who otherwise had perfect > programs (and > if they turn out not to be perfect, you may penalize at will). > Why should we > get into the superficial details of the grading process in > determining specific penalties? For fairness. Whatever we offer to you, we must offer to the whole class. This is our definition of fairness. And as far as I'm concerned, this is the *most* important criteria for grading. Clearly, I can understand that you are not concerned as much about fairness as we do in this case. So, although it may not seem fair to you, the fact is that we need to modify your code in order to grade and we don't do this to other students' code. > Thats all I will say about this, I felt the need to address > his\her question of fairness. Thanks, see you at the final. We cannot let everyone modify their code after the deadline and only take small number of points off. Then the grading will never end! So, after the deadline, we either don't modify any code (which will result in a larger deduction for most cases since we cannot test the rest of your code) or modify code slightly with high penalty. There is really no other fair options! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon May 3 16:28:13 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i43NSDqB030656 for ; Mon, 3 May 2004 16:28:13 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i43NT10J009134 for ; Mon, 3 May 2004 16:29:01 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i43NT1sQ009132 for cs530@merlot.usc.edu; Mon, 3 May 2004 16:29:01 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i43NT00J009129 for ; Mon, 3 May 2004 16:29:00 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i43NT07u009125 for ; Mon, 3 May 2004 16:29:00 -0700 Message-Id: <200405032329.i43NT07u009125@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: x11 connection rejected regrading Date: Mon, 03 May 2004 16:29:00 -0700 From: william@bourbon.usc.edu Someone wrote: > > Someone raised the issue of fairness and convinced me that > > it's not fair to allow some students to modify their code > > while some other students do not even have a chance to do so. > > > > Therefore, in order to make the grading more fair, the > > penalty for such modifications much be severe. > > > > I apologize for speaking too soon and in a way that was > > not fair to all students. > > Apology accepted, but please allow me to retort. The > modifications of the > code in this case is not a general fix to any problem, but to > facilitate further > grading of programs exhibiting this specific bug. This is to say > hey, this bug > is definitely here, we will take off these points, but now we > need to proceed > with grading the rest of the program. So why then should the > penalty for said > bug be suddenly jacked up because it requires a very specific > code change? It was not jacked *up* because the alternative is to receive a zero because we cannot grade that part of the code. > There is no question of fairness because you are penalizing the > same bug > equally for everyone. Let me reiterate: this isnt a code change > to fix code > that didnt originally run when we submitted it, it is simply to > address a > problem that slipped by some of us who otherwise had perfect > programs (and > if they turn out not to be perfect, you may penalize at will). > Why should we > get into the superficial details of the grading process in > determining specific penalties? For fairness. Whatever we offer to you, we must offer to the whole class. This is our definition of fairness. And as far as I'm concerned, this is the *most* important criteria for grading. Clearly, I can understand that you are not concerned as much about fairness as we do in this case. So, although it may not seem fair to you, the fact is that we need to modify your code in order to grade and we don't do this to other students' code. > Thats all I will say about this, I felt the need to address > his\her question of fairness. Thanks, see you at the final. We cannot let everyone modify their code after the deadline and only take small number of points off. Then the grading will never end! So, after the deadline, we either don't modify any code (which will result in a larger deduction for most cases since we cannot test the rest of your code) or modify code slightly with high penalty. There is really no other fair options! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon May 3 16:15:35 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i43NFZqB030396 for ; Mon, 3 May 2004 16:15:35 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i43NGO0J009061 for ; Mon, 3 May 2004 16:16:24 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i43NGODK009059 for cs530@merlot.usc.edu; Mon, 3 May 2004 16:16:24 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i43NGO0J009056 for ; Mon, 3 May 2004 16:16:24 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i43NGOMN009052 for ; Mon, 3 May 2004 16:16:24 -0700 Message-Id: <200405032316.i43NGOMN009052@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: A Few Final Questions Date: Mon, 03 May 2004 16:16:24 -0700 From: william@bourbon.usc.edu Someone wrote: > I have a few questions regarding some things you've > said in class. I wanted to get a written description > of these things, because you were unclear (to me) in > lecture. Thank you. > > 1. What is the difference between a dictonary attack > and a pre-computed dictionary attack? Dictionary attack means that an attacker would try words from the dictionary, one by one. For example, you can ssh to a host and try a different word from the dictionary each time. For a pre-computed dictionary attack, an attacker would use transform each word from a dictionary and write out the results. Then given a secret, it would look up in the results to see if there is a match. This is a lot more efficient. Also, this is not applicable to the ssh example above. > 2. What does it mean for a hash function to have > one-wayness? What's the difference between that and > collision resistance? The definition is given on slide 1 of lecture 8. The difference is that for one-wayness, H(m) is *given*. > 3. I want to verify that you said in the review > lecture not to worry at all about Group Key > Management. Is this true, Yes. > and if so, does this > include rekeying algorithms for distributing group > keys? That's more about batch signing digital signatures and not really about distributing group keys (which is just an application of batch signatures). You are responsible for this. > 4. Do you know when our paper grades will be in? It's taking me a long time to grade these. I don't expect to finish until the last day, which is 5/14 when I must turn in grades. Sorry that I cannot do this faster. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon May 3 16:04:34 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i43N4YqB030202 for ; Mon, 3 May 2004 16:04:34 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i43N5M0J009006 for ; Mon, 3 May 2004 16:05:22 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i43N5MJt009004 for cs530@merlot.usc.edu; Mon, 3 May 2004 16:05:22 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i43N5M0J009001 for ; Mon, 3 May 2004 16:05:22 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i43N5MGh008997 for ; Mon, 3 May 2004 16:05:22 -0700 Message-Id: <200405032305.i43N5MGh008997@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: signature vs rule based Date: Mon, 03 May 2004 16:05:22 -0700 From: william@bourbon.usc.edu Someone wrote: > Can you explain me the diffrence between these two methods > -Rule based > -signature based (Intrusion Detection) Slide 3 of lecture 22 says that there are only two basic approaches to ID and they can be either signature based or anomaly based. So, where does rule based come in? I think this is basically what you are asking regarding slide 8 of lecture 22. The example given on slide 8 of lecture 22 for rule based detection is: if A is followed by B and if B is followed by C You can think of A, B, and C are signature based. So, rule based detection just means that you allow more complex (both in space and time) description. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon May 3 15:40:45 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i43MejqB029758 for ; Mon, 3 May 2004 15:40:45 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i43MfY0J008751 for ; Mon, 3 May 2004 15:41:34 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i43MfYlv008749 for cs530@merlot.usc.edu; Mon, 3 May 2004 15:41:34 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i43MfY0J008746 for ; Mon, 3 May 2004 15:41:34 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i43MfYZt008742 for ; Mon, 3 May 2004 15:41:34 -0700 Message-Id: <200405032241.i43MfYZt008742@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: x11 connection rejected regrading Date: Mon, 03 May 2004 15:41:34 -0700 From: william@bourbon.usc.edu Someone wrote: > > The basic plan is to take 10 points off if you have a memory > > corruption bug that would require us to make a simple patch > > of your code in order to grade it. Then we will go from > > there. If there is another memoryh corruption bug that would > > require us to make another simple patch, we will deduct another > > 15 points, and so on. > > > > The reason for such a large deduction is that you must test > > your code thoroughly. Memory corruption bug, whether it's > > detectable or not, must not exist in your code! > > I understand your rationale, however you did say in class on 4/28 > at 7:53 that "I would just take a couple of points off". What > happened since then that changed your mind? Someone raised the issue of fairness and convinced me that it's not fair to allow some students to modify their code while some other students do not even have a chance to do so. Therefore, in order to make the grading more fair, the penalty for such modifications much be severe. I apologize for speaking too soon and in a way that was not fair to all students. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon May 3 13:59:14 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i43KxEqB027899 for ; Mon, 3 May 2004 13:59:14 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i43L020J007789 for ; Mon, 3 May 2004 14:00:02 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i43L02Jd007787 for cs530@merlot.usc.edu; Mon, 3 May 2004 14:00:02 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i43L010J007784 for ; Mon, 3 May 2004 14:00:02 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i43L01d4007780 for ; Mon, 3 May 2004 14:00:01 -0700 Message-Id: <200405032100.i43L01d4007780@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: CILS, x11 connection rejected regrading Date: Mon, 03 May 2004 14:00:01 -0700 From: william@bourbon.usc.edu Someone wrote: > I hope you're enjoying our papers. I was wondering if you > expect us to be able to translate attack descriptions into > a CISL sentence. For instance, would > you ask us something like "write an equivalent CISL statement for the > following sentence: Disgruntled CS530 student Joe on host revenge.usc.edu > obtains root access on merlot.usc.edu on January 12, 2008 14:33:05" That will not be a reasonable problem to give for the final exam because we did not talk about how to do the translation (and there was no assigned reading for this). > Im also wondering if you have had a chance to work out with sumeet a > regrading strategy to address the X11 connection rejected error for > homework 3. Thanks, The basic plan is to take 10 points off if you have a memory corruption bug that would require us to make a simple patch of your code in order to grade it. Then we will go from there. If there is another memoryh corruption bug that would require us to make another simple patch, we will deduct another 15 points, and so on. The reason for such a large deduction is that you must test your code thoroughly. Memory corruption bug, whether it's detectable or not, must not exist in your code! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun May 2 22:30:12 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i435UCqB010784 for ; Sun, 2 May 2004 22:30:12 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i435Uxdn018139 for ; Sun, 2 May 2004 22:30:59 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i435UxKf018137 for cs530@merlot.usc.edu; Sun, 2 May 2004 22:30:59 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i435Uxdn018134 for ; Sun, 2 May 2004 22:30:59 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i435Uw3N018130 for ; Sun, 2 May 2004 22:30:59 -0700 Message-Id: <200405030530.i435Uw3N018130@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Inside Vs outside CBC - different from book Date: Sun, 02 May 2004 22:30:58 -0700 From: william@bourbon.usc.edu Someone wrote: > Hi prof, I found in the lecture notes (1/28 - pg.5) you wrote > that the inner cbc is less secure, however you said in the > lecture that if the middle part is not exposed *its ok*. The > book (Network Security-by Kaufman: pg.114) says that the inner > CBC is more secure because the blocks are dependant to the > previous blocks. The book may be right, but I find it's odd that inner CBC is both efficient and secure, a clear winner. Then who cares about outer CBC? I suspect that the book is wrong. But that would also be very surprising. The bottomline is that it may take me some time to find out what's the correct answer. > My question is that: Since the class notes and > the book give different reasons, I'm really sure which one to > follow - because you also said *its ok*, I'm not really sure what > does "ok" mean. I think I've explained this in the lecture. If the middle part is exposed, then it would be like 2-DES (and becomes really weak). Then you can launch meet-in-the-middle attack. The comment is *not* about comparing inner and outer CBC. > Does "ok" means that its considered more secure > if the middle part is not exposed, otherwise less secure? I just > want to know because if you ask in the exam which one is more > secure, I don't know how to answer it. I won't have this on the exam since there is a conflict that probably cannot be resolved by the exam time. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun May 2 22:19:19 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i435JJqB010536 for ; Sun, 2 May 2004 22:19:19 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i435K6dn018056 for ; Sun, 2 May 2004 22:20:06 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i435K61a018054 for cs530@merlot.usc.edu; Sun, 2 May 2004 22:20:06 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i435K6dn018051 for ; Sun, 2 May 2004 22:20:06 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i435K4ZP018047 for ; Sun, 2 May 2004 22:20:06 -0700 Message-Id: <200405030520.i435K4ZP018047@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: question on 3DEC Date: Sun, 02 May 2004 22:20:04 -0700 From: william@bourbon.usc.edu Someone wrote: > On Lec 5 slide 5, it says "inner-CBC for 3DES is more efficient > but less secure". But on book page114, it says CBC on the > inside is more secure. Which statement is correct? Inner CBC is clearly faster because you can do things in parallel. My understanding is that inner CBC is less secure. So, there is the trade off of efficiency vs. security. I don't have the book with me right now. I'll check tomorrow. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun May 2 15:09:00 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i42M90qB002746 for ; Sun, 2 May 2004 15:09:00 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i42M9ldn016986 for ; Sun, 2 May 2004 15:09:47 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i42M9lGM016984 for cs530@merlot.usc.edu; Sun, 2 May 2004 15:09:47 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i42M9ldn016981 for ; Sun, 2 May 2004 15:09:47 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i42M9lb7016977 for ; Sun, 2 May 2004 15:09:47 -0700 Message-Id: <200405022209.i42M9lb7016977@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Secure Socket Layer Messages.. Date: Sun, 02 May 2004 15:09:47 -0700 From: william@bourbon.usc.edu Someone wrote: First of all, if you want to ask me about a slide, *please* tell me which lecture and which slide number! It's right under your nose and very easy to get! That will save me a lot of time. Thanks! > I have a doubt. > In the slides for SSL (and TLS), the messages passed are: > 1. 'Hello' from Client to Server. > 2. Server replies with a 'Hello + nonce(s) + cert(s)'. > 3. Then Client replies with a > '{PMKey}Ks_Pub + nonce(c) + [cert(c) + verify(c)]'. > Here [cert(c) + verify(c)] is optional, > where verfiy(c) = nonce(s) encrypted with client private key. > Shouldn't verify(c) be mandatory? No. > If not, whats the use of nonce(s) in the 2nd message from > server to client? Just in case there is client authentication. Flexibility doesn't come free. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun May 2 14:43:03 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i42Lh3qB002248 for ; Sun, 2 May 2004 14:43:03 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i42Lhmdn016753 for ; Sun, 2 May 2004 14:43:48 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i42LhmGH016751 for cs530@merlot.usc.edu; Sun, 2 May 2004 14:43:48 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i42Lhmdn016748 for ; Sun, 2 May 2004 14:43:48 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i42LhmKh016744 for ; Sun, 2 May 2004 14:43:48 -0700 Message-Id: <200405022143.i42LhmKh016744@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Anomaly Detection Date: Sun, 02 May 2004 14:43:48 -0700 From: william@bourbon.usc.edu Someone wrote: > Hmm.. so there are 4 ID: Signature based, anomaly, metrics and > misuse, is this correct? No. These are just titles of slides!! > Because it seems to me that metrics and > misuse are very similar to anomaly detection. By the way, I did > refer to the lecture, I know you did not mention that metrics and > misuse are anomaly, I just assume they are because of the above > reason and because in pg 3, there are only signature based and > anomaly based listed there, so I thought that the rest of the > lecture was the elaboration on those two. If you look at how detection is done, you can divide ID into two types: signature based or anomaly based. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Saturday, May 1, 2004 10:42 pm Subject: Re: Anomaly Detection > Someone wrote: > > > Hi Prof, I'm reviewing my notes and got a little bit confused, If > > i'm not mistaken, your slide says that Intrusion Detection can be > > done in two ways: signature based and anomaly based approach. > > There are two Anomaly based detection: metrics and misuse > > detection, is this correct? > > No. Are you just reading the slides and not referring to the > lectures? Slides are incomplete (pretty much by definition). > > > What confused me is that I thought > > that anomaly and signature based are two different approach, > > Yes. > > > but in your slide(page 8, lecture 22) misuse detection *includes* > > signature based, where misuse detection is anomaly detection. > > I don't know why you say that misuse detection is anomaly > detection. When you say "this is misuse", it's usually > not because you've seen an anomaly. It's usually because > you've identified a pattern or a signature. > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat May 1 22:41:45 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i425fjqB006385 for ; Sat, 1 May 2004 22:41:45 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i425gUdn003409 for ; Sat, 1 May 2004 22:42:30 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i425gUDp003407 for cs530@merlot.usc.edu; Sat, 1 May 2004 22:42:30 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i425gUdn003404 for ; Sat, 1 May 2004 22:42:30 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i425gU3e003400 for ; Sat, 1 May 2004 22:42:30 -0700 Message-Id: <200405020542.i425gU3e003400@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Anomaly Detection Date: Sat, 01 May 2004 22:42:30 -0700 From: william@bourbon.usc.edu Someone wrote: > Hi Prof, I'm reviewing my notes and got a little bit confused, If > i'm not mistaken, your slide says that Intrusion Detection can be > done in two ways: signature based and anomaly based approach. > There are two Anomaly based detection: metrics and misuse > detection, is this correct? No. Are you just reading the slides and not referring to the lectures? Slides are incomplete (pretty much by definition). > What confused me is that I thought > that anomaly and signature based are two different approach, Yes. > but in your slide(page 8, lecture 22) misuse detection *includes* > signature based, where misuse detection is anomaly detection. I don't know why you say that misuse detection is anomaly detection. When you say "this is misuse", it's usually not because you've seen an anomaly. It's usually because you've identified a pattern or a signature. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat May 1 21:26:29 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i424QTqB005033 for ; Sat, 1 May 2004 21:26:29 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i424RDdn003161 for ; Sat, 1 May 2004 21:27:13 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i424RDmZ003159 for cs530@merlot.usc.edu; Sat, 1 May 2004 21:27:13 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i424RDdn003156 for ; Sat, 1 May 2004 21:27:13 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i424RDQj003151 for ; Sat, 1 May 2004 21:27:13 -0700 Message-Id: <200405020427.i424RDQj003151@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Edge Sampling Date: Sat, 01 May 2004 21:27:13 -0700 From: william@bourbon.usc.edu Someone wrote: > Hi Prof, I wonder if you hold us responsible to be able to > compute the algorithm to reduce the bits for the ip addresses in > the Edge Sampling. You are not responsible for the details of Edge Sampling. > Alefiya Hussain talked about this, but not > really in detail and when she stood up to explain, the den > operator did not switch the camera, so I cannot see what she is > doing. (*If* you were responsible for the details of Edge Sample, then this is really not relavent!) -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat May 1 20:15:06 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i423F6qB003723 for ; Sat, 1 May 2004 20:15:06 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i423Fmdn002912 for ; Sat, 1 May 2004 20:15:48 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i423FmBS002910 for cs530@merlot.usc.edu; Sat, 1 May 2004 20:15:48 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i423Fmdn002907 for ; Sat, 1 May 2004 20:15:48 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i423FmHu002903 for ; Sat, 1 May 2004 20:15:48 -0700 Message-Id: <200405020315.i423FmHu002903@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Authentication with hash chains Date: Sat, 01 May 2004 20:15:48 -0700 From: william@bourbon.usc.edu Someone wrote: > Even if the client keeps track of what hash he sent last time, i > guess, it's still vulnerable. For example, what if the attacker > simply work as a Relay, so it'd forward a client's request to > server and server would ask for H^99(s) that in turn gets > forwarded to the client by the attacker. Hence, the attacker can > see all the traffic. Please correct me if I am wrong. By state information, I mean the client remembers that the current state is 99. So, if it receives 50 (or anything that's not 99) from the server, it knows that something has gone wrong. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Saturday, May 1, 2004 3:37 pm Subject: Re: Authentication with hash chains > Someone wrote: > > > I have a question regarding hash chains in slide 8-9 for > > March 8. Isn't the mechnism vulnerable to man-in-the-middle > > attack? consider the following scenario: > > > > 1. client sends a request to server > > 2. ideally, server would have asked client to provide e.g. H^99(s) BUT > > 3. an attacker doesnt let client's request reach to the > > server, instead it asks the client to provide e.g. H^50(s). > > And now, the attacker can use that to impersonate the > > actual client to the server, as now the attacker can > > provide H^99(s)- H^50(s). > > > > OR even easier, I'm not sure if the attacker can simply > > act as RELAY and would fool the server. > > > > Please explain this. > > If the client does not keep any state information (that > H^100(s) was the last password sent), then it would be > vulnerable to man-in-the-middle attack. > > If the client knows what has last sent, then it would > know that something funny is going on. > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat May 1 16:12:34 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i41NCYqB031788 for ; Sat, 1 May 2004 16:12:34 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i41NDJdn002333 for ; Sat, 1 May 2004 16:13:19 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i41NDJEO002331 for cs530@merlot.usc.edu; Sat, 1 May 2004 16:13:19 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i41NDJdn002328 for ; Sat, 1 May 2004 16:13:19 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i41NDJDn002324 for ; Sat, 1 May 2004 16:13:19 -0700 Message-Id: <200405012313.i41NDJDn002324@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: cs530 doubt: agent based authorization Date: Sat, 01 May 2004 16:13:19 -0700 From: william@bourbon.usc.edu Someone wrote: > in slide 2 of lecture 19, its mentioned that agent acts on > behalf of a principle (subject). Yes. (Although it is not created for that subject.) > in slide 1 of lecture 20, its mentioned that When object > created on a host H, agent Q created along with it and aids > in authorization. > > i have following questions: > > is agent created for both... i.e. subject as well as object? > > if it is created for subject, to act on its behalf, how is it > different from concept of "user proxy"? An agent is created for an object (and *not* for a subject). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat May 1 16:09:59 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i41N9xqB031698 for ; Sat, 1 May 2004 16:09:59 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i41NAhdn002295 for ; Sat, 1 May 2004 16:10:43 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i41NAhbt002293 for cs530@merlot.usc.edu; Sat, 1 May 2004 16:10:43 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i41NAhdn002290 for ; Sat, 1 May 2004 16:10:43 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i41NAhXs002286 for ; Sat, 1 May 2004 16:10:43 -0700 Message-Id: <200405012310.i41NAhXs002286@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Intrusion Detection - Perspective? Date: Sat, 01 May 2004 16:10:43 -0700 From: william@bourbon.usc.edu Someone wrote: > I think one more situation can be cosidered while looking at the > "perspectives" scenario. > Consider the following n/w design: > > External network > ____________________________ > | > Subnet 1 | > --------- /----------\ > | IDS1 |---------| Router |----------( Other n/w of same company - subnet 2) > --------- \-----------/ > | > | Subnet 3 > _____________________________________ > | | > -------------- ----------- > | Network | | IDS 2 | > -------------- ----------- > > In this scenario IDS1 may not be able to monitor activiteis of > Subnets 2 & 3. But with a Distributed IDS they may use boradcast > (or some other communication) and co-ordinate with the help of > shared information. In this case the two different "perspectives" > increase the effectiveness. Is this also a possible "perspetives" > scenario? Yes. And there can be many perspectives. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Saturday, May 1, 2004 3:44 pm Subject: Re: Intrusion Detection - Perspective? > Someone wrote: > > > Hi Prof, I'm still wondering what does the word "perspective" in > > the intrusion detection really mean. I know you explained that > > its a point of view of an intrusion detection. But what I > > confused is that, what does the ID server *see* so that it is > > considered to have a perspective?? Anyway, I don't even know > > what does it mean for a server to be able to have a perspective. > > If the ID is sniffing packets on a router, it most likely > can only see things at the packet level. If the ID is > at the application level, then it observes from a different > "perspective". > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat May 1 15:44:15 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i41MiFqB031253 for ; Sat, 1 May 2004 15:44:15 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i41Mixdn002130 for ; Sat, 1 May 2004 15:44:59 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i41MixJ4002128 for cs530@merlot.usc.edu; Sat, 1 May 2004 15:44:59 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i41Mixdn002125 for ; Sat, 1 May 2004 15:44:59 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i41MixCK002121 for ; Sat, 1 May 2004 15:44:59 -0700 Message-Id: <200405012244.i41MixCK002121@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Intrusion Detection - Perspective? Date: Sat, 01 May 2004 15:44:59 -0700 From: william@bourbon.usc.edu Someone wrote: > Hi Prof, I'm still wondering what does the word "perspective" in > the intrusion detection really mean. I know you explained that > its a point of view of an intrusion detection. But what I > confused is that, what does the ID server *see* so that it is > considered to have a perspective?? Anyway, I don't even know > what does it mean for a server to be able to have a perspective. If the ID is sniffing packets on a router, it most likely can only see things at the packet level. If the ID is at the application level, then it observes from a different "perspective". -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat May 1 15:42:02 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i41Mg2qB031206 for ; Sat, 1 May 2004 15:42:02 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i41Mgldn002101 for ; Sat, 1 May 2004 15:42:47 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i41MglVN002099 for cs530@merlot.usc.edu; Sat, 1 May 2004 15:42:47 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i41Mgldn002096 for ; Sat, 1 May 2004 15:42:47 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i41Mglgq002092 for ; Sat, 1 May 2004 15:42:47 -0700 Message-Id: <200405012242.i41Mglgq002092@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: "Smurf" attack Date: Sat, 01 May 2004 15:42:47 -0700 From: william@bourbon.usc.edu Someone wrote: > In your lecture on Intrusion detection you stated that "Smurf" > attack was a reflector attack but I guess there's more to "smurf" > than that. > > http://www.cert.org/advisories/CA-1998-01.html > > In this link CERT specifically states that "smurf" attacks > involves ICMP echo packets. I think what you had explained in the > lecture was a generic "reflection attack" (which "smurf" is a > subset of). Please correct me if my interpretation is wrong. What you said is correct. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat May 1 15:36:25 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i41MaPqB031082 for ; Sat, 1 May 2004 15:36:25 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i41Mb9dn002060 for ; Sat, 1 May 2004 15:37:09 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i41Mb9q8002058 for cs530@merlot.usc.edu; Sat, 1 May 2004 15:37:09 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i41Mb9dn002055 for ; Sat, 1 May 2004 15:37:09 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i41Mb7s1002051 for ; Sat, 1 May 2004 15:37:09 -0700 Message-Id: <200405012237.i41Mb7s1002051@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Authentication with hash chains Date: Sat, 01 May 2004 15:37:07 -0700 From: william@bourbon.usc.edu Someone wrote: > I have a question regarding hash chains in slide 8-9 for > March 8. Isn't the mechnism vulnerable to man-in-the-middle > attack? consider the following scenario: > > 1. client sends a request to server > 2. ideally, server would have asked client to provide e.g. H^99(s) BUT > 3. an attacker doesnt let client's request reach to the > server, instead it asks the client to provide e.g. H^50(s). > And now, the attacker can use that to impersonate the > actual client to the server, as now the attacker can > provide H^99(s)- H^50(s). > > OR even easier, I'm not sure if the attacker can simply > act as RELAY and would fool the server. > > Please explain this. If the client does not keep any state information (that H^100(s) was the last password sent), then it would be vulnerable to man-in-the-middle attack. If the client knows what has last sent, then it would know that something funny is going on. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Apr 30 23:01:57 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i4161vqB011614 for ; Fri, 30 Apr 2004 23:01:57 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i4162edn030580 for ; Fri, 30 Apr 2004 23:02:40 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i4162eP8030576 for cs530@merlot.usc.edu; Fri, 30 Apr 2004 23:02:40 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i4162edn030571; Fri, 30 Apr 2004 23:02:40 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i4162eiF030567; Fri, 30 Apr 2004 23:02:40 -0700 Message-Id: <200405010602.i4162eiF030567@bourbon.usc.edu> To: cs530@bourbon.usc.edu To: cs551@bourbon.usc.edu Subject: Re: About finals Date: Fri, 30 Apr 2004 23:02:40 -0700 From: william@bourbon.usc.edu Someone wrote: > In the midterm I lost points because i ran out of time. One reason I feel > was because i kept trying to figure out a way to keep my answers to 30 words > limit because you wouldnt read after that. Yes. I want *you* to decide what you want me to read. So, put what you want me to read at the beginning! > There were certain questions in the midterm which i felt coulde be better > explained in terms of diagrams. for eg the kerberos sysytem (how TGT works > etc). Then you would have given me the *wrong* answer because you would have spent all your time describing the wrong thing! You need to think clearly during the exam and decide on the right thing to say. I'm doing this on purpose! I don't want to see a brain dump. I want you to demonstrate that you really know the answer to the *specific* question that I'm asking! I don't want to know that you have *general* knowledge of a topic. > A lot of things in the class have also been illustrated with the help > of diagrams. Would there be any point deduction for not writing as much as > expected and using figures and diagrams to answer instead in the finals? You cannot draw a picture and say "figure out what I'm saying"! You will get *no* credit for doing that. You cannot say "isn't that very clear from the picture what I'm saying?" Well, you still have to say it in words! You can draw a picture if it helps you to explain in words. In my view, a picture doesn't really help in my exams. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Apr 30 22:26:33 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i415QXqB010944 for ; Fri, 30 Apr 2004 22:26:33 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i415RGdn030216 for ; Fri, 30 Apr 2004 22:27:16 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i415RG6r030214 for cs530@merlot.usc.edu; Fri, 30 Apr 2004 22:27:16 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i415RGdn030211 for ; Fri, 30 Apr 2004 22:27:16 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i415RGqq030207 for ; Fri, 30 Apr 2004 22:27:16 -0700 Message-Id: <200405010527.i415RGqq030207@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Pre Midterm Syllabus Date: Fri, 30 Apr 2004 22:27:16 -0700 From: william@bourbon.usc.edu Someone wrote: > I just wanted to inquire if the weightage of the syllabus > before the Midterm would be as much as that after the > Midterms. The materials before the midterm exam is just as important as the materials after the midterm exam. (This doesn't mean that I will have just as many problems from pre-midterm and post-midterm.) I don't know because I have not made up the final exam yet. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Apr 30 22:22:03 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i415M3qB010863 for ; Fri, 30 Apr 2004 22:22:03 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i415Mkdn030154 for ; Fri, 30 Apr 2004 22:22:46 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i415MkSm030152 for cs530@merlot.usc.edu; Fri, 30 Apr 2004 22:22:46 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i415Mkdn030149 for ; Fri, 30 Apr 2004 22:22:46 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i415MkMc030145 for ; Fri, 30 Apr 2004 22:22:46 -0700 Message-Id: <200405010522.i415MkMc030145@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Question about Bistro Date: Fri, 30 Apr 2004 22:22:46 -0700 From: william@bourbon.usc.edu Someone wrote: > In your 4/26 Bistro lecture, you mention that the top level Bistro need > not trust the intermediary Bistro's, and that the top level Bistro clock > was the authority. By "top level", I assume you mean the "destination" bistro. > But doesn't this cause another bottleneck? If the top level does not > trust the intermediary timestamps, then all intermediaries must > communicate their hashes to the top level BEFORE the deadline. Actually, it is the client that must communicate the hashes to the destination bistro *before* the deadline. > In your > IRS example, this could mean receiving 100 million packets in the last > few minutes. > > This would clearly overwhelm any server. (A Bistro self-imposed DOS > attack :-) How does Bistro handle this problem? Thank you, Professor. If you are concerned about the load (or single point of failure), you can have mirror destination bistros (you just need to copy the credentials to mirror bistros). (This is on slide 3 of lecture 28.) This also means that you need more than one *trusted* bistros. This needs to be deteremined way ahead of time (not so easy to create new mirrors dynamically). If you are concerned that the digital signature cannot keep up, then you can use the batch signing scheme described on slide 4 of lecture 13. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Apr 30 19:22:26 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i412MQqB007455 for ; Fri, 30 Apr 2004 19:22:26 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i412N9dn028952 for ; Fri, 30 Apr 2004 19:23:09 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i412N9dm028950 for cs530@merlot.usc.edu; Fri, 30 Apr 2004 19:23:09 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i412N8dn028947 for ; Fri, 30 Apr 2004 19:23:08 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i412N8d5028943 for ; Fri, 30 Apr 2004 19:23:08 -0700 Message-Id: <200405010223.i412N8d5028943@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: general ? on private key encryption standards Date: Fri, 30 Apr 2004 19:23:08 -0700 From: william@bourbon.usc.edu Someone wrote: > I'm just curious as to the current standards for private key > encryption. You mean *secret key* encryption! > We started out with DES, then we have AES, then > Triple DES. AES is supposed to be better than DES right? So > would Triple AES (if there is such a thing) better than DES? > When I say better, I mean it's harder to crack. Also, is AES > better than Triple DES? Just curious. As far as I know, DES is still the standard. Some people are really concerned about the key size of DES (56-bits). Recall that Schneier (arbitrarily) set the "safety limit" to be 80 bits. So, anyone who worries about DES would use 3DES (112-bits if you use 2 keys) or AES (at least 128 bits). There are concerns about AES because of it has *too much structure*. But no one knows if these concerns are justified. Only time will tell. 3DES is definitely better than DES (but slower). Is it better than AES? Don't know! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Apr 28 13:40:26 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3SKeQqB011493 for ; Wed, 28 Apr 2004 13:40:26 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3SKd7f7020152 for ; Wed, 28 Apr 2004 13:39:07 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3SKd7Db020147 for cs530@merlot; Wed, 28 Apr 2004 13:39:07 -0700 Date: Wed, 28 Apr 2004 13:39:07 -0700 From: william@bourbon.usc.edu Message-Id: <200404282039.i3SKd7Db020147@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: final exam in WPH B-27 Hi, The final exam will be held in WPH B-27, between 11am and 1pm on Wednesday 5/5/2004. If you don't know where WPH is, please click on the link on the class web page. The way to get to WPH B-27 is actually through the basement of the SOS building just south of WPH. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Apr 28 04:48:12 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3SBmCqB001594 for ; Wed, 28 Apr 2004 04:48:12 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3SBksf7016692 for ; Wed, 28 Apr 2004 04:46:54 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3SBks95016690 for cs530@merlot.usc.edu; Wed, 28 Apr 2004 04:46:54 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3SBksf7016684 for ; Wed, 28 Apr 2004 04:46:54 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3SBkrGA016674 for ; Wed, 28 Apr 2004 04:46:54 -0700 Message-Id: <200404281146.i3SBkrGA016674@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: question on Smurf attack Date: Wed, 28 Apr 2004 04:46:53 -0700 From: william@bourbon.usc.edu Someone wrote: > In discussion about the smurf attack last wednesday, you said one of the > ways to avoid spoofing of IP addresses was for the border router(gateway) to > check if the IP indeed belongs to that network etc and if not then drop it. I think I didn't say "border router" and said "gateway". This "source filtering" can be turned on at a gateway router of a network before a packet goes into the Internet. > But I was wondering that in context of BGP , lot of networks apply complex > inter domain routing policies to allow thru (transit) traffic, these > networks could be smaller networks also (like university networks - USC, > UCLA, MIT etc), apart from backbones, ISPs and Reigonal ISPs. > > For such networks I guess that detecting IP spoofing could be literally > impossible because all the networks that are transit or multi homed would > have to log packets so that they could be tracedback. But this would be > highly impractical as there would be enormous amounts of data. Since most students in the class does not know about BGP, I'll answer this using more general terms... Routers in the middle of the Internet cannot do "source filtering" because of what you said. This can only be for a router who is sitting at the gateway of a network who knows what's inside and what's outside and which packet is leaving the network and which packet is coming into the network. Such a gateway can decide if a packet that is leaving the network has a good source IP address. > But on the other hand I think employing an IDS for such networks would be > rather useless because I think IDSs are basically meant for securing private > LANs (like stubs- companies, government etc) of (i think) small to medium > sizes. After all why would any thru traffic be allowed through a secure > networks in the first place. I think it depends on exactly what you would call an IDS. For a distributed IDS, its components can be on the other side of the Internet. For example, in IP traceback (edge sampling), if you can consider any router that's helping out the edge sampling part of a distributed (and global) IDS, I would consider this "helpful". -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Apr 27 13:44:50 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3RKioqB016777 for ; Tue, 27 Apr 2004 13:44:50 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3RKhXf7007449 for ; Tue, 27 Apr 2004 13:43:33 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3RKhXgc007447 for cs530@merlot.usc.edu; Tue, 27 Apr 2004 13:43:33 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3RKhXf7007444 for ; Tue, 27 Apr 2004 13:43:33 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3RKhXCH007440 for ; Tue, 27 Apr 2004 13:43:33 -0700 Message-Id: <200404272043.i3RKhXCH007440@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: About finals Date: Tue, 27 Apr 2004 13:43:33 -0700 From: william@bourbon.usc.edu Someone wrote: > Some discussions in class talked about very specific issues, for eg, in the > microsoft passport system, you discussed how the number of messages exchaged > could be different depending upon application (for eg certain applications > require zipcode(hence an additional message exchange), certain dont or if > user already has cookie set, then no use of messages 4,5 etc). > I was wondering in a generic sense what kind of questions could be there on > the final in such a context, for eg, could we have a question on similar > lines of 'enumerate the steps in a microsoft passport system.' Yes. That would be a reasonable question for the final exam. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Apr 27 09:57:08 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3RGv7qB012524 for ; Tue, 27 Apr 2004 09:57:08 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3RGtff7005098 for ; Tue, 27 Apr 2004 09:55:41 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3RGtfha005096 for cs530@merlot.usc.edu; Tue, 27 Apr 2004 09:55:41 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3RGtff7005093 for ; Tue, 27 Apr 2004 09:55:41 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3RGtfjk005089 for ; Tue, 27 Apr 2004 09:55:41 -0700 Message-Id: <200404271655.i3RGtfjk005089@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: "X11 connection rejected" comment from the grader for HW3... Date: Tue, 27 Apr 2004 09:55:40 -0700 From: william@bourbon.usc.edu Someone wrote: > I received 0/25 on the edit portion for an error like > this, however it works fine when I run it on aludra > every time. We should at least get partial credit for > such things, Of course! Please talk to the grader. > because there was no way for me to test > this sporadically buggy problem. There was "no way"?! > Actually, we should > get full credit if we can demo it running. Sorry, but no! You cannot get full credit if your program has bugs. The requirement is that the grader will grade from the grading account and not from your account. You need to make your code work under any reasonable circumstances. > 25 points is 25% of the homework for such a minute, > unidentifiable error. You need to talk to the grader to see what is a reasonable number of points to take off. Zero is not reasonable because someone else in class did it right. Trashing memory is *never* a non-serious bug (whether you can detect it or not). You put the bug in your code and we idenified it. You will get points deducted for trashing memory and for not doing a thorough job testing your code. Writing code is easy, writing bug free code (which deserves full credit) is not as easy. -- Bill Cheng // bill.cheng@usc.edu --- william@bourbon.usc.edu wrote: > Hi, > > In the grade I sent to everyone, if you see a > comment > like "X11 connection rejected ...", I just found out > what's the cause of this message. > > A few of you wrote code like the following: > > char *homedir=getenv("HOME"); > ... > strcat(homedir, "/tmp"); > > This is bad! If you do "man -s 3c getenv", you will > see that: > > If successful, getenv() returns a pointer to the > value in > the current environment; otherwise, it returns a > null pointer. > > getenv() does *not* allocate a buffer but just > points *into* > the current environment! (Even if it allocates a > buffer, > doing strcat() would be wrong.) So, when you call > strcat(), > you *write* into the current environment. This can > cause > seemingly *random* buggy behavior! (In a way, this > is > similar to writing past allocated memory buffer.) > > So, what should you do instead? Well, it takes more > code > (as usual): > > char *homedir=getenv("HOME"); > > if (homedir != NULL) { > char > *tmpdir=(char*)malloc(strlen(homedir)+strlen("/tmp")+1); > > if (tmpdir != NULL) { > sprintf(tmpdir, "%s/tmp", homedir); > ... > free(tmpdir); > } > } > -- > Bill Cheng // bill.cheng@usc.edu > Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Apr 26 22:08:19 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3R58JqB031773 for ; Mon, 26 Apr 2004 22:08:19 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3R573f7008521 for ; Mon, 26 Apr 2004 22:07:03 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3R5734V008519 for cs530@merlot.usc.edu; Mon, 26 Apr 2004 22:07:03 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3R573f7008516 for ; Mon, 26 Apr 2004 22:07:03 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3R573NG008512 for cs530; Mon, 26 Apr 2004 22:07:03 -0700 Date: Mon, 26 Apr 2004 22:07:03 -0700 From: william@bourbon.usc.edu Message-Id: <200404270507.i3R573NG008512@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: "X11 connection rejected" comment from the grader for HW3... Hi, In the grade I sent to everyone, if you see a comment like "X11 connection rejected ...", I just found out what's the cause of this message. A few of you wrote code like the following: char *homedir=getenv("HOME"); ... strcat(homedir, "/tmp"); This is bad! If you do "man -s 3c getenv", you will see that: If successful, getenv() returns a pointer to the value in the current environment; otherwise, it returns a null pointer. getenv() does *not* allocate a buffer but just points *into* the current environment! (Even if it allocates a buffer, doing strcat() would be wrong.) So, when you call strcat(), you *write* into the current environment. This can cause seemingly *random* buggy behavior! (In a way, this is similar to writing past allocated memory buffer.) So, what should you do instead? Well, it takes more code (as usual): char *homedir=getenv("HOME"); if (homedir != NULL) { char *tmpdir=(char*)malloc(strlen(homedir)+strlen("/tmp")+1); if (tmpdir != NULL) { sprintf(tmpdir, "%s/tmp", homedir); ... free(tmpdir); } } -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Apr 26 16:55:28 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3QNtSqB026010 for ; Mon, 26 Apr 2004 16:55:28 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3QNsEf7011688 for ; Mon, 26 Apr 2004 16:54:14 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3QNsEBW011686 for cs530@merlot.usc.edu; Mon, 26 Apr 2004 16:54:14 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3QNsEf7011683 for ; Mon, 26 Apr 2004 16:54:14 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3QNsEi1011679 for ; Mon, 26 Apr 2004 16:54:14 -0700 Message-Id: <200404262354.i3QNsEi1011679@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Qustions about final exam Date: Mon, 26 Apr 2004 16:54:14 -0700 From: william@bourbon.usc.edu Someone wrote: > The reason I ask is since we were never allowed to see our tests, if you > ask a question that you already asked, we will more than likely get it > wrong again. I certainly hope not! You need to study carefully! You need to understand the materials and answer the questions precisely! Casual reading of the required materials will most likely *not* result in a high score for the final exam. Most of the answers to the midterm questions are right there on the lecture slides. If you review them carefully, you should have no problem answering those questions. Also, in class, I mentioned the answers to some of the questions that a lot of people have missed. And these answers are, again, right from the lecture slides. -- Bill Cheng // bill.cheng@usc.edu On Mon, 2004-04-26 at 16:14, william@bourbon.usc.edu wrote: > Someone wrote: > > > Are you going to possible ask us the some of the same questions that > > were on the first test? > > Sure, because "the final exam will cover the whole class". > Whatever that was covered by the midterm exam is a subset of > what's covered by the final exam. > -- > Bill Cheng // bill.cheng@usc.edu > > > > > On Mon, 2004-04-26 at 15:49, william@bourbon.usc.edu wrote: > > Someone wrote: > > > > > Is the final exam going to cover the contents before midterm? > > > About the guest lectures (lec 23, 24)? Thanks! > > > > The final exam will cover the whole class. You are also responsible > > for the materials presented by Alefiya Hussain on 4/14 (limited to > > the lecture). > > > > I have not assigned any of the papers as *required* reading for this > > class. So you are only responsible for the materials covered by > > lectures and the textbooks. > > -- > > Bill Cheng // bill.cheng@usc.edu ; Mon, 26 Apr 2004 16:15:22 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3QNE7f7026200 for ; Mon, 26 Apr 2004 16:14:07 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3QNE7NF026198 for cs530@merlot.usc.edu; Mon, 26 Apr 2004 16:14:07 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3QNE7f7026192 for ; Mon, 26 Apr 2004 16:14:07 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3QNE7j5026188 for ; Mon, 26 Apr 2004 16:14:07 -0700 Message-Id: <200404262314.i3QNE7j5026188@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Qustions about final exam Date: Mon, 26 Apr 2004 16:14:07 -0700 From: william@bourbon.usc.edu Someone wrote: > Are you going to possible ask us the some of the same questions that > were on the first test? Sure, because "the final exam will cover the whole class". Whatever that was covered by the midterm exam is a subset of what's covered by the final exam. -- Bill Cheng // bill.cheng@usc.edu On Mon, 2004-04-26 at 15:49, william@bourbon.usc.edu wrote: > Someone wrote: > > > Is the final exam going to cover the contents before midterm? > > About the guest lectures (lec 23, 24)? Thanks! > > The final exam will cover the whole class. You are also responsible > for the materials presented by Alefiya Hussain on 4/14 (limited to > the lecture). > > I have not assigned any of the papers as *required* reading for this > class. So you are only responsible for the materials covered by > lectures and the textbooks. > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Apr 26 15:50:51 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3QMopqB024313 for ; Mon, 26 Apr 2004 15:50:51 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3QMnbf7016546 for ; Mon, 26 Apr 2004 15:49:37 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3QMnbST016544 for cs530@merlot.usc.edu; Mon, 26 Apr 2004 15:49:37 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3QMnbf7016541 for ; Mon, 26 Apr 2004 15:49:37 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3QMnbl4016537 for ; Mon, 26 Apr 2004 15:49:37 -0700 Message-Id: <200404262249.i3QMnbl4016537@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Qustions about final exam Date: Mon, 26 Apr 2004 15:49:37 -0700 From: william@bourbon.usc.edu Someone wrote: > Is the final exam going to cover the contents before midterm? > About the guest lectures (lec 23, 24)? Thanks! The final exam will cover the whole class. You are also responsible for the materials presented by Alefiya Hussain on 4/14 (limited to the lecture). I have not assigned any of the papers as *required* reading for this class. So you are only responsible for the materials covered by lectures and the textbooks. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Apr 26 04:11:42 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3QBBgqB011416 for ; Mon, 26 Apr 2004 04:11:42 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3QBATf7013787 for ; Mon, 26 Apr 2004 04:10:29 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3QBAScF013779 for cs530@merlot; Mon, 26 Apr 2004 04:10:28 -0700 Date: Mon, 26 Apr 2004 04:10:28 -0700 From: william@bourbon.usc.edu Message-Id: <200404261110.i3QBAScF013779@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: HW3 and regrade policy... Hi, Since the TA won't be able to see anyone until this Thursday and some of you are not available this Thursday and are concerned about the 1 week time limit to request for the regrade. I'm extending the regrade request deadline to 5/4/04 (the day before the final exam). Also, please read the regrade policy *carefully*. The regrade needs to be *initiated* before the deadline! It does not have to be *resolved* by the deadline. Once you've initiated a written regrade request, we need to get it resolved in a timely manner. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Apr 26 04:00:27 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3QB0RqB010819 for ; Mon, 26 Apr 2004 04:00:27 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3QAxEf7002448 for ; Mon, 26 Apr 2004 03:59:14 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3QAxEmY002441 for cs530@merlot.usc.edu; Mon, 26 Apr 2004 03:59:14 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3QAxDf7002437 for ; Mon, 26 Apr 2004 03:59:13 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3QAxDTs002433 for ; Mon, 26 Apr 2004 03:59:13 -0700 Message-Id: <200404261059.i3QAxDTs002433@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: HW4? Date: Mon, 26 Apr 2004 03:59:13 -0700 From: william@bourbon.usc.edu Someone wrote: > Sorry if i missed it in class but is there going to be a HW4? No! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Apr 25 16:34:33 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3PNYXqB030749 for ; Sun, 25 Apr 2004 16:34:33 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3PNXLf7014280 for ; Sun, 25 Apr 2004 16:33:21 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3PNXLCi014278 for cs530@merlot.usc.edu; Sun, 25 Apr 2004 16:33:21 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3PNXLf7014275 for ; Sun, 25 Apr 2004 16:33:21 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3PNXLcI014273 for cs530; Sun, 25 Apr 2004 16:33:21 -0700 Date: Sun, 25 Apr 2004 16:33:21 -0700 From: william@bourbon.usc.edu Message-Id: <200404252333.i3PNXLcI014273@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: solution for problem 4 of HW2 posted... Please see: http://merlot.usc.edu/cs530-s04/homeworks/sol2-4.pdf -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sun Apr 25 15:25:54 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3PMPsqB029242 for ; Sun, 25 Apr 2004 15:25:54 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3PMOgf7020157 for ; Sun, 25 Apr 2004 15:24:42 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3PMOggi020153 for ; Sun, 25 Apr 2004 15:24:42 -0700 Message-Id: <200404252224.i3PMOggi020153@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: HW3 grade... Date: Sun, 25 Apr 2004 15:24:42 -0700 From: william@bourbon.usc.edu Hi, I forgot to mention that the grading script the grader used was in "~csci530/public/hw3/hw3_2.pl". I think you can execute it by doing "sh ~csci530/public/hw3/hw3_2.pl". -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Sun, 25 Apr 2004 15:18:42 -0700 From: william@bourbon.usc.edu Subject: HW3 grade... (This message is program-generated. If this e-mail is unreadable, there's probably a bug in the code that generated this e-mail. If that's the case, please send e-mail to . Thanks!) Dear ... ... Please note that the test data files are in the ~csci530/public/hw3 directory on nunki. If you have questions about your grade, please first contact the grader Sumeet Savla, . He will be holding an office hour on Thursday, 4/29, between 3pm and 4:30pm. If you are not able to resolve grading issues with Sumeet, please then contact me (please write down the issues in some detail). For the regrade policy, please see the Regrading Policy section of the Course Description page: http://merlot.usc.edu/cs530-s04/description.html#regrade -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Apr 23 12:51:22 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3NJpMqB025337 for ; Fri, 23 Apr 2004 12:51:22 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3NJoFf7006518 for ; Fri, 23 Apr 2004 12:50:15 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3NJoFEQ006516 for cs530@merlot.usc.edu; Fri, 23 Apr 2004 12:50:15 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3NJoFf7006513 for ; Fri, 23 Apr 2004 12:50:15 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3NJoFCR006509 for ; Fri, 23 Apr 2004 12:50:15 -0700 Message-Id: <200404231950.i3NJoFCR006509@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Grades for HW#3 on smartcard. Date: Fri, 23 Apr 2004 12:50:15 -0700 From: william@bourbon.usc.edu Someone wrote: > I request you to please let us know when are the grades > for the coding project on smartcard expected. I talked to the grader 2 days ago and he said he was basically done and just need to assign the scores. So, I expect it to be done before the weekend is over. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Apr 21 22:58:36 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3M5waqB014664 for ; Wed, 21 Apr 2004 22:58:36 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3M5vYf7015910 for ; Wed, 21 Apr 2004 22:57:34 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3M5vYMk015908 for cs530@merlot.usc.edu; Wed, 21 Apr 2004 22:57:34 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3M5vYf7015905 for ; Wed, 21 Apr 2004 22:57:34 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3M5vYBq015901 for ; Wed, 21 Apr 2004 22:57:34 -0700 Message-Id: <200404220557.i3M5vYBq015901@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: hi Date: Wed, 21 Apr 2004 22:57:34 -0700 From: william@bourbon.usc.edu Someone wrote: > the site says that we must submit term paper along with proposal. > but when i went to the electronic submission guidelines.. i saw > that th instructions to submit were just for term paper . so what > should i do? i have already submited my term paer. for safety > .but without the proposal. The proposal requirement has been removed long time ago. Please just submit your paper (please make sure that the file extension of your file matches the file type). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Apr 21 21:44:14 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3M4iEqB012975 for ; Wed, 21 Apr 2004 21:44:14 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3M4hCf7008055 for ; Wed, 21 Apr 2004 21:43:12 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3M4hC4o008050 for cs530@merlot.usc.edu; Wed, 21 Apr 2004 21:43:12 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3M4hCf7008044 for ; Wed, 21 Apr 2004 21:43:12 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3M4hCHM008040 for ; Wed, 21 Apr 2004 21:43:12 -0700 Message-Id: <200404220443.i3M4hCHM008040@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Submission Questions Date: Wed, 21 Apr 2004 21:43:12 -0700 From: william@bourbon.usc.edu Someone wrote: > I submitted my term paper a few days ago, but did not receive > a receipt yet. Is this because Bistro mails out receipts only > after the deadline? I think you are referring to the "delivered e-mail". You won't get that until I finally collect your submissions. Right now all the submissions are just sitting on the server and have not been delivered to me. That should happen some time tomorrow. > Also, is it necessary for us to do the email=... command > before each submission, or does it stay the same once it's > been set on a previous submission? > > (just being paranoid here) You only need to do the e-mail= stuff once and you did that when you submited HW1. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Apr 20 16:37:10 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3KNbAqB009249 for ; Tue, 20 Apr 2004 16:37:10 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3KNaBf7009244 for ; Tue, 20 Apr 2004 16:36:11 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3KNaBqS009242 for cs530@merlot.usc.edu; Tue, 20 Apr 2004 16:36:11 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3KNaAf7009236 for ; Tue, 20 Apr 2004 16:36:10 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3KNaAMT009229 for ; Tue, 20 Apr 2004 16:36:10 -0700 Message-Id: <200404202336.i3KNaAMT009229@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Question in a conclusion Date: Tue, 20 Apr 2004 16:36:10 -0700 From: william@bourbon.usc.edu Someone wrote: > i wanted to ask if is it ok to have a question in the > conclusion, basically i am comparing 3 techniques and 1 > technique has more set af advantages than the others, > but i have an opinion to state in a form of a question..is > that ok to do Usually, it's not so good to do that in a technical paper. You can say something like "... remains an unanswered question." -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Apr 19 10:48:48 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3JHmmqB008342 for ; Mon, 19 Apr 2004 10:48:48 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3JHlqf7000958 for ; Mon, 19 Apr 2004 10:47:52 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3JHlq9C000956 for cs530@merlot.usc.edu; Mon, 19 Apr 2004 10:47:52 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3JHlqf7000953 for ; Mon, 19 Apr 2004 10:47:52 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3JHlqrW000949 for ; Mon, 19 Apr 2004 10:47:52 -0700 Message-Id: <200404191747.i3JHlqrW000949@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Further Information needed(Fwd: Re: Term Paper Proposal.) Date: Mon, 19 Apr 2004 10:47:52 -0700 From: william@bourbon.usc.edu Someone wrote: > I am writing a survey paper on ... and corresponding > counter measures proposed by the research community. > > While going through your online lectures i find that you have > stressed on selecting 3 reference papers. The 3 is the *minimum*. > have written my > term paper gathering small peices of informations from a large > number of published papers, DDoS being an active area of research. > > As such my reference list is large and does not contain gist of just > 3/4 papers. I request you to please let me know if that is fine. You can have as many references as you need. They are outside of the 6 page limit. So, reference them as you see fit. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Apr 16 22:44:19 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3H5iIqB028743 for ; Fri, 16 Apr 2004 22:44:19 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3H5hTf7019266 for ; Fri, 16 Apr 2004 22:43:29 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3H5hTtg019264 for cs530@merlot.usc.edu; Fri, 16 Apr 2004 22:43:29 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3H5hTf7019255 for ; Fri, 16 Apr 2004 22:43:29 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3H5hTgL019253 for cs530; Fri, 16 Apr 2004 22:43:29 -0700 Date: Fri, 16 Apr 2004 22:43:29 -0700 From: william@bourbon.usc.edu Message-Id: <200404170543.i3H5hTgL019253@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: out of town for 2 days... Hi, I will be out of town this Sat and Sun and won't be answering e-mails until late Sunday night. Have a nice weekend. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Apr 16 16:33:55 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3GNXtqB022002 for ; Fri, 16 Apr 2004 16:33:55 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3GNX6f7014248 for ; Fri, 16 Apr 2004 16:33:06 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3GNX6Od014246 for cs530@merlot.usc.edu; Fri, 16 Apr 2004 16:33:06 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3GNX5f7014238 for ; Fri, 16 Apr 2004 16:33:06 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3GNX5Ft014231 for ; Fri, 16 Apr 2004 16:33:05 -0700 Message-Id: <200404162333.i3GNX5Ft014231@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: table for results Date: Fri, 16 Apr 2004 16:33:05 -0700 From: william@bourbon.usc.edu Someone wrote: > I am sorry I forgot to mention that I was asking if the table > could be used as a summary after explaining the differences > in words. I don't think it helps. But you can use is if you think it will help you to make your point (whatever it is) more clear. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Friday, April 16, 2004 3:29 pm Subject: Re: table for results > Someone wrote: > > > I am writing a paper on ... I am comparing 3 techniques in > > terms of thier efficiency, scalability etc. Is it a good > > idea to put a table summarising the comparision with more, > > less , least,same. > > > > something like this below: > > technique1 technique2 technique3 > > 1>more less least > > 2>less same as 1 more > > .............................. > > ............................... > > I think such a table is not useful. You should describe > the differences in words since we are writing a technical > paper. > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Apr 16 15:30:45 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3GMUjqB020856 for ; Fri, 16 Apr 2004 15:30:45 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3GMTuf7022177 for ; Fri, 16 Apr 2004 15:29:56 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3GMTuwW022175 for cs530@merlot.usc.edu; Fri, 16 Apr 2004 15:29:56 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3GMTuf7022172 for ; Fri, 16 Apr 2004 15:29:56 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3GMTub5022168 for ; Fri, 16 Apr 2004 15:29:56 -0700 Message-Id: <200404162229.i3GMTub5022168@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: table for results Date: Fri, 16 Apr 2004 15:29:56 -0700 From: william@bourbon.usc.edu Someone wrote: > I am writing a paper on ... I am comparing 3 techniques in > terms of thier efficiency, scalability etc. Is it a good > idea to put a table summarising the comparision with more, > less , least,same. > > something like this below: > technique1 technique2 technique3 > 1>more less least > 2>less same as 1 more > .............................. > ............................... I think such a table is not useful. You should describe the differences in words since we are writing a technical paper. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Apr 16 15:28:33 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3GMSXqB020801 for ; Fri, 16 Apr 2004 15:28:33 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3GMRgf7021310 for ; Fri, 16 Apr 2004 15:27:42 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3GMRgIF021308 for cs530@merlot.usc.edu; Fri, 16 Apr 2004 15:27:42 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3GMRff7021301 for ; Fri, 16 Apr 2004 15:27:41 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3GMRfoR021295 for ; Fri, 16 Apr 2004 15:27:41 -0700 Message-Id: <200404162227.i3GMRfoR021295@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Changing the reference Date: Fri, 16 Apr 2004 15:27:41 -0700 From: william@bourbon.usc.edu Someone wrote: > Is it ok if I change one of the references that I had sent to > the T.A. and you in my proposal? Sure. > Also instead of having 3 solutions to a problem as the central > theme of the paper, is it ok to have 3 ways to address the > need for a particular aspect? To me, that sounds like the same thing. I guess when I said 3 solutions, I really meant 3 different *approaches* to solve a problem. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Apr 15 22:15:49 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3G5FnqB000919 for ; Thu, 15 Apr 2004 22:15:49 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3G5Inf7030488 for ; Thu, 15 Apr 2004 22:18:49 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3G5In8J030480 for cs530@merlot.usc.edu; Thu, 15 Apr 2004 22:18:49 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3G5Inf7030477 for ; Thu, 15 Apr 2004 22:18:49 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3G5InvI030473 for ; Thu, 15 Apr 2004 22:18:49 -0700 Message-Id: <200404160518.i3G5InvI030473@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: cs530 term paper format Date: Thu, 15 Apr 2004 22:18:49 -0700 From: william@bourbon.usc.edu Someone wrote: > hi Prof, which format do you think is better? > > Format 1: > 1. introduction on what is the vulnerabilities (3 of them only). > 2. Problem 1 and the security solution. > 3. Problem 2 and the security solution. > 4. Problem 3 and the security solution. > 5. conclusion > > Format 2: > 1. introduction > 2. describe all the problems first > 3. Solution to problem 1 > 4. solution to problem 2 > 5. solution to problem 3 > 6. conclusion Umm... Best if there is only one problem and there are 3 different solutions! Then you can discuss how the solutions compare with each other. As I have mentioned before, it's better to talk about *solutions* than problems. If you are running out of time and can't find multiple solutions for a single problem, then you should stick to what you have and get as high of a score as possible. THere is really no difference in which format you follow. If you write clearly and succinctly, you can probably make any format work. > Should I *assume* by giving out *just* the name of the > problem such as "impersonation" or "MAC address spoofing" > the reader should *understand* what it is or should I > describe it? You should have a short description (unless it has been explained in class). You should assume that the reader is familiar with our class. > should I describe how dangerous are they, i.e. give an example? If you think it will help the reader to understand why you pick a certain topic, sure. -- Bill Cheng // bill.cheng@usc.edu > ----- Original Message ----- > From: william@bourbon.usc.edu > Date: Tuesday, April 13, 2004 10:06 pm > Subject: Re: cs530 term paper format > > > Someone wrote: > > > > > I am having some trouble paring down my paper to the appropriate > > > size, and would just like some quick clarification to determine > > > what should stay and what should go. I am writing my paper as a > > > survey of ... techniques in ... > > > The layout I had envisioned was therefore as follows: > > > > > > 1, An intro to the problem domain > > > > You should keep this brief. > > > > > 2, A brief description of the underlying ... protocols > > > (these form the basis of the solutions) > > > > > > 3, A description of the most common known attacks > > > > 2 & 3 should probably be merged. You should be as brief > > and as concise as possible, if you are trying to cut > > things down. > > > > > 4, A description of 3 different solutions > > > > > > 5, A discussion of the pros and cons of said solutions > > > > > > 6, My conclusions based on the discussion (I might include this > > > in 5 instead) > > > > The rest sounds good. > > > > > I would like to know if there are any sections that you feel are > > > unnecessary, for example my description of the ... protocols. > > > Right now I am halfway through part 4 and have hit 3,064 words (I > > > can bring this down a lot by condensing my sentences). > > > > As I have mentioned before, I won't count words. You can have > > at most 6 double-spaced pages (plus references). > > > > Condensing sentences is not a good way to reduce the size > > of a paper if you have a lot to reduce. You should find > > ways to cut paragraphs or reduce paragraphs to sentenses > > (if you have a lot to cut). > > > > > Another > > > concern of mine aside from length is that in reading my paper you > > > might be bored since my discussion comes after I describe the > > > attacks and defenses. I feel this is a natural way to present my > > > topic based on the papers I've been reading and their formats, > > > but the last thing I want to do is produce something that is way > > > too long or confusing for you to grade. > > > > I will deduct points for over 6 pages. And of course I will > > deduct points for a confusing paper! > > > > You don't *have to* describe attacks and defenses *in detail* > > if you are short on space. You need to convey the essence of > > these attacks and defenses. This requires understanding what > > you are describing and then you can cut out stuff that's of > > secondary importance. > > > > > Please let me know how I can make this more effective and > > > gradable. > > > > > > Also, I wanted to know if you were against students formatting > > > their papers in the two-column layout that many papers are > > > written in. I was considering creating a pdf organized in this > > > fashion because it looks professional, but obviously looks are > > > not my primary concern. > > > > Usually, two-column layout is *not* for doubly-spaced documents! > > Since we are doing double-spacing, please write your paper in > > single-column. > > -- > > Bill Cheng // bill.cheng@usc.edu > > > > Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Apr 15 21:09:31 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3G49VqB032093 for ; Thu, 15 Apr 2004 21:09:31 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3G4CWf7030621 for ; Thu, 15 Apr 2004 21:12:32 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3G4CWJd030619 for cs530@merlot.usc.edu; Thu, 15 Apr 2004 21:12:32 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3G4CVf7030616 for ; Thu, 15 Apr 2004 21:12:31 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3G4CV5Y030609 for ; Thu, 15 Apr 2004 21:12:31 -0700 Message-Id: <200404160412.i3G4CV5Y030609@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Introduction Date: Thu, 15 Apr 2004 21:12:31 -0700 From: william@bourbon.usc.edu Someone wrote: > Many papers have their organization at the end of the > introduction like section 1 is this and 2 is this ... Is it > a good idea to have such a thing for an extended abstract. If you are short on space, you don't really need to do this since the paper is so short. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Apr 14 13:27:37 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3EKRYqB028952 for ; Wed, 14 Apr 2004 13:27:37 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3EKPXf7013248 for ; Wed, 14 Apr 2004 13:25:33 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3EKPXvB013246 for cs530@merlot; Wed, 14 Apr 2004 13:25:33 -0700 Date: Wed, 14 Apr 2004 13:25:33 -0700 From: william@bourbon.usc.edu Message-Id: <200404142025.i3EKPXvB013246@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: appendix in the term paper Hi, You are allowed to have appendices in your term paper and they will *not* be counted towards the 6 pages (just like references). What should go into the sppendices? Well, you can put anything that the reader *does not need to* read! For example, if you want to copy an algorithm or a graph from another paper, you can put them in the appendices. Make sure you give full credit to the source. If you copy a graph/picture, make sure you put down at least the following: This figure is a reproduction of Figure X of [#]. Reproduced without the authors permissions. Since all these things are from other papers, that's why the reader of your paper does *not* have to read your appendices (because they can read the published papers instead). Someone also asked me about exactly what's double spacing. Take a published paper, they are single spaced. If you print on every 2 lines, that's double spaced. As I said before, you can fudge on the double spacing. For example, you can do 1.5 spacing (I will not allow anything smaller than that without taking points off). This means replace every 3 lines in the single spaced document with 2 lines. It's hard to cut down the size of a paper. That's why I want you to do the cutting! (I know 6 pages aren't much.) Make tough decisions and cut out stuff that's less relavent to your *point*. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Apr 14 07:35:02 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3EEZ2qB022397 for ; Wed, 14 Apr 2004 07:35:02 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3EEXBf7001860 for ; Wed, 14 Apr 2004 07:33:11 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3EEXB2X001858 for cs530@merlot.usc.edu; Wed, 14 Apr 2004 07:33:11 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3EEXBf7001855 for ; Wed, 14 Apr 2004 07:33:11 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3EEXArw001833 for ; Wed, 14 Apr 2004 07:33:11 -0700 Message-Id: <200404141433.i3EEXArw001833@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: cs530 term paper format Date: Wed, 14 Apr 2004 07:33:10 -0700 From: william@bourbon.usc.edu Someone wrote: > I was wondering how should we describe the algorithms used in > reference papers. Like one of my papers, it has this algorithm > For i=log n-1, ...x > j = j/2 > --- > --- > --- > Now i can't write this thing in my own words. and there are > lines which describe variables and funcition used by this algo.. > Like let f() be a psuedo randon generator which doubles it's > input size; h()/L, h()/R be left and right halves of h(). > > what should i do about them. How to paraphrase something that > can't be changed. I hope you got my point. You need to ask yourself, "what is the essence of this algorithm?" Describe that! Should your readers care about exactly what's in this algorithm? And why? Think about what we did in class when DES was described. We didn't go into details. We just point out the most significant parts of DES and refer you to the text book if you really want to find out about the details. You should do something similar. > Should i write a note at end; algo stolen from reference paper. :-). If you absolutely have to copy an algorithm from a paper, say, reference #3, you just have to say something like, the following algorithm is from [3], and have the algorithm in a separate, indented, paragraph by itself. This is *not* stealing, this is citation and giving full credit to the reference. (Stealing is when you don't give credit and pretend it's yours.) -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Tuesday, April 13, 2004 10:06 pm Subject: Re: cs530 term paper format > Someone wrote: > > > I am having some trouble paring down my paper to the appropriate > > size, and would just like some quick clarification to determine > > what should stay and what should go. I am writing my paper as a > > survey of ... techniques in ... > > The layout I had envisioned was therefore as follows: > > > > 1, An intro to the problem domain > > You should keep this brief. > > > 2, A brief description of the underlying ... protocols > > (these form the basis of the solutions) > > > > 3, A description of the most common known attacks > > 2 & 3 should probably be merged. You should be as brief > and as concise as possible, if you are trying to cut > things down. > > > 4, A description of 3 different solutions > > > > 5, A discussion of the pros and cons of said solutions > > > > 6, My conclusions based on the discussion (I might include this > > in 5 instead) > > The rest sounds good. > > > I would like to know if there are any sections that you feel are > > unnecessary, for example my description of the ... protocols. > > Right now I am halfway through part 4 and have hit 3,064 words (I > > can bring this down a lot by condensing my sentences). > > As I have mentioned before, I won't count words. You can have > at most 6 double-spaced pages (plus references). > > Condensing sentences is not a good way to reduce the size > of a paper if you have a lot to reduce. You should find > ways to cut paragraphs or reduce paragraphs to sentenses > (if you have a lot to cut). > > > Another > > concern of mine aside from length is that in reading my paper you > > might be bored since my discussion comes after I describe the > > attacks and defenses. I feel this is a natural way to present my > > topic based on the papers I've been reading and their formats, > > but the last thing I want to do is produce something that is way > > too long or confusing for you to grade. > > I will deduct points for over 6 pages. And of course I will > deduct points for a confusing paper! > > You don't *have to* describe attacks and defenses *in detail* > if you are short on space. You need to convey the essence of > these attacks and defenses. This requires understanding what > you are describing and then you can cut out stuff that's of > secondary importance. > > > Please let me know how I can make this more effective and > > gradable. > > > > Also, I wanted to know if you were against students formatting > > their papers in the two-column layout that many papers are > > written in. I was considering creating a pdf organized in this > > fashion because it looks professional, but obviously looks are > > not my primary concern. > > Usually, two-column layout is *not* for doubly-spaced documents! > Since we are doing double-spacing, please write your paper in > single-column. > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Apr 13 22:08:02 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3E582qB011452 for ; Tue, 13 Apr 2004 22:08:02 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3E56Cf7020696 for ; Tue, 13 Apr 2004 22:06:12 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3E56CdO020694 for cs530@merlot.usc.edu; Tue, 13 Apr 2004 22:06:12 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3E56Cf7020691 for ; Tue, 13 Apr 2004 22:06:12 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3E56CeH020687 for ; Tue, 13 Apr 2004 22:06:12 -0700 Message-Id: <200404140506.i3E56CeH020687@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: cs530 term paper format Date: Tue, 13 Apr 2004 22:06:12 -0700 From: william@bourbon.usc.edu Someone wrote: > I am having some trouble paring down my paper to the appropriate > size, and would just like some quick clarification to determine > what should stay and what should go. I am writing my paper as a > survey of ... techniques in ... > The layout I had envisioned was therefore as follows: > > 1, An intro to the problem domain You should keep this brief. > 2, A brief description of the underlying ... protocols > (these form the basis of the solutions) > > 3, A description of the most common known attacks 2 & 3 should probably be merged. You should be as brief and as concise as possible, if you are trying to cut things down. > 4, A description of 3 different solutions > > 5, A discussion of the pros and cons of said solutions > > 6, My conclusions based on the discussion (I might include this > in 5 instead) The rest sounds good. > I would like to know if there are any sections that you feel are > unnecessary, for example my description of the ... protocols. > Right now I am halfway through part 4 and have hit 3,064 words (I > can bring this down a lot by condensing my sentences). As I have mentioned before, I won't count words. You can have at most 6 double-spaced pages (plus references). Condensing sentences is not a good way to reduce the size of a paper if you have a lot to reduce. You should find ways to cut paragraphs or reduce paragraphs to sentenses (if you have a lot to cut). > Another > concern of mine aside from length is that in reading my paper you > might be bored since my discussion comes after I describe the > attacks and defenses. I feel this is a natural way to present my > topic based on the papers I've been reading and their formats, > but the last thing I want to do is produce something that is way > too long or confusing for you to grade. I will deduct points for over 6 pages. And of course I will deduct points for a confusing paper! You don't *have to* describe attacks and defenses *in detail* if you are short on space. You need to convey the essence of these attacks and defenses. This requires understanding what you are describing and then you can cut out stuff that's of secondary importance. > Please let me know how I can make this more effective and > gradable. > > Also, I wanted to know if you were against students formatting > their papers in the two-column layout that many papers are > written in. I was considering creating a pdf organized in this > fashion because it looks professional, but obviously looks are > not my primary concern. Usually, two-column layout is *not* for doubly-spaced documents! Since we are doing double-spacing, please write your paper in single-column. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Apr 13 03:15:20 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3DAFKqB022857 for ; Tue, 13 Apr 2004 03:15:20 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3DADXf7030747 for ; Tue, 13 Apr 2004 03:13:33 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3DADVPH030714 for cs530@merlot; Tue, 13 Apr 2004 03:13:31 -0700 Date: Tue, 13 Apr 2004 03:13:31 -0700 From: william@bourbon.usc.edu Message-Id: <200404131013.i3DADVPH030714@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: term paper length... Hi, The term paper page says that your term paper should be a 5 to 6 pages in length, double spaced (about 2000 words). Unlike midterm exam questions, I will *not* count the number of words. But, I would like to see that your paper is *not* longer than 6 pages (not including references). This means that you can play with the definition of "double spaced" (but don't make it look like single spaced). If what you have is a lot longer than 6 pages, please cut it down to fit in 6 pages. I want *you* to decide what's important to your paper. I will deduct points if your paper is longer than 6 double spaced pages. Also, the smallest point size I would accept is a 10-point font (11 point would be more readable). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Apr 12 16:23:57 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3CNNvqB009930 for ; Mon, 12 Apr 2004 16:23:57 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3CNMAf7017076 for ; Mon, 12 Apr 2004 16:22:10 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3CNMA33017074 for cs530@merlot.usc.edu; Mon, 12 Apr 2004 16:22:10 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3CNMAf7017065 for ; Mon, 12 Apr 2004 16:22:10 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3CNMA8I017063 for cs530; Mon, 12 Apr 2004 16:22:10 -0700 Date: Mon, 12 Apr 2004 16:22:10 -0700 From: william@bourbon.usc.edu Message-Id: <200404122322.i3CNMA8I017063@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: The paper needs to "say something" or "make a point"... Hi, Someone asked me the following question: Since I'm writing a survey paper, what does it mean to have the paper "say something" or "make a point"? It's just a survey! When you read a bunch of references, you should start for form your opinion about something these references talk about. This opinion of yours is "something you say" or "your point". You can think about writing your survey term paper as a multi-pass process. The first pass, you write down what you know about your references, focusing on a specific topic. At the end of the first pass, you want to state your opinion/point. Now, you go back and modify your paper to make it look like you are really trying to write something that *supports* your point (and may be refine your point). You will change things so that the references would look like supporting evidence of your point and not just a simple (boring) survey! You will go over your paper multiple passes untill your paper become conherent. But, don't *over-do* this! If you really don't have a point to make (after you've gone through the above process), try to keep the paper clear and technically sound (and all these other properties mentioned in the term paper web page) and not to make a point that you cannot support (because then it before unclear and unsound). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Apr 10 16:05:56 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i3AN5uqB010498 for ; Sat, 10 Apr 2004 16:05:56 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3AN4Cf7028969 for ; Sat, 10 Apr 2004 16:04:12 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i3AN4COx028967 for cs530@merlot.usc.edu; Sat, 10 Apr 2004 16:04:12 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i3AN4Cf7028958 for ; Sat, 10 Apr 2004 16:04:12 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i3AN4CJb028954 for ; Sat, 10 Apr 2004 16:04:12 -0700 Message-Id: <200404102304.i3AN4CJb028954@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Reg HW2, Prob 4.1 Date: Sat, 10 Apr 2004 16:04:12 -0700 From: william@bourbon.usc.edu Hi, I'm just forwarding a message from the TA. -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Sat, 10 Apr 2004 15:57:44 -0700 From: ho chung Cc: william@bourbon.usc.edu Subject: Re: Reg HW2, Prob 4.1 if Alice has the correct shared key K, then the value of nonce R and the response R is the same Ho ----- Original Message ----- Date: Saturday, April 10, 2004 2:57 pm Subject: Reg HW2, Prob 4.1 > The problem statement says 'nonce R' sent by Bob to Alice and, 'Response R' > sent by Alice to Bob. So by 'R', does it mean that Alice resends the nonce > as it is, or is it a typo (I mean Alice sends something else, say nonce > increemented by 1). Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Apr 9 02:28:01 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i399S1qB001334 for ; Fri, 9 Apr 2004 02:28:01 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i399QNf7023691 for ; Fri, 9 Apr 2004 02:26:23 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i399QNhc023687 for cs530@merlot; Fri, 9 Apr 2004 02:26:23 -0700 Date: Fri, 9 Apr 2004 02:26:23 -0700 From: william@bourbon.usc.edu Message-Id: <200404090926.i399QNhc023687@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: citation format Hi, In the references section of your term paper (and proposal), please show the following important information: 1) authors (don't use "et al", list all authors, either full name or first initial and last name) 2) exact title 3) where published (if it's a conference or a workshop, you should say "Proceedings of the ..."; if it's a book chapter, you only need the book title; if it's a book, then (2) is sufficient; if it's a white paper, say it's a white paper; if it's a tech report, give the tech report number and origin) 4) page numbers, if applicable and available 5) year published If you need examples, please see: http://merlot.usc.edu/cs530-s04/papers.html where title is italicized. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Apr 9 01:32:48 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i398WmqB032628 for ; Fri, 9 Apr 2004 01:32:48 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i398VBf7002577 for ; Fri, 9 Apr 2004 01:31:11 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i398VBAb002575 for cs530@merlot.usc.edu; Fri, 9 Apr 2004 01:31:11 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i398VBf7002572 for ; Fri, 9 Apr 2004 01:31:11 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i398VBXX002570 for cs530; Fri, 9 Apr 2004 01:31:11 -0700 Date: Fri, 9 Apr 2004 01:31:11 -0700 From: william@bourbon.usc.edu Message-Id: <200404090831.i398VBXX002570@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: term paper (and proposal) formats... Hi, The term paper web page didn't say what are acceptalbe formats are. Please use the same formats as your HW2. I've just added the following: [BC: Added 4/9/2004] Please note that the only allowed formats are ASCII text, PDF, Postscript, and HTML. Thanks! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Apr 8 22:25:50 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i395PoqB029159 for ; Thu, 8 Apr 2004 22:25:50 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i395ODf7016838 for ; Thu, 8 Apr 2004 22:24:13 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i395ODqA016836 for cs530@merlot.usc.edu; Thu, 8 Apr 2004 22:24:13 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i395ODf7016833 for ; Thu, 8 Apr 2004 22:24:13 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i395ODI1016829 for ; Thu, 8 Apr 2004 22:24:13 -0700 Message-Id: <200404090524.i395ODI1016829@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Idea about GAA & privacy policy Date: Thu, 08 Apr 2004 22:24:13 -0700 From: william@bourbon.usc.edu Someone wrote: > A comment you made about website privacy policies in the 4/5 > lecture made me think. You asked, "How do you know that the site > enforces its privacy policy?" > > I wonder if an extension of the GAA concept might cover such a > scenario (though not necessarily as presently conceived). One > can imagine that, using a GAA-like mechanism, individuals might > be able to specify their own policies. That is, when a site > wanted to make use of data X, they would contact the user's GAA > server, which would evaluate the request and say, "yes/no/maybe." > > Many users would not be able to provide such services themselves. > (Besides there being an O(n^2) communications issue.) That > creates an opportunity for a GAA service: a type of clearinghouse > you might subscribe to through which you specify your personal > policy. (Watch it! This email is now a trade secret! ;-) > > Has anyone thought of such a concept (as in the ISI folk)? It's an interesting idea. I'm not part of ISI, so I'm sorry that I don't really know exactly what's going on there. So I don't know if they have though about this. I think Dr. Neuman is probably the person that can answer this question. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Apr 6 22:48:33 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i375mXqB008310 for ; Tue, 6 Apr 2004 22:48:33 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i375l1f7017355 for ; Tue, 6 Apr 2004 22:47:01 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i375l1Do017353 for cs530@merlot.usc.edu; Tue, 6 Apr 2004 22:47:01 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i375l1f7017345 for ; Tue, 6 Apr 2004 22:47:01 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i375l1rZ017340 for ; Tue, 6 Apr 2004 22:47:01 -0700 Message-Id: <200404070547.i375l1rZ017340@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Policy modules and MLS systems Date: Tue, 06 Apr 2004 22:47:01 -0700 From: william@bourbon.usc.edu Someone wrote: > A small elaboration of some points you made in the 3/31 lecture. You > were discussing the Bell-LaPadula model with respect to secure systems, > and noted that the systems for differing security levels and > compartments were physically distinct. This is generally true, but as > such these systems avoid the issues modeled by Bell-LaPadula. > > In particular, the Bell-LaPadula model specifically addresses > *multi*-level secure (MLS) systems -- that is, where multiple levels of > security are present on a single platform. If the systems are > physically separated, by definition they are not MLS. It's been awhile > since I worked with these, but I believe that one system was approved A1 > (provably secure), though it was not practically useful. > > As an interesting historical note, I actually worked on (an attempt to > provide) a provably (that is, A1) secure system for NASA, which was to > be used to schedule access to certain satellite resources, whose users > operate at different security levels. The plan was to use automated > theorem provers to *prove* that the Bell-LaPadula model was properly > implemented. I cannot speak as to the success of that effort, however. > > The concept is interesting, and no doubt of value outside the defense > community. The criteria for A1 certification in the Orange Book is so > daunting (*proof*, not demonstration, that the security model is > enforced) that its practical utility is questionable. As far as I know > (though I haven't worked in this area for years), no commercially > successful A-level systems exist. I didn't know that an A level system has been built (may be that's a secret, :-)! Thanks for letting me know. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Apr 5 22:21:17 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i365LHqB013680 for ; Mon, 5 Apr 2004 22:21:17 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i365Jmf7016415 for ; Mon, 5 Apr 2004 22:19:48 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i365JmOD016413 for cs530@merlot.usc.edu; Mon, 5 Apr 2004 22:19:48 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i365Jmf7016410 for ; Mon, 5 Apr 2004 22:19:48 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i365JmHr016406 for ; Mon, 5 Apr 2004 22:19:48 -0700 Message-Id: <200404060519.i365JmHr016406@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Hw 2 problem 4.2 question Date: Mon, 05 Apr 2004 22:19:48 -0700 From: william@bourbon.usc.edu Someone wrote: > The problem states that the client's private network consists of multiple > authentication servers. Can we describe a method to gain authentication > with any one of these servers? I want to make sure I understand the > significance of multiple authentication servers in this problem. Are > they simply redundant servers to make the system more robust? Actually, that's part of the design parameter. In your answer, you should state whether you want a system where multiple authentication servers are just redundant. Or you want them to be a bit different or a lot different. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Apr 5 13:42:16 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i35KgFqB003778 for ; Mon, 5 Apr 2004 13:42:16 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i35Kelf7011765 for ; Mon, 5 Apr 2004 13:40:47 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i35Kelg9011763 for cs530@merlot.usc.edu; Mon, 5 Apr 2004 13:40:47 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i35Kelf7011760 for ; Mon, 5 Apr 2004 13:40:47 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i35KelMQ011758 for cs530; Mon, 5 Apr 2004 13:40:47 -0700 Date: Mon, 5 Apr 2004 13:40:47 -0700 From: william@bourbon.usc.edu Message-Id: <200404052040.i35KelMQ011758@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Nandwani's HW2... Hi, Did anyone accidentally picked up Ashish Nandwani's HW2? Please let me know. Thanks! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Apr 4 22:56:48 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i355umqB019457 for ; Sun, 4 Apr 2004 22:56:48 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i355tLf7017570 for ; Sun, 4 Apr 2004 22:55:21 -0700 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i355tLiu017565 for cs530@merlot.usc.edu; Sun, 4 Apr 2004 22:55:21 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i355tLf7017559 for ; Sun, 4 Apr 2004 22:55:21 -0700 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i355tLWf017555 for ; Sun, 4 Apr 2004 22:55:21 -0700 Message-Id: <200404050555.i355tLWf017555@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: rfc as one of the references Date: Sun, 04 Apr 2004 22:55:21 -0700 From: william@bourbon.usc.edu Someone wrote: > Is it ok to have a RFC as one of the references? Hi, I would not put RFCs in the same category as published papers. (RFCs are often not peer-reviewed. Also, they are often in the proposal stage.)) So, you can have RFCs, but you still need at least 2 published papers in your list of references. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Apr 2 17:37:08 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i331b8qB016123 for ; Fri, 2 Apr 2004 17:37:08 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i331Zlf7012063 for ; Fri, 2 Apr 2004 17:35:47 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i331ZlAn012061 for cs530@merlot.usc.edu; Fri, 2 Apr 2004 17:35:47 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i331Zlf7012053 for ; Fri, 2 Apr 2004 17:35:47 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i331Zljt012048 for ; Fri, 2 Apr 2004 17:35:47 -0800 Message-Id: <200404030135.i331Zljt012048@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: HW2 problem 4... Date: Fri, 02 Apr 2004 17:35:47 -0800 From: william@bourbon.usc.edu Someone wrote: > >HW2 problem 4 is due at 11:45PM, Friday, Apr 12, 2004. > >Electronic submissions only. The deadline is firm. > > Hello, Professor, > > Is the assignment due Friday, Apr *9*? Or *Monday*, Apr 12? :-) Ooops! I mean Monday 4/12. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Apr 2 16:30:52 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i330UqqB014813 for ; Fri, 2 Apr 2004 16:30:52 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i330TVf7015909 for ; Fri, 2 Apr 2004 16:29:31 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i330TVD0015907 for cs530@merlot.usc.edu; Fri, 2 Apr 2004 16:29:31 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i330TVf7015904 for ; Fri, 2 Apr 2004 16:29:31 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i330TVW7015902 for cs530; Fri, 2 Apr 2004 16:29:31 -0800 Date: Fri, 2 Apr 2004 16:29:31 -0800 From: william@bourbon.usc.edu Message-Id: <200404030029.i330TVW7015902@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: HW2 problem 4... Hi, HW2 problem 4 is due at 11:45PM, Friday, Apr 12, 2004. Electronic submissions only. The deadline is firm. Please note that the only allowed formats are ASCII text, PDF, Postscript, and HTML. Please name your submission as either hw2-4.txt, hw2-4.pdf, hw2-4.ps, or hw2-4.html, respectively. (Please do *not* tar and gzip your submission and use the correct file extension to match the format.) -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Apr 1 07:29:17 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i31FSvqB010250 for ; Thu, 1 Apr 2004 07:29:17 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i31FRTf7029897 for ; Thu, 1 Apr 2004 07:27:29 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i31FRT80029892 for cs530@merlot.usc.edu; Thu, 1 Apr 2004 07:27:29 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i31FRTf7029887 for ; Thu, 1 Apr 2004 07:27:29 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i31FRTfl029879 for ; Thu, 1 Apr 2004 07:27:29 -0800 Message-Id: <200404011527.i31FRTfl029879@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: does RSA works for all M ? Date: Thu, 01 Apr 2004 07:27:29 -0800 From: william@bourbon.usc.edu Hi, I'm just passing along a message from a student. I wasn't aware of this either. Thanks for bringing it up. I'll try to find out if there is a way to get around this problem in practice. -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Thu, 01 Apr 2004 00:06:11 -0800 To: william@bourbon.usc.edu Subject: does RSA works for all M ? Hello Professor, I was just going through one of the RSA papers, and got to read a para regarding the correctness of RSA. The proof assumed that the M (message to be encryted), belongs to group Z/nZ*(i.e. numbers realtively prime to n=pq). So this means that a RSA syatem will not me able to decrypt any M, when M is one of those numbers which are not prime to n. Though, this has a very low probability (pq - (p-1)(q-1))/(pq), I think this needs to be mentioned. I think, this was never mentioned in any of the class lectures, or may be I missed out on it. Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Apr 1 07:06:42 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i31F6MqB009841 for ; Thu, 1 Apr 2004 07:06:42 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i31F4tf7008507 for ; Thu, 1 Apr 2004 07:04:55 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i31F4tvj008499 for cs530@merlot; Thu, 1 Apr 2004 07:04:55 -0800 Date: Thu, 1 Apr 2004 07:04:55 -0800 From: william@bourbon.usc.edu Message-Id: <200404011504.i31F4tvj008499@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: complaining about HW2 grading... Hi, HW2 was returned to those who came to yesterday's (Wed 3/31) lecture. According to: http://merlot.usc.edu/cs530-s04/description.html#regrade you have till next Wednesday (4/7) to complain about grading. The grader does *not* have your HW2, so you must pick up HW2 from me. Most likely, I won't be on campus until next Monday. This would mean that if you want your HW2 back soon, you should either come to class next week (you can leave right away and that's okay bye me), or make an appointment with me to pick up your HW2. Or you can have your friend do the same. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 31 22:15:45 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i316FjqB032069 for ; Wed, 31 Mar 2004 22:15:45 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i316Dmf7018820 for ; Wed, 31 Mar 2004 22:14:08 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i316DcSN018652 for cs530@merlot.usc.edu; Wed, 31 Mar 2004 22:13:38 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i316DSf7018495 for ; Wed, 31 Mar 2004 22:13:38 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i316DIkT018331 for ; Wed, 31 Mar 2004 22:13:28 -0800 Message-Id: <200404010613.i316DIkT018331@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Regarding HW#3 comments in 3/18 lecture Date: Wed, 31 Mar 2004 22:13:18 -0800 From: william@bourbon.usc.edu Someone wrote: > (Yes, I'm just now catching up with back lectures...) > > You commented about the visibility of the secret key through the > handle. No matter what the mechanism, though, any data that is in > memory is visible to someone with a debugger. This is simply a > limitation of the example you have chosen. > > Isn't the distinction in an actual smartcard (as opposed to a > library-based pseudo-smartcard) that there *is* no handle into the > smartcard itself? An actual smartcard has an interface (serial, I > presume) through which data is passed. The secret contents of the > smartcard are not accessible through this interface. Yes. With a physical smartcard, there is less of an issue with reentrant code. You can build global state when the smartcard is powered up and do not allow access until the smartcard is ready for use. For HW3, we need to go through the extra trouble because we are using a shared library and there is really no easy and clean way to initialize a UNIX shared library that I am aware of. The best way for HW3 is to not have state information at all and rebuilt (RSA*) from the char array in "secret.c" on every call to any appropriate SC_* function. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 31 16:52:50 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i310qoqB026230 for ; Wed, 31 Mar 2004 16:52:50 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i310pYf7002287 for ; Wed, 31 Mar 2004 16:51:34 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i310pYVc002285 for cs530@merlot.usc.edu; Wed, 31 Mar 2004 16:51:34 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i310pYf7002282 for ; Wed, 31 Mar 2004 16:51:34 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i310pYdv002280 for cs530; Wed, 31 Mar 2004 16:51:34 -0800 Date: Wed, 31 Mar 2004 16:51:34 -0800 From: william@bourbon.usc.edu Message-Id: <200404010051.i310pYdv002280@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: regarding term paper... Someone wrote: > There isn't a whole lot of information or published papers. > Would that be a reason good enough for me not to try to spend > time looking at this ? My objective of the term-paper is to > learn about new areas in ... with focus on ... But that's not the object of the term paper! I understand that it's more fun to just learn new stuff and not be too critical about what you have learned. Someone may even call this a hobby. :-) One objective of the term paper is to force you to read something difficult and critical (and therefore, not fun). > but at the same time i don't want to lose a whole lot of > marks just because i didn't adhere to any "expected" > guidelines (like references to published papers and others). > > I will try my best to cite all the sources which have > information pertaining to this area, but would that be a > decent and acceptable compromise by you and professor ? :-) The reason we want to see published papers as references is not that we just want to create trouble for you. Published papers usually give more *objective evaluation* of schemes. If your paper is mostly based on specifications and marketing materials, your paper will be *weaker*. (Please be aware that marketing people often have input into technical specifications! So, it is not good that what you will "learn" is mostly what a company's marketing people want you to think you have learned.) -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 31 07:31:32 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2VFVWqB015872 for ; Wed, 31 Mar 2004 07:31:32 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2VFUHf7016202 for ; Wed, 31 Mar 2004 07:30:17 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2VFUH8S016197 for cs530@merlot.usc.edu; Wed, 31 Mar 2004 07:30:17 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2VFUGf7016191 for ; Wed, 31 Mar 2004 07:30:16 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2VFUGf0016187 for ; Wed, 31 Mar 2004 07:30:16 -0800 Message-Id: <200403311530.i2VFUGf0016187@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: regarding the term paper... Date: Wed, 31 Mar 2004 07:30:16 -0800 From: william@bourbon.usc.edu Someone wrote: > I have a silly question. Like most of the papers I'm looking > at are published white papers. Well actually I do't know the > difference between white paper and a normal reserch paper(we > can call this black paper; bcz it's dificult to understand. > is like a black box.) > > Do we need to collect related reserch papers or white papers > etc are also good. Or the two things are same. Hi, Although there are exceptions, white papers are usually *not* refereed (so their quality, fairness, and technical soundness may be questionable). They are also usually in the form of *proposals* and not completed works. You should have *at most* one white papers in your 3 references. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Mar 30 16:48:50 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2V0moqB031901 for ; Tue, 30 Mar 2004 16:48:50 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2V0laf7015494 for ; Tue, 30 Mar 2004 16:47:36 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2V0lali015487 for ; Tue, 30 Mar 2004 16:47:36 -0800 Message-Id: <200403310047.i2V0lali015487@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: regarding the term paper... Date: Tue, 30 Mar 2004 16:47:36 -0800 From: william@bourbon.usc.edu Hi, I've just added a section on: http://merlot.usc.edu/cs530-s04/termpaper.html#expect with the information I wrote below. -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Tue, 30 Mar 2004 16:41:26 -0800 From: william@bourbon.usc.edu To: cs530@bourbon.usc.edu Subject: regarding the term paper... Hi, Just to itemize a few things I'm looking for in your final term paper: 1) a *good* paper 2) *clearly* written and technically *sound* 3) does a good job in evaluating the surveyed area or presenting your original idea (depending on which type of paper you are writing) - if you are doing a survey paper, don't pick 3 papers that say pretty much the same thing 4) the paper needs to "say something" or "make a point" (have your friends read it, if they don't "get it", you need to make your pointer clearer) 5) demonstration that you have read and understood your references Since the term paper will be an *extended abstract*, I wouldn't say that I expect great depth. So, you don't need to look for something that no one understands! :-) -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 30 16:42:40 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2V0geqB031742 for ; Tue, 30 Mar 2004 16:42:40 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2V0fRf7013131 for ; Tue, 30 Mar 2004 16:41:27 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2V0fRox013129 for cs530@merlot.usc.edu; Tue, 30 Mar 2004 16:41:27 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2V0fRf7013123 for ; Tue, 30 Mar 2004 16:41:27 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2V0fQYL013120 for cs530; Tue, 30 Mar 2004 16:41:26 -0800 Date: Tue, 30 Mar 2004 16:41:26 -0800 From: william@bourbon.usc.edu Message-Id: <200403310041.i2V0fQYL013120@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: regarding the term paper... Hi, Just to itemize a few things I'm looking for in your final term paper: 1) a *good* paper 2) *clearly* written and technically *sound* 3) does a good job in evaluating the surveyed area or presenting your original idea (depending on which type of paper you are writing) - if you are doing a survey paper, don't pick 3 papers that say pretty much the same thing 4) the paper needs to "say something" or "make a point" (have your friends read it, if they don't "get it", you need to make your pointer clearer) 5) demonstration that you have read and understood your references Since the term paper will be an *extended abstract*, I wouldn't say that I expect great depth. So, you don't need to look for something that no one understands! :-) -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 30 13:06:27 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2UL6RqB024561 for ; Tue, 30 Mar 2004 13:06:27 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2UL5Ef7003882 for ; Tue, 30 Mar 2004 13:05:14 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2UL5EYC003880 for cs530@merlot.usc.edu; Tue, 30 Mar 2004 13:05:14 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2UL5Ef7003877 for ; Tue, 30 Mar 2004 13:05:14 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2UL5ETs003873 for ; Tue, 30 Mar 2004 13:05:14 -0800 Message-Id: <200403302105.i2UL5ETs003873@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Function verify's input size Date: Tue, 30 Mar 2004 13:05:13 -0800 From: william@bourbon.usc.edu Hi, I'm just forwarding a message from a student who has done some investigation on how RSA_private_encrypt() and RSA_public_decrypt() work in OpenSSL. -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Tue, 30 Mar 2004 12:38:44 -0800 To: william@bourbon.usc.edu Subject: Re: Function verify's input size william@bourbon.usc.edu wrote: >One thing I do not understand is how RSA_public_decrypt() >figures out how many bytes to output! It seems to be >able to figure out from the "digital signature" how many >bytes the original input was. > >Since the "digital signature" is always 128 bytes if we >use a 1024-bit public modulus, where does it store the >size of the original input? It must encode that information >in the 128 bytes of output. Do you know how it's done? > > Turns out RSA_public_decrypt figures out the digest length in the same way that openSSL figures out the length of an encrypted message -- not by encoding the size, but by inspecting the padding. It just removes the padding and what remains *is* the digest. 1. Before encryption, the digest is right-justified within the RSA_size() signature block, and padded on the left. The padding (0xFF) terminates with a null (0x00) byte (in PKCS#1 padding, at least). This padded block is encrypted to form the signature. 2. After decrypting the signature, RSA_public_decrypt scans from the beginning of the buffer, consuming the 0xFF pad bytes. When it finds the 0x00 byte, the next byte is the start of the decrypted digest. 3. The remainder of the buffer is copied out as the digest, and its size is returned. In principle, this strategy would work for *any* digest type or size, as long as the digest is not more than {modulus size}-3 in length. (The actual restriction, I think, is {modulus size}-11.) Since RSA_public_decrypt knows there will always be *some* padding, it need not worry about distinguishing padding from data (the problem we discussed with respect to block encryption padding). If you're curious, the public_decrypt implementation is in crypto/rsa/rsa_eay.c, and the padding algorithms in crypto/rsa/rsa_pk1.c. The actual encrypt/decrypt/sign, etc functions are called indirectly, so that other implementations may be substituted. These files contain the default methods. Now we know! Thank you, Professor. Regards, Dan Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 30 10:08:30 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2UI8UqB018766 for ; Tue, 30 Mar 2004 10:08:30 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2UI7Hf7000301 for ; Tue, 30 Mar 2004 10:07:17 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2UI7HRE032767 for cs530@merlot.usc.edu; Tue, 30 Mar 2004 10:07:17 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2UI7Hf7032764 for ; Tue, 30 Mar 2004 10:07:17 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2UI7HI8032760 for ; Tue, 30 Mar 2004 10:07:17 -0800 Message-Id: <200403301807.i2UI7HI8032760@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: SC_sign and SC_get_sig Date: Tue, 30 Mar 2004 10:07:17 -0800 From: william@bourbon.usc.edu Someone wrote: > william@bourbon.usc.edu wrote: > > >Someone wrote: > > > > > Professor, > > > > > > Yes, the *smartcard* operations work, because it has n, d, and e. I > > > found that, too. Otherwise RSA_size() wouldn't work to return the > > > signature size (in the smartcard, that is). > > > > > > But I think the student was calling RSA_size() from the *application* > > > during the verify operation, to get the buffer size, or to figure out > > > how many bytes of the encrypted input file to read. (Because you don't > > > need to read any more bytes than the size of the signature.) There, > > > you have only n and e, and that's when RSA_size() fails. > > > >In my code, I've never found an instance where I need to call > >RSA_size() in the application! > > Agreed. When you read the RSA_public_decrypt man page, though, it tells > you the signature is RSA_size(a) in length. So your first inclination > is to use that function, until you remember that the signature size is > provided by the smartcard. I think that was the source of confusion (at > least for me!). I checked my code again and sure enough, I called SC_get_signature_size() when I tried to figure out what size buffer to allocate. I didn't even think that calling RSA_size() would cause problem. May be this is just a quirk in OpenSSL. I would think that given rsa->n, it should be able to figure out RSA_size(). May be it needs rsa->d because it's doing something funny internally. Well, only looking at the OpenSSL source can one find out what's really going on. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 30 07:36:49 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2UFanqB014190 for ; Tue, 30 Mar 2004 07:36:49 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2UFZbf7031345 for ; Tue, 30 Mar 2004 07:35:37 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2UFZbF7031343 for cs530@merlot.usc.edu; Tue, 30 Mar 2004 07:35:37 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2UFZbf7031334 for ; Tue, 30 Mar 2004 07:35:37 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2UFZb81031330 for ; Tue, 30 Mar 2004 07:35:37 -0800 Message-Id: <200403301535.i2UFZb81031330@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: system() Date: Tue, 30 Mar 2004 07:35:37 -0800 From: william@bourbon.usc.edu Someone wrote: > hi Prof, I used system() to remove the temp file by doing "rm -rf > ", but just now I heard my friend told me > that we are not supposed to use system() to remove files or to do > any kind of file/directory operation(such as creating and > deleting files), and we will get points deducted because of it. I > already submit the homework yesterday and I looked over the > emails to see if you mention it, I found the one that you said > that we supposed to use mkstemp to create temp files, but did not > explicitly say that we are not supposed to use system() to remove > file, thank you. You know, I cannot list everything that you are not suppose to do! Although I said a few times that you are *not* suppose to remove the temporary directory. Actually, I sadi something even strong than that. I said you should *never* remove a directory programmatically (unless some spec says that you have to). The "/bin/rm -rf ..." is meant to be used from the commandline. I mentioned it because someone has trouble getting rid of a directory (not becuase he/she wanted to do this from his/her program). Also, please see my message with timestamp "Tue 23 Mar 14:05". -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Mar 29 22:29:10 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2U6TAqB003071 for ; Mon, 29 Mar 2004 22:29:10 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2U6Rxf7026208 for ; Mon, 29 Mar 2004 22:27:59 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2U6RxsG026206 for cs530@merlot.usc.edu; Mon, 29 Mar 2004 22:27:59 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2U6Rxf7026198 for ; Mon, 29 Mar 2004 22:27:59 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2U6Rx2K026193 for ; Mon, 29 Mar 2004 22:27:59 -0800 Message-Id: <200403300627.i2U6Rx2K026193@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: hi Date: Mon, 29 Mar 2004 22:27:58 -0800 From: william@bourbon.usc.edu Someone wrote: > if i make changes to 3 or less lines of code and resubmit > before 11.45 pm tonight , will there be any kind of points > deduction. No deductions. After 11:45pm tonight, all change requests will be denies. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Mar 29 22:10:47 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2U6AlqB002614 for ; Mon, 29 Mar 2004 22:10:47 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2U69af7008300 for ; Mon, 29 Mar 2004 22:09:36 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2U69aXt008298 for cs530@merlot.usc.edu; Mon, 29 Mar 2004 22:09:36 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2U69af7008295 for ; Mon, 29 Mar 2004 22:09:36 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2U69aQu008291 for ; Mon, 29 Mar 2004 22:09:36 -0800 Message-Id: <200403300609.i2U69aQu008291@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: SC_sign and SC_get_sig Date: Mon, 29 Mar 2004 22:09:36 -0800 From: william@bourbon.usc.edu Someone wrote: > Professor, > > Yes, the *smartcard* operations work, because it has n, d, and e. I > found that, too. Otherwise RSA_size() wouldn't work to return the > signature size (in the smartcard, that is). > > But I think the student was calling RSA_size() from the *application* > during the verify operation, to get the buffer size, or to figure out > how many bytes of the encrypted input file to read. (Because you don't > need to read any more bytes than the size of the signature.) There, you > have only n and e, and that's when RSA_size() fails. In my code, I've never found an instance where I need to call RSA_size() in the application! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Mar 29 22:07:48 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2U67mqB002518 for ; Mon, 29 Mar 2004 22:07:48 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2U66bf7005415 for ; Mon, 29 Mar 2004 22:06:37 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2U66bXp005413 for cs530@merlot.usc.edu; Mon, 29 Mar 2004 22:06:37 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2U66bf7005410 for ; Mon, 29 Mar 2004 22:06:37 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2U66b9C005403 for ; Mon, 29 Mar 2004 22:06:37 -0800 Message-Id: <200403300606.i2U66b9C005403@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Diff of newline in Signatures Date: Mon, 29 Mar 2004 22:06:36 -0800 From: william@bourbon.usc.edu Someone wrote: > My code works fine for sign and verify but when I do diff between sig.txt > (provided by you for usctommy.gif) and the one generated by my code, there is > a differnce of one newline. > > In sig.txt provided by you, at the end of the file there is a new line > character! Do I need to insert newline at the end of the file generated by my > programm too? Please see my message with timestamp "Tue 23 Mar 10:36". -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Mar 29 16:00:39 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2U00dqB027420 for ; Mon, 29 Mar 2004 16:00:39 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2TNxSf7006811 for ; Mon, 29 Mar 2004 15:59:28 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2TNxS2u006809 for cs530@merlot.usc.edu; Mon, 29 Mar 2004 15:59:28 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2TNxSf7006803 for ; Mon, 29 Mar 2004 15:59:28 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2TNxSLG006798 for cs530; Mon, 29 Mar 2004 15:59:28 -0800 Date: Mon, 29 Mar 2004 15:59:28 -0800 From: william@bourbon.usc.edu Message-Id: <200403292359.i2TNxSLG006798@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: modifications to HW3... Hi, Just a reminder that you can make up to 3 lines of changes by 11:45pm tonight (not midnight). Please following the instructions at the bottom of the following page for modifications: http://merlot.usc.edu/cs530-s04/homeworks.html -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Mar 29 07:30:01 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2TFU1qB018103 for ; Mon, 29 Mar 2004 07:30:01 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2TFSqf7014452 for ; Mon, 29 Mar 2004 07:28:52 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2TFSqPN014450 for cs530@merlot.usc.edu; Mon, 29 Mar 2004 07:28:52 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2TFSqf7014442 for ; Mon, 29 Mar 2004 07:28:52 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2TFSqCA014437 for ; Mon, 29 Mar 2004 07:28:52 -0800 Message-Id: <200403291528.i2TFSqCA014437@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: deleting $HOME/tmp directory?? Date: Mon, 29 Mar 2004 07:28:51 -0800 From: william@bourbon.usc.edu Someone wrote: > >Anyway, to remove that directory (without confirmation), do: > > > > /bin/rm -rf $HOME/tmp > >-- > >Bill Cheng // bill.cheng@usc.edu > > Please try not to quote me out of context! You should have kept all the stuff above what you were quoting! > Prof, don't you think its not ideal for the program to forcefully remove the > $HOME/tmp directory, because there is a possibility of that directory > already existing from before and there could other files of the user. > Another alternative is to delete that directory only if it did not exist > before running the program, if it existed before running the program then > *DO NOT* delete the directory. I was replying to a student who wanted to remove the $HOME/tmp manually! (I've mentioned it a few times in my messages that you should *never* remove a directory from a program.) He/she had some hidden files in $HOME/tmp and could not remove the directory from the command prompt. I was suggesting to do the above. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Mar 29 07:21:12 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2TFLBqB017905 for ; Mon, 29 Mar 2004 07:21:11 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2TFJwf7005828 for ; Mon, 29 Mar 2004 07:19:58 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2TFJwV8005826 for cs530@merlot.usc.edu; Mon, 29 Mar 2004 07:19:58 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2TFJwf7005823 for ; Mon, 29 Mar 2004 07:19:58 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2TFJwkW005819 for ; Mon, 29 Mar 2004 07:19:58 -0800 Message-Id: <200403291519.i2TFJwkW005819@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: marks distribution Date: Mon, 29 Mar 2004 07:19:58 -0800 From: william@bourbon.usc.edu Someone wrote: > well hw3 is finally done and it was a good one... > but i had a question it was much heavier and time consuming > as compared to first 2 hw's will it still have same weightage > as the other two? Yes! Once the number of points is announced for a while, it would be very very difficult to change. Again, this is for fairness reason. Someone may have decided not to work on it given that it's 1/3 of totoal homework assignments! So, I cannot make it count more now. By the way, HW3 is really *not* harder. The hardest part is to get smartcard to compile and dynamically loaded (successfully) into the application. That's why I posted the code to start. The rest should be fairly straightforward, given that you've implemented HW3 successfully. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 28 17:05:20 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2T15JqB001234 for ; Sun, 28 Mar 2004 17:05:20 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2T14Bf7024633 for ; Sun, 28 Mar 2004 17:04:11 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2T14Brt024631 for cs530@merlot.usc.edu; Sun, 28 Mar 2004 17:04:11 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2T14Bf7024628 for ; Sun, 28 Mar 2004 17:04:11 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2T14BZU024624 for ; Sun, 28 Mar 2004 17:04:11 -0800 Message-Id: <200403290104.i2T14BZU024624@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: SC_sign, RSA_private_encrypt() Date: Sun, 28 Mar 2004 17:04:11 -0800 From: william@bourbon.usc.edu Someone wrote: > in the spec it mentioned to use RSA_private_encrypt() for the signing. Do we > have to put it in the hw3 part or can we call the function in SC_sign(). If > we're suppose to use it in hw3, then I don't really see the need to use > SC_sign(). In "hw3", you don't not have access to the private key! That's the whole point of the smartcard. It is suppose to perform operations with "secret information". -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 28 17:04:02 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2T142qB001222 for ; Sun, 28 Mar 2004 17:04:02 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2T12sf7023393 for ; Sun, 28 Mar 2004 17:02:54 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2T12snb023388 for cs530@merlot.usc.edu; Sun, 28 Mar 2004 17:02:54 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2T12sf7023385 for ; Sun, 28 Mar 2004 17:02:54 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2T12scf023381 for ; Sun, 28 Mar 2004 17:02:54 -0800 Message-Id: <200403290102.i2T12scf023381@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: question on edit yet again Date: Sun, 28 Mar 2004 17:02:54 -0800 From: william@bourbon.usc.edu Someone wrote: > If the user chooses to edit a file that doesn't exist, we create a temp > file and edit that blah blah blah. Question: what if the user decides > that they didn't want to edit that non-existant file? If the editor is vi > and they decide to just quit instead of write quit, how are we to know? > > Can we put in our readme that we expect that if the user edits a file that > doesn't exist and doesn't write to it/save it, it still gets created and > excrypted as a 0 length file? Even if the user decided to save the file > with nothing in it, the sha1 will not change from the original creation > hash. This only seems to apply to files that don't exists and either > don't get saved or are saved with nothing in them (no data). Should I > worry about this? You take the SHA1 and file size of the temporary file *before* you start the editor. If the user just quit, the SHA1 and file size (which is 0 in this case) will be the same. I don't see any problem with this approach. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 28 16:58:04 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2T0w4qB001096 for ; Sun, 28 Mar 2004 16:58:04 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2T0uuf7017695 for ; Sun, 28 Mar 2004 16:56:56 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2T0uu7G017693 for cs530@merlot.usc.edu; Sun, 28 Mar 2004 16:56:56 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2T0uuf7017690 for ; Sun, 28 Mar 2004 16:56:56 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2T0uu2x017686 for ; Sun, 28 Mar 2004 16:56:56 -0800 Message-Id: <200403290056.i2T0uu2x017686@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: SC_sign and SC_get_sig Date: Sun, 28 Mar 2004 16:56:56 -0800 From: william@bourbon.usc.edu Someone wrote: > william@bourbon.usc.edu wrote: > > >Someone wrote: > > > > > I'm confused as to how these 2 functions correlate. How can > > > SC_get_signature_size(Smartcardstate) know the size of the > > > signature of sha1_buf(one of the parameters to SC_sign) > > > without getting it as a parameter ahead of time? > > > >For a 1024-bit public modulus, the signature size is just > >the size of the public modulus, which in this case is > >1024-bits! RSA_size() will return this value if you fill > >the RSA data structure correctly. There's plenty of > >discussion about this in the message archive. > > > Actually, there seems to be a bug in RSA_size() if the RSA structure > contains only a public key, and not a public/private pair. At least on > my machine, RSA_size() of a public key-only RSA returns 4, rather than > 128. You can avoid all this by using the SC_get_signature_size() > interface, which returns RSA_size() of the structure containing both > public and private keys, and (not coincidentally) the correct value. I will make sure that I fill the public modulus (rsa->n) before calling RSA_size(). This is because it is larger than the decryption key (rsa->d). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 28 16:55:01 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2T0t1qB001015 for ; Sun, 28 Mar 2004 16:55:01 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2T0rrf7014866 for ; Sun, 28 Mar 2004 16:53:53 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2T0rrg2014864 for cs530@merlot.usc.edu; Sun, 28 Mar 2004 16:53:53 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2T0rrf7014861 for ; Sun, 28 Mar 2004 16:53:53 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2T0rrlG014857 for ; Sun, 28 Mar 2004 16:53:53 -0800 Message-Id: <200403290053.i2T0rrlG014857@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: _malloc_unlocked??? Date: Sun, 28 Mar 2004 16:53:53 -0800 From: william@bourbon.usc.edu Someone wrote: > william@bourbon.usc.edu wrote: > > >Someone wrote: > > > > > Hi Prof, I've been working on this error since last night and > > > I gave up, I do not know the problem, I got seg fault at a > >.... > > > 641 encFileBuffer = new unsigned char [encFileSize]; > >... > > > >I've said this before, I'm going to say this again... If you > >crash in malloc() related functions, it's usually because you > >have corrupted memory some time before you crash! So, *don't* > >keep staring at the place where you crash if it's a malloc() > >related crash (unless it's obvious). Start searching for > >writing past end of allocated blocks, freeing memory twice, > >or uninitialized variables. > > Professor, I think this is a problem in statement 641 above. I think > the syntax for declaring a new array is different than that for a new > object. It's not an approach I use in my C++ work, so the student will > have to consult a C++ book. Hmm... I thought it should work just fine. > In any case, *why* is he doing this? There are far better alternatives, > such as: > > { > unsigned char abc[ encFileSize ]; > ... > } > > which will just dynamically create abc of size encFileSize on the stack, > within the enclosing context. He could also use a "vector< unsigned > char > abc( encFileSize )", which deals with the underlying malloc's > transparently. (And *nobody* should be allocating memory using "new" > without protecting it in a "smart pointer" (e.g., auto_ptr), though this > is a separate subject.) I would assume that he is allocating an array of char because he needed to pass it around. I'm not familiar with auto_ptr. I guess I should be able to find out what they are on the web. > I can't really help the student, but would *strongly* suggest that he > avoid using new/delete unless there is no other alternative. I've been > programming in C++ for a long time, and avoid them if at all possible. Yes. One should avoid doing new and delete unless it's necessary. Memroy allocation is usually *slow* anyway. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 28 16:30:40 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2T0UeqB000556 for ; Sun, 28 Mar 2004 16:30:40 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2T0TWf7001867 for ; Sun, 28 Mar 2004 16:29:32 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2T0TWc5001865 for cs530@merlot.usc.edu; Sun, 28 Mar 2004 16:29:32 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2T0TWf7001862 for ; Sun, 28 Mar 2004 16:29:32 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2T0TW89001858 for ; Sun, 28 Mar 2004 16:29:32 -0800 Message-Id: <200403290029.i2T0TW89001858@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: edit using different keys Date: Sun, 28 Mar 2004 16:29:32 -0800 From: william@bourbon.usc.edu Someone wrote: > Hi prof, I'm pretty much done with the homework, thanks to your > helpful advices, I'm just curious, Should I check if the file > that I'm trying to edit was edited using different smartcard > library and with a different keys? Of course. You should always check your program *thoroughly*! > because if I create a new > library using different secret keys, so, I created a new keys > (the keys are saved in a different filename than secret.c, lets > say the name for the key file was foo.c)and a new library (lets > call the new library foolibsmartcard.so) and I remake the files > (i did some modifications to the Makefile) and I edit a file by > executing this command "hw3 -so foolibsmartcard.so edit test.t" > then I put some text into test.t, close it and if I try to open > it again using "foolibsmartcard.so", everything looks perfect, > but then I open test.t using "libsmartcard.so" the file that I > see was grabled, well, its supposed to be this way correct? You tell me! Are you suppose to edit a file encrypted using another person's smartcard? > since > I'm using different library that uses different secret keys. So, > up to this point its perfect, but now, since it was grabled, when > I close it, my hw3 program will compute the sha1 value of the > temp file and compare it with the sha1 value that it gain from > the first 20 bytes of test.t, of course these sha1 values are > different, If you did not do a "save" from your editor, the temporary file has not changed. So, I don't understand why it would be differnt. > and my program thinks that the file had changed, so It > will create a new file and encrypt it, now the file is corrupted. I don't understand why you call this "corrupted". It's doing exactly what you asked it to do. > I cannot open it anymore using any library. This I don't see why. > So I need to handle > this? because I have no idea on how to check if this was opened > using different keys. You cannot check! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 28 16:24:40 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2T0OeqB000432 for ; Sun, 28 Mar 2004 16:24:40 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2T0NWf7032036 for ; Sun, 28 Mar 2004 16:23:32 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2T0NW8x032034 for cs530@merlot.usc.edu; Sun, 28 Mar 2004 16:23:32 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2T0NWf7032025 for ; Sun, 28 Mar 2004 16:23:32 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2T0NWSH032021 for ; Sun, 28 Mar 2004 16:23:32 -0800 Message-Id: <200403290023.i2T0NWSH032021@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: t_splay() ?? Date: Sun, 28 Mar 2004 16:23:32 -0800 From: william@bourbon.usc.edu Someone wrote: > The student may find this link useful : > > http://groups.google.com/groups?th=2b67f176836b5bc8 > > also had a question not pertaining to this homework per se. > Yesterday when i was trying to remove the 'tmp' directory for hw3 > (which I came to know from ur mail that we were not supposed to), > I was unable to execute system("rmdir $HOME/tmp"); even though I > deleted all the files from the directory. On doing an ls -al > after cleaning up the files I noticed that there was a file > called ".XXXXXX" (where XXXXXX was filled randomly but not in the > same way as output by mktemp()). I did not create this file. Due > to the presence of this file "rmdir" used to throw "directory not > empty" error.However when the program exited the file was absent > and I ws able to run the exact same "rmdir" command. even an ("rm > $HOME/tmp/*.*"); did not delete that file. i also tried using > "remove()" method...still did not work. Could you please suggest > a way to delete that directory. My guess is that you've created that file when you were playing around with mkstemp(). This is because the 6 X's is what you need to pass to mkstemp(). I assume when you call system() above, you have expanded $HOME (unless it works with $HOME). Anyway, to remove that directory (without confirmation), do: /bin/rm -rf $HOME/tmp -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 28 16:13:57 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2T0DvqB032674 for ; Sun, 28 Mar 2004 16:13:57 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2T0Cnf7027961 for ; Sun, 28 Mar 2004 16:12:49 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2T0Cn6Z027959 for cs530@merlot.usc.edu; Sun, 28 Mar 2004 16:12:49 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2T0Cnf7027956 for ; Sun, 28 Mar 2004 16:12:49 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2T0CnH1027952 for ; Sun, 28 Mar 2004 16:12:49 -0800 Message-Id: <200403290012.i2T0CnH1027952@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: reason for openssl sha1 command Date: Sun, 28 Mar 2004 16:12:49 -0800 From: william@bourbon.usc.edu Someone wrote: > I'm confused as to why we are running 'openssl sha1 > usctommy.gif.' Isn't our program suppose to compute the sha1 > of usctommy.gif using SHA1_Update and SHA1_Final? Is this a > shortcut i'm missing or is it just used for checking the hash > values that we get? It's for checking the hash values that you get. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 28 12:09:12 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2SK9CqB028179 for ; Sun, 28 Mar 2004 12:09:12 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2SK85f7001870 for ; Sun, 28 Mar 2004 12:08:05 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2SK851l001868 for cs530@merlot.usc.edu; Sun, 28 Mar 2004 12:08:05 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2SK85f7001865 for ; Sun, 28 Mar 2004 12:08:05 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2SK853k001861 for ; Sun, 28 Mar 2004 12:08:05 -0800 Message-Id: <200403282008.i2SK853k001861@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: t_splay() ?? Date: Sun, 28 Mar 2004 12:08:04 -0800 From: william@bourbon.usc.edu Someone wrote: > Hi Prof, I sent you the email about _malloc_unlocked > previously, but now after I tried to change some stuff, I > even got segfault on t_splay, this is what it > says (GDB): > > 695 foutEnc.write(encFileBuffer, encFileSize); > (gdb) n > > Program received signal SIGSEGV, Segmentation fault. > 0xff0c3bf4 in t_splay () > (gdb) > > > like _malloc_unlocked, I don't know what function is t_splay, I would imagine no one knows what t_saply is (and no one should care, including you)! > I never wrote these functions, so it must be comming from the > library, anyway, I think I'm really stuck, I'm not familiar > with any of this error statements, I already surf the web to > look for some info on it, then I got some messages that were > posted on the web, but they are so high level I cannot > understand them, once again thank you for your help. Your bug is most likely memory corruption. You have corrupted memory long before you've made the write() call above. Are you understanding what I'm saying? Have you taken an undergraduate data structure class? Have they talked about memory allocation data structures? -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 28 12:05:25 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2SK5PqB028098 for ; Sun, 28 Mar 2004 12:05:25 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2SK4Hf7030903 for ; Sun, 28 Mar 2004 12:04:17 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2SK4HmR030898 for cs530@merlot.usc.edu; Sun, 28 Mar 2004 12:04:17 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2SK4Hf7030895 for ; Sun, 28 Mar 2004 12:04:17 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2SK4HBl030891 for ; Sun, 28 Mar 2004 12:04:17 -0800 Message-Id: <200403282004.i2SK4HBl030891@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Regarding Midterm paper... Date: Sun, 28 Mar 2004 12:04:17 -0800 From: william@bourbon.usc.edu Someone wrote: > I believe DEN has a facility to scan exam papers and post > them on the students DEN web access sites. Just an idea. But I don't want them to *have* the exam. I just want to *show* them then exams and take the exams back immediately. The problem is that if I want the exam center to supervise this, someone will have to pay for every visit to the exam center. It would be unfair to require DEN students pay for looking at their exams! -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Sunday, March 28, 2004 8:31 am Subject: Re: Regarding Midterm paper... > Someone wrote: > > > As you said, that you dont prefer to show the midterms because of > > fairness to DEN students, isnt it possible in anyway that the DEN > > students also get to see their midterms. I mean to say that you > > can arrange some hours by which the DEN students can get to see > > their midterms if they wish to. I suppose we should have a way > > out and be able to check our score. I would like to apologize if > > my argument is felt unreasonable. > > We have DEN students taking this class in San Diego. I'm not > sure how I can *show* them the exams! I really don't want to > drive down to San Diego just to show them their midterms. > (And, I don't want to trust anyone else to drive down to San > Diego for me!) > -- > Bill Cheng // bill.cheng@usc.edu > > > > > ----- Original Message ----- > From: william@bourbon.usc.edu > Date: Saturday, March 27, 2004 4:04 pm > Subject: Re: Regarding Midterm paper... > > > Someone wrote: > > > > > I was just wondering why do you prefer not showing > > > the midterm papers to the students. > > > > Simply because of fairness (to DEN students). > > > > > Is it not possible > > > to just show the graded papers during your office hours > > > and not let student take it with them. > > > Actually i believe that looking at the graded paper > > > let the student know better that > > > - what mistakes he has committed. > > > - are all questions graded. > > > - there are no totalling mistakes. > > > > The last 2 are my jobs to make sure. I understand that > > some students may not trust the instructor to do the > > last 2 items, but that's how it is with many exams (for > > example, GRE). > > > > > As such I request you to please consider about showing the graded > > > sheets probably just during your office hours. > > > > Sorry, but no. I'm making this a policy from now on for all > > DEN classes I teach (unless there are no remote students > > registered). > > -- > > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 28 12:02:02 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2SK22qB028049 for ; Sun, 28 Mar 2004 12:02:02 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2SK0sf7027838 for ; Sun, 28 Mar 2004 12:00:54 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2SK0suT027836 for cs530@merlot.usc.edu; Sun, 28 Mar 2004 12:00:54 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2SK0sf7027828 for ; Sun, 28 Mar 2004 12:00:54 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2SK0swK027823 for ; Sun, 28 Mar 2004 12:00:54 -0800 Message-Id: <200403282000.i2SK0swK027823@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: _malloc_unlocked??? Date: Sun, 28 Mar 2004 12:00:54 -0800 From: william@bourbon.usc.edu Someone wrote: > Hi Prof, I've been working on this error since last night and > I gave up, I do not know the problem, I got seg fault at a > very strange area, so I tried using gdb to check the problem, > this is what I get: > > Breakpoint 1, main (ac=3, av=0xffbff72c) at hw3.cc:640 > 640 int encFileSize = 24 + filesize + padZero; > (gdb) n > 641 encFileBuffer = new unsigned char [encFileSize]; > (gdb) n > > Program received signal SIGSEGV, Segmentation fault. > 0xff0c2f68 in _malloc_unlocked () > > ----> I tried man _malloc_unlocked, but its not there, anyway, > If I move the declaration of encFileBuffer to the top of main > function, then it'll seg fault here: > 666 fwrite(encFileBuffer, sizeof(unsigned char), encFileSize, > foutEnc);(gdb) n > > Program received signal SIGSEGV, Segmentation fault. > 0xff0c2f68 in _malloc_unlocked () > (gdb) n > Single stepping until exit from function _malloc_unlocked, > which has no line number information. > > Program terminated with signal SIGSEGV, Segmentation fault. > The program no longer exists. > > ------->where encFileBuffer is not null, I print it before, > and encFileSize is correct and foutEnc is not NULL either. > So I'm so confused on where is the problem. I've said this before, I'm going to say this again... If you crash in malloc() related functions, it's usually because you have corrupted memory some time before you crash! So, *don't* keep staring at the place where you crash if it's a malloc() related crash (unless it's obvious). Start searching for writing past end of allocated blocks, freeing memory twice, or uninitialized variables. Make sure you initialize *all* variables (to something like 0). If you don't want to keep fighting silly bugs, see slide 2 of lecture 4! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 28 08:41:54 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2SGfrqB024391 for ; Sun, 28 Mar 2004 08:41:53 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2SGekf7006149 for ; Sun, 28 Mar 2004 08:40:46 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2SGekYr006147 for cs530@merlot.usc.edu; Sun, 28 Mar 2004 08:40:46 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2SGekf7006144 for ; Sun, 28 Mar 2004 08:40:46 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2SGek1c006140 for ; Sun, 28 Mar 2004 08:40:46 -0800 Message-Id: <200403281640.i2SGek1c006140@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Files for cs530:hw3 submission Date: Sun, 28 Mar 2004 08:40:46 -0800 From: william@bourbon.usc.edu Someone wrote: > Apart from the following files which other files are we > supposed to submit for hw3: > > Makefile > scintrf.h > secret.h > secret.c > smartcard.c > hw3.c > defs.h Very Serious Note (no way to get around this for the reason of fairness): If you forget to submit a file and we need it to compile your code, you *cannot* submit it after the deadline. Timestamp on the nunki file system is *not* proof that you have not alter the file after the deadline. I don't know what will make your code compile. You only need to submit source code, documentation, and what you need for compiling to work. Make sure that whatever you submit can compile with a single "make". Please following the instructions at: http://merlot.usc.edu/cs530-s04/submit.html#verify to make sure that you have a valid submission. And, please do *not* submit late. There is huge penalty and I cannot change the rules (again, to be fair). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 28 08:32:31 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2SGWVqB024233 for ; Sun, 28 Mar 2004 08:32:31 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2SGVOf7029788 for ; Sun, 28 Mar 2004 08:31:24 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2SGVOvl029786 for cs530@merlot.usc.edu; Sun, 28 Mar 2004 08:31:24 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2SGVOf7029778 for ; Sun, 28 Mar 2004 08:31:24 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2SGVODo029773 for ; Sun, 28 Mar 2004 08:31:24 -0800 Message-Id: <200403281631.i2SGVODo029773@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Regarding Midterm paper... Date: Sun, 28 Mar 2004 08:31:23 -0800 From: william@bourbon.usc.edu Someone wrote: > As you said, that you dont prefer to show the midterms because of > fairness to DEN students, isnt it possible in anyway that the DEN > students also get to see their midterms. I mean to say that you > can arrange some hours by which the DEN students can get to see > their midterms if they wish to. I suppose we should have a way > out and be able to check our score. I would like to apologize if > my argument is felt unreasonable. We have DEN students taking this class in San Diego. I'm not sure how I can *show* them the exams! I really don't want to drive down to San Diego just to show them their midterms. (And, I don't want to trust anyone else to drive down to San Diego for me!) -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Saturday, March 27, 2004 4:04 pm Subject: Re: Regarding Midterm paper... > Someone wrote: > > > I was just wondering why do you prefer not showing > > the midterm papers to the students. > > Simply because of fairness (to DEN students). > > > Is it not possible > > to just show the graded papers during your office hours > > and not let student take it with them. > > Actually i believe that looking at the graded paper > > let the student know better that > > - what mistakes he has committed. > > - are all questions graded. > > - there are no totalling mistakes. > > The last 2 are my jobs to make sure. I understand that > some students may not trust the instructor to do the > last 2 items, but that's how it is with many exams (for > example, GRE). > > > As such I request you to please consider about showing the graded > > sheets probably just during your office hours. > > Sorry, but no. I'm making this a policy from now on for all > DEN classes I teach (unless there are no remote students > registered). > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 28 08:27:13 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2SGRDqB024109 for ; Sun, 28 Mar 2004 08:27:13 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2SGPtf7024600 for ; Sun, 28 Mar 2004 08:25:55 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2SGPtnt024598 for cs530@merlot.usc.edu; Sun, 28 Mar 2004 08:25:55 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2SGPtf7024595 for ; Sun, 28 Mar 2004 08:25:55 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2SGPtPV024587 for ; Sun, 28 Mar 2004 08:25:55 -0800 Message-Id: <200403281625.i2SGPtPV024587@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: # include Date: Sun, 28 Mar 2004 08:25:55 -0800 From: william@bourbon.usc.edu Someone wrote: > for using the functions htonl() and the mkstemp() and unlink() > commands i have included a bunch of files.. the commands seem > to be working fine . but when i do > hw3 i get a few messages and a warnig message also . > > In file included from usr/include/sys/t_lock.h:19 > from usr/include/sys/vnode.h:40 > from usr/include/sys/stream.h:22 > from /usr/include/netinet/in.h:41 > from /usr/usc/gnu/gcc/2.95.2/lib/gcc-lib/sparc-sun- > solaris2.6/2.95. 2/include/sys/stream.h:5 > /usr/include/sys/param.h:163 : warning: 'MAXPATHLEN' redefined > defs.h:57: this is the location of the previous definition This is because the "defs.h" I posted defines MAXPATHLEN which has been already defined in a system file. If you want to get rid of this warning (which is usually a good idea), you can just look for MAXPATHLEN in your files and replace them with some other symbol (for example, MAXPATHLEN2). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 27 23:25:15 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2S7PFqB003099 for ; Sat, 27 Mar 2004 23:25:15 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2S7O9f7029151 for ; Sat, 27 Mar 2004 23:24:09 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2S7O9p4029149 for cs530@merlot.usc.edu; Sat, 27 Mar 2004 23:24:09 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2S7O9f7029146 for ; Sat, 27 Mar 2004 23:24:09 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2S7O9SU029142 for ; Sat, 27 Mar 2004 23:24:09 -0800 Message-Id: <200403280724.i2S7O9SU029142@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: tmp directory Date: Sat, 27 Mar 2004 23:24:09 -0800 From: william@bourbon.usc.edu Someone wrote: > a real quick question. Should we assume that there always > will be a "tmp" directory in $home? Or should we create one > if there is none. I'm not going to answer this question again. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 27 23:24:30 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2S7OUqB003081 for ; Sat, 27 Mar 2004 23:24:30 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2S7NOf7028386 for ; Sat, 27 Mar 2004 23:23:24 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2S7NOIx028378 for cs530@merlot.usc.edu; Sat, 27 Mar 2004 23:23:24 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2S7NOf7028375 for ; Sat, 27 Mar 2004 23:23:24 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2S7NOR6028371 for ; Sat, 27 Mar 2004 23:23:24 -0800 Message-Id: <200403280723.i2S7NOR6028371@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: CS530 HW3: emacs backup files Date: Sat, 27 Mar 2004 23:23:24 -0800 From: william@bourbon.usc.edu Someone wrote: > For a file of size 11 (File Content = "yesnomaybe"), the > following encrypted file gets generated: > > SHA1 Hash Size > Encrypted File > --------------- > ----- -------------------- > if I print using (%04ld): > (1) 2d57eeea0f03707d3aacf48ca38e8acad976f11a 0011 6gÊ5ÂĸW5´RRa > OR > if I print using (%ld): > (2) 2d57eeea0f03707d3aacf48ca38e8acad976f11a 11 6gÊ5ÂĸW5´RRa I don't know why you are using "%04ld" or "%ld". You should *not* use printf() to write integers into files! Read the man pages! printf() is for text output! I think in class I have mentioned many many times, do *not* use text functions and expect them to work with binary data! Why do I have to repeat so many times? > Now, while re-opening the encrypted file, while reading the file size using > the following command, > > fscanf(in_f1, "%ld", &filesize); > filesize = ntohl(filesize); > > I get filesize = 116, instead of filesize = 11 > > The first byte of the encrypted data which is '6' comes with the filesize, > which makes all the decrypted data garbled. > > I have declared filesize as 'unsigned long int'. Why are you using fscanf()? fscanf() is used for reading text files! Not binary files! Of course you will get garbage when you try to read binary files! It's doing exactly what it's suppose to do! You are calling the wrong function for the job! > Moreover, if you want to test, I have attached my secret.c file. I will never use your files unless I'm grading your submission! > Could you please provide some hint as to how to avoid reading the encrypted > text in the filesize, if the initial encrypted text happens to be a digit? Like I said many times... If you want to read binary data, use fread(). If you want to write binary data, use fwrite(). Why is this not clear? -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 27 23:14:33 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2S7EXqB002878 for ; Sat, 27 Mar 2004 23:14:33 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2S7DRf7018723 for ; Sat, 27 Mar 2004 23:13:27 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2S7DRFC018721 for cs530@merlot.usc.edu; Sat, 27 Mar 2004 23:13:27 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2S7DRf7018712 for ; Sat, 27 Mar 2004 23:13:27 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2S7DRw9018708 for ; Sat, 27 Mar 2004 23:13:27 -0800 Message-Id: <200403280713.i2S7DRw9018708@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: EVP vs. DES functions Date: Sat, 27 Mar 2004 23:13:27 -0800 From: william@bourbon.usc.edu Someone wrote: > Can you comment on the use of EVP functions for doing 3DES > instead of calling the functions in the des.h directly? I would > like to be able to use the EVP functions for the > encryption/decryption if possible. I may have asked this > question before on HW1 but I don't recall the answer. I used the > EVP functions to do SHA1 in HW1 and it was allowed, so I assume > that it would be okay, but I would just like clarification. In my message with timestamp "Thu 29 Jan 21:00", I said that if the results are different, you will lose points. Same thing here! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 27 23:02:03 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2S723qB002629 for ; Sat, 27 Mar 2004 23:02:03 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2S70vf7006575 for ; Sat, 27 Mar 2004 23:00:57 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2S70vgq006573 for cs530@merlot.usc.edu; Sat, 27 Mar 2004 23:00:57 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2S70vf7006570 for ; Sat, 27 Mar 2004 23:00:57 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2S70vgJ006566 for ; Sat, 27 Mar 2004 23:00:57 -0800 Message-Id: <200403280700.i2S70vgJ006566@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: SC_sign and SC_get_sig Date: Sat, 27 Mar 2004 23:00:57 -0800 From: william@bourbon.usc.edu Someone wrote: > I'm confused as to how these 2 functions correlate. How can > SC_get_signature_size(Smartcardstate) know the size of the > signature of sha1_buf(one of the parameters to SC_sign) > without getting it as a parameter ahead of time? For a 1024-bit public modulus, the signature size is just the size of the public modulus, which in this case is 1024-bits! RSA_size() will return this value if you fill the RSA data structure correctly. There's plenty of discussion about this in the message archive. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 27 22:45:28 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2S6jSqB002285 for ; Sat, 27 Mar 2004 22:45:28 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2S6iMf7022741 for ; Sat, 27 Mar 2004 22:44:22 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2S6iMRG022739 for cs530@merlot.usc.edu; Sat, 27 Mar 2004 22:44:22 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2S6iMf7022736 for ; Sat, 27 Mar 2004 22:44:22 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2S6iMQa022732 for ; Sat, 27 Mar 2004 22:44:22 -0800 Message-Id: <200403280644.i2S6iMQa022732@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: CS530 HW3: emacs backup files Date: Sat, 27 Mar 2004 22:44:22 -0800 From: william@bourbon.usc.edu Someone wrote: > This is an emacs feature. It leaves backup files of the form > "file~", where file is the name of the file originally edited > with emacs. You can probably configure emacs to not do this, but > I have no idea how. (I am not an emacs fan...). I see. This is pretty nasty if we want to keep the data secret. May be there is a way to start emacs and tell it not to make backups. Then you can see if EDITOR is set to emacs and start emacs with the right commandline option. There is no need to try this for HW3. > On a related subject, I have chosen to backup the original > encrypted file before obliterating it with the newly encrypted > file (presuming the user changed the original during the edit > stage). This just seems a reasonable safety factor. (The grader > might appreciate it, too, if errant programs keep damaging his > input file!) > > Actually, I encrypt to "file.new", rename the old encrypted > "file" to "file.bak", then rename the newly encrypted file to > "file". If any step fails, the user's original encrypted data > file is still available. This is standard industry practice, but > I will remove the "file.bak" at the end if you'd like. That > still leaves the protection of the individual steps, at least -- > that is, the original isn't deleted until the new file is safely > in place. Please advise. You can also do what emacs does. Let's say you do "hw3 edit foo". If "foo" already exists, you can *first* copy "foo" to "foo~" (or "foo.bak") and delete "foo~" or "foo.bak" if one existed. Everything else can remain the same. There would be no penalty for creating this additional backup of the encrypted file. (It's probably a good idea anyway.) -- Bill Cheng // bill.cheng@usc.edu william@bourbon.usc.edu wrote: > >Someone wrote: > > > If the default editor is emacs, when the temporary files are > > edited backups are stored. I have written my program to > > remove these backup files since they contain the edited > > plaintext. Since I am new to UNIX I just wanted to double > > check that this is a reasonable thing to do. > >I'm not sure what you are calling "backup files". Your >program must remove any temporary files that it has created. > >This has nothing to do with UNIX. In general, if you >allocate resouce for temporary use, you should free it after >you are done with it. Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 27 22:25:52 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2S6PqqB001911 for ; Sat, 27 Mar 2004 22:25:52 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2S6Okf7003697 for ; Sat, 27 Mar 2004 22:24:46 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2S6OkR4003695 for cs530@merlot.usc.edu; Sat, 27 Mar 2004 22:24:46 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2S6Okf7003692 for ; Sat, 27 Mar 2004 22:24:46 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2S6OkqJ003688 for ; Sat, 27 Mar 2004 22:24:46 -0800 Message-Id: <200403280624.i2S6OkqJ003688@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: question on edit Date: Sat, 27 Mar 2004 22:24:46 -0800 From: william@bourbon.usc.edu Someone wrote: > The difference between new file and exist file is that, for new > file, I call 'system' to use vi edit a new file in ~tmp. but for > existing file, I first decrypt it into a tmp file in ~/tmp, then > call 'system' to open this temp file. So in new file case, the vi > will create new file, while in exist file case, the vi will open > an existing tmp file decrypted from existing encrypted file. But that's not the right way! You should *not* use vi to *create* the file! You should create the file with mkstemp()! Then the 2 approaches will be identical. vi will just open the file created by mkstemp(). If the file is new, the temporary file will be empty. If the file is not new, the temporary file will have data in it. > I checked the permission and it looks ok. So I don't know what's > wrong... I don't know either. -- Bill Cheng // bill.cheng@usc.edu william@bourbon.usc.edu wrote: > >Someone wrote: > > > I got a problem in 'hw3 edit' when the file exists. Basically, I > > decrypt the file into ~/tmp, and call 'system("vi tmpfile")' to > > edit. > >I hope you mean "tmpfile" is the full path to the file your >program has created. > > > However, although I have close the tmp file before calling > > vi, I can not save my changes to tmp file unless use ':w!', > > because the vi said the file exists. > > > > Is that because the file permission was wrong when I create the > > tmp file? If so, how can I change the file permission in the > > code? > >Even if your encrypted exists, you should still call mkdstemp() >to create a file in ~/tmp. I don't understand why this would >be different from the case where your encrypted did not exist! > >Do, this... After you get into "vi", do a z to get out. >and do "ls -l tmpfile" where "tmpfile" is what you have above, >and see if the file permission is correct. If not, you can >call chmod() in your code. >-- >Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 27 22:20:44 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2S6KiqB001830 for ; Sat, 27 Mar 2004 22:20:44 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2S6Jcf7031154 for ; Sat, 27 Mar 2004 22:19:38 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2S6Jcx3031149 for cs530@merlot.usc.edu; Sat, 27 Mar 2004 22:19:38 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2S6Jcf7031146 for ; Sat, 27 Mar 2004 22:19:38 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2S6JcEh031142 for ; Sat, 27 Mar 2004 22:19:38 -0800 Message-Id: <200403280619.i2S6JcEh031142@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: tmp directory Date: Sat, 27 Mar 2004 22:19:38 -0800 From: william@bourbon.usc.edu Someone wrote: > I just wanted to inquire whether we have to make the tmp > directory in the working directoy or in the home directory > ( as obtained from the home directory). Isn't the spec very clear about this? Could you tell me where in the spec is confusing about this? -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 27 17:42:39 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2S1gdqB029222 for ; Sat, 27 Mar 2004 17:42:39 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2S1fXf7022539 for ; Sat, 27 Mar 2004 17:41:33 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2S1fX1U022537 for cs530@merlot.usc.edu; Sat, 27 Mar 2004 17:41:33 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2S1fXf7022534 for ; Sat, 27 Mar 2004 17:41:33 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2S1fXDL022529 for ; Sat, 27 Mar 2004 17:41:33 -0800 Message-Id: <200403280141.i2S1fXDL022529@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: CS530 HW3: emacs backup files Date: Sat, 27 Mar 2004 17:41:33 -0800 From: william@bourbon.usc.edu Someone wrote: > If the default editor is emacs, when the temporary files are > edited backups are stored. I have written my program to > remove these backup files since they contain the edited > plaintext. Since I am new to UNIX I just wanted to double > check that this is a reasonable thing to do. I'm not sure what you are calling "backup files". Your program must remove any temporary files that it has created. This has nothing to do with UNIX. In general, if you allocate resouce for temporary use, you should free it after you are done with it. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 27 16:05:48 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2S05lqB027409 for ; Sat, 27 Mar 2004 16:05:47 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2S04gf7020211 for ; Sat, 27 Mar 2004 16:04:42 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2S04gH3020209 for cs530@merlot.usc.edu; Sat, 27 Mar 2004 16:04:42 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2S04gf7020206 for ; Sat, 27 Mar 2004 16:04:42 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2S04gCq020202 for ; Sat, 27 Mar 2004 16:04:42 -0800 Message-Id: <200403280004.i2S04gCq020202@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Regarding Midterm paper... Date: Sat, 27 Mar 2004 16:04:42 -0800 From: william@bourbon.usc.edu Someone wrote: > I was just wondering why do you prefer not showing > the midterm papers to the students. Simply because of fairness (to DEN students). > Is it not possible > to just show the graded papers during your office hours > and not let student take it with them. > Actually i believe that looking at the graded paper > let the student know better that > - what mistakes he has committed. > - are all questions graded. > - there are no totalling mistakes. The last 2 are my jobs to make sure. I understand that some students may not trust the instructor to do the last 2 items, but that's how it is with many exams (for example, GRE). > As such I request you to please consider about showing the graded > sheets probably just during your office hours. Sorry, but no. I'm making this a policy from now on for all DEN classes I teach (unless there are no remote students registered). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 27 15:43:09 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2RNh9qB026890 for ; Sat, 27 Mar 2004 15:43:09 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2RNg3f7011635 for ; Sat, 27 Mar 2004 15:42:03 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2RNg37D011633 for cs530@merlot.usc.edu; Sat, 27 Mar 2004 15:42:03 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2RNg3f7011630 for ; Sat, 27 Mar 2004 15:42:03 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2RNg3Ww011626 for ; Sat, 27 Mar 2004 15:42:03 -0800 Message-Id: <200403272342.i2RNg3Ww011626@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Function verify's input size Date: Sat, 27 Mar 2004 15:42:03 -0800 From: william@bourbon.usc.edu Someone wrote: > I was wondering if we could assume that the input to verify() > will never be more than 4096 bytes or even 256 bytes? In general, it would *not* be a good idea. One day, there will be 2048-bit smartcards. It would be nice if you don't have to recompile your application. We will *only* test with 1024-bit smartcards. So, for HW3, you can assume that the input to verify is always 256 bytes long (well, 257 if you have a "\n", but you should handle that). > Also, Do we need to prompt for input, if it is coming from > stdin, like we did with the passphrase for hw1? (Sending a > prompt message to stderr) There must be no prompting. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 27 15:36:35 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2RNaZqB026766 for ; Sat, 27 Mar 2004 15:36:35 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2RNZUf7009001 for ; Sat, 27 Mar 2004 15:35:30 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2RNZUed008999 for cs530@merlot.usc.edu; Sat, 27 Mar 2004 15:35:30 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2RNZTf7008993 for ; Sat, 27 Mar 2004 15:35:29 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2RNZPfw008968 for ; Sat, 27 Mar 2004 15:35:29 -0800 Message-Id: <200403272335.i2RNZPfw008968@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: tmp directory (hw 2) Date: Sat, 27 Mar 2004 15:35:25 -0800 From: william@bourbon.usc.edu Someone wrote: > We are supposed to place the temporary file in the $HOME/tmp > directory. If 'tmp' directory does not exist, then are we > supposed to create one? Yes. Please see "man -s 2 mkdir". > and suppose, if we need to create one (i.e it was not already > existing), then apart from deleting the temporary files, are we > also supposed to delete the 'tmp' directory also. No. Please see my message with timestamp "Tue 23 Mar 10:36". > I need to > clarify this because the spec says nothing about deleting > '$HOME/tmp' directory. > > Currently, I am deleting the $HOME/tmp directory if *I* create > it, otherwise I do not delete it. Is that ok? You should *never* remove a directory from your program, any directory. (You should delete temporary *files* that your program has created.) -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 27 14:42:26 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2RMgQqB025690 for ; Sat, 27 Mar 2004 14:42:26 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2RMfLf7020803 for ; Sat, 27 Mar 2004 14:41:21 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2RMfLE6020801 for cs530@merlot.usc.edu; Sat, 27 Mar 2004 14:41:21 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2RMfKf7020798 for ; Sat, 27 Mar 2004 14:41:20 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2RMfKOf020794 for ; Sat, 27 Mar 2004 14:41:20 -0800 Message-Id: <200403272241.i2RMfKOf020794@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: regarding 530 hw Date: Sat, 27 Mar 2004 14:41:20 -0800 From: william@bourbon.usc.edu Someone wrote: > when we do > >make smartcard > this will create a libsmartcard.so in $HOME/lib directory or > current directory. Current directory (where the source code of your smartcard is). > Well if this is created in current directory > then we need to mv this file to $HOME/lib (and the grader will > too need to do it).. > bcz spec says > > when -so option is not specified the program should open > libsmartcard.so from $HOME/lib.So if hw3 sign infile is called > our program will ignore the libsmartcard.so in current dir and > instead look for it in $HOME/lib.... I don't know why you said "need to"! No one *need to* do anything. *If* the grader always test your code using "-so ", why does anyone *need to* copy the smartcard library into ~/lib? > Now i think what i'm thinking is right. Now the question is how > to mv libsmartcard.so to $HOME/lib; while we do > > make smartcard / or simply > make all > > Perfectly... > I'm able to make the file libsmartcard.so in home/lib is /lib > exist ( i hope this will exist)... bcz if I create this > directory first(while bulding smartcard) and then make this > libsmartcard.so in it then next time when i do make smartcard cmd > fails as home/lib already exist.... > > please clearify.(what i've done is i'm assuming that $home/lib > will exist).. Please do *not* move or copy libsmartcard.so into your ~/lib directory! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 27 14:36:03 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2RMa3qB025566 for ; Sat, 27 Mar 2004 14:36:03 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2RMYvf7018349 for ; Sat, 27 Mar 2004 14:34:57 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2RMYva9018341 for cs530@merlot.usc.edu; Sat, 27 Mar 2004 14:34:57 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2RMYvf7018338 for ; Sat, 27 Mar 2004 14:34:57 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2RMYvMq018334 for ; Sat, 27 Mar 2004 14:34:57 -0800 Message-Id: <200403272234.i2RMYvMq018334@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: interoperability & MACRO def Date: Sat, 27 Mar 2004 14:34:57 -0800 From: william@bourbon.usc.edu Someone wrote: > What I meant to say by 'interoperability', was that if you test > my hw3 application with a smartcard library, in which, each > routine assumes a NULL SmartcardState & reinitializes the entire > RSA structure from secret.c, then my application would not work. > Because, in my smartcard libray, each routine, assumes that the > Smartcardstate pointer is a valid pointer, and uses the same RSA > structure again. So, your application is not working according to spec! Your application should not assume *anything* about the smartcard library. > So should I modify my smartcard lib code and make a check whether > SmartcardState pointer is NULL or valid, and proceed accordingly? No. You should fix your application (hw3) to *not know* what's in SmartcardState! If you don't have time to fix this or do not wish to fix this, you will just lose *some* points (unspecified at this time) if you fail the interoperability test. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Saturday, March 27, 2004 1:17 pm Subject: Re: interoperability & MACRO def > Someone wrote: > > > If you are going to test our application, using some other > smartcard > > library, can we assume that the routines in that library, pass the RSA > > structure pointer as smartcard state, and not NULL, so that > everyones's HW3 > > application will function using your smartcard lib? > > If you are going to have interoperability, you cannot assume > *anything* about the SmartcardState! What you have to do > is to keep a pointer (of type void*) to the return value > of SC_init() and pass this pointer to calls to other SC_* > functions, without interpreting what this void* pointer is. > > > And also, the SHA_DIGEST_LENGTH macro is not defined anywhere, in > the > > secret.c generated by you. So hope, it's ok, if our code does define > it > > somewhere. > > By default, "secret.c" includes "secret.h" and "secret.h" > includes "". So, it is defined. If you > include "secret.c" directly and your "secret.c" does *not* > include "secret.h", then you should include "" > before you include "secret.c". > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Mar 27 14:32:03 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2RMW3qB025485 for ; Sat, 27 Mar 2004 14:32:03 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2RMUwf7016791 for ; Sat, 27 Mar 2004 14:30:58 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2RMUwQF016788 for cs530@merlot; Sat, 27 Mar 2004 14:30:58 -0800 Date: Sat, 27 Mar 2004 14:30:58 -0800 From: william@bourbon.usc.edu Message-Id: <200403272230.i2RMUwQF016788@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: regarding final grading scheme Someone wrote: > I just wanted to know, about your grading scheme; rather, > to be specific ,how many students finally end up getting 'A' > or 'A+' grade? Please see: http://merlot.usc.edu/cs530-s04/description.html#grading Usually, the average is about a B+ for a graduate class that I teach. I don't usually give A+'s unless someone is doing so much better than all other students. I use the equation in the above URL to plot a curve and give grades straight out of the curve. (I will *not* take *anything* else into account. I do not care if some one has been improving throughout the semester. I expect everyone to work hard from the beginning till the end.) I look for breaks in the curve and divide the class into groups to receive the same letter grades. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 27 13:52:25 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2RLqPqB024550 for ; Sat, 27 Mar 2004 13:52:25 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2RLpKf7024094 for ; Sat, 27 Mar 2004 13:51:20 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2RLpKUA024088 for cs530@merlot.usc.edu; Sat, 27 Mar 2004 13:51:20 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2RLpJf7024083 for ; Sat, 27 Mar 2004 13:51:19 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2RLpJjH024079 for ; Sat, 27 Mar 2004 13:51:19 -0800 Message-Id: <200403272151.i2RLpJjH024079@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: cs530: regarding libsmartcard.so Date: Sat, 27 Mar 2004 13:51:19 -0800 From: william@bourbon.usc.edu Someone wrote: > I am little unsure about the location of libsmartcard.so. > When I generate it, I keep in the $HOME/lib/. When you generate it, it should be in the same directory as the source code for smartcard. (Well, some people like to put them at different places, please document it in your README file if it's not in the same directory as your source code.) You should *not* copy it to your $HOME/lib directory when you do "make smartcard". If you want (so this is totally optional), you can have a "make install" that will copy libsmartcard.so to $HOME/lib. > You gave a > sample of how our program will be run and you gave the path > as ./libsmartcard.so. Could you please tell the default > location? It's clearly stated in the spec that, by default (which means that if you *don't* specify "-so "), you should look for it in ~/lib. If you run hw3 with the "-so" option, then what follows "-so" must be the path to the libsmartcard.so file. What if the user specifies the wrong path after "-so"? Well, do *not* look into ~/lib in this case (do you know why?), just print out a meaningful error message. Sometimes, I don't think people know the meaning of the phrase: "by default". "By default" means "if not specified". -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 27 13:22:30 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2RLMUqB023971 for ; Sat, 27 Mar 2004 13:22:30 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2RLLPf7029230 for ; Sat, 27 Mar 2004 13:21:25 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2RLLP4v029223 for cs530@merlot.usc.edu; Sat, 27 Mar 2004 13:21:25 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2RLLPf7029219 for ; Sat, 27 Mar 2004 13:21:25 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2RLLPh4029215 for ; Sat, 27 Mar 2004 13:21:25 -0800 Message-Id: <200403272121.i2RLLPh4029215@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Example not zero padded Date: Sat, 27 Mar 2004 13:21:25 -0800 From: william@bourbon.usc.edu Someone wrote: > When attempting to compare my results with yours, I found that > the last 8 bytes of my encrypted yesnomaybe.txt did not agree > with your encrypted example, yesnomaybe.hw3. You appeared not to > zero fill the last block. If you decrypt it, ignoring the file > length, you find the remnants of the previous buffer as the fill. > > This might confuse some who are trying to achieve exact > comparisons for testing (as I was, until I tracked down the > problem). Yes, you should not match the last 8 bytes. Please see my message with timestamp "Thu 25 Mar 22:17". -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 27 13:18:40 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2RLIeqB023837 for ; Sat, 27 Mar 2004 13:18:40 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2RLHZf7025713 for ; Sat, 27 Mar 2004 13:17:35 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2RLHZTO025710 for cs530@merlot.usc.edu; Sat, 27 Mar 2004 13:17:35 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2RLHZf7025705 for ; Sat, 27 Mar 2004 13:17:35 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2RLHZeQ025701 for ; Sat, 27 Mar 2004 13:17:35 -0800 Message-Id: <200403272117.i2RLHZeQ025701@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: interoperability & MACRO def Date: Sat, 27 Mar 2004 13:17:35 -0800 From: william@bourbon.usc.edu Someone wrote: > If you are going to test our application, using some other smartcard > library, can we assume that the routines in that library, pass the RSA > structure pointer as smartcard state, and not NULL, so that everyones's HW3 > application will function using your smartcard lib? If you are going to have interoperability, you cannot assume *anything* about the SmartcardState! What you have to do is to keep a pointer (of type void*) to the return value of SC_init() and pass this pointer to calls to other SC_* functions, without interpreting what this void* pointer is. > And also, the SHA_DIGEST_LENGTH macro is not defined anywhere, in the > secret.c generated by you. So hope, it's ok, if our code does define it > somewhere. By default, "secret.c" includes "secret.h" and "secret.h" includes "". So, it is defined. If you include "secret.c" directly and your "secret.c" does *not* include "secret.h", then you should include "" before you include "secret.c". -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 27 07:55:56 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2RFtuqB017995 for ; Sat, 27 Mar 2004 07:55:56 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2RFsof7022488 for ; Sat, 27 Mar 2004 07:54:50 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2RFsodP022486 for cs530@merlot.usc.edu; Sat, 27 Mar 2004 07:54:50 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2RFsof7022477 for ; Sat, 27 Mar 2004 07:54:50 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2RFsok6022473 for ; Sat, 27 Mar 2004 07:54:50 -0800 Message-Id: <200403271554.i2RFsok6022473@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: term paper proposal from Yuqin Wang Date: Sat, 27 Mar 2004 07:54:50 -0800 From: william@bourbon.usc.edu Someone wrote: > Since I didn't find submission instruction for paper proposal (only has > instruction on term paper submission), so I think an email submisstion > is good enough? You probably have printed out an old version of the Term Paper page at: http://merlot.usc.edu/cs530-s04/termpaper.html The submission procedure for the proposal was added on 2/29/04. Please submit to *both* the TA and I. Thanks! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 27 07:26:59 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2RFQxqB017462 for ; Sat, 27 Mar 2004 07:26:59 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2RFPsf7027363 for ; Sat, 27 Mar 2004 07:25:54 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2RFPsIt027361 for cs530@merlot.usc.edu; Sat, 27 Mar 2004 07:25:54 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2RFPsf7027358 for ; Sat, 27 Mar 2004 07:25:54 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2RFPs6c027345 for ; Sat, 27 Mar 2004 07:25:54 -0800 Message-Id: <200403271525.i2RFPs6c027345@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: question on edit Date: Sat, 27 Mar 2004 07:25:54 -0800 From: william@bourbon.usc.edu Someone wrote: > I got a problem in 'hw3 edit' when the file exists. Basically, I > decrypt the file into ~/tmp, and call 'system("vi tmpfile")' to > edit. I hope you mean "tmpfile" is the full path to the file your program has created. > However, although I have close the tmp file before calling > vi, I can not save my changes to tmp file unless use ':w!', > because the vi said the file exists. > > Is that because the file permission was wrong when I create the > tmp file? If so, how can I change the file permission in the > code? Even if your encrypted exists, you should still call mkdstemp() to create a file in ~/tmp. I don't understand why this would be different from the case where your encrypted did not exist! Do, this... After you get into "vi", do a z to get out. and do "ls -l tmpfile" where "tmpfile" is what you have above, and see if the file permission is correct. If not, you can call chmod() in your code. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Mar 26 07:55:44 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2QFtiqB023766 for ; Fri, 26 Mar 2004 07:55:44 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2QFsgf7030047 for ; Fri, 26 Mar 2004 07:54:42 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2QFsgku030045 for cs530@merlot.usc.edu; Fri, 26 Mar 2004 07:54:42 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2QFsgf7030037 for ; Fri, 26 Mar 2004 07:54:42 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2QFsg8o030034 for cs530; Fri, 26 Mar 2004 07:54:42 -0800 Date: Fri, 26 Mar 2004 07:54:42 -0800 From: william@bourbon.usc.edu Message-Id: <200403261554.i2QFsg8o030034@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: grading your midterm exams... Hi, I guess I spent too much time answering e-mails yesterday. Now I'm way behind in grading your midterm exams. So, I most likely won't answer any e-mails until I'm done with grading. With 46 exams and 7 problems per eaxm. It's going to be a long day. Good thing HW3 deadline has been extended! By the way, I still strongly suggest that you exchange data with other classmates to find out who is doing it right. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Mar 26 07:51:41 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2QFpfqB023685 for ; Fri, 26 Mar 2004 07:51:41 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2QFodf7026227 for ; Fri, 26 Mar 2004 07:50:39 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2QFodi2026225 for cs530@merlot.usc.edu; Fri, 26 Mar 2004 07:50:39 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2QFocf7026222 for ; Fri, 26 Mar 2004 07:50:38 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2QFocfW026218 for ; Fri, 26 Mar 2004 07:50:38 -0800 Message-Id: <200403261550.i2QFocfW026218@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: diff hexdump of the encrypted file.. Date: Fri, 26 Mar 2004 07:50:38 -0800 From: william@bourbon.usc.edu Someone wrote: > i dont know whats wrong, it seems to me that i have some > programming error, but the thing is that, if i dont hit enter > key anywhere in the text that i write in the editor, i am not > able to decrypt it and get the original plaintext...and if i > hit enter in between and type in the data, then it works > fine... > i have spent enough time working on it, but i am not able to > get a solution to it.. Are you not even getting the SHA1 value correctly? You need to find out exactly where it goes wrong (and find ways to figoure this out). When you read input file, are you getting *every byte* of your input file? Do a count of the number of bytes you are reading and compare with the file size (with "ls -l"). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Mar 26 07:43:49 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2QFhnqB023527 for ; Fri, 26 Mar 2004 07:43:49 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2QFglf7018782 for ; Fri, 26 Mar 2004 07:42:47 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2QFgl2f018780 for cs530@merlot.usc.edu; Fri, 26 Mar 2004 07:42:47 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2QFglf7018777 for ; Fri, 26 Mar 2004 07:42:47 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2QFgl0j018767 for ; Fri, 26 Mar 2004 07:42:47 -0800 Message-Id: <200403261542.i2QFgl0j018767@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: disk quota exceed problem Date: Fri, 26 Mar 2004 07:42:47 -0800 From: william@bourbon.usc.edu Someone wrote: > I am working on the edit function. After running once..., I > have received the disk quota excceeding problem... and cannot > make any program... Do you have any suggestion on how to > solve it? Hi, It's telling you that you are using too much disk space. You should first go into all your programs directory and do "make clean". Do you have a lot of junk files? The only way to get rid of this message is to delete some file. You can do: cd ~ du this will show you how you are using your disk space. If you absolutely have to remove stuff from you ~/.bistro directory, please do: cd ~ tar cf - .bistro | gzip -c > /tmp/bistro-`whoami`-`date +%m%d%y`.tgz ls -l /tmp/bistro-`whoami`-`date +%m%d%y`.tgz e-mail me the .tgz file as an e-mail attachment, then you can delete your ~/.bistro directory after you got a confirmation e-mail from me. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 25 23:41:54 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q7fsqB014343 for ; Thu, 25 Mar 2004 23:41:54 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q7erf7011597 for ; Thu, 25 Mar 2004 23:40:53 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2Q7ervD011592 for cs530@merlot.usc.edu; Thu, 25 Mar 2004 23:40:53 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q7erf7011589 for ; Thu, 25 Mar 2004 23:40:53 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2Q7errk011585 for ; Thu, 25 Mar 2004 23:40:53 -0800 Message-Id: <200403260740.i2Q7errk011585@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Padding for 3DES? Date: Thu, 25 Mar 2004 23:40:53 -0800 From: william@bourbon.usc.edu Someone wrote: > Are we required to output the signature in hexstring format > from the hw3.c or from smartcard.c because if there is a > discrepancy in this then ,one may not be able switch > smartcards. > for eg: I print the signature in hw3.c. Now when i use the > smartcard of say X ( who prints the signature in his > smartcard.c ) , then I will get hte signature output twice > on the stdout. The spec is very clear about this. The return buffer in SC_sign() is of size returned by SC_get_signature_size(), which is the size of the digital signature. And I've mentioned in previous e-mails, this size is RSA_size() (and not RSA_size() times 2). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 25 23:31:12 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q7VCqB014040 for ; Thu, 25 Mar 2004 23:31:12 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q7UBf7001212 for ; Thu, 25 Mar 2004 23:30:11 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2Q7UBEm001210 for cs530@merlot.usc.edu; Thu, 25 Mar 2004 23:30:11 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q7UBf7001207 for ; Thu, 25 Mar 2004 23:30:11 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2Q7UBjF001203 for ; Thu, 25 Mar 2004 23:30:11 -0800 Message-Id: <200403260730.i2Q7UBjF001203@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: ntohl necessity Date: Thu, 25 Mar 2004 23:30:11 -0800 From: william@bourbon.usc.edu Someone wrote: > Since aludra prints in network byte order, is it > really necessary to call ntohl()? Yes. > The program works > without it. I guess it wouldn't work on systems using > little endian notation, but is that important for this > assignment? Yes. Because it's in the spec. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 25 23:30:12 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q7UCqB014030 for ; Thu, 25 Mar 2004 23:30:12 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q7TBf7032644 for ; Thu, 25 Mar 2004 23:29:11 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2Q7TBhM032642 for cs530@merlot.usc.edu; Thu, 25 Mar 2004 23:29:11 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q7TBf7032639 for ; Thu, 25 Mar 2004 23:29:11 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2Q7TBe1032635 for ; Thu, 25 Mar 2004 23:29:11 -0800 Message-Id: <200403260729.i2Q7TBe1032635@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Verify spec Date: Thu, 25 Mar 2004 23:29:10 -0800 From: william@bourbon.usc.edu Someone wrote: > Based on what you've described, the input to the > verify function needs to be able to be the output of > the sign() function which is ASCII text. Yes, that's in the spec. > Therefore > there would be a 256 byte input and a 128 byte output. > This seems very unnatural in that an actual binary > signature file would not be able to be verified by > this program. Is that alright? The output of "hw3 verify" is 40 bytes of ASCII text (which represents 20 bytes of binary data). Actually, when you call RSA_public_decrypt(), it will return the size of the recovered message digest. So, you can just use the returned value. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 25 22:24:59 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q6OxqB012481 for ; Thu, 25 Mar 2004 22:24:59 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q6Nwf7002123 for ; Thu, 25 Mar 2004 22:23:58 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2Q6NwBj002121 for cs530@merlot.usc.edu; Thu, 25 Mar 2004 22:23:58 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q6Nwf7002118 for ; Thu, 25 Mar 2004 22:23:58 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2Q6NwhO002113 for ; Thu, 25 Mar 2004 22:23:58 -0800 Message-Id: <200403260623.i2Q6NwhO002113@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: key values Date: Thu, 25 Mar 2004 22:23:58 -0800 From: william@bourbon.usc.edu Someone wrote: > i understand that the deadline for the assignment has been > extended. however could you clarify the reason again please. > i went to the hw spec and read the equations as > Y = SHA1(X+RB1); Z = SHA1(Y+RB2); > is this correct... Yes, the spec is correct. > or is the correct equation > Y = SHA1(X+RB1) ; Z =SHA1(X+RB2); This is wrong. This is *not* the spec. > i apologise for making you repeat the infomation but the > pervious mail was confusing. The reason for the extension is that yesnomaybe.hw3 and yesnomaybe.10.hw3 which I have posted were wrong because I've used the wrong equation! Some people have been wasting their time matching my results. I was my fault that I did not implement according to the spec. So, I extended the deadline by 2 days. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Thursday, March 25, 2004 11:43 am Subject: Re: key values > Someone wrote: > > > > You mean you don't know how to compute things like > > > SHA1(X+RB1) and SHA1(X+RB2)? Sorry, I won't post them. > > > > This is inconsistent with the hw3 spec. In the spec, keys are > > generated from Y=SHA1(X+RB1) and Z=SHA1(Y+RB2). > > I'm very sorry that I have made this mistake. The files > posted at the bottom of HW3 spec was created using the > wrong equation! I've just updated them. (You probably > need to clear your browser's cache to download the new > ones.) > > I hope people haven't been wasting to much time because > of this. If you have, I apologize. I'm extending the > deadline for HW3 for 2 days. So, the extended deadline > is 11:45pm, Sunday, 3/28/04. > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 25 22:18:58 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q6IwqB012357 for ; Thu, 25 Mar 2004 22:18:58 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q6Hvf7028759 for ; Thu, 25 Mar 2004 22:17:57 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2Q6HvpM028757 for cs530@merlot.usc.edu; Thu, 25 Mar 2004 22:17:57 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q6Hvf7028754 for ; Thu, 25 Mar 2004 22:17:57 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2Q6HvAH028750 for ; Thu, 25 Mar 2004 22:17:57 -0800 Message-Id: <200403260617.i2Q6HvAH028750@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Padding for 3DES? Date: Thu, 25 Mar 2004 22:17:57 -0800 From: william@bourbon.usc.edu Someone wrote: > I just wanted to know that while generating the test case > encrypted output file (this_yesnomaybe.10.hw3), that you have > provided at the end of the hw3 spec, did you use any 'special' > padding characters? Because, I did not pad anything as the > openssl encryption routine itself pads extra chars...but the > thing is that I am getting different last eight bytes, as > compared to the hexdump output provided by you. I think, there > should be no problem in my encryption/decryption code, as I get > back the original characters back after decryption. Similiar to HW1, the last 8 bytes may be different because of variations in padding. I just checked my code, I did not use any special padding. So, I just get whatever that's left in the buffer. Of course your answer does not have to match mime exactly. The reason I put mine up was because someone asked me to. The most important thing is, as I've mentioned before, that you can edit your encrypted file. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Mar 25 19:17:48 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q3HmqB009060 for ; Thu, 25 Mar 2004 19:17:48 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q3Glf7017008 for ; Thu, 25 Mar 2004 19:16:47 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2Q3GlBa017002 for ; Thu, 25 Mar 2004 19:16:47 -0800 Message-Id: <200403260316.i2Q3GlBa017002@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: hwk2 In-Reply-To: My message of "Thu, 25 Mar 2004 19:15:50 PST." <200403260315.i2Q3FoJZ016051@bourbon.usc.edu> Date: Thu, 25 Mar 2004 19:16:47 -0800 From: william@bourbon.usc.edu Oops! Sorry! Posted to the wrong list. -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Thu, 25 Mar 2004 19:15:50 -0800 From: william@bourbon.usc.edu To: cs530@bourbon.usc.edu Subject: Re: hwk2 Someone wrote: > Is it always the case that if "H" is the highest level of > landmark there will always be only one landmark of level "H" > is a network. You can have more than one global landmark. > If that is not the case, could you please cite an example > of when it is not. Cite an example? Umm... take *any* landmark network with one global landmark (which is at level H), promote another level H-1 landmark to level H. Done! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 25 19:16:51 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q3GpqB009040 for ; Thu, 25 Mar 2004 19:16:51 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q3Fpf7016060 for ; Thu, 25 Mar 2004 19:15:51 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2Q3FpXS016058 for cs530@merlot.usc.edu; Thu, 25 Mar 2004 19:15:51 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q3Fof7016055 for ; Thu, 25 Mar 2004 19:15:50 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2Q3FoJZ016051 for ; Thu, 25 Mar 2004 19:15:50 -0800 Message-Id: <200403260315.i2Q3FoJZ016051@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: hwk2 Date: Thu, 25 Mar 2004 19:15:50 -0800 From: william@bourbon.usc.edu Someone wrote: > Is it always the case that if "H" is the highest level of > landmark there will always be only one landmark of level "H" > is a network. You can have more than one global landmark. > If that is not the case, could you please cite an example > of when it is not. Cite an example? Umm... take *any* landmark network with one global landmark (which is at level H), promote another level H-1 landmark to level H. Done! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 25 19:11:28 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q3BSqB008925 for ; Thu, 25 Mar 2004 19:11:28 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q3ARf7010853 for ; Thu, 25 Mar 2004 19:10:27 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2Q3ARUL010845 for cs530@merlot.usc.edu; Thu, 25 Mar 2004 19:10:27 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q3ARf7010842 for ; Thu, 25 Mar 2004 19:10:27 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2Q3AR8W010838 for ; Thu, 25 Mar 2004 19:10:27 -0800 Message-Id: <200403260310.i2Q3AR8W010838@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Des encryption-decryption, 8th byte corruption Date: Thu, 25 Mar 2004 19:10:27 -0800 From: william@bourbon.usc.edu Someone wrote: > For some reason the 8th byte, and only the 8th byte seems to get corrupted > after 3DES encryption/decryption. The sequence of steps is as follows: > %hw3 edit temp > I enter "yesnomaybe" > %hw3 edit temp > Whats displayed is "yesnomaxbe" > %hw3 edit temp > Whats displayed is "yesnomaybe" > %hw3 edit > Whats displayed is "yesnomaxbe" > > %ls -l temp > -rw-r----- 1 gattu nura-02 40 Mar 25 18:04 temp > > I am using vi as the editor. > So the third operation yields the correct output, which alternates between > succesive edit operations. A hexdump of temp after the first edit shows: > 000000: de 07 59 99 10 0f d2 81 bd 1e 7b ef 7c 02 70 8a ~.Y~..~~~.{~|.p~ > 000010: 25 09 b7 ef 00 00 00 0b 01 70 73 f2 65 12 f7 04 %.~~.....ps~e.~. > 000020: 88 c2 8e 23 26 67 f3 17 -- -- -- -- -- -- -- -- ~~~#&g~. > > The first 24 bytes matches the hexdump you provided, but the last 16 bytes do > not. The hexdump of the next edit operation is different, since the SHA1 > computes to a different value. I am using the secret.c you have provided. I > have also tried this for input larger than 11 bytes (16, 30, 100), getting the > same corrupted 8th and only byte. Any suggestions would be helpful. Hmm... I cannot think of any reason why the 8th byte would be flipfloping between 'x' (0x78) and 'y' (0x79). No matter what keys you use, if they are good keys, then the flipflopping should not happen. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 25 16:36:26 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q0aQqB006098 for ; Thu, 25 Mar 2004 16:36:26 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q0ZQf7017229 for ; Thu, 25 Mar 2004 16:35:26 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2Q0ZQku017224 for cs530@merlot.usc.edu; Thu, 25 Mar 2004 16:35:26 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q0ZQf7017216 for ; Thu, 25 Mar 2004 16:35:26 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2Q0ZOgJ017200 for ; Thu, 25 Mar 2004 16:35:26 -0800 Message-Id: <200403260035.i2Q0ZOgJ017200@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: iostream bug Date: Thu, 25 Mar 2004 16:35:23 -0800 From: william@bourbon.usc.edu Someone wrote: > william@bourbon.usc.edu wrote: > > > I guess that's another reason we should away from the STL or even C++. Umm... the above wasn't my quote! :-) It's from another student. I would probably never say that! I would only say, "I do not use STL". I don't think there is anything wrong with C++. I use it too. > Or, more to the point, why you should use the latest version of the > compiler, not one that is 4+ years out-of-date. > > I know, Prof Cheng, that you are not fond of the STL. But if students > believe that the STL is somehow "tainted," they may (when they get out > into the real world) be tempted to reimplement STL facilities that work > well and are widely understood. That "roll your own" approach creates > enormous headaches in debugging and long-term maintenance, and should be > *strongly* discouraged. > > As to C++, do not doubt that its alternatives (Java, et al) have their > own quirks. [ Just to be clear... The above 2 paragraphs are *not* from me! :-) ] I think what I said about STL (and templates) was that it's bloated and it's inappropriate for certain applications (such as embedded devices). As far as bugs go, I totally agree with you. Almost everything has bugs. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 25 16:28:12 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q0SCqB005940 for ; Thu, 25 Mar 2004 16:28:12 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q0RCf7014054 for ; Thu, 25 Mar 2004 16:27:12 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2Q0RCYP014052 for cs530@merlot.usc.edu; Thu, 25 Mar 2004 16:27:12 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q0RCf7014049 for ; Thu, 25 Mar 2004 16:27:12 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2Q0RCZ7014045 for ; Thu, 25 Mar 2004 16:27:12 -0800 Message-Id: <200403260027.i2Q0RCZ7014045@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Questions Date: Thu, 25 Mar 2004 16:27:12 -0800 From: william@bourbon.usc.edu Someone wrote: > 1. My edit function works properly, but the output is > different even from your updated hexdump. My hash is > however the same. I am using emacs as the default > editor. The hash and size (10) write out correctly. I don't know why they would be different if the same "secret.c" is used. I guess the most important thing is that you can encrypt and decrypt the files you have created using your hw3. > 2. When verifying, since we only have to output 20 > bytes, can we simply decrypt only 20 bytes of the > file, or do we have to decrypt the whole file? The digital signature is 1024 bits long (128 bytes) and it (which is c) is equal to (m^d mod n). In order to decrypt c, you are suppose to calculate (c^e mod n). So what you are asking is that if you only take the most significant 160 bits of c (let's call this z), do you have: (c^e mod n) == (z^e mod n) Guess what the answer is?! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 25 16:03:14 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q03EqB005349 for ; Thu, 25 Mar 2004 16:03:14 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q02Ef7004493 for ; Thu, 25 Mar 2004 16:02:14 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2Q02D8G004491 for cs530@merlot.usc.edu; Thu, 25 Mar 2004 16:02:13 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2Q02Df7004482 for ; Thu, 25 Mar 2004 16:02:13 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2Q02DXK004478 for ; Thu, 25 Mar 2004 16:02:13 -0800 Message-Id: <200403260002.i2Q02DXK004478@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: DES encryption different Date: Thu, 25 Mar 2004 16:02:13 -0800 From: william@bourbon.usc.edu Someone wrote: > My edit function works for the yesnomaybe.hw3 example > with your secret.c file, but when I hexdump the > encrypted file, the encrypted part (last filesize-24 > bits) is different than what you posted. Have you > updated the site yet with corrections to this problem? > If so is the last modified date different so I can > verify I'm not looking at a cached webpage? Instead of having the hexdump as separate files, I've just updated the spec to display the hexdumps on the web page. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 25 14:09:03 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2PM93qB003053 for ; Thu, 25 Mar 2004 14:09:03 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2PM82f7025759 for ; Thu, 25 Mar 2004 14:08:02 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2PM825o025757 for cs530@merlot.usc.edu; Thu, 25 Mar 2004 14:08:02 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2PM82f7025754 for ; Thu, 25 Mar 2004 14:08:02 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2PM827e025744 for ; Thu, 25 Mar 2004 14:08:02 -0800 Message-Id: <200403252208.i2PM827e025744@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Post keys Date: Thu, 25 Mar 2004 14:08:02 -0800 From: william@bourbon.usc.edu Someone wrote: > Could you please post the keys and iv you generated > from the yesnomaybe.10.hw3 file. Sorry, but no. This is too easy. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 25 12:48:41 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2PKmfqB001572 for ; Thu, 25 Mar 2004 12:48:41 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2PKlff7027483 for ; Thu, 25 Mar 2004 12:47:41 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2PKlfoA027481 for cs530@merlot.usc.edu; Thu, 25 Mar 2004 12:47:41 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2PKlff7027478 for ; Thu, 25 Mar 2004 12:47:41 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2PKlfvI027468 for ; Thu, 25 Mar 2004 12:47:41 -0800 Message-Id: <200403252047.i2PKlfvI027468@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: System edit problems Date: Thu, 25 Mar 2004 12:47:41 -0800 From: william@bourbon.usc.edu Hi, I'm forwarding an e-mail from a student. -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Thu, 25 Mar 2004 12:39:33 -0800 To: william@bourbon.usc.edu Subject: Re: System edit problems >You can set your EDITOR environment variable to the >full path (/usr/usc/bin/emacs). Then it should work. >I don't know why it's not working in your case. Perhaps because system() executes a /bin/sh, not a /bin/csh, and .profile gets sourced instead of .cshrc / .login. Sounds like his PATH isn't getting set up properly in that case, perhaps because his .profile sets it to some basic set of directory paths. Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Mar 25 12:07:01 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2PK71qB000809 for ; Thu, 25 Mar 2004 12:07:01 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2PK61f7012031 for ; Thu, 25 Mar 2004 12:06:01 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2PK61E8012029 for cs530@merlot; Thu, 25 Mar 2004 12:06:01 -0800 Date: Thu, 25 Mar 2004 12:06:01 -0800 From: william@bourbon.usc.edu Message-Id: <200403252006.i2PK61E8012029@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: HW3 deadline extended... Hi, HW3 deadline has been extended to 11:45PM, Sunday, 3/28/2004. Please see my e-mail with timestamp "Thu 25 Mar 11:43" for the reason for extension. Thanks! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 25 12:00:42 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2PK0gqB000690 for ; Thu, 25 Mar 2004 12:00:42 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2PJxgf7009487 for ; Thu, 25 Mar 2004 11:59:42 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2PJxgVf009485 for cs530@merlot.usc.edu; Thu, 25 Mar 2004 11:59:42 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2PJxff7009479 for ; Thu, 25 Mar 2004 11:59:41 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2PJxf1A009472 for ; Thu, 25 Mar 2004 11:59:41 -0800 Message-Id: <200403251959.i2PJxf1A009472@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: System edit problems Date: Thu, 25 Mar 2004 11:59:41 -0800 From: william@bourbon.usc.edu Someone wrote: > 2 things: > 1 - thanks, that fixed the problem. So can i assume > that if it cannot find emacs on your system, that the > absolute path will be set when you test it? You can assume that the environment variable is set properly by the grader. > 2 - Since we can only use a 4096 byte buffer, doesn't > that mean that our CBC chain will be repeated with the > same IV every 4096 bytes? Isn't that a security flaw > if the message is recurring packets of size 4096? The IV is the state information that kept getting modified when you call DES_ede3_cbc_encrypt() over and over again. You are not suppose to reset it after every call to DES_ede3_cbc_encrypt(). -- Bill Cheng // bill.cheng@usc.edu --- william@bourbon.usc.edu wrote: > Someone wrote: > > > Whenever I execute the edit command, it says > > "Executing cmd: emacs > > /home/scf27/x/tmp/AAAPeaOld > > sh: emacs: not found > > " > > > > I can't figure out how this is since I can > launch > > emacs perfectly using this command from both sh > and > > csh prompts. > > > > Any ideas? > > You can set your EDITOR environment variable to the > full path (/usr/usc/bin/emacs). Then it should > work. > I don't know why it's not working in your case. > -- > Bill Cheng // bill.cheng@usc.edu > Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 25 11:44:19 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2PJiJqB000376 for ; Thu, 25 Mar 2004 11:44:19 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2PJhJf7003153 for ; Thu, 25 Mar 2004 11:43:19 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2PJhJxS003151 for cs530@merlot.usc.edu; Thu, 25 Mar 2004 11:43:19 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2PJhJf7003148 for ; Thu, 25 Mar 2004 11:43:19 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2PJhJ6W003144 for ; Thu, 25 Mar 2004 11:43:19 -0800 Message-Id: <200403251943.i2PJhJ6W003144@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: key values Date: Thu, 25 Mar 2004 11:43:19 -0800 From: william@bourbon.usc.edu Someone wrote: > > You mean you don't know how to compute things like > > SHA1(X+RB1) and SHA1(X+RB2)? Sorry, I won't post them. > > This is inconsistent with the hw3 spec. In the spec, keys are > generated from Y=SHA1(X+RB1) and Z=SHA1(Y+RB2). I'm very sorry that I have made this mistake. The files posted at the bottom of HW3 spec was created using the wrong equation! I've just updated them. (You probably need to clear your browser's cache to download the new ones.) I hope people haven't been wasting to much time because of this. If you have, I apologize. I'm extending the deadline for HW3 for 2 days. So, the extended deadline is 11:45pm, Sunday, 3/28/04. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 25 10:41:01 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2PIf1qB031414 for ; Thu, 25 Mar 2004 10:41:01 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2PIe1f7010869 for ; Thu, 25 Mar 2004 10:40:01 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2PIe1eb010867 for cs530@merlot.usc.edu; Thu, 25 Mar 2004 10:40:01 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2PIe1f7010864 for ; Thu, 25 Mar 2004 10:40:01 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2PIe1Sg010860 for ; Thu, 25 Mar 2004 10:40:01 -0800 Message-Id: <200403251840.i2PIe1Sg010860@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: System edit problems Date: Thu, 25 Mar 2004 10:40:01 -0800 From: william@bourbon.usc.edu Someone wrote: > Whenever I execute the edit command, it says > "Executing cmd: emacs > /home/scf27/schifman/tmp/AAAPeaOld > sh: emacs: not found > " > > I can't figure out how this is since I can launch > emacs perfectly using this command from both sh and > csh prompts. > > Any ideas? You can set your EDITOR environment variable to the full path (/usr/usc/bin/emacs). Then it should work. I don't know why it's not working in your case. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 25 10:28:36 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2PISaqB031179 for ; Thu, 25 Mar 2004 10:28:36 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2PIRbf7005901 for ; Thu, 25 Mar 2004 10:27:37 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2PIRbXY005899 for cs530@merlot.usc.edu; Thu, 25 Mar 2004 10:27:37 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2PIRbf7005893 for ; Thu, 25 Mar 2004 10:27:37 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2PIRaiZ005886 for ; Thu, 25 Mar 2004 10:27:37 -0800 Message-Id: <200403251827.i2PIRaiZ005886@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: key values Date: Thu, 25 Mar 2004 10:27:36 -0800 From: william@bourbon.usc.edu Someone wrote: > could u please send the corresponding ivec,key1,key2,key3 > values when using yr secret.c and data as yesnomaybe\n. u > have given us the hexdump data of encrypted data. > so was wondering if u could post the key values as well You mean you don't know how to compute things like SHA1(X+RB1) and SHA1(X+RB2)? Sorry, I won't post them. Find another student to exchange these values with you. If the values are not the same, figure it out with this other student and see who is right. You are grad students, can't you even figure out something as simple as this? -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 25 09:50:26 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2PHoQqB030443 for ; Thu, 25 Mar 2004 09:50:26 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2PHnQf7022201 for ; Thu, 25 Mar 2004 09:49:26 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2PHnQSx022193 for cs530@merlot.usc.edu; Thu, 25 Mar 2004 09:49:26 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2PHnQf7022190 for ; Thu, 25 Mar 2004 09:49:26 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2PHnQ9k022186 for ; Thu, 25 Mar 2004 09:49:26 -0800 Message-Id: <200403251749.i2PHnQ9k022186@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: how to check if the file exists or not!! Date: Thu, 25 Mar 2004 09:49:26 -0800 From: william@bourbon.usc.edu Someone wrote: > please guide me on a way to check if the file exists or not. > i used stat for that, but it returns -1 regardless of the > existence of the file. > even though the file exists, it will return -1... > please provide me some alternative method. Hmm.. give up so easily?! Did you read the man page for stat? If you did, what is the value of errno say when stat() returns -1? If you *just* want to see if file exists, you can just do open() or fopen(). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 23:07:04 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2P773qB018177 for ; Wed, 24 Mar 2004 23:07:03 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2P765f7022996 for ; Wed, 24 Mar 2004 23:06:05 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2P765R5022994 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 23:06:05 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2P765f7022986 for ; Wed, 24 Mar 2004 23:06:05 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2P7658f022981 for ; Wed, 24 Mar 2004 23:06:05 -0800 Message-Id: <200403250706.i2P7658f022981@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: iostream bug Date: Wed, 24 Mar 2004 23:06:05 -0800 From: william@bourbon.usc.edu Hi, I'm forwarding an e-mail from a student. -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Wed, 24 Mar 2004 19:01:17 -0800 To: william@bourbon.usc.edu Subject: iostream bug I just wanted to mention that a bug had been detected in the iostream library (up to version 2.95.x), which causes file truncation when open a file for writing and in binary mode. I have pasted an excerpt from the following website: http://www.delorie.com/djgpp/v2faq/faq9_4.html, which proved to be very helpful. If you have problems with read/write access to binary files via the fstream class in C++ programs, then make sure you call the constructor with an explicit ios::in and/or ios::out parameter, like this: ifstream object_name ("file", ios::binary | ios::in); Likewise, if you want to write binary files, you need to mention the ios::out flag explicitly. (This is actually a bug in all versions of the GNU C++ iostreams library up to and including version 2.95.) Versions of the GNU C++ library before 2.8.1 had a bug in the GNU iostream classes. This bug caused truncation of files, even if you never write to the file. If you still use such an old version and cannot upgrade, a workaround is to do something like this: fstream inFile; int fd = open ("foobar", O_RDWR | O_BINARY); inFile.fstream (fd); I guess that's another reason we should away from the STL or even C++. Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 22:57:52 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2P6vqqB017981 for ; Wed, 24 Mar 2004 22:57:52 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2P6urf7014039 for ; Wed, 24 Mar 2004 22:56:53 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2P6urdd014037 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 22:56:53 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2P6urf7014032 for ; Wed, 24 Mar 2004 22:56:53 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2P6urqh014024 for ; Wed, 24 Mar 2004 22:56:53 -0800 Message-Id: <200403250656.i2P6urqh014024@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: CS530: Re: unable to encrypt (3DES) Date: Wed, 24 Mar 2004 22:56:53 -0800 From: william@bourbon.usc.edu Someone wrote: > I too had same kind of error, whereby i was not able to get the original > plaintext back after decryption and was getting garbage instead, but > eventually i got the error solved... > i suppose only using the DES_set_key() doesnot work... > you need to go through all the steps that we went through with manipulating > with the keys before encryption.. > below is the fragment of the code on what i did.. > ------------------------------------------------------------------------------- > > DES_string_to_key((char *)iv, &ivec); //( for each of the keys and iv as they > are char * type and DES needs them to be of type DES_cblock), > > DES_set_odd_parity(&k1); //(setting odd parity of the keys) > > if(DES_key_sched(&k1,&s1)<0) printf("Error scheduling the key"); > > DES_ede3_cbc_encrypt(tempk,enc,8,&s1,&s2,&s3,&ivec,1); > > and similarly for the decryption, following the same steps instead of > DES_set_key() only, > > DES_string_to_key((char *)iv, &ivec); > > DES_set_odd_parity(&k1); > > if(DES_key_sched(&k1,&s1)<0) printf("Error scheduling the key"); > > DES_ede3_cbc_encrypt(enc,dec, 8, &s1,&s2,&s3,&ivec,0); > ------------------------------------------------------------------------------- > and i can get back the original plaintext.. > i hope it helps.. Thanks for sharing the code segment. Someone showed me her code during office hour today. She did pretty much what you did, except she wasn't using DES_string_to_key() and she used DES_set_key() instead of DES_key_sched(). And that should work too! So, I really dont' know why people are having trouble with the encryption and decryption! Come to think of it... Regarding DES_string_to_key()... I didn't use it, I just copy the 8 byte keys directly into iv and k1, k2, and k3 (because the data type const_DES_cblock is just unsigned char[8]). May be they did something wrong when they conver their keys and iv to DES_key_schedule. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Wednesday, March 24, 2004 7:07 am Subject: Re: CS530: Re: unable to encrypt (3DES) > Someone wrote: > > > I have the same problem. Even I do not get back the plain > > text when I decrypt using DES_ede3_cbc_encrypt(). I do reset > > the keysechedules between encrypt and decrypt function calls. > > I have spent quite a lot of time trying to figure out > > whats wrong. Could you please help? > > This is pretty much the same as HW1. Anyway, you should > probably come see me during office hour. > > I'm planning on *not* being on campus this Thursday and > Friday (to grade the 530 midterm). So, today's office hour > is probably your last chance to see me before HW3 is due. > -- > Bill Cheng // bill.cheng@usc.edu > > > > ----- Original Message ----- > From: william@bourbon.usc.edu > Date: Tuesday, March 23, 2004 10:39 pm > Subject: Re: unable to encrypt (3DES) > > > Someone wrote: > > > > > Hi Prof, I tried this: > > > > > > DES_ede3_cbc_encrypt(tempBuffer, tempEncBuf, 8, > > > &DESkey1, &DESkey2, > > > &DESkey3, &iv, 1); > > > DES_ede3_cbc_encrypt(tempEncBuf, tBuf, 8, > > > &DESkey1, &DESkey2, > > > &DESkey3, &iv, 0); > > > but it still give me garbage, all buffers are 8 in size and had > been > > > preallocated.but still does not work, help, i can't believe i'm > still > > here > > > doing 3DES. Thank you > > > > I hope you have reset the key schedules (by calling > > DES_set_key()) above between the 2 calls to > > DES_ede3_cbc_encrypt(). > > > > If you can't even get this simple case to work, you > > should probably come see me during office hour. > > -- > > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 22:48:28 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2P6mSqB017823 for ; Wed, 24 Mar 2004 22:48:28 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2P6lUf7004915 for ; Wed, 24 Mar 2004 22:47:30 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2P6lUaR004907 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 22:47:30 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2P6lTf7004904 for ; Wed, 24 Mar 2004 22:47:29 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2P6lToc004900 for ; Wed, 24 Mar 2004 22:47:29 -0800 Message-Id: <200403250647.i2P6lToc004900@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: genrating BIGNUM from hexstring in secret.c Date: Wed, 24 Mar 2004 22:47:29 -0800 From: william@bourbon.usc.edu Someone wrote: > This might be very basic question but I really need to get it > cleared before I go further. > > I have a small doubt in conversion from hex to BIGNUM. While > writing into secret.c, I used BN_bn2hex() function. Now, > suppose I passed BIGNUM for 65537 into this function, it'd > generate a hexstring like '010001'. And I wrote it in > secret.c like: 0x01,0x00,0x01 > > Now, my question is: while reading values from secret.c, if > I want to use BN_hex2bn(), I need a hex string as an input > which would be '010001'. So do I need to extract this value > from 0x01,0x00,0x01? Do you *need to*? What does the man page (or spec) for BN_hex2bn() say? > Please let me know if there is any other easy way getting a > BIGNUM from the hexstrings in secret.c I don't know why you want to call BN_hex2bn()! The only reason I can think of is that because you used BN_bn2hex() before. There are other BN functions that can do conversions. If you want to work with hex, that should be fine. Although I wouldn't use it, it should work just fine. Just get it to work right! Do what's necessary. I don't understand why this is a problem. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 17:31:57 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2P1VvqB012100 for ; Wed, 24 Mar 2004 17:31:57 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2P1Uxf7027877 for ; Wed, 24 Mar 2004 17:30:59 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2P1UxhO027875 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 17:30:59 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2P1Uxf7027872 for ; Wed, 24 Mar 2004 17:30:59 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2P1UxhO027868 for ; Wed, 24 Mar 2004 17:30:59 -0800 Message-Id: <200403250130.i2P1UxhO027868@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: File Size Date: Wed, 24 Mar 2004 17:30:59 -0800 From: william@bourbon.usc.edu Someone wrote: > Since we store the file size in 4 bytes, can we assume that > the file size will not be greater than 9999 bytes. Huh?! 4 bytes can store up to (2^32)-1. > Also I have tried to enter tha filesize without using the > network byte order and it works fine. > > So is it OK if we dont use htonl function? Do it at your own risk. Just don't complain if you get points taken off. (You know what's the right thing to do and you want me to say it's okay to do the wrong thing?! Are you kidding me?) -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 17:28:24 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2P1SOqB012044 for ; Wed, 24 Mar 2004 17:28:24 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2P1RQf7026474 for ; Wed, 24 Mar 2004 17:27:26 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2P1RQNE026469 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 17:27:26 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2P1RPf7026463 for ; Wed, 24 Mar 2004 17:27:25 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2P1RPwX026459 for ; Wed, 24 Mar 2004 17:27:25 -0800 Message-Id: <200403250127.i2P1RPwX026459@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: submission Date: Wed, 24 Mar 2004 17:27:25 -0800 From: william@bourbon.usc.edu Someone wrote: > Do we need to submit defs.h and scintrf.h as we have not > made any changes in it. The requirement is that "make" must work *as is*. Please follow the "verify your submission" procedure and make sure you have submitted all the right code. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 17:27:05 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2P1R5qB011997 for ; Wed, 24 Mar 2004 17:27:05 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2P1Q7f7025976 for ; Wed, 24 Mar 2004 17:26:07 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2P1Q7tA025974 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 17:26:07 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2P1Q7f7025971 for ; Wed, 24 Mar 2004 17:26:07 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2P1Q7H2025967 for ; Wed, 24 Mar 2004 17:26:07 -0800 Message-Id: <200403250126.i2P1Q7H2025967@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: unencrypted file for edit Date: Wed, 24 Mar 2004 17:26:07 -0800 From: william@bourbon.usc.edu Someone wrote: > I think you misunderstood my question. > if my *FIRST* edit command is 'hw3 edit foo.txt' and > foo.txt is some random file which already exists and does not > confirm to our encrypted file standard. Then what are the > ways in which our program could understand that foo.txt is > not in the format it expects. If foo.txt is some file like > that then we are going to get some garbage file size from > foo.txt . So could we assume that the real conforming file > would be less than some size say 10 MB? > I hope, you get what I am trying to say. I did misunderstand you. Let's say the bytes 20-23 in the encrypt file computes to be X (after you call ntohl()). The encrypted part of the file size (encrypted file size minus 24) should be between X and X+7. If not, I guess the proper thing to do is to complain about it and refuse to edit it. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Wednesday, March 24, 2004 5:02 pm Subject: Re: unencrypted file for edit > Someone wrote: > > > I was just trying to think of some checks to determine if the > > file for edit is actually unencrypted. Can I assume that if > > I get the filesize (bytes 20-24 of the file) > > more than some limit say 10MB or something that a wrong file > > has been provided for edit > > Since you have the SHA1 value of the original file, after > you decrypt, you can calculate the SHA1 value and see > if it's the same. > > You should *not* encrypt the file size! If your original > file size is 16 bytes, the encrypted file should be 16+24=40 > bytes. The first 24 bytes contains the SHA1 and file size > of the *original* file. The rest are encrypted version of > the original file. > > If your original file size is 10 bytes, the encrypted > file should also be 40 bytes! Again, the first 24 bytes > contains the SHA1 and file size of the *original* file. > The rest are encrypted version of the original file and > the encrypted version should have a size which is a multiple > of 8. > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 17:03:28 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2P13SqB011542 for ; Wed, 24 Mar 2004 17:03:28 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2P12Uf7016555 for ; Wed, 24 Mar 2004 17:02:30 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2P12UUM016553 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 17:02:30 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2P12Uf7016550 for ; Wed, 24 Mar 2004 17:02:30 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2P12UZQ016546 for ; Wed, 24 Mar 2004 17:02:30 -0800 Message-Id: <200403250102.i2P12UZQ016546@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: unencrypted file for edit Date: Wed, 24 Mar 2004 17:02:30 -0800 From: william@bourbon.usc.edu Someone wrote: > I was just trying to think of some checks to determine if the > file for edit is actually unencrypted. Can I assume that if > I get the filesize (bytes 20-24 of the file) > more than some limit say 10MB or something that a wrong file > has been provided for edit Since you have the SHA1 value of the original file, after you decrypt, you can calculate the SHA1 value and see if it's the same. You should *not* encrypt the file size! If your original file size is 16 bytes, the encrypted file should be 16+24=40 bytes. The first 24 bytes contains the SHA1 and file size of the *original* file. The rest are encrypted version of the original file. If your original file size is 10 bytes, the encrypted file should also be 40 bytes! Again, the first 24 bytes contains the SHA1 and file size of the *original* file. The rest are encrypted version of the original file and the encrypted version should have a size which is a multiple of 8. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 16:59:26 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2P0xQqB011450 for ; Wed, 24 Mar 2004 16:59:26 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2P0wSf7014995 for ; Wed, 24 Mar 2004 16:58:28 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2P0wSDI014993 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 16:58:28 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2P0wRf7014990 for ; Wed, 24 Mar 2004 16:58:27 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2P0wRua014986 for ; Wed, 24 Mar 2004 16:58:27 -0800 Message-Id: <200403250058.i2P0wRua014986@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: first block doesnt decypt properly Date: Wed, 24 Mar 2004 16:58:27 -0800 From: william@bourbon.usc.edu Someone wrote: > I had the same problem. My first 8 bytes of the file were not > getting decrypted properly. The rest of the file was getting > decrypted fine. I just went ahead and put the SHA and the > filesize and the problem went. I don't know what exactly is > the reason but somehow the first 8 bytes of the file don't > get decrypted. Now because I din't need to decrypt the SHA , > it worked fine. Sounds funny but it worked for me. Hmm... I don't know what you mean by decrypt the SHA. You only need to encrypt the actual file in ~/tmp. You should not encrypt the first 24 bytes of the encrypted file. I'm not sure exactly what you are saying! But I'm glad you got around the bug. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Wednesday, March 24, 2004 4:19 pm Subject: Re: first block doesnt decypt properly > Someone wrote: > > > my entire message gets decrypted properly in 3DES instead > > of the first 8 bytes i.e the first block.what can be the > > reason?i m not able to figure it out. > > Sorry, but I have no idea why. At least you are getting close. > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 16:20:12 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2P0KCqB010764 for ; Wed, 24 Mar 2004 16:20:12 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2P0J4f7032340 for ; Wed, 24 Mar 2004 16:19:04 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2P0J4Vj032338 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 16:19:04 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2P0J4f7032335 for ; Wed, 24 Mar 2004 16:19:04 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2P0J46k032331 for ; Wed, 24 Mar 2004 16:19:04 -0800 Message-Id: <200403250019.i2P0J46k032331@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: first block doesnt decypt properly Date: Wed, 24 Mar 2004 16:19:04 -0800 From: william@bourbon.usc.edu Someone wrote: > my entire message gets decrypted properly in 3DES instead > of the first 8 bytes i.e the first block.what can be the > reason?i m not able to figure it out. Sorry, but I have no idea why. At least you are getting close. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 13:27:16 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2OLRGqB007106 for ; Wed, 24 Mar 2004 13:27:16 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OLQJf7030288 for ; Wed, 24 Mar 2004 13:26:19 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2OLQJNq030286 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 13:26:19 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OLQIf7030283 for ; Wed, 24 Mar 2004 13:26:18 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2OLQIdR030279 for ; Wed, 24 Mar 2004 13:26:18 -0800 Message-Id: <200403242126.i2OLQIdR030279@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Problem with SSL Date: Wed, 24 Mar 2004 13:26:18 -0800 From: william@bourbon.usc.edu Someone wrote: > I'm not sure about the SSL connection establishment. What I > understand is if the server challenge with Nonce_s (Nonce > subscript s), the client should respond with Verify_c (Verify > subscript c) and vice versa. > > From the lecture, after the server received "Hello" message > from the client, it sends Nonce_s to challenge the client. > However, if "Cert_c + Verify_c" message is optional, there > will be no client's respond to server's Nonce_s and I think > this could make message replay possible. When there is no client authentication, the server doesn't really care who it's talking to! So, looks like it's fine. I'm not sure what replay attack you are concerned about. If the attack replays message 3 (page 1 of lecture 17), it still cannot generate message 5 because it doesn't know the PMKey. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 13:19:16 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2OLJGqB006948 for ; Wed, 24 Mar 2004 13:19:16 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OLIJf7027180 for ; Wed, 24 Mar 2004 13:18:19 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2OLIJMR027178 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 13:18:19 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OLIIf7027169 for ; Wed, 24 Mar 2004 13:18:18 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2OLIIKt027165 for ; Wed, 24 Mar 2004 13:18:18 -0800 Message-Id: <200403242118.i2OLIIKt027165@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Calculating new file size Date: Wed, 24 Mar 2004 13:18:18 -0800 From: william@bourbon.usc.edu Someone wrote: > I'm working on generating the encrypted file from the > editor. I need to know the file size before the > encryption in order to malloc enough memory, Please remember that the maximum buffer size is 4,096! So, if the file is larger than that, you are *not* allowed to malloc() the size of the file. > but the > only way I can think of doing this is to scan through > the FILE without storing any information except a size > counter. Then I can reread the FILE storing data. > This seems very inefficient, to scan the file twice. > Is there another way to get the file size that I am > overlooking? Please see "man -s 2 stat". You can get the file size from st_size. You can also do fseek() followed by ftell(). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 10:32:14 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2OIWEqB003754 for ; Wed, 24 Mar 2004 10:32:14 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OIVHf7027906 for ; Wed, 24 Mar 2004 10:31:17 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2OIVH0Z027904 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 10:31:17 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OIVHf7027901 for ; Wed, 24 Mar 2004 10:31:17 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2OIVH9T027897 for ; Wed, 24 Mar 2004 10:31:17 -0800 Message-Id: <200403241831.i2OIVH9T027897@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: HW2 grade... Date: Wed, 24 Mar 2004 10:31:17 -0800 From: william@bourbon.usc.edu Someone wrote: > Can I get my graded homework back, so that I can know where > I lost my points? > Or can grader tell me the place where I did wrong. Thanks! The grader was going to give HW2 to me so I can return them to all of you. But I haven't got it from him yet. If you are going to see him while he still has your HW2, you are welcome to get it from him. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 09:32:37 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2OHWbqB002526 for ; Wed, 24 Mar 2004 09:32:37 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OHVef7004688 for ; Wed, 24 Mar 2004 09:31:40 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2OHVeV9004686 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 09:31:40 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OHVef7004683 for ; Wed, 24 Mar 2004 09:31:40 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2OHVeq0004679 for ; Wed, 24 Mar 2004 09:31:40 -0800 Message-Id: <200403241731.i2OHVeq0004679@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: significance of Smartcardstate pss Date: Wed, 24 Mar 2004 09:31:40 -0800 From: william@bourbon.usc.edu Someone wrote: > >The SmartcardState is the *only* place you are allowed to store > >the state of your smartcard (since global variables are not > >allowed). Storing state information in a file is not a good > >idea because libsmartcard.so can be loaded simultaneously by > >multiple applications. You *shoudl* use SmartcardState to > >store objects and state information. > > I'll never live down my earlier emails ;-). > > I didn't mean to store state in a *file*. I meant that state > could be held in a static variable with *file scope*. That > meets the letter of your spec (maybe) because no global > variables are visible to the outside world. But it doesn't > meet the goal of making the SC_* functions reentrant. Unless > the student uses SmartcardState, or reconstructs state each > call, he's left with that static variable. Oops! I misunderstood what you meant. Static variables with file scope are considered global variables. The idea is to have the smartcard code to be reentrant. So, please pass the state information around in the SmartcardState and not have it stored anywhere else. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 07:49:01 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFn1qB000594 for ; Wed, 24 Mar 2004 07:49:01 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFm4f7012067 for ; Wed, 24 Mar 2004 07:48:04 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2OFm4IC012062 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 07:48:04 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFm4f7012056 for ; Wed, 24 Mar 2004 07:48:04 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2OFm4QJ012052 for ; Wed, 24 Mar 2004 07:48:04 -0800 Message-Id: <200403241548.i2OFm4QJ012052@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Secret Key Generation Date: Wed, 24 Mar 2004 07:48:04 -0800 From: william@bourbon.usc.edu Someone wrote: > >If X is in buf1 and RB1 is in buf2 and both buf1 and buf2 are > >20 bytes in size, then you need a buffer of 40 bytes in size > >and put X in the first 20 bytes and RB1 in the last 20 bytes. > > Or just use the SHA_Init, SHA_Update, and SHA_Final calls to implictly > assemble the sub-pieces thereof. That would work too. (I was just describing the concept.) -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 07:47:53 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFlrqB000547 for ; Wed, 24 Mar 2004 07:47:53 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFkvf7010985 for ; Wed, 24 Mar 2004 07:46:57 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2OFkvVY010983 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 07:46:57 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFkuf7010980 for ; Wed, 24 Mar 2004 07:46:56 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2OFku9f010970 for ; Wed, 24 Mar 2004 07:46:56 -0800 Message-Id: <200403241546.i2OFku9f010970@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: significance of Smartcardstate pss Date: Wed, 24 Mar 2004 07:46:56 -0800 From: william@bourbon.usc.edu Someone wrote: > >Someone wrote: > > > > > As you said: "the SmartcardState can be NULL. So, you don't > > > *have to* have it point to a RSA structure" > > > >Well, SC_3des_key_gen() doesn't need (RSA*) structure. You > >only need to create the (RSA*) structure for the functions > >that need it. > > Professor, it seems that the student may be asking what to do if pSS > itself is NULL (although he appears to confuse the distinction between > SmartcardState and RSA, which may be a *part* of SmartcardState). I > agree that RSA is not necessary for SC_3des_key_gen, but SmartcardState > certainly may be. (You allude to this later in your response.) For > example, I return -1 from all SC_* functions if pSS is NULL, because it > holds my state. Since your code returns something useful when SC_init() returns, you will get whatever you returned back in all other SC_* functions. So, if you don't get it returned, you can flag an error in your SC_* functions. > > > Now, what I dont understand is if we are reading all the > > > necessary values (i.e. e,d,n, random_no1, random_no2) from > > > secret.c directly, then why there is this first argument > > > "SmartcardState pSS" in all the functions defined in the > > > interface. Do we really need it or use it?? > > > >Someone might want to use it. If you don't, it's okay too. > >When you are using someone else's smartcard, you have no > >idea if they need to use it. That's why you *have to* pass > >it back to the smartcard if you call other SC_* functions. > > More to the point, *where* do the SC_* functions store their own state, > if not in SmartcardState? The spec forbids global variables. The only > other way I see to quasi-meet that requirement is to hold a "static RSA > * rsa" in the file implementing SC_*. Whether that meets the spec or > not depends upon your definition of "global variables." The SmartcardState is the *only* place you are allowed to store the state of your smartcard (since global variables are not allowed). Storing state information in a file is not a good idea because libsmartcard.so can be loaded simultaneously by multiple applications. You *shoudl* use SmartcardState to store objects and state information. Having state stored in SmartcardState is mainly for efficienty. You can create RSA* from scratch every time one of the SC_* functions is called. > It seems to me that the reason to avoid global variables and instead use > SmartcardState is to ensure the re-entrancy of the SC_* functions. That > is, there could be multiple threads of control, each using the > smartcard. Lacking a SmartcardState, users of SC_* will interfere with > each other if they simply share a static global (unless the state is > reconstructed each call, as you also note.) Exactly! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 07:42:00 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFg0qB000432 for ; Wed, 24 Mar 2004 07:42:00 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFf3f7005403 for ; Wed, 24 Mar 2004 07:41:03 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2OFf3vj005401 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 07:41:03 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFf3f7005398 for ; Wed, 24 Mar 2004 07:41:03 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2OFf33H005388 for ; Wed, 24 Mar 2004 07:41:03 -0800 Message-Id: <200403241541.i2OFf33H005388@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Degenerate RSA keys Date: Wed, 24 Mar 2004 07:41:03 -0800 From: william@bourbon.usc.edu Someone wrote: > Someone earlier reported that RSA_generate_key() created degenerate keys > with mostly zeros. I have now seen the same thing, where a private key > of length 4 bytes is generated. The RSA structure is valid, and passes > the RSA_check_key() test. I haven't tried encryption / decryption using > it yet, but have no reason to expect those functions will fail. The key > is just extremely weak. > > Now I haven't had a chance to test this on nunki. But on my own > machine, which has a /dev/random entropy source, RSA_generate_key() > consistently shows this behavior. I find nothing on the net describing > this issue. Have you run across it yourself? If not, I'll just > continue to test with it, and see if things get better on nunki. Hmm... I've never seen this! But then again, I haven't called RSA_check_key()! I've only done visual inspection and the private key has always been 128 bytes long. I've done this on Red Hat 9.0 and nunki. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 07:38:18 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFcIqB000376 for ; Wed, 24 Mar 2004 07:38:18 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFbLf7001822 for ; Wed, 24 Mar 2004 07:37:22 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2OFbLIB001820 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 07:37:21 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFbLf7001816 for ; Wed, 24 Mar 2004 07:37:21 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2OFbLhE001806 for ; Wed, 24 Mar 2004 07:37:21 -0800 Message-Id: <200403241537.i2OFbLhE001806@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: query about temp file generation Date: Wed, 24 Mar 2004 07:37:21 -0800 From: william@bourbon.usc.edu Someone wrote: > I have doubt in creation of temporary file. > > I have used mkstemp and fdopen for temp file generation. > > the code is something like : > > FILE *temp; > int fd; > > while(fd = mkstemp(template)) != -1) > . > . > . > . > temp=fdopen(fd,"wb"); > > when i try to put any character in this temp file and print it... > > the output is "255" for all characters. > > value of fd is valid integer i.e. 4 and temp is not NULL I have no idea why this doesn't work. If you are more comfortable with fopen(), then the following should be equivalent: int fd=mkstemp(template); if (fd != (-1)) { FIEL *temp=NULL; close(fd); temp = fopen(fd, "w"); if (temp != NULL) { fprintf(temp, "Hello\n"); fclose(temp); } } I would be really surprised if the above code does work (given that template is filled in correctly, of course). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 07:31:05 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFV5qB032695 for ; Wed, 24 Mar 2004 07:31:05 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFU8f7027468 for ; Wed, 24 Mar 2004 07:30:08 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2OFU8EL027463 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 07:30:08 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFU8f7027460 for ; Wed, 24 Mar 2004 07:30:08 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2OFU8We027456 for ; Wed, 24 Mar 2004 07:30:08 -0800 Message-Id: <200403241530.i2OFU8We027456@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Question regarding the size Date: Wed, 24 Mar 2004 07:30:08 -0800 From: william@bourbon.usc.edu Someone wrote: > just had a basic question, regarding the size of the file.. > i am having a tough time figuring on how do we place the size > of the file after the SHA1 value .. i.e. place it as a hex > string or just keep the integeral value. Hexstring means that you use 1 byte to represent 4 bits of data (and 2 bytes to represent 1 byte of data). And, each byte can only be of 16 values (if only consider lower case strings), namely, '0', '1', '2', ..., '9', 'a', 'b', 'c', 'd', 'e', and 'f'. So, if an input byte is 0x12 (which is 18 decimal), the hexstring representation is "12" (2 bytes, the first byte is '1'==49==0x31, the 2nd byte is '2'==50==0x32). Try the following: gdb (gdb) print 0x12 (gdb) print '1' (gdb) print '9' (gdb) print 'a' (gdb) print 'f' (gdb) quit > ie. for the case where the contents of the file are > "yesnomaybe", the size is 10,should that be represented as > 0x0000000a or just 10. Isn't 0x0000000a == 10? > sorry if its too basic > but please help me out. > right now, i would represent it in the integral value , ie. > use 10 as the size of the file and place that after the SHA1 You need to write the integer out, in network-byte-order (please see the spec regarding network-byte-order and click on the link). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 07:23:56 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFNuqB032537 for ; Wed, 24 Mar 2004 07:23:56 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFMxf7020651 for ; Wed, 24 Mar 2004 07:22:59 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2OFMxVS020649 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 07:22:59 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFMxf7020640 for ; Wed, 24 Mar 2004 07:22:59 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2OFMxJB020636 for ; Wed, 24 Mar 2004 07:22:59 -0800 Message-Id: <200403241522.i2OFMxJB020636@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: file size ? Date: Wed, 24 Mar 2004 07:22:59 -0800 From: william@bourbon.usc.edu Someone wrote: > for editing a file i am able to store and retrieve the hash > and the file size. however this file size is the size of the > data that the user inputs (say yesnomaybe .. size = 10) or > the size of the data that will be finally stored > in the file ? ( in this case 16) > > because for decryption one must retrieve the encrypted part > for the padding also in order to avoid garbling the last 8 > bytes since chaining (cbc) is used in the encrytpion. In order for decryption to obtain the original plaintext, you have to know exactly what size the original plaintext is. Right? (Also, the size of the encrypted data is always file size of the encrypted file minus 24! No need to store that!) -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 07:13:58 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFDwqB032344 for ; Wed, 24 Mar 2004 07:13:58 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFD1f7011085 for ; Wed, 24 Mar 2004 07:13:01 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2OFD1wn011080 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 07:13:01 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OFD1f7011077 for ; Wed, 24 Mar 2004 07:13:01 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2OFD1jc011073 for ; Wed, 24 Mar 2004 07:13:01 -0800 Message-Id: <200403241513.i2OFD1jc011073@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Secret Key Generation Date: Wed, 24 Mar 2004 07:13:01 -0800 From: william@bourbon.usc.edu Someone wrote: > Secret Key Generation its written: > > In you must compute Y=SHA1(X+RB1) and Z=SHA1(Y+RB2), where > + is the concatenation operator. > Let me know what you mean by concatination. > Contactination as in char strings ( we are not dealing with > strings here) ... > Or exoring ( this is more appropriate as we are in security > class :-) ) . If X is in buf1 and RB1 is in buf2 and both buf1 and buf2 are 20 bytes in size, then you need a buffer of 40 bytes in size and put X in the first 20 bytes and RB1 in the last 20 bytes. > Also > The leading 8 bytes of Y should be returned ..... > leading means byte 7-0 of sha1_digest or byte 19,18,17,... > Well both ways its equally good i guess; so it's your call. > tell us what you want us to implement. I've mentioned this at the beginning of the semester (this also works the same in HW1). If you have: char buf[20]; The leading 8 bytes (or the first 8 bytes) are buf[0-7]. You must follow this convension, otherwise, when you calculate MD5 or SHA1 (as in HW1), your result will *not* be the same as OpenSSL. > or do you want us to > document it as a design decision. Which 8 bytes to take is not a design decision. It's part of the spec. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 24 07:08:09 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2OF89qB032251 for ; Wed, 24 Mar 2004 07:08:09 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OF7Cf7005546 for ; Wed, 24 Mar 2004 07:07:12 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2OF7Cej005538 for cs530@merlot.usc.edu; Wed, 24 Mar 2004 07:07:12 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2OF7Cf7005535 for ; Wed, 24 Mar 2004 07:07:12 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2OF7CQO005531 for ; Wed, 24 Mar 2004 07:07:12 -0800 Message-Id: <200403241507.i2OF7CQO005531@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: CS530: Re: unable to encrypt (3DES) Date: Wed, 24 Mar 2004 07:07:12 -0800 From: william@bourbon.usc.edu Someone wrote: > I have the same problem. Even I do not get back the plain > text when I decrypt using DES_ede3_cbc_encrypt(). I do reset > the keysechedules between encrypt and decrypt function calls. > I have spent quite a lot of time trying to figure out > whats wrong. Could you please help? This is pretty much the same as HW1. Anyway, you should probably come see me during office hour. I'm planning on *not* being on campus this Thursday and Friday (to grade the 530 midterm). So, today's office hour is probably your last chance to see me before HW3 is due. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Tuesday, March 23, 2004 10:39 pm Subject: Re: unable to encrypt (3DES) > Someone wrote: > > > Hi Prof, I tried this: > > > > DES_ede3_cbc_encrypt(tempBuffer, tempEncBuf, 8, > > &DESkey1, &DESkey2, > > &DESkey3, &iv, 1); > > DES_ede3_cbc_encrypt(tempEncBuf, tBuf, 8, > > &DESkey1, &DESkey2, > > &DESkey3, &iv, 0); > > but it still give me garbage, all buffers are 8 in size and had been > > preallocated.but still does not work, help, i can't believe i'm still > here > > doing 3DES. Thank you > > I hope you have reset the key schedules (by calling > DES_set_key()) above between the 2 calls to > DES_ede3_cbc_encrypt(). > > If you can't even get this simple case to work, you > should probably come see me during office hour. > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 23 23:12:01 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2O7C1qB023237 for ; Tue, 23 Mar 2004 23:12:01 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2O7B5f7003283 for ; Tue, 23 Mar 2004 23:11:05 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2O7B5Ye003281 for cs530@merlot.usc.edu; Tue, 23 Mar 2004 23:11:05 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2O7B5f7003278 for ; Tue, 23 Mar 2004 23:11:05 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2O7B5Ax003274 for ; Tue, 23 Mar 2004 23:11:05 -0800 Message-Id: <200403240711.i2O7B5Ax003274@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Verification of RSA Key Date: Tue, 23 Mar 2004 23:11:05 -0800 From: william@bourbon.usc.edu Someone wrote: > RSA_check_key(RSA*) returns 1 if rsa is a valid RSA key, and > 0 otherwise. Now I am populating the rsa structure with the > data given in the secret.c provided(of course after doing > hex->bignum conversions). Do you mean bin->bignum conversion? The data in HW3_rsa_private_key[] is *binary* and not hexstring! > I am settting n,d and e in RSA structure before passing the > RSA structure to the RSA_check_key() function. But I get > segmentation fault in the call to RSA_check_key(). Am I > missing out on setting some other member of the RSA > structure? The man pages of RSA_check_key() says that it checks things such as if n=p*q! Clearly, if you only fill n, d, and e, then p and q are invalid. So, don't call it (unless you are in hw3 and you just finished calling RSA_generate_key(). -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Mar 23 23:05:49 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2O75nqB023064 for ; Tue, 23 Mar 2004 23:05:49 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2O74rf7029739 for ; Tue, 23 Mar 2004 23:04:53 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2O74rjk029737 for cs530@merlot; Tue, 23 Mar 2004 23:04:53 -0800 Date: Tue, 23 Mar 2004 23:04:53 -0800 From: william@bourbon.usc.edu Message-Id: <200403240704.i2O74rjk029737@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: in case your EDITOR is emacs... Hi, If your EDITOR is emacs and if you type "yesnomaybe" and save the temporary file, the temporary file is only 10 bytes long. I've just added what the encrypted file should look at for this 10 byte file at the end of the HW3 spec. I named the encrypted file "yesnomaybe.10.hw3", where 10 means 10 bytes long. The hexdump of the file is in "yesnomaybe.10.hw3.txt". -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 23 22:40:40 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2O6eeqB022500 for ; Tue, 23 Mar 2004 22:40:40 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2O6djf7005422 for ; Tue, 23 Mar 2004 22:39:45 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2O6djZS005420 for cs530@merlot.usc.edu; Tue, 23 Mar 2004 22:39:45 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2O6dif7005417 for ; Tue, 23 Mar 2004 22:39:44 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2O6diDC005413 for ; Tue, 23 Mar 2004 22:39:44 -0800 Message-Id: <200403240639.i2O6diDC005413@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: unable to encrypt (3DES) Date: Tue, 23 Mar 2004 22:39:44 -0800 From: william@bourbon.usc.edu Someone wrote: > Hi Prof, I tried this: > > DES_ede3_cbc_encrypt(tempBuffer, tempEncBuf, 8, > &DESkey1, &DESkey2, > &DESkey3, &iv, 1); > DES_ede3_cbc_encrypt(tempEncBuf, tBuf, 8, > &DESkey1, &DESkey2, > &DESkey3, &iv, 0); > but it still give me garbage, all buffers are 8 in size and had been > preallocated.but still does not work, help, i can't believe i'm still here > doing 3DES. Thank you I hope you have reset the key schedules (by calling DES_set_key()) above between the 2 calls to DES_ede3_cbc_encrypt(). If you can't even get this simple case to work, you should probably come see me during office hour. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 23 22:35:26 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2O6ZQqB022376 for ; Tue, 23 Mar 2004 22:35:26 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2O6YUf7032745 for ; Tue, 23 Mar 2004 22:34:30 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2O6YUuX032737 for cs530@merlot.usc.edu; Tue, 23 Mar 2004 22:34:30 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2O6YUf7032734 for ; Tue, 23 Mar 2004 22:34:30 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2O6YUle032724 for ; Tue, 23 Mar 2004 22:34:30 -0800 Message-Id: <200403240634.i2O6YUle032724@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: significance of Smartcardstate pss Date: Tue, 23 Mar 2004 22:34:30 -0800 From: william@bourbon.usc.edu Someone wrote: > You might have answered this question before and I've gone thru > all your mails but still here is sth that I dont understand. > Please be kind enough to explain me this. > > As you said: "the SmartcardState can be NULL. So, you don't > *have to* have it point to a RSA structure" > > So, we should read values from secret.c and fill (RSA*) structure > and use it for calling RSA_functions in openssl lib. We'll be > doing this in the implementation of functions in the interface > i.e. SC_3des_key_gen() and SC_sign(). Well, SC_3des_key_gen() doesn't need (RSA*) structure. You only need to create the (RSA*) structure for the functions that need it. > Now, what I dont understand is if we are reading all the > necessary values (i.e. e,d,n, random_no1, random_no2) from > secret.c directly, then why there is this first argument > "SmartcardState pSS" in all the functions defined in the > interface. Do we really need it or use it?? Someone might want to use it. If you don't, it's okay too. When you are using someone else's smartcard, you have no idea if they need to use it. That's why you *have to* pass it back to the smartcard if you call other SC_* functions. > Because, it may or may not(in case, where u dont use secret > command and use yr own secret.c) contain the values in secret.c, > it's hard for me to understand the significance of that first > arg. > > Please clarify. If you create the (RSA*) structure on every call to any of the SC_* functions, it's more secure, but it's less efficient. Someone else's smartcard may be faster than yours because they create (RSA*) in SC_init() and count on your application to pass it in when you call the other SC_* functions. Your application must not assume *anything* about the SmartcardState but should just pass it around according to the spec. Others who implemented their smartcards according to the spec has to right to expect that you will pass the SmartcardState around in the right way. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 23 22:28:13 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2O6SDqB022252 for ; Tue, 23 Mar 2004 22:28:13 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2O6RHf7025779 for ; Tue, 23 Mar 2004 22:27:17 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2O6RHY0025771 for cs530@merlot.usc.edu; Tue, 23 Mar 2004 22:27:17 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2O6RHf7025768 for ; Tue, 23 Mar 2004 22:27:17 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2O6RHp7025764 for ; Tue, 23 Mar 2004 22:27:17 -0800 Message-Id: <200403240627.i2O6RHp7025764@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: unable to encrypt (3DES) Date: Tue, 23 Mar 2004 22:27:17 -0800 From: william@bourbon.usc.edu Someone wrote: > Hi prof, I know you don't want to be bugged with function related question, > but I've been working on this problem since yesterday, until now, and > eventhough I have not post this question on the newsgroup, but the newsgroup > does not seem to grow, I hope you'll help me, well, the question is: i cannot > get the original data back when decrypting the encrypted file using 3DES, with > the same key, here is my code : > > //I already set the parity bit previously > DES_key_schedule DESkey1, DESkey2, DESkey3; > DES_set_key(&key1, &DESkey1);// where key1 is a char * set by SC_3des_key_gen > //.... all other key setting > DES_ede3_cbc_encrypt(fileBufferWithZeroPad, EncryptBuffer, filesizePlusZeros, > &DESkey1, &DESkey2, > &DESkey3, &iv, 1); > > //EncryptBuffer is preallocated mem of type char*, > //same size as the fileBufferWithZeroPad > > //just for debuging purposes: > //immidiately follow this code is the decryption. > //I should get the contents of the file back > And then I tried to decrypt using: > > DES_ede3_cbc_encrypt(EncryptBuffer, result, filesizePlusZeros, > &DESkey1, &DESkey2, > &DESkey3, &iv, 0); //using the same key > > //the result is garbage, only the last 2 bytes is correct. also, I did the > zero padding > //before I encrypt the file, so filesizePlusZeros is (the actual > filesize+amount of zeros) > //if you want to delete some part for the public use, its ok. > > since yesterday I cannot get the original file back, even if the keys and all > the buffers are correct, so please help me, I'm so comfused. I'm not understanding what is the problem. When you are in trouble, a good way to go is to try simple stuff. For example, if the input is 8 bytes, can you call DES_ede3_cbc_encrypt() with enc=1 and then call DES_ede3_cbc_encrypt() with enc=0, do you get the original data back? (Don't put the 8 bytes into a file, just do something like: char buf[8]; buf[0]=(char)(0x12); buf[1]=(char)(0x34); buf[2]=(char)(0x56); buf[3]=(char)(0x78); ... buf[6]=(char)(0xde); buf[7]=(char)(0xf0); If this works, then try to encrypt with a single byte. If that works, try 2 bytes, etc. At certain point, you code will fail. Then you know exactly when it starts to fail, that might help you to determin what went wrong. By the way, please remember that there is a buffer size limit of 4096 bytes. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 23 16:25:28 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2O0PSqB015617 for ; Tue, 23 Mar 2004 16:25:28 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2O0OXf7017702 for ; Tue, 23 Mar 2004 16:24:33 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2O0OXbp017700 for cs530@merlot.usc.edu; Tue, 23 Mar 2004 16:24:33 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2O0OXf7017697 for ; Tue, 23 Mar 2004 16:24:33 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2O0OXeG017693 for ; Tue, 23 Mar 2004 16:24:33 -0800 Message-Id: <200403240024.i2O0OXeG017693@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: cs530 hw3: interfacing with RSA objects Date: Tue, 23 Mar 2004 16:24:33 -0800 From: william@bourbon.usc.edu Someone wrote: > In the man pages for the RSA structure it is recommended that > users make use of API and functions to modify the BIGNUM members. > I have not been able to find any functions that do this. I am > pretty sure that I am creating my BIGNUMs correctly from the > values in secret.c, but I am not sure if my setting the RSA > members explicitly is what is causing my problems. I am > initializing my RSA structure using RSA_new(). Can you please > let me know if there is a specific function used to set RSA > members or if doing this explicitly is ok? You should do: RSA *rsa=RSA_new(); rsa->d = BN_... rsa->n = BN_... That's it! You don't need to set other members of rsa! At this point, you can call RSA_private_encrypt(). If you want to call RSA_public_decrypt(), then you only need to set rsa->e and rsa->n. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 23 14:21:59 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2NMLxqB013339 for ; Tue, 23 Mar 2004 14:21:59 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NML4f7002447 for ; Tue, 23 Mar 2004 14:21:04 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2NML3do002445 for cs530@merlot.usc.edu; Tue, 23 Mar 2004 14:21:03 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NMKrf7002367 for ; Tue, 23 Mar 2004 14:21:03 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2NMKXDi002237 for ; Tue, 23 Mar 2004 14:20:53 -0800 Message-Id: <200403232220.i2NMKXDi002237@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: edit Date: Tue, 23 Mar 2004 14:20:33 -0800 From: william@bourbon.usc.edu Someone wrote: > I tried to call the function FILE *fin = (FILE *)mkstemp(tempFilename); since > the man command says that it returns a file descriptor, which i'm guessing > that its the pointer. well, i tried to write something on it and it does not > work, so please tell me what is a file descriptor? or should I use > mkdir("/auto/.../tmp/", 0700); instead? If you don't know what a file descriptor is, you should read a beginner's UNIX book or search for answers in the Internet or ask for help in the class newsgroup. A file descriptor is *not* compatible with FILE*, so type-casting will not work. > also, in the man description there is something that says I should have 6 > trailing 'X's, which I already did, and it automatically change the X's with > some other string, but what if the person save the tempfile with a different > file name? I might just remove the trailing 6 chars, Please figure this out yourself, or look for help in the class newsgroup. > One other thing, if the directory is already exists, there should be no msg > saying" mkdir: fail to create dir tmp/ file already exist", this is correct > right? because the -m 0700 does not elliminate that message. but -p does, I don't know why you would want to create a directory if it's already there. Check if it's there first. Please don't ask me basic questions like this! You should be able to figure out the answer yourself. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 23 14:16:21 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2NMGLqB013247 for ; Tue, 23 Mar 2004 14:16:21 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NMFQf7032733 for ; Tue, 23 Mar 2004 14:15:26 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2NMFQAf032725 for cs530@merlot.usc.edu; Tue, 23 Mar 2004 14:15:26 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NMFQf7032722 for ; Tue, 23 Mar 2004 14:15:26 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2NMFQqd032718 for ; Tue, 23 Mar 2004 14:15:26 -0800 Message-Id: <200403232215.i2NMFQqd032718@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: edit path Date: Tue, 23 Mar 2004 14:15:26 -0800 From: william@bourbon.usc.edu Someone wrote: > Hi prof, You've mention that we're not supposed to add anything that the user > save in the file, but, in your example in the homepage, you show that you > append '\n' at the back making 'yesnomaybe', which is a 10 bytes char, becomes > 11 bytes, I tried to edit using my program without adding anything in the > saved file, the result is that 10 bytes only, so it differ from the example. > Thus, give different sha1 value, thank you The '\n' was added by "vi". If you use a differnt editor, your result may be different. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 23 14:10:25 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2NMAPqB013132 for ; Tue, 23 Mar 2004 14:10:25 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NM9Uf7030388 for ; Tue, 23 Mar 2004 14:09:30 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2NM9U6H030386 for cs530@merlot.usc.edu; Tue, 23 Mar 2004 14:09:30 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NM9Uf7030383 for ; Tue, 23 Mar 2004 14:09:30 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2NM9UZc030379 for ; Tue, 23 Mar 2004 14:09:30 -0800 Message-Id: <200403232209.i2NM9UZc030379@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: problem getting started Date: Tue, 23 Mar 2004 14:09:30 -0800 From: william@bourbon.usc.edu Someone wrote: > I cant get a clear picture of the flow of execution in the program. You said, > the application and smartcard we generate should work with someone else's > smartcard and application respectively. What's not clear about this? You ask another student to put his/her libsmartcard.so in his/her ~/lib directory and chmod that directory to 755. Let's say his login name is tommy. Then you can do: hw3 -so ~tommy/lib/libsmartcard.so ... You can also do the same with your libsmartcard.so. > Also you said, in functions like "sign" and "verify" we should create and fill > (RSA*) by reading from secret.c. And we are passing smartcardState(pss) as the > first arg of these functions. So I was just confused that shouldnt we use that > pss to generate and fill (RSA*) instead. the SmartcardState can be NULL. So, you don't *have to* have it point to a RSA structure. Please check the HW3 spec again. There has been many modifications and hints added since the beginning. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 23 14:06:12 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2NM6CqB013042 for ; Tue, 23 Mar 2004 14:06:12 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NM5Hf7028771 for ; Tue, 23 Mar 2004 14:05:17 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2NM5Hjc028769 for cs530@merlot.usc.edu; Tue, 23 Mar 2004 14:05:17 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NM5Hf7028766 for ; Tue, 23 Mar 2004 14:05:17 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2NM5HpF028762 for ; Tue, 23 Mar 2004 14:05:17 -0800 Message-Id: <200403232205.i2NM5HpF028762@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: lib and tmp directory Date: Tue, 23 Mar 2004 14:05:17 -0800 From: william@bourbon.usc.edu Someone wrote: > For the lib directory > --------------------- > Do we have to create a directory in our home directory with the name "lib" > before hand or do we have to create it from the program? Huh?! Are you serious? Please think about what you are asking before you put it in writing. After you put it in writing, look it over and see if it still make sense. > Also if "-so sopath" is specified then we pick up the ./libsmartcard.so file > but if it is not there we are supposed to pick up the file from the lib > directory. If a user enters the wrong path in the commandline, you should alert the user and not look elsewhere. > Now where from a libsmartcard.so file would come up in the lib > directory.Do we assume that a libsmartcard.so file exists OR do we place the > same libsmartcard.so that we have created.Please correct if I am going wrong > anywhere. I have no idea what you are asking here. Please think what are reasonable answers and if there is only one, most likely it's the right answer. > For the tmp directory > ---------------------- > Do we have to create it before hand or in the program? This should be very clear from my previous messages. > Also if we use > mkstemp(), then how do we destroy the temporary file. "man -s 2 unlink". > Also are we going to have any more assignments? If yes then would it be > programming or theory based? This has just been answered in class on Monday. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 23 11:33:18 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2NJXIqB010258 for ; Tue, 23 Mar 2004 11:33:18 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NJWNf7002772 for ; Tue, 23 Mar 2004 11:32:23 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2NJWN7j002770 for cs530@merlot.usc.edu; Tue, 23 Mar 2004 11:32:23 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NJWNf7002766 for ; Tue, 23 Mar 2004 11:32:23 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2NJWLF5002747 for ; Tue, 23 Mar 2004 11:32:23 -0800 Message-Id: <200403231932.i2NJWLF5002747@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: question hw3 Date: Tue, 23 Mar 2004 11:32:21 -0800 From: william@bourbon.usc.edu Someone wrote: > I was just wondering if you could test the hw without first calling "hw3 > secret secret.c" command. Instead, you could use you own secret.c and call > "sign" and "verify" commands. I *could*. But I *could* also run "hw3 secret secret.c" first. You really shouldn't have control over how I grade! That would be unfair to other students. Remember, my policy is that I must treat everyone equally. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 23 10:46:33 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2NIkXqB008868 for ; Tue, 23 Mar 2004 10:46:33 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NIjcf7016505 for ; Tue, 23 Mar 2004 10:45:38 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2NIjcen016503 for cs530@merlot.usc.edu; Tue, 23 Mar 2004 10:45:38 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NIjcf7016500 for ; Tue, 23 Mar 2004 10:45:38 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2NIjcAJ016496 for ; Tue, 23 Mar 2004 10:45:38 -0800 Message-Id: <200403231845.i2NIjcAJ016496@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: error in getting function pointers Date: Tue, 23 Mar 2004 10:45:38 -0800 From: william@bourbon.usc.edu Someone wrote: > I'm having problems in calling the functions of the > libsmartcard.so. When I load the library using > > handle = dlopen("libsmartcard.so", RTLD_NOW); > > the handle of the library gets obtained successfully (I have > verified at using gdb). But the function pointers of the > library cannot be obtained. When I try the following > > pfn_init = (SC_Init_Func*)dlsym(handle,"SC_init"); > > and the subsequent calls to obtain function pointers, it > gives me the error (using dlerror()) as I have pasted below. > > I'm using C++ to generate the secret file, g++ to compile the > files (using - Wall as well). Right now, the code generates > no warnings. $LD_LIBRARY_PATH includes ".". > > This may be unrelated but just for the sake of completeness > I was getting an error while compiling hw3.cpp on the line > where I had included "scintrf.h". > The error was > "SHA_DIGEST_LENGTH not defined in this context"! > I don't understand what is going wrong :-? Have you included "" before you include "scintrf.h"? > > > bash-2.05b$ hw3 sign > (null)ld.so.1: hw3: fatal: SC_init: can't find symbol > Error : Unable to obtain SC_init handle > ld.so.1: hw3: fatal: SC_cleanup: can't find symbol > Error : Unable to obtain SC_cleanup handle > > > bash-2.05b$ nm libsmartcard.so | grep SC_ > [96] | 4560| 60|FUNC |GLOB |0 |12 |SC_cleanup > [145] | 4620| 332|FUNC |GLOB |0 |12 |SC_get_signature_size > [104] | 4436| 124|FUNC |GLOB |0 |12 |SC_init > [121] | 4952| 656|FUNC |GLOB |0 |12 |SC_sign > > bash-2.05b$ nm libsmartcard.so | grep RS > [106] | 0| 0|NOTY |GLOB |0 |UNDEF |RSA_free > [109] | 0| 0|NOTY |GLOB |0 |UNDEF |RSA_generate_key > [128] | 0| 0|NOTY |GLOB |0 |UNDEF |RSA_new > [122] | 0| 0|NOTY |GLOB |0 |UNDEF |RSA_private_encrypt > [98] | 0| 0|NOTY |GLOB |0 |UNDEF |RSA_size > > If you look a the sample code "hw3.c", you will see the following line: handle = dlopen("./libsmartcard.so", RTLD_NOW|RTLD_GLOBAL); I think the problem you are seeing is that you've picked up libsmartcard.so in /usr/lib! So, put a './' in front of it! This also means that when you run hw3, you should do: hw3 -so ./libsmartcard.so ... -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 23 10:37:15 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2NIbFqB008584 for ; Tue, 23 Mar 2004 10:37:15 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NIaKf7012908 for ; Tue, 23 Mar 2004 10:36:20 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2NIaKDl012906 for cs530@merlot.usc.edu; Tue, 23 Mar 2004 10:36:20 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NIaKf7012903 for ; Tue, 23 Mar 2004 10:36:20 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2NIaKom012899 for ; Tue, 23 Mar 2004 10:36:20 -0800 Message-Id: <200403231836.i2NIaKom012899@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: edit path Date: Tue, 23 Mar 2004 10:36:20 -0800 From: william@bourbon.usc.edu Someone wrote: > Hi prof! this is me again, just to clarify, the temp file is > always at $HOME/tmp/ directory, and delete the directory too > when we remove the temp file? You should *never* remove a directory from your program, any directory. > also, does not matter what we > enter when editing the file, for instance, if we enter a 45 > bytes long, we append '\n' at the end, so it becomes 46 bytes > long, is this correct? No. You let your editor do whatever it does. You do *not* want to modify a single bit in the data generated by the editor. The idea is that when you decrypt, you will produce a file that was *exactly* the same as the one generated by the editor. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 23 10:34:35 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2NIYZqB008537 for ; Tue, 23 Mar 2004 10:34:35 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NIXef7011859 for ; Tue, 23 Mar 2004 10:33:40 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2NIXe0E011857 for cs530@merlot.usc.edu; Tue, 23 Mar 2004 10:33:40 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NIXef7011854 for ; Tue, 23 Mar 2004 10:33:40 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2NIXe9n011850 for ; Tue, 23 Mar 2004 10:33:40 -0800 Message-Id: <200403231833.i2NIXe9n011850@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: edit existing file Date: Tue, 23 Mar 2004 10:33:40 -0800 From: william@bourbon.usc.edu Someone wrote: > Hi prof! If we edit a file that is exist, we should always > assume that the file is encrypted, is this correct? so if the > file is not encrypted, such as the yesterday.txt it should > give me a garbage. because, its pretty hard to know if the > file is encrypted or not. If you are doing "hw3 edit", you *always* assume that the file is encrypted and in the correct format. You should try hard *not to crash* if the files is not in the right format. If for *any* reason your program seg faulted during grading, you will lost points! (If emacs or vi crashes, then it's not your fault and you won't lose points.) -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 23 10:30:22 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2NIUMqB008456 for ; Tue, 23 Mar 2004 10:30:22 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NITRf7010216 for ; Tue, 23 Mar 2004 10:29:27 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2NITR4C010214 for cs530@merlot.usc.edu; Tue, 23 Mar 2004 10:29:27 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NITRf7010211 for ; Tue, 23 Mar 2004 10:29:27 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2NITRC4010207 for ; Tue, 23 Mar 2004 10:29:27 -0800 Message-Id: <200403231829.i2NITRC4010207@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Typo in the previous mail Date: Tue, 23 Mar 2004 10:29:27 -0800 From: william@bourbon.usc.edu Someone wrote: > I meant that we dont have any tmp directory nor do we have > any lib directory . Then what does $HOME/lib/libsmartcard.so > file will come from?? "man -s 2 mkdir". -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 23 10:19:40 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2NIJeqB008111 for ; Tue, 23 Mar 2004 10:19:40 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NIIjf7005948 for ; Tue, 23 Mar 2004 10:18:45 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2NIIjQt005946 for cs530@merlot.usc.edu; Tue, 23 Mar 2004 10:18:45 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NIIjf7005943 for ; Tue, 23 Mar 2004 10:18:45 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2NIIj9G005939 for ; Tue, 23 Mar 2004 10:18:45 -0800 Message-Id: <200403231818.i2NIIj9G005939@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: edit Date: Tue, 23 Mar 2004 10:18:45 -0800 From: william@bourbon.usc.edu Someone wrote: > I have the followong queries > > 1. > I just wanted to confirm about my understanding of the edit > command: > > We call the "hw3 edit foo.txt" where foo.txt does not exist .It > opens a emacs editor and then the user enters some data and > closes it. Now we encrypt foo.txt and store the result (with the > SHA and length of file foo.txt) back in foo.txt. Correct; except the part about "encrypt foo.txt". You create a file in ~/tmp and encrypt that file and have the output goes to "foo.txt". Then you delete the file in ~/tmp. > Now when i call "hw3 edit foo.txt" again (which now is the > encrypted file) I strip the SHA and the length and decrypt the > remaining data into a file, say "abc.txt" (which is in the same > directory as the working directory. Is this fine or does it have > to be in tmp directory. I have done this because at the end i > destroy the file abc.txt), and open the file abc.txt with the > decrypted output in emacs again. No. You should create the file in ~/tmp using mkstemp(). You should *never* use the hardcoded name in your current working directory! > Now the user can modify abc.txt and if it is modified then the > file is again encrypted (with the new SHA and the length) and > placed in the file foo.txt (and not abc.txt) and destroy the file > abc.txt. If it is not modified then only destry the file abc.txt > and end the program. See above about ~/tmp. > 2. > Can you please give us an example of the case " hw3 sign -so path > foo.txt" So that we can check the program with that case too. > > Also what does $HOME/tmp directory mean . I dont have any such > directory in my account.Do i have to make one?? $HOME is the "HOME" environment variable. You can do the following to get it: char *homedir=getenv("HOME"); if (homedir != NULL) { ... } You should check if the directory exists. If not, call mkdir() with the mode argument being 0700. > 3. > Now about the grading.What is the order of the commands that the > grader would give.I ask this because before calling "make all" > ,the grader must call "make hw3" and then call "hw3 secret > secret.c" because for make all we need a secret.c file which is > generated only after the above 2 commands. (or if you insist on > make all first then we would have to send a generated secret.c > for the first time so that there is no compilation error) The grader knows what order to run things. > P.S. There were a lot of changes in hw1 grades. Can you please > send the average for hw1 again so that we know our standing. Here's what I have so far: Count = 43 Avg = 84.38 StdDev = 14.46 Max = 100.00 Min = 26.25 22 90+ XXXXXXXXXXXXXXXXXXXXXX 9 80+ XXXXXXXXX 6 70+ XXXXXX 4 60+ XXXX 1 50+ X 0 40+ 0 30+ 1 20+ X -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 23 10:03:20 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2NI3JqB007755 for ; Tue, 23 Mar 2004 10:03:20 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NI2Pf7032143 for ; Tue, 23 Mar 2004 10:02:25 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2NI2P8q032141 for cs530@merlot.usc.edu; Tue, 23 Mar 2004 10:02:25 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2NI2Pf7032138 for ; Tue, 23 Mar 2004 10:02:25 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2NI2PsW032134 for ; Tue, 23 Mar 2004 10:02:25 -0800 Message-Id: <200403231802.i2NI2PsW032134@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: problem understanding the significance of secret.c Date: Tue, 23 Mar 2004 10:02:25 -0800 From: william@bourbon.usc.edu Someone wrote: > I am confused with the significance of secret.c file. In one > of your mails you said: > > What should be sent for the RSA *rsa parameter because if we use > > the same RSA tht we used to create the secret then there would be > > no use of having the secret in the file secret.c. > > YOUR WROTE: > ----------------------------------------------------- > You need to build the (RSA*) data structure from the > data in "secret.c". So, you should call RSA_new() first > to allocate the data structure. Then you should fill > out *enough* of the fields there from the data in "secret.c". > --------------------------------------------------------------- > > But secret.c is also ultimately generated from the (RSA*) > that we generated in SC_init(void) function. This is how I > generated secret.c: > > In SC_init(void) function, > 1. I allocated memory for an RSA structure say rsa_struct. > 2. I called rsa_struct=RSA_generate_key(1024, 65537, NULL,NULL); > 3. return (SmartcardState)rsa_struct; > > Now, in hw3.c when command == "secret", I'm just fetching > e,d,n values from this returned rsa_struct and creating > random values for random_no1 & random_no2. This 5 values make > my smartcard_struct. Write all these values in secret.c. > > NOW HERE IS MY QUESTION: > > For subsequent calls for SIGN and VERIFY, I'd use the pointer > to my smartcard_struct. In the implementation of SC_interface > functions, I'd extract (e,d,n) values from that struct and as > you said, using RSA_new() I can create another (RSA*) and > fill these values in; and can use that structure for call to > RSA_functions of openssl lib. THEN, WHERE AM I SUPPOSED TO USE > secret.c?? Where this file gets used then? > > I think, there is something wrong in the way I am > implementing the structures or may be I didn't get a sensible > flow of execution. > > Please do explain me where am I wrong. I have spent > considerable amount of time understanding what is going on. You got the procedure all wrong! This is what you need to do: make hw3 hw3 secret secret.c make smartcard openssl sha1 usctommy.gif hw3 -so libsmartcard.so sign usctommy.gif > ds.txt hw3 -so libsmartcard.so verify ds.txt > sha1.txt openssl sha1 file2 hw3 -so libsmartcard.so sign file2 | hw3 -so libsmartcard.so verify openssl sha1 file3 hw3 -so libsmartcard.so sign file3 | hw3 -so libsmartcard.so verify openssl sha1 file4 hw3 -so libsmartcard.so sign file4 | hw3 -so libsmartcard.so verify openssl sha1 file5 hw3 -so libsmartcard.so sign file5 | hw3 -so libsmartcard.so verify ... hw3 -so libsmartcard.so edit fee hw3 -so libsmartcard.so edit fee hw3 -so libsmartcard.so edit fie hw3 -so libsmartcard.so edit fie hw3 -so libsmartcard.so edit foe hw3 -so libsmartcard.so edit foe hw3 -so libsmartcard.so edit fun hw3 -so libsmartcard.so edit fun ... I've just added the above in the HW3 spec. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Mar 22 22:30:00 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2N6U0qB026480 for ; Mon, 22 Mar 2004 22:30:00 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2N6T7f7023641 for ; Mon, 22 Mar 2004 22:29:07 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2N6T7FY023639 for cs530@merlot.usc.edu; Mon, 22 Mar 2004 22:29:07 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2N6T7f7023636 for ; Mon, 22 Mar 2004 22:29:07 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2N6T7ZW023632 for ; Mon, 22 Mar 2004 22:29:07 -0800 Message-Id: <200403230629.i2N6T7ZW023632@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Verify Date: Mon, 22 Mar 2004 22:29:07 -0800 From: william@bourbon.usc.edu Someone wrote: > Hi Prof! I know the use of SC_public_query, but since we have > the smartcardstate, can we just use smartcardstate's private > and public keys, since its basically RSA *? why are we > supposed to gain the n and e again? Because you don't know if SmartcardState is of type (RSA*). The spec just say (void*) and it can be anything. In class today, I mentioned that it can even be NULL! So, what am I going to use to test your code? Hmm... If I use a C++ object with one of it's member being a pointer to RSA, you will have no idea I did that. Then when you typecast my C++ object to RSA* and call any of those RSA functions, I bet your code would crash. Better yet, instead of using a C++ object, I just return NULL from my smartcard. Now, you will crash for sure if you expect it to point to a valid (RSA*) structure. Either way I implement my smartcard, I'm within spec! So, you'll lose a few points. No big deal! Right? -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Mar 22 21:53:56 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2N5ruqB025774 for ; Mon, 22 Mar 2004 21:53:56 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2N5r3f7021345 for ; Mon, 22 Mar 2004 21:53:03 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2N5r3J6021343 for cs530@merlot.usc.edu; Mon, 22 Mar 2004 21:53:03 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2N5r2f7021340 for ; Mon, 22 Mar 2004 21:53:02 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2N5r2RN021336 for ; Mon, 22 Mar 2004 21:53:02 -0800 Message-Id: <200403230553.i2N5r2RN021336@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Different signature everytime Date: Mon, 22 Mar 2004 21:53:02 -0800 From: william@bourbon.usc.edu Someone wrote: > there is no segmentation fault now, but now when i digitally > sign something a new sign is generated every time with same > secret.c i have printed in smartcard.c the d,e,n values which > are same as in secret.c also the hash value same as that > produced while sending the value... also after > > digsign=RSA_private_encrypt(20,sha1_buf,buf_return,sig, > RSA_PKCS1_PADDING); What's sig? Is it of type (RSA*)? > i am doing the foll > > fprintf(stderr, "error code = %lu", ERR_get_error()); > this gives error code=0 > > also digsign has value=128, but only once in abt 20 tries was > digsign=-1 > > and once again if i were to use sample secret.c everything > seems to be in order... > can u suggest what other testing i can perform?? I though you said that if you use my "secret.c" it works every time. If that's still the case, I would replace part of your "secret.c" with mine and see at which point do you start getting the same result every time. If your code is not working with my "secret.c", I can only guess that you are not setting up the RSA* object correctly. Another thing I guess you can try (I've never done this) is to use very small values of d, e, and n from the lecture! Then you know exactly what should happen when you call RSA_private_encrypt(). (I don't know if this works. I guess in theory, it should work. If you are running out of options, might as well give this a try.) -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Mar 22 21:47:25 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2N5lPqB025636 for ; Mon, 22 Mar 2004 21:47:25 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2N5kVf7015100 for ; Mon, 22 Mar 2004 21:46:31 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2N5kVJJ015098 for cs530@merlot.usc.edu; Mon, 22 Mar 2004 21:46:31 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2N5kVf7015095 for ; Mon, 22 Mar 2004 21:46:31 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2N5kVgY015091 for ; Mon, 22 Mar 2004 21:46:31 -0800 Message-Id: <200403230546.i2N5kVgY015091@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: 3DES Version Date: Mon, 22 Mar 2004 21:46:31 -0800 From: william@bourbon.usc.edu Someone wrote: > Just to make sure, are we to use Triple ECB Mode or Triple > CBC Mode for 3DES encryption/decryption? I would assume CBC > mode for more security. In the Miscellaneous section of the HW3 spec, it says: For triple-DES encryption and decryption, please use DES_ede3_cbc_encrypt(). I'm not sure why you said ECB! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Mar 22 19:56:26 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2N3uQqB023538 for ; Mon, 22 Mar 2004 19:56:26 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2N3tXf7005883 for ; Mon, 22 Mar 2004 19:55:33 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2N3tXDp005878 for cs530@merlot.usc.edu; Mon, 22 Mar 2004 19:55:33 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2N3tXf7005872 for ; Mon, 22 Mar 2004 19:55:33 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2N3tXHu005868 for ; Mon, 22 Mar 2004 19:55:33 -0800 Message-Id: <200403230355.i2N3tXHu005868@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: sopath Date: Mon, 22 Mar 2004 19:55:33 -0800 From: william@bourbon.usc.edu Someone wrote: > Just a quick question regarding the sopath. Do you expect to > give the full path to file after the -so argument like > ">hw3 -so /usr/lib/libsmartcard.so sign myfile" or are you > planning on just giving the path without the file > name (">hw3 -so /usr/lib sign myfile")? It will be the path (and not the directory). So, potentially, it could be libXYZ.so. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Mar 22 19:51:29 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2N3pTqB023408 for ; Mon, 22 Mar 2004 19:51:29 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2N3oaf7001023 for ; Mon, 22 Mar 2004 19:50:36 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2N3oaHP001021 for cs530@merlot.usc.edu; Mon, 22 Mar 2004 19:50:36 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2N3oZf7001018 for ; Mon, 22 Mar 2004 19:50:35 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2N3oZOU001014 for ; Mon, 22 Mar 2004 19:50:35 -0800 Message-Id: <200403230350.i2N3oZOU001014@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: dlclose() error Date: Mon, 22 Mar 2004 19:50:35 -0800 From: william@bourbon.usc.edu Someone wrote: > there seems to be a problem closing the handle. Even if i run > the basic set of programs given initially and do a check of > dlerror() after i do a dlclose there is an error. > this is what i did after dlclose(handle) > > if(dlerror()== NULL) > { > printf("No prob"); > } > else > { > printf("Here is the prob"); > } > > and i am getting Here is the prob. am i checking for the > error properly? coz anything i try to do after results in a > segmentation fault. You should do: handle = dlopen(...) if (handle == NULL) { fprintf(stderr, "%s", dlerror()); } If you just call dlerror() when your dl function did not fail, you probably get the wrong information. So, only call dlerror() when something failed. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Mar 22 19:40:51 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2N3epqB023119 for ; Mon, 22 Mar 2004 19:40:51 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2N3dwf7023233 for ; Mon, 22 Mar 2004 19:39:58 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2N3dwIA023228 for cs530@merlot; Mon, 22 Mar 2004 19:39:58 -0800 Date: Mon, 22 Mar 2004 19:39:58 -0800 From: william@bourbon.usc.edu Message-Id: <200403230339.i2N3dwIA023228@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: hw3 edit... Hi, As promised during class today, I just finished adding some more stuff at the bottom of the HW3 spec. Hopefully, this will help you to see if you are doing the right thing with "hw3 edit". -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Mar 22 19:38:55 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2N3ctqB023058 for ; Mon, 22 Mar 2004 19:38:55 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2N3c1f7021400 for ; Mon, 22 Mar 2004 19:38:02 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2N3c1Xt021398 for cs530@merlot.usc.edu; Mon, 22 Mar 2004 19:38:01 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2N3c1f7021389 for ; Mon, 22 Mar 2004 19:38:01 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2N3c1vF021385 for ; Mon, 22 Mar 2004 19:38:01 -0800 Message-Id: <200403230338.i2N3c1vF021385@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Testing smartcard Date: Mon, 22 Mar 2004 19:38:01 -0800 From: william@bourbon.usc.edu Someone wrote: > I think it would be nice if you can provide some sample > smartcard and application binary for the testing of > compatibility for homework3. Sorry, but I won't do this. Please get together with other students and do the swap. If things don't match, you should figure out who is right and who is wrong with the other student! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Mar 22 07:30:24 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2MFUOqB009134 for ; Mon, 22 Mar 2004 07:30:24 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2MFTWf7023690 for ; Mon, 22 Mar 2004 07:29:32 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2MFTWY7023688 for cs530@merlot.usc.edu; Mon, 22 Mar 2004 07:29:32 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2MFTWf7023680 for ; Mon, 22 Mar 2004 07:29:32 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2MFTWxq023675 for ; Mon, 22 Mar 2004 07:29:32 -0800 Message-Id: <200403221529.i2MFTWxq023675@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: proposal Date: Mon, 22 Mar 2004 07:29:32 -0800 From: william@bourbon.usc.edu Someone wrote: > You asked that we cite at least three reference papers with our > proposal. Must these citations be from peer-reviewed journals or > conferences, or may they include articles from trade > publications? It does not have to be peer-reviewed. If someone has an extensive writeup on the web, with good technical details, that would be fine too. So, trade publication is fine too, as long as it has enough technical content (and not just an article whose main or hidden purpose is to convince you to buy something). The last part applies to web document too. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Mar 22 07:10:46 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2MFAjqB008539 for ; Mon, 22 Mar 2004 07:10:45 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2MF9rf7004679 for ; Mon, 22 Mar 2004 07:09:53 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2MF9rOE004677 for cs530@merlot.usc.edu; Mon, 22 Mar 2004 07:09:53 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2MF9rf7004674 for ; Mon, 22 Mar 2004 07:09:53 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2MF9rDH004670 for ; Mon, 22 Mar 2004 07:09:53 -0800 Message-Id: <200403221509.i2MF9rDH004670@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Verify Date: Mon, 22 Mar 2004 07:09:53 -0800 From: william@bourbon.usc.edu Someone wrote: > I am getting an error while trying to do the verification part. > When I call RSA_public_decrypt function I get an error saying > "RSA_EAY_PRIVATE_DECRYPT:padding check failed" What I have done > is that I have taken the Hex String from for example > sig.txt....converted each byte (which is actually stored as an > ASCII character) to its actual value (for example 1-->1, A-->10 > etc.) and then converted the 256 byte array to 128 bytes by > taking two consecutive bytes and making a single no out of them. > Then I have fed this 128 bytes to the RSA function where I am > constantly getting this error. But if I give the same string with > RSA_NO_PADDING then it gives no error. What you described sounds right. The question is whether your input is correct (I assume this is the output of your "hw3 sign"). Have you checked against the data I posted in the HW3 spec (at the bottom of the HW3 spec, stuff added on 3/18/04)? Are they the same? Remember, you have to switch to use my "secret.c". -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 21 22:34:23 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2M6YNqB031010 for ; Sun, 21 Mar 2004 22:34:23 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2M6XRf7025275 for ; Sun, 21 Mar 2004 22:33:27 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2M6XRAS025273 for cs530@merlot.usc.edu; Sun, 21 Mar 2004 22:33:27 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2M6XRf7025269 for ; Sun, 21 Mar 2004 22:33:27 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2M6XRHr025260 for ; Sun, 21 Mar 2004 22:33:27 -0800 Message-Id: <200403220633.i2M6XRHr025260@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Smartcard sourcefile Date: Sun, 21 Mar 2004 22:33:27 -0800 From: william@bourbon.usc.edu Someone wrote: > Can I include additional functions in smartcard sourcefile > (e.g. sha1 function) besides what is defined in scintrf.h? No. How are we going to test your code if we plug in our smartcard? How are we going to test your smartcard if we use our application code? I guess if you have additional functions and you don't call them, that would be fine because we will still be able to do the testing. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 21 22:21:00 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2M6KxqB030735 for ; Sun, 21 Mar 2004 22:20:59 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2M6K9f7012438 for ; Sun, 21 Mar 2004 22:20:09 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2M6K9Qt012436 for cs530@merlot.usc.edu; Sun, 21 Mar 2004 22:20:09 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2M6K8f7012433 for ; Sun, 21 Mar 2004 22:20:08 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2M6K88N012429 for ; Sun, 21 Mar 2004 22:20:08 -0800 Message-Id: <200403220620.i2M6K88N012429@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: proposal Date: Sun, 21 Mar 2004 22:20:08 -0800 From: william@bourbon.usc.edu Someone wrote: > I know that you had mentioned that the proposal had no > deadline, but you sent out a reminder email saying that it > should be turned in by the 26th. Is this really the deadline, > or can we turn it in on the 29th? The proposal has *no* deadline. You don't even have to turn in one if you really don't want to. *But*, if you don't turn one in and ended up with a totally unacceptable subject for your term paper, you may end up with a really low score and you will have nobody to blame! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 21 17:26:56 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2M1QuqB025402 for ; Sun, 21 Mar 2004 17:26:56 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2M1Q6f7020667 for ; Sun, 21 Mar 2004 17:26:06 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2M1Q6PI020665 for cs530@merlot.usc.edu; Sun, 21 Mar 2004 17:26:06 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2M1Q5f7020662 for ; Sun, 21 Mar 2004 17:26:05 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2M1Q5e5020658 for ; Sun, 21 Mar 2004 17:26:05 -0800 Message-Id: <200403220126.i2M1Q5e5020658@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: 3DES Date: Sun, 21 Mar 2004 17:26:05 -0800 From: william@bourbon.usc.edu Someone wrote: > For the three DES part of the assgn, after the smartcard returns > the keys back to the application, does the application need to > convert each of the keys to an odd parity or should that be done > in the smartcard itself? The application should do it. (If the smartcard already done it, doing it again doesn't change anything.) One problem with the current spec is that if a weak key is generate, there is no way to get around the problem! Let's not worry about this for HW3. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: To: Sent: Saturday, March 20, 2004 11:56 PM Subject: Re: 3DES > Someone wrote: > > > Just a thought that came to my mind (dont know if this has been > > discussed before). For the encryption of a file part, we store > > the SHA1 hash of the file in the output file also. Thus a person > > with access to the shared lib and having a slight knowldege of > > the stucture of the file, will easily be able to generate the > > neccesary keys and decrypt the file. How is that secure? Had we > > signed the hash and then stored it, probably it would have been a > > little more secure. > > The idea is that if the smartcard is a real (physical) > smartcard, if it's not present, encrypted files cannot be > viewed. Also, if another user is using your machine and > his/her smartcard is inserted, your files are safe. > > You can think of the smartcard like a passphrase. When > someone asks for the passphrase, you insert the smartcard > and then take it out right away. This minimize your > vulnerability. > > But, if an attacker has already compromised your machine, it > can just sit there and wait for you to insert your smartcard > and read all your encrypted files. So, once you know your > machine is compromised, don't use it! :-) > > By the way, I don't see why signing the hash makes it more > secure. > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 21 15:46:36 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2LNkaqB023591 for ; Sun, 21 Mar 2004 15:46:36 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2LNjkf7024399 for ; Sun, 21 Mar 2004 15:45:46 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2LNjkYo024397 for cs530@merlot.usc.edu; Sun, 21 Mar 2004 15:45:46 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2LNjkf7024394 for ; Sun, 21 Mar 2004 15:45:46 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2LNjkcH024390 for ; Sun, 21 Mar 2004 15:45:46 -0800 Message-Id: <200403212345.i2LNjkcH024390@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Random Number generation Date: Sun, 21 Mar 2004 15:45:46 -0800 From: william@bourbon.usc.edu Someone wrote: > I am using the following code to generate 160-bit random numbers, > > randnum1 = (char*)malloc(sizeof(char)*20); > success = RAND_bytes(randnum1, 20); > > Most of the times it does generate 20 bytes of random number, but > sometimes it generates only 12 bytes or 14 bytes of random > number. I do not understand why it is acting weird like this. Am > I not using the RAND_bytes method correctly ? Looks right. > I am not seeding > the rand_bytes() function. Could that be the reason? You don't need to seed on nunki. > Please correct me if i am doing something wrong. How do you know that it has only generated 12 bytes or 14 bytes of data? Are you still using something like printf("%s"...) to print out the memory buffer? I'm shocked! Do *not* use *string* functions and expect them to work with *binary* data! (A computer cannot read your mind, it will do *exactly* what you tell it to do.) By the way, I would use SHA_DIGEST_LENGTH instead of 20. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 21 04:45:11 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2LCjBqB011455 for ; Sun, 21 Mar 2004 04:45:11 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2LCiMf7015472 for ; Sun, 21 Mar 2004 04:44:22 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2LCiMSH015470 for cs530@merlot.usc.edu; Sun, 21 Mar 2004 04:44:22 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2LCiMf7015464 for ; Sun, 21 Mar 2004 04:44:22 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2LCiMsY015457 for ; Sun, 21 Mar 2004 04:44:22 -0800 Message-Id: <200403211244.i2LCiMsY015457@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: htonl Date: Sun, 21 Mar 2004 04:44:22 -0800 From: william@bourbon.usc.edu Someone wrote: > Which header files need to be included to call the htonl, > htons etc functions? What does "man htonl" tell you? -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 20 23:56:57 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2L7uvqB027652 for ; Sat, 20 Mar 2004 23:56:57 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2L7u9f7018875 for ; Sat, 20 Mar 2004 23:56:09 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2L7u9Xh018873 for cs530@merlot.usc.edu; Sat, 20 Mar 2004 23:56:09 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2L7u9f7018869 for ; Sat, 20 Mar 2004 23:56:09 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2L7u9NR018865 for ; Sat, 20 Mar 2004 23:56:09 -0800 Message-Id: <200403210756.i2L7u9NR018865@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: 3DES Date: Sat, 20 Mar 2004 23:56:09 -0800 From: william@bourbon.usc.edu Someone wrote: > Just a thought that came to my mind (dont know if this has been > discussed before). For the encryption of a file part, we store > the SHA1 hash of the file in the output file also. Thus a person > with access to the shared lib and having a slight knowldege of > the stucture of the file, will easily be able to generate the > neccesary keys and decrypt the file. How is that secure? Had we > signed the hash and then stored it, probably it would have been a > little more secure. The idea is that if the smartcard is a real (physical) smartcard, if it's not present, encrypted files cannot be viewed. Also, if another user is using your machine and his/her smartcard is inserted, your files are safe. You can think of the smartcard like a passphrase. When someone asks for the passphrase, you insert the smartcard and then take it out right away. This minimize your vulnerability. But, if an attacker has already compromised your machine, it can just sit there and wait for you to insert your smartcard and read all your encrypted files. So, once you know your machine is compromised, don't use it! :-) By the way, I don't see why signing the hash makes it more secure. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 20 23:45:45 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2L7jjqB027413 for ; Sat, 20 Mar 2004 23:45:45 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2L7iuf7007945 for ; Sat, 20 Mar 2004 23:44:56 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2L7iuHN007940 for cs530@merlot.usc.edu; Sat, 20 Mar 2004 23:44:56 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2L7iuf7007934 for ; Sat, 20 Mar 2004 23:44:56 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2L7iudJ007930 for ; Sat, 20 Mar 2004 23:44:56 -0800 Message-Id: <200403210744.i2L7iudJ007930@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: hw3 questions Date: Sat, 20 Mar 2004 23:44:56 -0800 From: william@bourbon.usc.edu Someone wrote: > I got a lot of questions after working on hw3 for days. Hope > you can help me out. > > (1) secret generation > Based on your earlier response, I believe I just need to call > rsa=RSA_generate_key(1024, 65537, 0, 0), and then save the > rsa->e, rsa->n, rsa->d content into secret.c. I am I right? > Then I got this problem. The d I got is: > > unsigned char HW3_rsa_private_key[] = { > 0x00,0x02,0x68,0x78,0x00,0x00,0x00,0x20, > 0x00,0x00,0x00,0x20,0x00,0x00,0x00,0x00, > 0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x00, > 0x00,0x00,0x00,0x19,0x00,0x00,0x00,0x00, > 0x00,0x02,0x60,0x50,0x00,0x00,0x00,0x10, > 0x00,0x00,0x00,0x11,0x00,0x00,0x00,0x00, > 0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x00, > 0x00,0x00,0x00,0x19,0x00,0x00,0x00,0x00, > 0x00,0x02,0x62,0xe8,0x00,0x00,0x00,0x20, > 0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x00, > 0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x00, > 0x00,0x00,0x00,0x19,0x00,0x00,0x00,0x00, > 0x00,0x02,0x6a,0x50,0x00,0x00,0x00,0x10, > 0x00,0x00,0x00,0x11,0x00,0x00,0x00,0x00, > 0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x00, > 0x00,0x00,0x00,0x19,0x00,0x00,0x00,0x00 > }; > > The e and n are similar, with a lot of 0's. Did I miss > anything? I remember you said the sample secret.c also comes > from one call of RSA_generate_key()? How come it looks random > but mine is so strange? (I tried your suggestion of rand48 > but that didn't help.) You need to call the right BIGNUM fuction to convert rsa->e, rsa->n, and rsa->d into desired values. Please see: http://www.openssl.org/docs/crypto/bn.html and pick the right function! You don't need to call lrand48(). > (2) problem with sign > Here is the code that does the sign: > pss = (pfn_init)(); > sig_size = (pfn_getsigsize)(pss); > sigbuf = new unsigned char[sig_size]; > (pfn_sign)(pss, sha1_buf, sigbuf); > > (pfn_cleanup)(pss); By the way, you should only call the SC_cleanup() function once, near the end of your program. > // Print sig to stdout > for (int i=0; i printf("%02x", sigbuf[i]); > } > printf("\n"); > > The problem is that I can not get repeatable signature for > same sha value. I tried the sample secret.c and the result is > more stable (jump between two values), but still not solid > stable. Looks like you got the right idea here. If your "secret.c" contains invalid decryption and encryption keys and public modulus, you should not use them to sign anything! If you want to just work on sign and verify, you can just use the "secret.c" I provided. > So something must be wrong in my SC_* functions. I would guess that's the case too. > My SC_init() function read the content of secret.c file and > copy the e, d, and n values into an RSA *rsa, which is > returned as SmartCardState pss. The code segment is shown > below: > > RSA *rsa = RSA_new(); > [ code deleted ] > > Then in SC_sign, it just return RSA_private_encrypt(): > > ... So are these what we expected to do, or I misunderstood > the spec thus the problem? I think you got the right idea. You just need to figure out exactly what to do! I think you are trying to set too much stuff in SC_init(). I only set rsa->d, rsa->e, and rsa->n and zero out everything else and it worked for me! > Another interesting observation is that if I call > (pfn_cleanup)(pss); after printing out signature, the > signature will be another value as oppose to calling it > before printing. I don't quite understand this. Looks to me > the cleanup should not impact the signature generated by > SC_sign(). I don't know why this is happening, but you should only call the SC_cleanup() function (which frees the RSA data sturcutre you allocated in SC_init()) when your program is done with everything. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 20 23:09:27 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2L79RqB026723 for ; Sat, 20 Mar 2004 23:09:27 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2L78df7005254 for ; Sat, 20 Mar 2004 23:08:39 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2L78dj6005252 for cs530@merlot.usc.edu; Sat, 20 Mar 2004 23:08:39 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2L78cf7005249 for ; Sat, 20 Mar 2004 23:08:38 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2L78c5C005245 for ; Sat, 20 Mar 2004 23:08:38 -0800 Message-Id: <200403210708.i2L78c5C005245@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: [Followup] Format of secret.c Date: Sat, 20 Mar 2004 23:08:38 -0800 From: william@bourbon.usc.edu Someone wrote: > > > Now that I think of it, it would be better to call > > > what is now > > > "secret.c", "secret.h"; and eliminate the existing > > > "secret.h" entirely. Is this acceptable, please? > > > >Let's stick with what's in the HW3 spec. > > > >I understand that sometimes it's difficult to watch > >something that you know is a mistake in the spec > >and still do your implementation according to the > >mistake in the spec. I apologize for that. But > >please follow the spec. > > Of course, Professor. I did not mean to be critical. Nor to > attempt to rehash items we already discussed about secret.c vs a > "secret file." It was simply an observation that one does not > need secret.h at all. That is, no other file need reference the > globals whatsoever, even if they are not declared static, if > secret.c itself is #include'd into the code implementing > scintrf.h. Thus, no other file need include secret.h. Yes. If no other file is also doing the same #include! > A couple of implementations are possible. The one I favor > neither exposes the globals in secret.c, nor violates the > specification: one can #include "secret.c" into the > *implementation* of the SC_init() function itself -- that is, > within the function definition, not the file containing it. > Thus, the variables in secret.c become local variables of > SC_init(). Their values are captured into the object that > ultimately becomes SmartcardState. I see what you mean now! You are right, this does work nicely. Since what you are suggesting does not change the spec, you are welcome to implement what you suggested. This does have the advantage that the secrets will not be exposed. > My specific (unvoiced) request to change the secret.c format was > to suggest omitting the #include "secret.h" at its top. That > statement causes a syntax error when you #include "secret.c" > within the SC_init() function definition. The same effect is > achieved with no change to the spec, however, by inserting a > #define _HW3_SECRET_H_ just before the #include "secret.c". This > prevents secret.h from expanding, but is a little uglier than > simply omitting the #include "secret.h" from the top of secret.c. Okay, this doesn't change the spec *much* (and won't affect others)! So, I've just changed the spec for the secret command and add the following: ([BC: Added 3/20/2004] unless you #include "secret.c" in your Smartcard code; also, in this case, the first line in the sample "secret.c" is *optional*) > This implementation meets the spec, *and* hides the globals. > But, of course, if really *do* want the globals visible, then > (catch 22) I'm violating the spec! This long-winded email is to > explain where I was going with my earlier email, and that I was > not just trying to be contrary ;-). No problem. This is good. It's my mistake that I didn't understand what you were proposing the first time. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 20 22:36:39 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2L6adqB026060 for ; Sat, 20 Mar 2004 22:36:39 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2L6Zpf7005848 for ; Sat, 20 Mar 2004 22:35:51 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2L6ZpMg005846 for cs530@merlot.usc.edu; Sat, 20 Mar 2004 22:35:51 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2L6Zpf7005837 for ; Sat, 20 Mar 2004 22:35:51 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2L6Zp7S005833 for ; Sat, 20 Mar 2004 22:35:51 -0800 Message-Id: <200403210635.i2L6Zp7S005833@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: BIGNUM - lower or upper case? Date: Sat, 20 Mar 2004 22:35:51 -0800 From: william@bourbon.usc.edu Someone wrote: > Hi prof, I use the funciton BN_bn2hex to convert from BIGNUM to > Hex and store the result in a char*, this is the only function > that does this, now the question is that this function returns > all uppercase letters, where in the secret.c sample file, its > lowercase, is it ok to have upper case, or should I convert to > lower case? Thank you for your time and attention. Since it will be compiled into the smartcard, the compiler does not care if it's upper or lower case. Try it and you'll see. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 20 22:18:41 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2L6IfqB025697 for ; Sat, 20 Mar 2004 22:18:41 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2L6Hrf7020719 for ; Sat, 20 Mar 2004 22:17:53 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2L6HrZi020711 for cs530@merlot.usc.edu; Sat, 20 Mar 2004 22:17:53 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2L6Hrf7020708 for ; Sat, 20 Mar 2004 22:17:53 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2L6HrCY020700 for ; Sat, 20 Mar 2004 22:17:53 -0800 Message-Id: <200403210617.i2L6HrCY020700@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: 2 random numbers in SC_3des_key_gen Date: Sat, 20 Mar 2004 22:17:53 -0800 From: william@bourbon.usc.edu Someone wrote: > Prof, so if the reandom bits are > HW3_random_bits_1[SHA_DIGEST_LENGTH] and > HW3_random_bits_2[SHA_DIGEST_LENGTH], then these random bits are > p and q respectively, They are *not*. Why would you come to this conclusion? > now the question is that: since, we're > using RAND_bytes to generate the random numbers, is RAND_bytes > generates prime numbers like RSA_generate_key func? The purpose of this part of HW3 is *not* to figure out how to generate large primes. So, please do *not* use RAND_bytes to generate prime numbers. Use RSA_generate_key() to generate e, d, and n (and ignore p and q and other stuff). > I've looked > at the POD file to read its documentation but, cannot find > anything that says RAND_bytes generates prime numbers. Don't use RAND_bytes() to generate prime numbers! > Just to > make sure: the two random bits are generated at the "secret" > command, not at the SC_3des_key_gen, correct? Right. The "secret" command generates "secret.c", which is used to generate "libsmartcard.so" via compilation. Again, HW3_random_bits_1[SHA_DIGEST_LENGTH] and HW3_random_bits_2[SHA_DIGEST_LENGTH] are random bits. They are not *keys* for anything. *Please* read the spec from top to bottom *carefully*. After you've done that, if you have more questions, bring them to class on Monday. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Saturday, March 20, 2004 3:25 pm Subject: Re: 2 random numbers in SC_3des_key_gen > Someone wrote: > > > hmm, I just realize that in the HW3 specs under the secret key > > generation header, it says that the smartcard stores 2 random > > key, so if it "stores" these 2 key, > > The spec says: > > The Smartcard stores 2 set of random bits. Each of these > random bits is 20 bytes long (same size as SHA1). Let's > call them RB1 and RB2. > > They are not *keys*. They are just 2 sets of random bits. > > > does it mean that these 2 > > keys does not change? so I should only call RAND_bytes once, so I > > should store these 2 keys somewhere, is this right? I'm confused > > because from the other posted messages, it seemed that these > > numbers do change everytime function SC_3des_key_gen is called. > > In "secret.h", you will see these 2 random bits as > HW3_random_bits_1[SHA_DIGEST_LENGTH] and > HW3_random_bits_2[SHA_DIGEST_LENGTH]. > > I would call RAND_bytes() twice. One for each set of random > bits. They should be compiled into your smartcard and they > will never change. > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 20 22:11:55 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2L6BtqB025548 for ; Sat, 20 Mar 2004 22:11:55 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2L6B6f7014161 for ; Sat, 20 Mar 2004 22:11:06 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2L6B6Dc014159 for cs530@merlot.usc.edu; Sat, 20 Mar 2004 22:11:06 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2L6B6f7014153 for ; Sat, 20 Mar 2004 22:11:06 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2L6B6Uq014148 for ; Sat, 20 Mar 2004 22:11:06 -0800 Message-Id: <200403210611.i2L6B6Uq014148@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: SC_get_signature_size() return value? Date: Sat, 20 Mar 2004 22:11:06 -0800 From: william@bourbon.usc.edu Someone wrote: > >The idea is to call RSA_size() in SC_get_signature_size() > >and not just return the size of the private key! The > >spec does say: > > > > The SC_get_signature_size() function returns the size of > > the *digital signature*. > > Sorry, my comment should have been more specific. The implementation > example that you provided for smartcard.c has SC_get_signature_size() > returning HW3_rsa_private_key_size. I thought this might have been an > oversight that would confuse some. The code in the sample smartcard.c may not be correct (and this is intentional). Its main purpose is to illustrate how share library works. Although in this case, it may work just fine since all the RSA values in "secret.c" comes from a single call to RSA_generate_key(). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 20 15:26:41 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2KNQfqB018253 for ; Sat, 20 Mar 2004 15:26:41 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2KNPrf7027324 for ; Sat, 20 Mar 2004 15:25:53 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2KNPrcP027322 for cs530@merlot.usc.edu; Sat, 20 Mar 2004 15:25:53 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2KNPrf7027319 for ; Sat, 20 Mar 2004 15:25:53 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2KNPrN6027315 for ; Sat, 20 Mar 2004 15:25:53 -0800 Message-Id: <200403202325.i2KNPrN6027315@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: 2 random numbers in SC_3des_key_gen Date: Sat, 20 Mar 2004 15:25:53 -0800 From: william@bourbon.usc.edu Someone wrote: > hmm, I just realize that in the HW3 specs under the secret key > generation header, it says that the smartcard stores 2 random > key, so if it "stores" these 2 key, The spec says: The Smartcard stores 2 set of random bits. Each of these random bits is 20 bytes long (same size as SHA1). Let's call them RB1 and RB2. They are not *keys*. They are just 2 sets of random bits. > does it mean that these 2 > keys does not change? so I should only call RAND_bytes once, so I > should store these 2 keys somewhere, is this right? I'm confused > because from the other posted messages, it seemed that these > numbers do change everytime function SC_3des_key_gen is called. In "secret.h", you will see these 2 random bits as HW3_random_bits_1[SHA_DIGEST_LENGTH] and HW3_random_bits_2[SHA_DIGEST_LENGTH]. I would call RAND_bytes() twice. One for each set of random bits. They should be compiled into your smartcard and they will never change. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 20 15:21:17 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2KNLHqB018138 for ; Sat, 20 Mar 2004 15:21:17 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2KNKTf7025146 for ; Sat, 20 Mar 2004 15:20:29 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2KNKTX0025144 for cs530@merlot.usc.edu; Sat, 20 Mar 2004 15:20:29 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2KNKTf7025140 for ; Sat, 20 Mar 2004 15:20:29 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2KNKTxS025131 for ; Sat, 20 Mar 2004 15:20:29 -0800 Message-Id: <200403202320.i2KNKTxS025131@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: kinda confused with the project req Date: Sat, 20 Mar 2004 15:20:29 -0800 From: william@bourbon.usc.edu Someone wrote: > Hi Prof, I am sorry that I disturb you again, but I've been > working on this project for a few days now, and I spent more time > figuring out what to do than coding. I tried hard to understand > and I think its time to ask you for confirmation that at least I > understand the starting of this project perfectly. I you found > anything wrong please correct me So from what I understand: > > 1. first we need to be able to do "hw3 secret foo.cc(this file > name can be anything right?)" which creates a foo.cc file (can > I use .cc instead of .c like the hw3 requirement?), inside the > foo.cc I should have RSA's p, q, n, e and d. where e is always > 65,537 and p & q & d are found using RSA_generate_key func and if > rsaObj is a RSA* type, I can access d by doing "rsaObj->d". So, > the code to handle "secret" command and the p, q, n, d key > generation should be in hw3.cc, not in smartcard.cc. That's all > for the secret command. You should do: hw3 secret secret.c or you can do hw3 secret foo.cc mv foo.cc secret.c Inside foo.cc should look pretty much like the "secret.c" sample given in the HW3 spec. Please look at "secret.h" to see *exactly* what you need to generate. As you can see, there's no p and no q. > 2. Second, I have to re-compile again to create the .so file, no > coding here, because the Makefile is already provided This "secret.c" should be compiled together with "smartcard.c" to generate libsmartcard.so. Please see the sample "Makefile", "smartcard.c", "secret.c", "secret.h", "scintrf.h" and "defs.h". The sample code can be compiled on nunki. Please compile it and run it on nunki and see how it works! Although it compiles, the "smartcard.c" sample is *wrong*, intentionally! You need to change it for it to do the right thing, according to HW3 spec. > 3. third, hw3.cc should handle the "sign" command. check if there > is a path to a .so file we will pass it to the dlopen function. > so the library is basically the cmartcard.cc and secret.cc(or any > filename specified by the user) then do sha1 of the infile, > reading 4,096 at a time. each 4,096 sub buffers should be > appended to create a larger buffer until the whole file is read, > then do sha1 to that larger buffer that contains everything, is > this right??? Yes. I assume you know how to compute SHA1 of a file. You should get exactly the same result as "openssl sha1". Make sure your code can handle binary files. Do not use function like fgets() that expects the input to be text. > send the sha1 value to SC_sign function to get the > encrypted version of the sha1 value. now, what I'm confused is > that isn't that sha1 value is always 20bytes? if thats right, > then since the signature is computed using sha1, then signature > size is always 20 bytes? RSA digital signature means encrypting the SHA1 value with the RSA private key. So, if m is the SHA1 value of the file, the digital signature is (d^m mod n) where d is the encryption key (corresponds to HW3_rsa_private_key[]) and n is the public modulus (corresponds to HW3_rsa_public_modulus[]). Since n is 128 bytes, the digital signature will be 128 bytes long! > so buf_return should only contains > sha1(sha1_buf) right? thus, buf_return is 20bytes long only, so > why do we need to call SC_geT_signature_size? also, I understand > that the SC_get_signature_size function is not the correct one, SC_geT_signature_size() should return 128 (you should get this by calling RSA_size() after you've build the RSA structure in the smartcard). So, buf_return is 128 bytes long. > but I should also do verification here? if yes, verification > between what? The verify command takes the output of "hw3 sign somefile" (which is encoded in hexstring format) and decrypts it with the encryption key (corresponds to HW3_rsa_public_exponent[]). So, you need to call RSA_public_decrypt() to compute (e^c mod n) where e is the encryption key and c is the ciphertext. You get e and n by calling SC_public_size_query() first to get their sizes and then call SC_public_query() to get their values. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 20 15:01:47 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2KN1lqB017765 for ; Sat, 20 Mar 2004 15:01:47 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2KN0xf7016990 for ; Sat, 20 Mar 2004 15:00:59 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2KN0xLA016988 for cs530@merlot.usc.edu; Sat, 20 Mar 2004 15:00:59 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2KN0xf7016985 for ; Sat, 20 Mar 2004 15:00:59 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2KN0xdc016981 for ; Sat, 20 Mar 2004 15:00:59 -0800 Message-Id: <200403202300.i2KN0xdc016981@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Use RSA_sign() / RSA_verify() ? Date: Sat, 20 Mar 2004 15:00:59 -0800 From: william@bourbon.usc.edu Someone wrote: > Can we simply use RSA_sign() and RSA_verify(), instead of > RSA_private_encrypt() and RSA_public_decrypt()? The former are somewhat > higher-level functions, and deal with the PKCS1 padding. No. Please follow the spec. I specifically want everyone to use RSA_private_encrypt() and RSA_public_decrypt() so you can see exactly what you get. RSA_verify() just returns 1 or 0. Not good for homework! :-) -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 20 14:59:08 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2KMx8qB017677 for ; Sat, 20 Mar 2004 14:59:08 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2KMwLf7015815 for ; Sat, 20 Mar 2004 14:58:21 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2KMwL1Z015813 for cs530@merlot.usc.edu; Sat, 20 Mar 2004 14:58:21 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2KMwLf7015804 for ; Sat, 20 Mar 2004 14:58:21 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2KMwLuP015800 for ; Sat, 20 Mar 2004 14:58:21 -0800 Message-Id: <200403202258.i2KMwLuP015800@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: SC_get_signature_size() return value? Date: Sat, 20 Mar 2004 14:58:21 -0800 From: william@bourbon.usc.edu Someone wrote: > I believe that the return value of SC_get_signature_size() should be the > size of the modulus, not the size of the private key. As far as I know, the size of the modulus and the size of the private key should be the same since they are both generated by RSA_generate_key(). > RSA_private_encrypt(3) specifies that the returned signature buffer must > be RSA_size() bytes in length. RSA_size() returns the size of the > modulus, not the size of the private key. In our homework example they > are the same size, but it's not clear to me that this necessarily > follows. The idea is to call RSA_size() in SC_get_signature_size() and not just return the size of the private key! The spec does say: The SC_get_signature_size() function returns the size of the *digital signature*. For a 1024-bit (128 bytes) modulus when you compute (d^m mod n) and m is 160 bit long, the result will fit in a buffer of size RSA_size(). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 20 14:47:58 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2KMlwqB017408 for ; Sat, 20 Mar 2004 14:47:58 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2KMlAf7009944 for ; Sat, 20 Mar 2004 14:47:10 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2KMlAfT009942 for cs530@merlot.usc.edu; Sat, 20 Mar 2004 14:47:10 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2KMlAf7009939 for ; Sat, 20 Mar 2004 14:47:10 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2KMlAVi009935 for ; Sat, 20 Mar 2004 14:47:10 -0800 Message-Id: <200403202247.i2KMlAVi009935@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: [Followup] Format of secret.c Date: Sat, 20 Mar 2004 14:47:10 -0800 From: william@bourbon.usc.edu Someone wrote: > Now that I think of it, it would be better to call what is now > "secret.c", "secret.h"; and eliminate the existing "secret.h" entirely. > Is this acceptable, please? Let's stick with what's in the HW3 spec. I understand that sometimes it's difficult to watch something that you know is a mistake in the spec and still do your implementation according to the mistake in the spec. I apologize for that. But please follow the spec. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 20 14:45:42 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2KMjgqB017361 for ; Sat, 20 Mar 2004 14:45:42 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2KMitf7008579 for ; Sat, 20 Mar 2004 14:44:55 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2KMit0J008577 for cs530@merlot.usc.edu; Sat, 20 Mar 2004 14:44:55 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2KMitf7008574 for ; Sat, 20 Mar 2004 14:44:55 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2KMit0E008570 for ; Sat, 20 Mar 2004 14:44:55 -0800 Message-Id: <200403202244.i2KMit0E008570@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Format of secret.c Date: Sat, 20 Mar 2004 14:44:55 -0800 From: william@bourbon.usc.edu Someone wrote: > Are we constrained by the exact format you have specified for secret.c? > For example, you specified (in lecture) to declare each of the elements > static. Actually, in lecture, I said that they *should have* been static and the smartcard code *should have* included "secret.c" instead of "secret.h". But, I also said in lecture that for HW3, we'll stick with the original spec and have both "secret.h" and "secret.c" and your smartcode code should include "secret.h". > Also, your example #include's the "secret.h" file. There is a > bit cleaner implementation in C++ if neither of these constraints holds. > > Specifically, one can #include "secret.c" into the *body* of SC_init(), > and use the values to initialize a dynamically-allocated SmartCard > object, which is returned. In this implementation, the HW3_* global > variables instead become transient local variables of SC_init(), and we > don't have to worry about hiding them with "static". Let's stick to what's in the spec for now. > I'm not clear about the utility of "secret.h", regardless of the > implementation. If what's in "secret.c" are not static (as they are now), then we need "secret.h". If things were done *right*, then we don't need "secret.h". > One doesn't want the HW3_* variables to be globally > accessible, which "secret.h" implies. If they're shared between files > in the library, they're globally accessible. (Less so in Windows, where > we could "dllexport" those we wanted visible outside the library, and > leave alone those we did not.) In my implementation, I propose to omit > "secret.h". You are correct that the secrets are accessible globally and this defeats the purpose of trying to keep them secret. But as I have mentioned during lecture, we will stick with this mistake for now since we all understand that this is a mistake in the spec. Also since some people have been implementing using "secret.c" and "secret.h", I don't want to change the spec (and I still don't want to change the spec regarding this). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 20 14:35:02 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2KMZ0qB017167 for ; Sat, 20 Mar 2004 14:35:02 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2KMY2f7002792 for ; Sat, 20 Mar 2004 14:34:02 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2KMY26Z002790 for cs530@merlot.usc.edu; Sat, 20 Mar 2004 14:34:02 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2KMY0f7002754 for ; Sat, 20 Mar 2004 14:34:02 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2KMXogV002665 for ; Sat, 20 Mar 2004 14:34:00 -0800 Message-Id: <200403202234.i2KMXogV002665@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: sha1 question, which one? Date: Sat, 20 Mar 2004 14:33:50 -0800 From: william@bourbon.usc.edu Someone wrote: > Wierd problem with SHA1, I strugle with this error > and just found out now: > 1. if i do "echo Hello | openssl sha1" the result is > 1d229271928d3f9e2bb0375bd6ce5db6c6d348d9 > 2. if I manually do "openssl sha1" and enter "Hello" followed by ctrl-d> will give me: > f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0 > > 3. if I manually do "openssl sha1" and enter "Hallo" ENTER> will give me the same as no. 1, > which is 1d22927.....etc, so basically each string needs to > be followed by a "\n" to have the same output as echo function > > 4. if I have a file which contains "Hello" only, by using cat > I will get the same as #2, and if I have "Hello\n" I will get > the same as #1 & #3 > > Since the grader will use cat or echo functions when testing, > do you want us to conform to the 1st one by adding a "\n" or > the second one? Because I tested the SC_3des_key_generator by > computing the sha1_buf by doing > > unsigned char m[5] = {'H','e','l','l','o'}; //this is just a test > SHA1(m, 5, sha1_buf); > > this will give me the same as #2. So, if it should work like > echo (#1), please say so (I think this is why I got my points > deducted for hw1). What's so weird about this? In your 1st case, you are getting SHA1 of a buffer with 6 characters; and in your 2nd case, you are getting SHA1 of a buffer with 5 characters. Do you know what the 6th character is? Once you find out what's the 6th character is, it should be fair easy to figure that *both* output above are correct! (Hint, open the file with open() and read the file one byte at a time using read() to see what you are missing.) For a good hash function, if the inputs are different by a single bit, you should get completely different result. Now the inputs are different by 8 bits, of course you should get completely different result. May be you are not reading your input correctly! I think a few people were reading the input using something like fgets() which messes with the input. (Do you know why?) If you really tried to test your program, you should find out pretty quickly that using fgets() works really poorly with binary files. How do you know you are reading things incorrectly? You should do sanity checks! For example, you can count the number of bytes you read and compare with the result of "ls -l". Of course, this doesn't solve the problem with reading from stdin, but you should try *not* to type things in from the command and just pipe the data in. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 20 12:40:22 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2KKeLqB015087 for ; Sat, 20 Mar 2004 12:40:21 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2KKdYf7015766 for ; Sat, 20 Mar 2004 12:39:34 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2KKdY1x015758 for cs530@merlot.usc.edu; Sat, 20 Mar 2004 12:39:34 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2KKdXf7015752 for ; Sat, 20 Mar 2004 12:39:33 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2KKdXqm015748 for ; Sat, 20 Mar 2004 12:39:33 -0800 Message-Id: <200403202039.i2KKdXqm015748@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Return values of SC_* functions Date: Sat, 20 Mar 2004 12:39:33 -0800 From: william@bourbon.usc.edu Someone wrote: > You specified a return value of "int" for SC_sign(), SC_3des_key_gen(), > SC_public_size_query(), and SC_public_query(). Yet each of these > functions returns its result(s) through pointers passed in as > parameters. It is not clear what the return value of the function > itself should be. > > Should these functions actually be declared "void"? If not, what do you > expect the return value to be? (I am guessing the usual "0 for success, > -1 for failure".) Sounds good! Sorry that I forgot to specify them. I've added the following text in the HW3 spec for these functions: [BC: Added 3/20/2004] This function returns 0 if successful, otherwise, it should return -1. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Mar 20 05:27:32 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2KDRWqB007124 for ; Sat, 20 Mar 2004 05:27:32 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2KDQjf7020678 for ; Sat, 20 Mar 2004 05:26:45 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2KDQjkh020667 for cs530@merlot.usc.edu; Sat, 20 Mar 2004 05:26:45 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2KDQif7020663 for ; Sat, 20 Mar 2004 05:26:44 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2KDQibS020654 for ; Sat, 20 Mar 2004 05:26:44 -0800 Message-Id: <200403201326.i2KDQibS020654@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Private Key Date: Sat, 20 Mar 2004 05:26:44 -0800 From: william@bourbon.usc.edu Someone wrote: > There is a slight problem with the RSA_generate_key function. > It sometimes gives an RSA private key of 129 bytes and > sometimes it is 128 bytes because of which the sign and > verify function goes wrong. Can you please tell me how to > get around with this irregularity. > > P.S. I have made the following to call the function > " rsa=RSA_generate_key(1024,65537,NULL,NULL) where RSA *rsa; " I've make this RSA_generate_key() many times and have never encounter the problem you mentioned. It's always 128 bytes. How did you figure that the private key is 129 bytes? Is this what BN_num_bytes() returns? -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Mar 19 19:25:42 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2K3PgqB028284 for ; Fri, 19 Mar 2004 19:25:42 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2K3Ouf7013475 for ; Fri, 19 Mar 2004 19:24:57 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2K3OuXx013470 for cs530@merlot.usc.edu; Fri, 19 Mar 2004 19:24:56 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2K3Ouf7013465 for ; Fri, 19 Mar 2004 19:24:56 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2K3Ou0Z013462 for cs530; Fri, 19 Mar 2004 19:24:56 -0800 Date: Fri, 19 Mar 2004 19:24:56 -0800 From: william@bourbon.usc.edu Message-Id: <200403200324.i2K3Ou0Z013462@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: please stop sending me questions about basic questions Hi, I'm going to refuse to answer any questions regarding compiling problems and basic C/C++ questions. There is plenty of stuff in the HW3 spec, please read them *carefully*. Please also use the class newsgroup (Yahoo Group: cs_530) at: http://groups.yahoo.com/group/cs_530/ for these types of questions. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Mar 19 19:20:02 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2K3K2qB028203 for ; Fri, 19 Mar 2004 19:20:02 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2K3JHf7010348 for ; Fri, 19 Mar 2004 19:19:17 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2K3JHnr010342 for cs530@merlot.usc.edu; Fri, 19 Mar 2004 19:19:17 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2K3JGf7010336 for ; Fri, 19 Mar 2004 19:19:16 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2K3JGpB010329 for ; Fri, 19 Mar 2004 19:19:16 -0800 Message-Id: <200403200319.i2K3JGpB010329@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: wierd error Date: Fri, 19 Mar 2004 19:19:16 -0800 From: william@bourbon.usc.edu Someone wrote: > I have a wierd error that says: > > nunki.usc.edu(15): hw3 > ld.so.1: hw3: fatal: libcrypto.so.0.9.7: open failed: No such > file or directory > Killed > > every time I tried to run hw3, I checked the .login file and > the Makefile to make sure its the 0.9.7c version. But it still > giving me the same error. In the top of the Compiling and Linking section of the HW3 spec, there's a link to HW1 spec. Did you follow everything there? Did you set LD_LIBRARY_PATH to the right stuff? -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Mar 19 19:16:06 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2K3G6qB028113 for ; Fri, 19 Mar 2004 19:16:06 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2K3FKf7008106 for ; Fri, 19 Mar 2004 19:15:20 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2K3FJJm008101 for cs530@merlot.usc.edu; Fri, 19 Mar 2004 19:15:19 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2K3FJf7008095 for ; Fri, 19 Mar 2004 19:15:19 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2K3FIwd008088 for ; Fri, 19 Mar 2004 19:15:19 -0800 Message-Id: <200403200315.i2K3FIwd008088@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: make: Fatal error: Command failed for target `secret.o' Date: Fri, 19 Mar 2004 19:15:18 -0800 From: william@bourbon.usc.edu Someone wrote: > I solved the -ldl problem but now its giving me this error. > > make all > gcc -g -Wall -I/usr/usc/openssl/0.9.7c/include -c -o secret.o secret.c > secret.c:1: secret.h: No such file or directory Did you read the error message? Or you just send me e-mail whenever you see an error? Can't you download this from the HW3 spec? Please stop asking me about compiler errors or C/C++ question. I've provided a full set of files on the HW3 spec so that you can download and compile. From that point on, you can just make small modifications if you are not so brave. Use the class newsgroup for stuff that you are suppose to know already! -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Friday, March 19, 2004 5:52 pm Subject: Re: Error > Someone wrote: > > > I am getting this following error whenever I try to compile my > program > > through make file.I dont know whats this error about. > > > > make > > gcc -c hw3.c -I/usr/usc/openssl/0.9.7c/include > > gcc hw3.o -o hw3 -L/usr/usc/openssl/0.9.7c/lib -lcrypto > > Undefined first referenced > > symbol in file > > dlsym hw3.o (symbol belongs to implicit > > dependency /usr/lib/libdl.so.1) > > dlopen hw3.o (symbol belongs to implicit > > dependency /usr/lib/libdl.so.1) > > dlclose hw3.o (symbol belongs to implicit > > dependency /usr/lib/libdl.so.1) > > ld: fatal: Symbol referencing errors. No output written to hw3 > > collect2: ld returned 1 exit status > > *** Error code 1 > > make: Fatal error: Command failed for target `hw3' > > Doesn't the sample Makefile from the HW3 spec says that > you should add "-ldl"? > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Mar 19 17:52:50 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2K1qoqB026586 for ; Fri, 19 Mar 2004 17:52:50 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2K1q4f7026957 for ; Fri, 19 Mar 2004 17:52:04 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2K1q4rO026948 for cs530@merlot.usc.edu; Fri, 19 Mar 2004 17:52:04 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2K1q4f7026944 for ; Fri, 19 Mar 2004 17:52:04 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2K1q3Ai026938 for ; Fri, 19 Mar 2004 17:52:03 -0800 Message-Id: <200403200152.i2K1q3Ai026938@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Error Date: Fri, 19 Mar 2004 17:52:03 -0800 From: william@bourbon.usc.edu Someone wrote: > I am getting this following error whenever I try to compile my program > through make file.I dont know whats this error about. > > make > gcc -c hw3.c -I/usr/usc/openssl/0.9.7c/include > gcc hw3.o -o hw3 -L/usr/usc/openssl/0.9.7c/lib -lcrypto > Undefined first referenced > symbol in file > dlsym hw3.o (symbol belongs to implicit > dependency /usr/lib/libdl.so.1) > dlopen hw3.o (symbol belongs to implicit > dependency /usr/lib/libdl.so.1) > dlclose hw3.o (symbol belongs to implicit > dependency /usr/lib/libdl.so.1) > ld: fatal: Symbol referencing errors. No output written to hw3 > collect2: ld returned 1 exit status > *** Error code 1 > make: Fatal error: Command failed for target `hw3' Doesn't the sample Makefile from the HW3 spec says that you should add "-ldl"? -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Mar 19 12:59:32 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2JKxWqB021121 for ; Fri, 19 Mar 2004 12:59:32 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2JKwlf7012271 for ; Fri, 19 Mar 2004 12:58:47 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2JKwlB1012265 for cs530@merlot.usc.edu; Fri, 19 Mar 2004 12:58:47 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2JKwlf7012259 for ; Fri, 19 Mar 2004 12:58:47 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2JKwkAP012252 for ; Fri, 19 Mar 2004 12:58:46 -0800 Message-Id: <200403192058.i2JKwkAP012252@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Cryptographically secure random numbers Date: Fri, 19 Mar 2004 12:58:46 -0800 From: william@bourbon.usc.edu Someone wrote: > So are you saying that it is okay to simply call > srand48(time()); > before calling RSA_generate_key? Is that sufficient? > Does this apply for generating the random bits for the > smartcard as well? Please see the end of my message with timestamp "Fri 19 Mar 09:48". It applies to all of the above. -- Bill Cheng // bill.cheng@usc.edu --- william@bourbon.usc.edu wrote: > Someone wrote: > > [ My response below are mostly just my opinion since > I do not ] > [ know exactly the internal workings of > RSA_generate_key(). ] > > > william@bourbon.usc.edu wrote: > > > > >I think it's because srand() and rand() are > *very bad* random > > >number generators! Never call these > functions! You should > > >call srand48() and lrand48() instead. Also, > you should use > > >the value of time() to seed the the random > number generator. > > > > > >I'm not sure if you really need to call > RAND_seed()! What > > >happens if you don't call it? The man page > seem to say that > > >it *adds* to the randomness. > > > > RSA_generate_key() specifically says that you > must seed the > > random number generator. This can be done with > either > > RAND_seed() or RAND_add(). My interpretation is > that they are > > equivalent for num==entropy. One would use > RAND_add() where not > > all the entropy is available at once. > > Actually, the man page for RSA_generate_key() says: > > The pseudo-random number generator must be > seeded prior > to calling RSA_generate_key(). > > I might be reading this wrong, but I don't think > that *you* > have to seed it! It just has to be seeded somehow. > I'm not > sure where the OpenSSL library keeps its state for > the random > number generation. But it looks like it's already > seeded! > > Anyway, you can call RAND_seed() just to make sure. > But I > don't think it's necessary (I could be wrong > though). > > > In a real implementation, one would want > significant entropy in > > the seed. For example, when you build SSH on > many machines, it > > prompts you to randomly type characters on the > keyboard for a few > > seconds to generate the initial entropy. (I > haven't looked, but > > no doubt fed into the RAND_add() routine...) > This strategy is > > alluded to in the rand(3) man page. > > The "prompts you to randomly type characters on the > keyboard" > is really annoying (and I don't think it's a good > way to > create randomness). It completely goes against > automation > (which is why we use computers). I think it was > done when > this type of schemes were introduced a while back. > For some > reason, some people think typing random characters > on the > keyboard or moving the mouse in a random motion is > *truly > random* > > I don't know how many systems are still doing this. > These > days, for Red Hat Linux, when you install the OS, it > generates key for the SSH daemon automatically and > does not > prompt you to type anything. My guess is that they > have > improved things to a point where things can be > automated. > > > There are several alternative implementations, > including: > > > > 1. Use the SSH method and have the grader type > randomly as above. > > This is a pretty good source of entropy, but > will likely irritate > > the grader if he has to do it for every > student! > > I think this is not a good approach anyway. As I've > mentioned in class, one of the biometrics is how one > types! > So, it's not so random after all! > > > 2. Pre-generate some entropy into a file, > package it into the hw3 > > tarball, and RAND_load_file() it at runtime. > This is easy, and > > allows multiple runs to generate identical > results -- handy for > > debugging. Plus the grader doesn't have to > do anything special. > > 3. Use srand48() / lrand48() as you suggest. > Like (2), this is > > easy and painless for the grader, and > simplest for the student, > > but probably not very cryptographically > secure. > > > > The choice depends how cryptographically secure > you want this > > random number to be (which directly affects the > security of the > > RSA key). Do you have a preference? > > I still think you don't have to call RAND_seed() at > all (it > seems to work for me)! Therefore, calling any > RAND_seed() > will just add to whatever that's out there (if done > right). > So, using (3) above would be fine. > > *If* what we are doing is to run in a tight loop and > creating > smartcard after smartcard, then it would be more > important > to worry about exactly how much more > cryptographically secure > the way we are generating random numbers because the > RSA keys > may be related to each other. Since we only create > a set of > keys each time we run the program, it's less of an > issue > (unless we run the program in a tight loop). > -- > Bill Cheng // bill.cheng@usc.edu > Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Mar 19 10:45:40 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2JIjeqB018633 for ; Fri, 19 Mar 2004 10:45:40 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2JIiuf7015385 for ; Fri, 19 Mar 2004 10:44:56 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2JIit5H015378 for cs530@merlot.usc.edu; Fri, 19 Mar 2004 10:44:55 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2JIitf7015370 for ; Fri, 19 Mar 2004 10:44:55 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2JIitHU015366 for ; Fri, 19 Mar 2004 10:44:55 -0800 Message-Id: <200403191844.i2JIitHU015366@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: get_signature_size Date: Fri, 19 Mar 2004 10:44:54 -0800 From: william@bourbon.usc.edu Someone wrote: > This may not be appropriate for public posting, but > I'd like to ask anyway. It's appropriate for the whole class. > I want to verify that the > SC_get_signature_size function returns the > public_modulus_size because after raising any message > to e, then mod n, the result cannot be greater in size > than n-1. So does the function simply return n-1, n, > or something else? n is a really large number! You just need the *size* (the number of bytes) of n. For RSA, the number of bytes in n is the same as the number of bytes in d (the decryption key). You can just return HW3_rsa_private_key_size as in the samepl code (or HW3_rsa_public_modulus_size which have the same value). Please note that if you fill your RSA structure correctly, then calling RSA_size() should return the same value as HW3_rsa_private_key_size and HW3_rsa_public_modulus_size. This number times 8 is the same number that you pass to RSA_generate_key(). All these sizes are basically the same thing. > The reason I ask is that your > sample function has a lot of code used to verify the > SHA1 hash of the private key, however, we are not > looking for that value in our code. Am I on the right > track here? As I've mentioned in my message with timestamp "Wed 17 Mar 16:32": The sample code in "smartcard.c" is *not* the right code for HW3. (Clearly, the code in SC_init() it not the right code for HW3 either!) I think I've mentioned that in the lecture when I briefly went over the code. It's meant to *demonstrate* how to build and use a shared library! The sample code has a lot of useless or wrong things. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Mar 19 09:54:33 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2JHsXqB017671 for ; Fri, 19 Mar 2004 09:54:33 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2JHrmf7022967 for ; Fri, 19 Mar 2004 09:53:48 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2JHrmSw022959 for cs530@merlot.usc.edu; Fri, 19 Mar 2004 09:53:48 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2JHrlf7022956 for ; Fri, 19 Mar 2004 09:53:47 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2JHrl7k022952 for ; Fri, 19 Mar 2004 09:53:47 -0800 Message-Id: <200403191753.i2JHrl7k022952@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: SmartcardState type Date: Fri, 19 Mar 2004 09:53:47 -0800 From: william@bourbon.usc.edu Someone wrote: > In regards to the SmartcardState, you have a typedef > indicating that it is a void* type. Is it appropriate > that I would like to store an RSA* in addition to a > sha1_buf structure in my SmartcardState? If so, can I > declare the SmartcardState to point to a struct that > includes both an RSA * and an unsigned char* (for > sha1_buf)? Exactly! > How do you do this? I am not very familiar > with using void pointers in C. (void*) is compatible with any pointer type. So, you can do: struct foo { RSA *rsa; unsigned char sha1_buf[SHA_DIGEST_LENGTH]; ... [ anything else you want ] }; SmartcardState SC_init() { struct foo *ptr=(struct foo *)malloc(...); [ set up ptr->rsa and ptr->sha1_buf ] return ptr; void SC_cleanup(SmartcardState pSS) { struct foo *ptr=(struct foo *)pSS; [ clean up ptr->rsa if you need to ] free(ptr); } -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Mar 19 09:48:49 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2JHmnqB017545 for ; Fri, 19 Mar 2004 09:48:49 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2JHm4f7020120 for ; Fri, 19 Mar 2004 09:48:04 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2JHm4ac020112 for cs530@merlot.usc.edu; Fri, 19 Mar 2004 09:48:04 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2JHm3f7020109 for ; Fri, 19 Mar 2004 09:48:03 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2JHm36Z020105 for ; Fri, 19 Mar 2004 09:48:03 -0800 Message-Id: <200403191748.i2JHm36Z020105@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Cryptographically secure random numbers Date: Fri, 19 Mar 2004 09:48:03 -0800 From: william@bourbon.usc.edu Someone wrote: > william@bourbon.usc.edu wrote: > > >Actually, the man page for RSA_generate_key() says: > > > > The pseudo-random number generator must be seeded prior > > to calling RSA_generate_key(). > > > >I might be reading this wrong, but I don't think that *you* > >have to seed it! It just has to be seeded somehow. I'm not > >sure where the OpenSSL library keeps its state for the random > >number generation. But it looks like it's already seeded! > > > >Anyway, you can call RAND_seed() just to make sure. But I > >don't think it's necessary (I could be wrong though). > > Agreed. I looked into it further, and think this must depend on the > machine you're running on. > > nunki has a /dev/random as an entropy source. (My older Sun does not.) > So I presume that the seeding _is_ unnecessary on nunki. As usual in > OpenSSL, though, it's nearly impossible to determine whether /dev/random > is the default entropy source without studying the source code (which I > haven't done)! The documentation is somewhat sparse. > > >The "prompts you to randomly type characters on the keyboard" > >is really annoying (and I don't think it's a good way to > >create randomness). > > Agreed. It was annoying. I suspect this approach was to accommodate > architectures that lacked a /dev/random, or any simple way to derive > entropy from operating system state. Since I don't know what algorithm > was used to derive the entropy from key/mouse movements, I can't comment > on the appropriateness. It is likely more random than using time(), > though, as most of the bits in that are identical from call-to-call (for > weeks or months at a time!). In class, I've mentioned another method. The basic idea is to keep a 1024-byte random state in your home directory (make sure it has 600 as its mask). Let's say that you also have a smartcard that has a 20-byte secret on it (similar to RB1 in HW3). When it comes time to call something like RSA_generate_key(), you can modify your random state using RB1. Here's the pseudo-code for a dumb algorithm that can be used: tmp_RB1 = MD5(RB1+time()); for (i=0; i < 1024; i+=160) { new_state[i] <- MD5(old_state[i]+tmp_RB1); tmp_RB1 = MD5(tmp_RB1+RB1); } You can then feed new_state[] to RAND_seed(). Then copy new_state[] to old_state[], call this algorithm again, and store the final new_state[] into the file in your home directory. (Check out RAND_file_name(), RAND_load_file(), and RAND_write_file().) Even if time() returns the same thing for a while, it would be fine because your random state is changing. One problem with bootstrapping though... How do you create the first random state? On a machine like nunki, I would do something like the following (csh is my shell): echo /tmp/`whoami`$$ rm -f /tmp/`whoami`$$ date > /tmp/`whoami`$$ ps aux >> /tmp/`whoami`$$ last | head -100 >> /tmp/`whoami`$$ openssl rand -rand /tmp/`whoami`$$ 1024 > my_random_state (Actually, "openssl rand" will create a 1024-byte ~/.rnd file in the above example.) > >I still think you don't have to call RAND_seed() at all (it > >seems to work for me)! Therefore, calling any RAND_seed() > >will just add to whatever that's out there (if done right). > >So, using (3) above would be fine. > > Now having noted that nunki has a /dev/random, I doubt that calling > RAND_seed() is necessary. More investigation into what libcrypto uses > as its default source of entropy would be necessary to decide for sure. > > >*If* what we are doing is to run in a tight loop and creating > >smartcard after smartcard, then it would be more important > >to worry about exactly how much more cryptographically secure > >the way we are generating random numbers because the RSA keys > >may be related to each other. Since we only create a set of > >keys each time we run the program, it's less of an issue > >(unless we run the program in a tight loop). > > Yes, and hence my question. Whether we can take certain "shortcuts" > that might be inappropriate in a production environment, where true > randomness (or at least cryptographically acceptable pseudo-randomness) > is vital. > > Correct me if I misread you, but my conclusion from your response is > that the randomness provided by default (it appearing to be pre-seeded > on nunki, at least) is good enough for homework purposes. Yes! You don't need to call RAND_seed() for HW3! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Mar 19 09:19:53 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2JHJrqB016995 for ; Fri, 19 Mar 2004 09:19:53 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2JHJ8f7005413 for ; Fri, 19 Mar 2004 09:19:08 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2JHJ7Vo005404 for cs530@merlot.usc.edu; Fri, 19 Mar 2004 09:19:07 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2JHJ7f7005398 for ; Fri, 19 Mar 2004 09:19:07 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2JHJ71N005391 for ; Fri, 19 Mar 2004 09:19:07 -0800 Message-Id: <200403191719.i2JHJ71N005391@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Encrypted File Format Question Date: Fri, 19 Mar 2004 09:19:06 -0800 From: william@bourbon.usc.edu Someone wrote: > I'm a little confused on what is supposed to be in > the specified encrypted file format. Is it the signed > hash we produce with the SC_sign() function. No. The encrypted file is not digitally signed. > Is that > method supposed to simply encryt the sha1 hash, or is > it supposed to create an encrypted file of the > specified format? If not, what are we reading from > that format, and what are we writing to that format? The idea is that you must have a way to decrypt the file to produce the original contents (without altering a single byte). Let's say your original file is F. The way you encrypt it is: 1) Calculate X=SHA1(F). 2) Calculate Y=SHA1(X+RB1) and Z=SHA1(Y+RB2) by calling SC_3des_key_gen(). 3) SC_3des_key_gen() will produce IV, K1, K2, and K3 base on Y and Z. 4) Encrypt F using 3DES with IV, K1, K2, and K3. Let's call this @F. (You can pad F with anything you want to make its size to be a multiple of 8 bytes.) 5) Write X+filesize(F)+@F as the encrypted file. To decrypt, you read X, filesize(F), and @F from the encrypt file. You run through exactly steps (2) and (3) above. You decrypt @F using 3DES with IV, K1, K2, and K3 and you take the first filesize(F) bytes of the output. You should get exactly F back. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Mar 19 08:25:37 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2JGPbqB015976 for ; Fri, 19 Mar 2004 08:25:37 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2JGOrf7009575 for ; Fri, 19 Mar 2004 08:24:53 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2JGOqXh009564 for cs530@merlot.usc.edu; Fri, 19 Mar 2004 08:24:52 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2JGOpf7009558 for ; Fri, 19 Mar 2004 08:24:52 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2JGOpgS009554 for ; Fri, 19 Mar 2004 08:24:51 -0800 Message-Id: <200403191624.i2JGOpgS009554@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Cryptographically secure random numbers Date: Fri, 19 Mar 2004 08:24:51 -0800 From: william@bourbon.usc.edu Someone wrote: [ My response below are mostly just my opinion since I do not ] [ know exactly the internal workings of RSA_generate_key(). ] > william@bourbon.usc.edu wrote: > > >I think it's because srand() and rand() are *very bad* random > >number generators! Never call these functions! You should > >call srand48() and lrand48() instead. Also, you should use > >the value of time() to seed the the random number generator. > > > >I'm not sure if you really need to call RAND_seed()! What > >happens if you don't call it? The man page seem to say that > >it *adds* to the randomness. > > RSA_generate_key() specifically says that you must seed the > random number generator. This can be done with either > RAND_seed() or RAND_add(). My interpretation is that they are > equivalent for num==entropy. One would use RAND_add() where not > all the entropy is available at once. Actually, the man page for RSA_generate_key() says: The pseudo-random number generator must be seeded prior to calling RSA_generate_key(). I might be reading this wrong, but I don't think that *you* have to seed it! It just has to be seeded somehow. I'm not sure where the OpenSSL library keeps its state for the random number generation. But it looks like it's already seeded! Anyway, you can call RAND_seed() just to make sure. But I don't think it's necessary (I could be wrong though). > In a real implementation, one would want significant entropy in > the seed. For example, when you build SSH on many machines, it > prompts you to randomly type characters on the keyboard for a few > seconds to generate the initial entropy. (I haven't looked, but > no doubt fed into the RAND_add() routine...) This strategy is > alluded to in the rand(3) man page. The "prompts you to randomly type characters on the keyboard" is really annoying (and I don't think it's a good way to create randomness). It completely goes against automation (which is why we use computers). I think it was done when this type of schemes were introduced a while back. For some reason, some people think typing random characters on the keyboard or moving the mouse in a random motion is *truly random* I don't know how many systems are still doing this. These days, for Red Hat Linux, when you install the OS, it generates key for the SSH daemon automatically and does not prompt you to type anything. My guess is that they have improved things to a point where things can be automated. > There are several alternative implementations, including: > > 1. Use the SSH method and have the grader type randomly as above. > This is a pretty good source of entropy, but will likely irritate > the grader if he has to do it for every student! I think this is not a good approach anyway. As I've mentioned in class, one of the biometrics is how one types! So, it's not so random after all! > 2. Pre-generate some entropy into a file, package it into the hw3 > tarball, and RAND_load_file() it at runtime. This is easy, and > allows multiple runs to generate identical results -- handy for > debugging. Plus the grader doesn't have to do anything special. > 3. Use srand48() / lrand48() as you suggest. Like (2), this is > easy and painless for the grader, and simplest for the student, > but probably not very cryptographically secure. > > The choice depends how cryptographically secure you want this > random number to be (which directly affects the security of the > RSA key). Do you have a preference? I still think you don't have to call RAND_seed() at all (it seems to work for me)! Therefore, calling any RAND_seed() will just add to whatever that's out there (if done right). So, using (3) above would be fine. *If* what we are doing is to run in a tight loop and creating smartcard after smartcard, then it would be more important to worry about exactly how much more cryptographically secure the way we are generating random numbers because the RSA keys may be related to each other. Since we only create a set of keys each time we run the program, it's less of an issue (unless we run the program in a tight loop). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 18 22:35:46 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2J6ZkqB004708 for ; Thu, 18 Mar 2004 22:35:46 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2J6Z2f7018271 for ; Thu, 18 Mar 2004 22:35:02 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2J6Z2ff018268 for cs530@merlot.usc.edu; Thu, 18 Mar 2004 22:35:02 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2J6Z1f7018259 for ; Thu, 18 Mar 2004 22:35:01 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2J6Z1Px018251 for ; Thu, 18 Mar 2004 22:35:01 -0800 Message-Id: <200403190635.i2J6Z1Px018251@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: signature Date: Thu, 18 Mar 2004 22:35:01 -0800 From: william@bourbon.usc.edu Someone wrote: > i have written code for signature and verify. i took a file and > computed sha1 (this was verified correct with the actual openssl > command) and then signed it inthe SC_sign function . everytime i > sign the same file it produces a differen signature .. sometimes > containing a lot of zeros also . Clearly, something is wrong. Remember that what RSA_private_encrypt() does is that it raises the decryption key to the power of the message (and mod the public modulus). If the message is the same, the SHA1 will be the same, and therefore encryption with the private key will give you the same result. > also my verify function that uses rsa_public_decrypt produces a > lot of zeros in the result . It should produce SHA1 of the orignal file. So, clearly something is wrong. > i also verified the rsa structures i created from the functions > that you had referred to earlier when you said read "MAN BN". the > structures were created correctly. > > also i used the interface rsa_public_modulus_query and > rsa_public_modulus_size_query and also verified the results were > correct. but still rsa_decrypt doesnt work . > > could you give me some input on these problems please. I would put all the code in the same program, just to make sure you didn't have any problem with going through the shared library. Then you just have to figure out what you are doing wrong! I guess it's time to take this to the newsgroup! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 18 18:06:42 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2J26gqB032257 for ; Thu, 18 Mar 2004 18:06:42 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2J25xf7003500 for ; Thu, 18 Mar 2004 18:05:59 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2J25x14003490 for cs530@merlot.usc.edu; Thu, 18 Mar 2004 18:05:59 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2J25wf7003484 for ; Thu, 18 Mar 2004 18:05:58 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2J25vW7003474 for ; Thu, 18 Mar 2004 18:05:58 -0800 Message-Id: <200403190205.i2J25vW7003474@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: sign Date: Thu, 18 Mar 2004 18:05:57 -0800 From: william@bourbon.usc.edu Someone wrote: > I have verified the signature in the sign function itself using the RSA > structure that I created (using the secret.c file). > Now I call the public_decrypt() function in the SC_sign() function itself. I meant what did you do to implement "hw3 verify"? You should not be calling SC_sign() when you "verify". The idea is to call SC_public_size_uery() and then SC_public_query() to get the public exponent and public modulus and then you can call RSA_public_decrypt() *in hw3* to decrypt the signature. I've just added the following paragraph in the verify section of the spec: [BC: Added 3/18/2004] Hint: Please use RSA_PKCS1_PADDING when calling RSA_public_decrypt(). -- Bill Cheng // william@bourbon.usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Thursday, March 18, 2004 5:13 pm Subject: Re: sign > Someone wrote: > > > I have used the public_decrypt() function to verify the signature. > > Having done that I wonder what is the use of having the functions > > public_query() and public_size_query() functions in the Smartcard > > Interface. > > Hmm... How did you do "verify" without calling public_query() > and public_size_query()? Did you do it right? WHen you do: > > hw3 sign /bin/ls | hw3 verify > > does this produce the same value as: > > openssl sha1 /bin/ls > > > Now it is mentioned in the spec > > > > "If the -so commandline option is not specified, your program > > should open the Smartcard shared library from > > $HOME/lib/libsmartcard.so; otherwise, your program should open > > sopath as the Smartcard shared library. " > > > > Could you throw some light on the above statement because I wonder > > whether we ahve to place the libsmartcard.so file(created by the > > Makefile) in the tmp directory or in the same current working > > directory. > > I'm not sure what you are asking. libsmartcard.so can be > anywhere. If it's in the current directory, then you can do > "-so ./libsmartcard.so". If "-so" is not specified, then > it should be equivalent to "-so ~/lib/libsmartcard.so". > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 18 17:57:50 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2J1voqB032007 for ; Thu, 18 Mar 2004 17:57:50 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2J1v7f7031166 for ; Thu, 18 Mar 2004 17:57:07 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2J1v7qa031158 for cs530@merlot.usc.edu; Thu, 18 Mar 2004 17:57:07 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2J1v6f7031155 for ; Thu, 18 Mar 2004 17:57:06 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2J1v6vL031148 for ; Thu, 18 Mar 2004 17:57:06 -0800 Message-Id: <200403190157.i2J1v6vL031148@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: libsmartcard.so Date: Thu, 18 Mar 2004 17:57:06 -0800 From: william@bourbon.usc.edu Someone wrote: > When you created the example, you created libsmartcard.so. The homework > specifies that it is to be called smartcard.so. Does it matter if it is > libsmartcard.so or smartcard.so? Ooops! It's a typo. All .so files should begin with "lib". I've just modified the spec to fix this typo. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 18 17:14:08 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2J1E8qB031004 for ; Thu, 18 Mar 2004 17:14:08 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2J1DPf7010563 for ; Thu, 18 Mar 2004 17:13:25 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2J1DPPU010558 for cs530@merlot.usc.edu; Thu, 18 Mar 2004 17:13:25 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2J1DPf7010555 for ; Thu, 18 Mar 2004 17:13:25 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2J1DPCw010551 for ; Thu, 18 Mar 2004 17:13:25 -0800 Message-Id: <200403190113.i2J1DPCw010551@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: sign Date: Thu, 18 Mar 2004 17:13:24 -0800 From: william@bourbon.usc.edu Someone wrote: > I have used the public_decrypt() function to verify the signature. > Having done that I wonder what is the use of having the functions > public_query() and public_size_query() functions in the Smartcard > Interface. Hmm... How did you do "verify" without calling public_query() and public_size_query()? Did you do it right? WHen you do: hw3 sign /bin/ls | hw3 verify does this produce the same value as: openssl sha1 /bin/ls > Now it is mentioned in the spec > > "If the -so commandline option is not specified, your program > should open the Smartcard shared library from > $HOME/lib/libsmartcard.so; otherwise, your program should open > sopath as the Smartcard shared library. " > > Could you throw some light on the above statement because I wonder > whether we ahve to place the libsmartcard.so file(created by the > Makefile) in the tmp directory or in the same current working > directory. I'm not sure what you are asking. libsmartcard.so can be anywhere. If it's in the current directory, then you can do "-so ./libsmartcard.so". If "-so" is not specified, then it should be equivalent to "-so ~/lib/libsmartcard.so". -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 18 07:43:30 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2IFhUqB020503 for ; Thu, 18 Mar 2004 07:43:30 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2IFgmf7018797 for ; Thu, 18 Mar 2004 07:42:48 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2IFgmlT018787 for cs530@merlot.usc.edu; Thu, 18 Mar 2004 07:42:48 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2IFglf7018782 for ; Thu, 18 Mar 2004 07:42:48 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2IFglwW018774 for ; Thu, 18 Mar 2004 07:42:47 -0800 Message-Id: <200403181542.i2IFglwW018774@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Regarding SmartcardState. Date: Thu, 18 Mar 2004 07:42:47 -0800 From: william@bourbon.usc.edu Someone wrote: > I do not understand the meaning of SmartcardState > that is used in the HW. > Please can you let me know. > 1- Its significance. > 2- Are there going to be only 2 states i.e. 1(or some value) or > 0(say NULL). You are not allowed to have *any* global variables (other than static ones in "secret.c") in the smartcard. So, if you want to keep an objeect alive between calls, you can ask the application to "hold it for you" by returning this object as the SmartcardState. If you can do all your smartcard code without this object, you can just return NULL for the SmartcardState. > --Also can you provide some pointers as to how should we > test(verify) our code for the signature generation part. It is tied to the application! The application (hw3) is really not doing more than just testing the smartcard. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 18 07:23:35 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2IFNZqB020050 for ; Thu, 18 Mar 2004 07:23:35 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2IFMrf7008199 for ; Thu, 18 Mar 2004 07:22:53 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2IFMrfU008196 for cs530@merlot.usc.edu; Thu, 18 Mar 2004 07:22:53 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2IFMqf7008188 for ; Thu, 18 Mar 2004 07:22:53 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2IFMqvb008184 for ; Thu, 18 Mar 2004 07:22:52 -0800 Message-Id: <200403181522.i2IFMqvb008184@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: RSA structure ? Date: Thu, 18 Mar 2004 07:22:52 -0800 From: william@bourbon.usc.edu Someone wrote: > There is no manual entry for "man bn" It's also there on the OpenSSL documentation site: http://www.openssl.org/docs/crypto/bn.html -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Wednesday, March 17, 2004 10:25 pm Subject: Re: RSA structure ? > Someone wrote: > > > i just read your previous reply to someone and im having similar > > problems with the RSA structure that needs to be generated from > > the secret.c file and passed to the "RSA_private_encrypt" > > function. i am not able to copy the pvt and public keys from > > secret.c into the RSA structure . using code like > > > > " RSA *rsa_ptr; > > rsa_ptr = RSA_new(); > > rsa_ptr->n = > > (BIGNUM*)malloc(HW3_rsa_public_modulus_size*sizeof(BIGNUM)); > > ............. > > RSA_free(rsa_ptr); > > " > > it is giving errors like incompatible pointer assignment and then > > on running i get seg fault.i placed the above code in SC_init > > > > can you kindly tell me how to copy the secret.c file contents > > into some rsa structure > > "man bn". > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 17 22:25:48 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2I6PmqB009885 for ; Wed, 17 Mar 2004 22:25:48 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2I6P7f7012789 for ; Wed, 17 Mar 2004 22:25:07 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2I6P6nZ012781 for cs530@merlot.usc.edu; Wed, 17 Mar 2004 22:25:07 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2I6P6f7012778 for ; Wed, 17 Mar 2004 22:25:06 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2I6P6YG012768 for ; Wed, 17 Mar 2004 22:25:06 -0800 Message-Id: <200403180625.i2I6P6YG012768@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: RSA structure ? Date: Wed, 17 Mar 2004 22:25:05 -0800 From: william@bourbon.usc.edu Someone wrote: > i just read your previous reply to someone and im having similar > problems with the RSA structure that needs to be generated from > the secret.c file and passed to the "RSA_private_encrypt" > function. i am not able to copy the pvt and public keys from > secret.c into the RSA structure . using code like > > " RSA *rsa_ptr; > rsa_ptr = RSA_new(); > rsa_ptr->n = > (BIGNUM*)malloc(HW3_rsa_public_modulus_size*sizeof(BIGNUM)); > ............. > RSA_free(rsa_ptr); > " > it is giving errors like incompatible pointer assignment and then > on running i get seg fault.i placed the above code in SC_init > > can you kindly tell me how to copy the secret.c file contents > into some rsa structure "man bn". -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 17 22:24:09 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2I6O9qB009875 for ; Wed, 17 Mar 2004 22:24:09 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2I6NSf7011873 for ; Wed, 17 Mar 2004 22:23:28 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2I6NSuj011867 for cs530@merlot.usc.edu; Wed, 17 Mar 2004 22:23:28 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2I6NRf7011862 for ; Wed, 17 Mar 2004 22:23:27 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2I6NRVV011858 for ; Wed, 17 Mar 2004 22:23:27 -0800 Message-Id: <200403180623.i2I6NRVV011858@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: BIGNUM Date: Wed, 17 Mar 2004 22:23:27 -0800 From: william@bourbon.usc.edu Someone wrote: > We know that RSA structure has soem BIGNUM fields. > > But what actually is BIGNUM. The rsa.h file says that all the > bignum data is stored in char * bignumdata within the RSA > structure. I don't know exactlyl what's BIGNUM, but I can imagine it has something to do with doing arithematics with really large numbers. You can do "man bn" to see all the functions that can manipulate BIGNUM and how to convert from BIGNUM and to BIGNUM from an array of chars. > Also do we have to make the RSA_new() using the secret.c file in > SC_Init() and use that the SmartcardState or do we make it in > hw3.c I guess you don't *have to* implementing thing in a certain way. Given the interface of the smartcard, as specified by "scintrf.h", if you create an RSA object in hw3.c, you will need to figure out how to fill the data structure. Of course, you are *not* allowed to add new exported functions to the smartcard because its interface has been *standardized* by our spec. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 17 16:32:57 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2I0WvqB003401 for ; Wed, 17 Mar 2004 16:32:57 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2I0WGf7029395 for ; Wed, 17 Mar 2004 16:32:16 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2I0WFVw029384 for cs530@merlot.usc.edu; Wed, 17 Mar 2004 16:32:15 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2I0WFf7029381 for ; Wed, 17 Mar 2004 16:32:15 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2I0WFbc029377 for ; Wed, 17 Mar 2004 16:32:15 -0800 Message-Id: <200403180032.i2I0WFbc029377@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: sign Date: Wed, 17 Mar 2004 16:32:15 -0800 From: william@bourbon.usc.edu Someone wrote: > -There is a mismatch in the specification > > You have mentioned > "The SC_sign() routine writes the digital signature of sha1_buf > in buf_return. Caller must allocate a large enough buf_return > (determined by SC_get_signature_size()) before this routine is > called. " > > But in the spec of RSA it says that the buf_return must be > allocated RSA_size() amount of bytes to be able to use in the > RSA_private_encrypt()(which would be used in the SC_sign() > routine) function. This is not a mismatch! Now the whole class knows that in the implementation of SC_get_signature_size(), you need to call RSA_size()! :-) > -Also the SC_getsigsize() function that you have given actually > returns the size of the private key and not the size of the > signature. The sample code in "smartcard.c" is *not* the right code for HW3. (Clearly, the code in SC_init() it not the right code for HW3 either!) I think I've mentioned that in the lecture when I briefly went over the code. It's meant to *demonstrate* how to build and use a shared library! > -Also now consider > int RSA_private_encrypt(int flen, unsigned char *from, > unsigned char *to, RSA *rsa, int padding); > > What should be sent for the RSA *rsa parameter because if we use > the same RSA tht we used to create the secret then there would be > no use of having the secret in the file secret.c. You need to build the (RSA*) data structure from the data in "secret.c". So, you should call RSA_new() first to allocate the data structure. Then you should fill out *enough* of the fields there from the data in "secret.c". How do you know that you have filled out *enough* of the fields? When RSA_size() and RSA_private_encrypt() both works properly! Hint: What can you really generate from "secret.c"? -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 16 21:44:34 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2H5iYqB014599 for ; Tue, 16 Mar 2004 21:44:34 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2H5huf7004724 for ; Tue, 16 Mar 2004 21:43:56 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2H5huPS004719 for cs530@merlot.usc.edu; Tue, 16 Mar 2004 21:43:56 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2H5htf7004713 for ; Tue, 16 Mar 2004 21:43:55 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2H5ht9C004709 for ; Tue, 16 Mar 2004 21:43:55 -0800 Message-Id: <200403170543.i2H5ht9C004709@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: question on HW3 Date: Tue, 16 Mar 2004 21:43:55 -0800 From: william@bourbon.usc.edu Someone wrote: > I encountered some problem in generating RSA key pair. Here is the code > segment: > > srand(5); > int a_seed[128]; > for (int idx = 0; idx<128; idx++) { > a_seed[idx] = rand(); > } > RAND_seed(a_seed, sizeof(a_seed)); // Seed the PRNG > > [more code deleted] > > ... ... > > The problem is that no matter how I change the rand seed, the d, n, p, q > doesn't seem to be random. There are a lot of 0's in the secret.c file, as > shown at the end of this message. Could you please let me know if I did > anything wrong? I think it's because srand() and rand() are *very bad* random number generators! Never call these functions! You should call srand48() and lrand48() instead. Also, you should use the value of time() to seed the the random number generator. I'm not sure if you really need to call RAND_seed()! What happens if you don't call it? The man page seem to say that it *adds* to the randomness. > By the way, are two 160-bit random numbers in smartcard > the p and q returned by RSA_generate_key() call? You can call RAND_bytes() to generate them. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 16 16:20:37 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2H0KbqB008590 for ; Tue, 16 Mar 2004 16:20:37 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2H0Jxf7023438 for ; Tue, 16 Mar 2004 16:20:00 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2H0Jx6S023431 for cs530@merlot.usc.edu; Tue, 16 Mar 2004 16:19:59 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2H0Jwf7023428 for ; Tue, 16 Mar 2004 16:19:58 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2H0JwGH023421 for ; Tue, 16 Mar 2004 16:19:58 -0800 Message-Id: <200403170019.i2H0JwGH023421@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Hw2 Grades ? Date: Tue, 16 Mar 2004 16:19:58 -0800 From: william@bourbon.usc.edu Someone wrote: > I was just wondering as to when would we be getting our hw2 grades. The grader was suppose to have finished grading last Friday. I'll check with him. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 14 09:32:35 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2EHWZqB012841 for ; Sun, 14 Mar 2004 09:32:35 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2EHW3f7015746 for ; Sun, 14 Mar 2004 09:32:03 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2EHW3vZ015744 for cs530@merlot.usc.edu; Sun, 14 Mar 2004 09:32:03 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2EHW3f7015736 for ; Sun, 14 Mar 2004 09:32:03 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2EHW3RT015733 for cs530; Sun, 14 Mar 2004 09:32:03 -0800 Date: Sun, 14 Mar 2004 09:32:03 -0800 From: william@bourbon.usc.edu Message-Id: <200403141732.i2EHW3RT015733@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: scintrf.h updated Hi, The following typedef's were missing from "scintrf.h": typedef int (SC_Sign_Func)(SmartcardState, unsigned char sha1_buf[SHA_DIGEST_LENGTH], unsigned char *); typedef int (SC_3DesKeyGen_Func)(SmartcardState, unsigned char sha1_buf[SHA_DIGEST_LENGTH], unsigned char iv[8], unsigned char key1[8], unsigned char key2[8], unsigned char key3[8]); typedef int (SC_PublicSizeQuery_Func)(SmartcardState, int *p_public_exponent_size_return, int *p_public_modulus_size_return); typedef int (SC_PublicQuery_Func)(SmartcardState, unsigned char *public_exponent_return, unsigned char *public_modulus_return); I have just updated "scintrf.h" in the HW3 spec with the above added lines. Please remember to flush the cache on your web browser when you down this file. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 10 22:24:03 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2B6O3qB007515 for ; Wed, 10 Mar 2004 22:24:03 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2B6Nef7004393 for ; Wed, 10 Mar 2004 22:23:40 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2B6NemE004391 for cs530@merlot.usc.edu; Wed, 10 Mar 2004 22:23:40 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2B6Nef7004388 for ; Wed, 10 Mar 2004 22:23:40 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2B6NeWI004386 for cs530; Wed, 10 Mar 2004 22:23:40 -0800 Date: Wed, 10 Mar 2004 22:23:40 -0800 From: william@bourbon.usc.edu Message-Id: <200403110623.i2B6NeWI004386@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: friendly reminder... Hi, Since it will be a while before we have class again, just want to remind all of you that HW3 is due on 3/26 and that the term paper proposal should be sent in by that day too. Have a nice spring break! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Mar 10 12:52:21 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2AKqLqB029083 for ; Wed, 10 Mar 2004 12:52:21 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2AKq0f7012987 for ; Wed, 10 Mar 2004 12:52:00 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2AKq0DH012985 for cs530@merlot.usc.edu; Wed, 10 Mar 2004 12:52:00 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2AKpxf7012982 for ; Wed, 10 Mar 2004 12:51:59 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2AKpxYw012978 for ; Wed, 10 Mar 2004 12:51:59 -0800 Message-Id: <200403102051.i2AKpxYw012978@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: DES mods for Unix passwords Date: Wed, 10 Mar 2004 12:51:59 -0800 From: william@bourbon.usc.edu Someone wrote: > william@bourbon.usc.edu wrote: > > >Another thing I > >don't understand is why they only take the first 7 (I > >think) characters of the passphrase and not derive a > >key from the entire passphrase! (It's not like they > >have a fixed record size database and they are storing > >the passphrase.) > > > > (Actually, the first 8 letters are used. It might have been 7 some time > ago, when Unix still used the Enigma-variant password cipher.) > > The reason for the 8 character password is straightforward. As you > mentioned in the lectures, Unix passwords encrypt a constant (zero) with > the password and store the result. The eight character limit is due to > the size of the DES key. I suppose the reason Unix didn't hash a > passphrase is that the algorithm predates the common cryptographic hash > functions. What I find strange is that changing the password mechanism can be done in a localized manner (that you don't need to worry about interoperability, but only have to worry about backward compatibility). It would be very straight forward to change to use something like MD5-based encryption in a new OS release when MD5 became acceptable. > By the way, newer versions of Unix do much better than this, permitting > (and using all the characters of) arbitrary length passphrases. I am > certain, for example, that Solaris 2.6 permits only 8 character > passwords. I understand (but have not verified) that Solaris 9 honors > longer passwords. Linux machines also appear to honor longer > passphrases. I presume that they use some variant of the HW #1 strategy. It does make sense to honor the whole passphrase (plus salt to mitigate against pre-computed dictionary attack). -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Mar 10 06:33:58 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2AEXwqB022211 for ; Wed, 10 Mar 2004 06:33:58 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2AEXaf7023351 for ; Wed, 10 Mar 2004 06:33:36 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2AEXaCW023349 for cs530@merlot; Wed, 10 Mar 2004 06:33:36 -0800 Date: Wed, 10 Mar 2004 06:33:36 -0800 From: william@bourbon.usc.edu Message-Id: <200403101433.i2AEXaCW023349@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: canceling office hour today... Hi, I'm assuming that no one will be coming to office hour after the midterm today. So, I'm canceling office hour today. If you'd like to see me, please send me e-mail and make an appointment. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 9 22:22:12 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2A6MCqB012964 for ; Tue, 9 Mar 2004 22:22:12 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2A6Lqf7005702 for ; Tue, 9 Mar 2004 22:21:52 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2A6LqnR005698 for cs530@merlot.usc.edu; Tue, 9 Mar 2004 22:21:52 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2A6Lqf7005694 for ; Tue, 9 Mar 2004 22:21:52 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2A6LqcX005690 for ; Tue, 9 Mar 2004 22:21:52 -0800 Message-Id: <200403100621.i2A6LqcX005690@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: DES mods for Unix passwords Date: Tue, 09 Mar 2004 22:21:52 -0800 From: william@bourbon.usc.edu Someone wrote: > I'm finally catching up to Monday's lecture (just in time for the > exam...). > > You question why the Unix designers chose to perturb the DES algorithm > for use in password authentication. It was not that they did not trust > DES, but rather that they foresaw fast hardware DES implementations > might make feasible password cracking through exhaustive search. > > That is, if the DES algorithm were used unchanged, one could mount an > automated dictionary attack using off-the-shelf DES hardware to rapidly > examine keys. They presumed attackers would not have the wherewithal to > create 4096 variations of DES (it being hard to create the hardware). > Software implementations were presumed to be slow. Therefore it would > be difficult to perform an exhaustive search. > > (Of course, it turns out that software implementations are fast enough > to permit dictionary attacks!) Exactly! Just to show that sometimes being too clever turns out to be not so clever (because there's always someone smarter). > There also remains the question of whether the perturbation of DES > causes some cryptographic weakness. (Recall that IBM found that small > changes in the S-boxes greatly weakened DES.) I have not read of any > such exploits, however. This is why I mentioned that modifying DES may not be such a great idea. But then again, this is probably not the weakest link in UNIX crypt! Another thing I don't understand is why they only take the first 7 (I think) characters of the passphrase and not derive a key from the entire passphrase! (It's not like they have a fixed record size database and they are storing the passphrase.) -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 9 16:52:53 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2A0qrqB006989 for ; Tue, 9 Mar 2004 16:52:53 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2A0qYf7013737 for ; Tue, 9 Mar 2004 16:52:34 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2A0qYPi013732 for cs530@merlot.usc.edu; Tue, 9 Mar 2004 16:52:34 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2A0qYf7013729 for ; Tue, 9 Mar 2004 16:52:34 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2A0qYLA013725 for ; Tue, 9 Mar 2004 16:52:34 -0800 Message-Id: <200403100052.i2A0qYLA013725@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: HW2 - RSA Date: Tue, 09 Mar 2004 16:52:33 -0800 From: william@bourbon.usc.edu Someone wrote: > Regarding your response below, shouldn't (d, n) be the > private key and (e, n) be the public key, not the > other way around? e is generally a small number to > make encryption fast, and d is a large number, so in > order to be secure, the larger of the two, d, should > be private. Is that correct? Please see my message with timestamp "Tue 09 Mar 04:06". -- Bill Cheng // bill.cheng@usc.edu --- william@bourbon.usc.edu wrote: > Someone wrote: > > > In problem 3.1, from what is mentioned in > Schneier book, the private key is > > only the private exponent (77). It does not > include the public modulus (119) > > as in the solution to HW2. Which one should I > follow? > > In the lecture, the terminology I mentioned is that > "e" (5 > in this case) is the encryption key and "d" (77 in > this case) > is the decryption key and "n" (119 in this case) is > the public > modulus. > > I think the *correct terminology* is that the > private key is > (e, n) and the public key is (d, n). So, if you > open up the > private key file generated by openssl, you will get > both "d" > and "n". > > (But, people often call "e" the private key and "d" > the public > key, which I think is *incorrect*.) > -- > Bill Cheng // bill.cheng@usc.edu > Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 9 14:38:14 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i29McEqB004450 for ; Tue, 9 Mar 2004 14:38:14 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i29Mbsf7026043 for ; Tue, 9 Mar 2004 14:37:54 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i29Mbs0Q026041 for cs530@merlot.usc.edu; Tue, 9 Mar 2004 14:37:54 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i29Mbsf7026038 for ; Tue, 9 Mar 2004 14:37:54 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i29Mbs6x026028 for ; Tue, 9 Mar 2004 14:37:54 -0800 Message-Id: <200403092237.i29Mbs6x026028@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: About KDC (K(c)) Date: Tue, 09 Mar 2004 14:37:54 -0800 From: william@bourbon.usc.edu Someone wrote: > In the KDC example given > http://merlot.usc.edu/cs530-s04/lectures/lecture9/slides.pdf > > How does the client get its K(c)?(private key of client) > How does KDC send the private key K(c) to C This is what's referred to as the "enrollment" problem. Usually, you can do a in-person enrollment. Please see slide 3 of lecture 14. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 9 04:06:49 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i29C6nqB025260 for ; Tue, 9 Mar 2004 04:06:49 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i29C6Vf7006831 for ; Tue, 9 Mar 2004 04:06:31 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i29C6VhJ006824 for cs530@merlot.usc.edu; Tue, 9 Mar 2004 04:06:31 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i29C6Vf7006820 for ; Tue, 9 Mar 2004 04:06:31 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i29C6Ur8006810 for ; Tue, 9 Mar 2004 04:06:30 -0800 Message-Id: <200403091206.i29C6Ur8006810@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Clarification required.(Re: HW2 - RSA) Date: Tue, 09 Mar 2004 04:06:30 -0800 From: william@bourbon.usc.edu Someone wrote: > You have mentioned in the mail: > "I think the *correct terminology* is that the private key is > (e, n) and the public key is (d, n). " > > But the solution that you have posted says: > The resulting public key is {5,119} and private key is {77, 119} > i.e. {e,n} {d,n} respectively. > > I believe the one in the solution is correct. > I request you to please clarify. Oops! It was a typo (I wrote the previous reply just before going to bed)! Sorry. You are correct. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Monday, March 8, 2004 10:49 pm Subject: Re: HW2 - RSA > Someone wrote: > > > In problem 3.1, from what is mentioned in Schneier book, the private > key is > > only the private exponent (77). It does not include the public modulus > (119) > as in the solution to HW2. Which one should I follow? > > In the lecture, the terminology I mentioned is that "e" (5 > in this case) is the encryption key and "d" (77 in this case) > is the decryption key and "n" (119 in this case) is the public > modulus. > > I think the *correct terminology* is that the private key is > (e, n) and the public key is (d, n). So, if you open up the > private key file generated by openssl, you will get both "d" > and "n". > > (But, people often call "e" the private key and "d" the public > key, which I think is *incorrect*.) > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 9 04:04:30 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i29C4TqB025174 for ; Tue, 9 Mar 2004 04:04:30 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i29C4Af7004591 for ; Tue, 9 Mar 2004 04:04:10 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i29C4A2H004588 for cs530@merlot.usc.edu; Tue, 9 Mar 2004 04:04:10 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i29C49f7004585 for ; Tue, 9 Mar 2004 04:04:09 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i29C49fg004581 for ; Tue, 9 Mar 2004 04:04:09 -0800 Message-Id: <200403091204.i29C49fg004581@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: No of Rounds in Rijndael Date: Tue, 09 Mar 2004 04:04:09 -0800 From: william@bourbon.usc.edu Someone wrote: > According to Kaufmann book, in Rijndael the no of rounds are 10, 12 and 14 for > AES-128, AES-192, AES-256 with last round of each of them ommitting 1 of the > sequence of operations. > So if a question is asked, > "What are the no of rounds in Rijndael?" then what should we write? > And if "What are the no of variable rounds in Rijndael?" then? I'm not sure what you are asking... You should provide the *correct* answer! I do not plan to trick anyone to provide the wrong answer. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Mar 9 04:02:08 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i29C28qB025107 for ; Tue, 9 Mar 2004 04:02:08 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i29C1of7001997 for ; Tue, 9 Mar 2004 04:01:50 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i29C1oRi001995 for cs530@merlot.usc.edu; Tue, 9 Mar 2004 04:01:50 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i29C1of7001992 for ; Tue, 9 Mar 2004 04:01:50 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i29C1oGW001988 for ; Tue, 9 Mar 2004 04:01:50 -0800 Message-Id: <200403091201.i29C1oGW001988@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: exam book?! Date: Tue, 09 Mar 2004 04:01:50 -0800 From: william@bourbon.usc.edu Someone wrote: > Do we also need to bring the calculator? Sorry, but calculators are *not* allowed (these days, you can store just about anything in a calculator). Please see the News section of the class web page: http://merlot.usc.edu/cs530-s04/#news There may be questions that ask you to do multiplications by hand. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: To: Sent: Monday, March 08, 2004 10:51 PM Subject: exam book?! > Hi, > > Someone ask me if you will need to bring an exam book on Wed. > The answer is no. There will be plenty of room on the exam > for you to write on. Just bring pens or pencils+eraser and > your photo ID. > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Mar 8 22:52:04 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i296q4qB019140 for ; Mon, 8 Mar 2004 22:52:04 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i296pkf7028612 for ; Mon, 8 Mar 2004 22:51:46 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i296pko3028610 for cs530@merlot.usc.edu; Mon, 8 Mar 2004 22:51:46 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i296pkf7028607 for ; Mon, 8 Mar 2004 22:51:46 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i296pkHq028605 for cs530; Mon, 8 Mar 2004 22:51:46 -0800 Date: Mon, 8 Mar 2004 22:51:46 -0800 From: william@bourbon.usc.edu Message-Id: <200403090651.i296pkHq028605@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: exam book?! Hi, Someone ask me if you will need to bring an exam book on Wed. The answer is no. There will be plenty of room on the exam for you to write on. Just bring pens or pencils+eraser and your photo ID. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Mar 8 22:49:52 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i296nqqB019047 for ; Mon, 8 Mar 2004 22:49:52 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i296nYf7026477 for ; Mon, 8 Mar 2004 22:49:34 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i296nYvv026475 for cs530@merlot.usc.edu; Mon, 8 Mar 2004 22:49:34 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i296nYf7026472 for ; Mon, 8 Mar 2004 22:49:34 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i296nX86026462 for ; Mon, 8 Mar 2004 22:49:34 -0800 Message-Id: <200403090649.i296nX86026462@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: HW2 - RSA Date: Mon, 08 Mar 2004 22:49:33 -0800 From: william@bourbon.usc.edu Someone wrote: > In problem 3.1, from what is mentioned in Schneier book, the private key is > only the private exponent (77). It does not include the public modulus (119) > as in the solution to HW2. Which one should I follow? In the lecture, the terminology I mentioned is that "e" (5 in this case) is the encryption key and "d" (77 in this case) is the decryption key and "n" (119 in this case) is the public modulus. I think the *correct terminology* is that the private key is (e, n) and the public key is (d, n). So, if you open up the private key file generated by openssl, you will get both "d" and "n". (But, people often call "e" the private key and "d" the public key, which I think is *incorrect*.) -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Mar 8 22:41:02 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i296f2qB018878 for ; Mon, 8 Mar 2004 22:41:02 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i296ehf7018012 for ; Mon, 8 Mar 2004 22:40:43 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i296ehIE018010 for cs530@merlot.usc.edu; Mon, 8 Mar 2004 22:40:43 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i296ehf7018002 for ; Mon, 8 Mar 2004 22:40:43 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i296ehev017997 for ; Mon, 8 Mar 2004 22:40:43 -0800 Message-Id: <200403090640.i296ehev017997@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: CFB question. Date: Mon, 08 Mar 2004 22:40:43 -0800 From: william@bourbon.usc.edu Someone wrote: > I have a doubt it CFB mode. > In CFB mode, where a character is encrypted at a time for a 64-bit block, > why is it that if any of the byte(character) is garbled, only the next 8 bytes > are garbled and the rest of the message is not? > Is it that the IV is used to start with 1st byte(character) of every block of > message? When you say "garbled", I think you mean that it is garbled during *transmissions*. This means that you have generated a good ciphertext to start with. Then when you transmit it (or when you store it and retrieve later), a block of ciphertext got modified (because of transmission error or disk error). The following web page has a pretty good explanation about this: http://home.ecn.ab.ca/~jsavard/crypto/co040601.htm -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 7 22:15:59 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i286FxqB023532 for ; Sun, 7 Mar 2004 22:15:59 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i286Fhf7032390 for ; Sun, 7 Mar 2004 22:15:43 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i286FhM7032388 for cs530@merlot.usc.edu; Sun, 7 Mar 2004 22:15:43 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i286Fhf7032381 for ; Sun, 7 Mar 2004 22:15:43 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i286FhxA032375 for ; Sun, 7 Mar 2004 22:15:43 -0800 Message-Id: <200403080615.i286FhxA032375@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Salt in Unix passwords Date: Sun, 07 Mar 2004 22:15:43 -0800 From: william@bourbon.usc.edu Someone wrote: > I just got back into town, and am catching up on last week's lectures. > In the 3/1 lecture you talked about how the "salt" works in Unix > passwords. Unless the password function has changed, I think the salt > works a bit differently than you descirbed. > > The salt is not concatenated with the plaintext password, but is used to > perturb the DES encryption algorithm. That is, the salt is used to > change two of the S-boxes (as I recall), so that one could not use an > off-the-shelf DES chip to do a dictionary attack. > > Not that it really matters to the lecture, of course. But it's an > interesting historical note. Thank you, Professor. I'm not sure exactly how the salt works in UNIX (I haven't read the source code, for example, in perl). I only read about descriptions of it. In class, I did mention that the UNIX password uses a modified DES. Like you said, exactly how it's done doesn't really matter to the lecture. The idea of concatenating the salt with the plaintext password as compared with using it to "perturb" the DES algorithm, are basically the same idea. If concatenation is used instead, there would be no difference in the strength and weakness of this approach. (Actually, I cannot understand why they would choose to use a modified DES!) -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 7 20:08:02 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i28482qB021246 for ; Sun, 7 Mar 2004 20:08:02 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2847lf7005702 for ; Sun, 7 Mar 2004 20:07:47 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2847lgf005700 for cs530@merlot.usc.edu; Sun, 7 Mar 2004 20:07:47 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2847lf7005692 for ; Sun, 7 Mar 2004 20:07:47 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i2847lmG005687 for ; Sun, 7 Mar 2004 20:07:47 -0800 Message-Id: <200403080407.i2847lmG005687@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: some doubts Date: Sun, 07 Mar 2004 20:07:47 -0800 From: william@bourbon.usc.edu Someone wrote: > At the end of lecture 8(Feb 9), on 'Signing using hashes', > you said that you have to store the entire tree? But is it > really necessary? I think, just storing the current state > (comprising of the 3 sets) is enough, because thats what is > required to verify the message and the future public keys. Not enough, please see below. > And you also send that you have to travel all the way up > to root, to verify the signature? Hows that? You just need > the current state (rather just the middle part), to verify > the signature. But who is certifying that the current node is legit? The only node that's certifying this is this node's parent. But who is certifying the parent? Well, the parent's parent. And so on. So, you have to go all the way to the root of the tree where the root is certified using public key digital signature. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 7 13:45:20 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i27LjKqB014156 for ; Sun, 7 Mar 2004 13:45:20 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i27Lj6f7027065 for ; Sun, 7 Mar 2004 13:45:06 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i27Lj6S8027063 for cs530@merlot.usc.edu; Sun, 7 Mar 2004 13:45:06 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i27Lj6f7027060 for ; Sun, 7 Mar 2004 13:45:06 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i27Lj6TC027058 for cs530; Sun, 7 Mar 2004 13:45:06 -0800 Date: Sun, 7 Mar 2004 13:45:06 -0800 From: william@bourbon.usc.edu Message-Id: <200403072145.i27Lj6TC027058@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: midterm topics summary Hi, The class web page has been updated with a summary of topics that's covered by the midterm. Please note that this is *just* a quick summary. You are responsible for everything from the first lecture till the end of last lecture (3/3/2004). I'll go over this list at the beginning of Monday's lecture. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 7 11:59:31 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i27JxVqB012041 for ; Sun, 7 Mar 2004 11:59:31 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i27JxHf7005719 for ; Sun, 7 Mar 2004 11:59:17 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i27JxHwD005717 for cs530@merlot.usc.edu; Sun, 7 Mar 2004 11:59:17 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i27JxHf7005714 for ; Sun, 7 Mar 2004 11:59:17 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i27JxHHZ005710 for ; Sun, 7 Mar 2004 11:59:17 -0800 Message-Id: <200403071959.i27JxHHZ005710@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: HW2 Solution-DES Date: Sun, 07 Mar 2004 11:59:17 -0800 From: william@bourbon.usc.edu Someone wrote: > When and where was the solution to hw2 posted? I have not found a > link to answer set anywhere on the class web site. I've mentioned it in class: http://merlot.usc.edu/cs530-s04/homeworks/sol2.pdf -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Friday, March 5, 2004 11:01 am Subject: Re: HW2 Solution-DES > Someone wrote: > > > In the solution posted for HW2 for Q 2.4 the four weak DES > > keys are given to be as- > > 0000000 0000000, FFFFFFF FFFFFFF , 0000000 FFFFFFF, > > FFFFFFF 0000000, FFFFFFF FFFFFFF > > > > The above keys are not actually the weak keys. These are the > > values that we obtain after we permute C0 and D0. > > > > The actual weak keys are > > > > 01010101 01010101 > > FEFEFEFE FEFEFEFE > > lFlFlFlF 0E0E0E0E > > E0E0E0E0 FlFlFlFl > > > > which when permuted give the values posted in the solution. > > So the actual weak keys are not the ones posted. > > > > This can be confirmed through the NIST web site > > > > http://www.itl.nist.gov/fipspubs/fip74.htm > > > > It says- > > > > "The algorithm uses two 28-bit registers called C and D to > > hold the 56-bit active key. The key schedule of the algorithm > > circularly shifts the C and D registers independently, left > > for encryption and right for decryption. (See fig. 5.3 and > > table 5.4.) If the bits of the C register are all zeros or > > all ones (after Permuted Choice 1 is applied to the key) and > > the bits of the D register are all zeros or all ones, then > > decryption is identical to encryption. This occurs for four > > known keys: (0101010101010101), (FEFEFEFEFEFEFEFE), > > (lFlFlFlF0E0E0E0E), and (E0E0E0E0FlFlFlFl). [Note that the > > parity bits of the key are set so that each 8-bit byte has > > odd parity.]" > > Very good! Attached below is the explanation I got from the TA. > -- > Bill Cheng // bill.cheng@usc.edu > > > > -----Original Message----- > Date: Fri, 05 Mar 2004 00:12:25 -0800 > From: ho chung > To: william@bourbon.usc.edu > Subject: Re: HW2 Solution-DES > > Professor Cheng, > > The student's explanation is correct. I think our answer may confuse many > students. > In DES key schduling, after 8-byte DES key (including odd parity bits) goes > into PC1 bit selection process, the actual DES key (7 bytes) becomes our > anwser keys. The PC1 selection process removes parity bits and shuffles the > key. > > However practically speaking, the actual keys are the ones on the RHS- > column, > but our question incorrect. We may have to allow both answers to be correct > in order to simplify our grading. It's your call. Sorry for my mistake. > > DES WEAK KEYS (with parity)---> Actual keys > 0101 0101 0101 0101 ----------> 0000000 0000000 > 1F1F 1F1F 0E0E 0E0E ----------> 0000000 FFFFFFF > E0E0 E0E0 F1F1 F1F1 ----------> FFFFFFF 0000000 > FEFE FEFE FEFE FEFE ----------> FFFFFFF FFFFFFF Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 7 08:49:34 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i27GnYqB008401 for ; Sun, 7 Mar 2004 08:49:34 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i27GnKf7032286 for ; Sun, 7 Mar 2004 08:49:20 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i27GnKdN032278 for cs530@merlot.usc.edu; Sun, 7 Mar 2004 08:49:20 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i27GnKf7032275 for ; Sun, 7 Mar 2004 08:49:20 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i27GnKDO032271 for ; Sun, 7 Mar 2004 08:49:20 -0800 Message-Id: <200403071649.i27GnKDO032271@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Midterm Topic - Group Key Management. Date: Sun, 07 Mar 2004 08:49:20 -0800 From: william@bourbon.usc.edu Someone wrote: > Could you please let us know from where should we study about Group Key > Management. Just from the lecture. > The topic isnt covered in the Kaufman,Perlman, Speciner book, > and the other book isnt available. So, is there is any other source for > the material as such? The idea in slide 4 of lecture 13 comes from "A Certified Digital Signature" written by R. Merkle: @inproceedings{merkle89-tree, author = "R. C. Merkle", title = "A Certified Digital Signature", booktitle = "Proceedings of {CRYPTO}'89", publisher = "Springer-Verlag", editor = "G. Brassard", pages = "218-238", year = "1989" } Looks like citeseer.nj.nec.com is down, so you may not be able to find this paper. Another paper you might check out is: @inproceedings{mascots2k2, author = "W. C. Cheng and C.-F. Chou and L. Golubchik", title = "Performance of Online Batch-based Digital Signatures", booktitle = "10th IEEE International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunications Systems", pages = "291-302", address = "Fort Worth, Texas", year = "October 2002" } A copy of it is at: http://bourbon.usc.edu/iml/bistro/papers/mascots2k2-pub.pdf *None* of these papers are required reading! They might help you to understand the scheme in slide 4 of lecture 13. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Mar 7 08:36:06 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i27Ga6qB008175 for ; Sun, 7 Mar 2004 08:36:06 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i27GZrf7019868 for ; Sun, 7 Mar 2004 08:35:53 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i27GZrkg019866 for cs530@merlot.usc.edu; Sun, 7 Mar 2004 08:35:53 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i27GZrf7019858 for ; Sun, 7 Mar 2004 08:35:53 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i27GZrn6019853 for ; Sun, 7 Mar 2004 08:35:53 -0800 Message-Id: <200403071635.i27GZrn6019853@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: midterm syllabus Date: Sun, 07 Mar 2004 08:35:53 -0800 From: william@bourbon.usc.edu Someone wrote: > I just wanted to confirm the syllabus that you will be including for our > midterm exam. > I think everything covered in class till Monday ( march 8 ) will be > included. I think I've said that everything that was covered till the end of lecture on 3/3/2004 will be included. (Please correct me if you remember that I've said *exactly* what will be covered.) > I also wanted to ask you, in how much detail we are expected to know the > algorithms like ECC, SHA1, MD5, ELgamal etc. You have just touched upon > these and a few other topics in class. Do we cover as much as you have > done in class(in terms of details) or do we have to study in detail all > that is given in the textbook. Well, I really don't like the idea that one studies for the sake of exams! So, I would be vague on answers to questions like these. Subjects that are not explictly mentioned in the lectures, you are still responsible for them. How much detail? Well, less than subjects covered in class. (Think about this... How much details did we *really* cover about DES? Or Rijndael?) -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Mar 5 11:01:37 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i25J1bqB012009 for ; Fri, 5 Mar 2004 11:01:37 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i25J1Sf7014780 for ; Fri, 5 Mar 2004 11:01:28 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i25J1SdI014778 for cs530@merlot.usc.edu; Fri, 5 Mar 2004 11:01:28 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i25J1Sf7014775 for ; Fri, 5 Mar 2004 11:01:28 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i25J1SI2014771 for ; Fri, 5 Mar 2004 11:01:28 -0800 Message-Id: <200403051901.i25J1SI2014771@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: HW2 Solution-DES Date: Fri, 05 Mar 2004 11:01:28 -0800 From: william@bourbon.usc.edu Someone wrote: > In the solution posted for HW2 for Q 2.4 the four weak DES > keys are given to be as- > 0000000 0000000, FFFFFFF FFFFFFF , 0000000 FFFFFFF, > FFFFFFF 0000000, FFFFFFF FFFFFFF > > The above keys are not actually the weak keys. These are the > values that we obtain after we permute C0 and D0. > > The actual weak keys are > > 01010101 01010101 > FEFEFEFE FEFEFEFE > lFlFlFlF 0E0E0E0E > E0E0E0E0 FlFlFlFl > > which when permuted give the values posted in the solution. > So the actual weak keys are not the ones posted. > > This can be confirmed through the NIST web site > > http://www.itl.nist.gov/fipspubs/fip74.htm > > It says- > > "The algorithm uses two 28-bit registers called C and D to > hold the 56-bit active key. The key schedule of the algorithm > circularly shifts the C and D registers independently, left > for encryption and right for decryption. (See fig. 5.3 and > table 5.4.) If the bits of the C register are all zeros or > all ones (after Permuted Choice 1 is applied to the key) and > the bits of the D register are all zeros or all ones, then > decryption is identical to encryption. This occurs for four > known keys: (0101010101010101), (FEFEFEFEFEFEFEFE), > (lFlFlFlF0E0E0E0E), and (E0E0E0E0FlFlFlFl). [Note that the > parity bits of the key are set so that each 8-bit byte has > odd parity.]" Very good! Attached below is the explanation I got from the TA. -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Fri, 05 Mar 2004 00:12:25 -0800 From: ho chung To: william@bourbon.usc.edu Subject: Re: HW2 Solution-DES Professor Cheng, The student's explanation is correct. I think our answer may confuse many students. In DES key schduling, after 8-byte DES key (including odd parity bits) goes into PC1 bit selection process, the actual DES key (7 bytes) becomes our anwser keys. The PC1 selection process removes parity bits and shuffles the key. However practically speaking, the actual keys are the ones on the RHS-column, but our question incorrect. We may have to allow both answers to be correct in order to simplify our grading. It's your call. Sorry for my mistake. DES WEAK KEYS (with parity)---> Actual keys 0101 0101 0101 0101 ----------> 0000000 0000000 1F1F 1F1F 0E0E 0E0E ----------> 0000000 FFFFFFF E0E0 E0E0 F1F1 F1F1 ----------> FFFFFFF 0000000 FEFE FEFE FEFE FEFE ----------> FFFFFFF FFFFFFF Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Mar 4 13:10:28 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i24LASqB020280 for ; Thu, 4 Mar 2004 13:10:28 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i24LAFf7031374 for ; Thu, 4 Mar 2004 13:10:15 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i24LAFYF031372 for cs530@merlot.usc.edu; Thu, 4 Mar 2004 13:10:15 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i24LAFf7031369 for ; Thu, 4 Mar 2004 13:10:15 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i24LAFwA031365 for ; Thu, 4 Mar 2004 13:10:15 -0800 Message-Id: <200403042110.i24LAFwA031365@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Kerberos at USC Date: Thu, 04 Mar 2004 13:10:15 -0800 From: william@bourbon.usc.edu Someone wrote: > I have a question regarding Kerberos Authentication at USC. While logging in > on any of the lab computers, the log on screen says "log on to: > ISD.USC.EDU(Kerberos Realm)". Hence, it's clear that USC uses kerberos for > authentication. > One of the most important feature of Kerberos is conveninece - "single sing > on". The user needs to provide user name and passowrd only ONCE for using > many different network resources. Also, in case of a password change, > it's easy for the system to update only at one place - KDC. > > I was just wondering why do we need to provide the SAME username and > password while doing ftp or ssh to aludra or nunki, or accessing the > mail server; when we already provided during loggin on to the workstation. That's because the ftpd and the sshd do not talk Kerberos! I don't know if there is a deamon on nunki that interoperates with Kerberos. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Mar 1 12:40:22 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i21KeMqB003592 for ; Mon, 1 Mar 2004 12:40:22 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i21KeNf7020424 for ; Mon, 1 Mar 2004 12:40:23 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i21KeNKN020422 for cs530@merlot.usc.edu; Mon, 1 Mar 2004 12:40:23 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i21KeNf7020413 for ; Mon, 1 Mar 2004 12:40:23 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i21KeN3B020411 for cs530; Mon, 1 Mar 2004 12:40:23 -0800 Date: Mon, 1 Mar 2004 12:40:23 -0800 From: william@bourbon.usc.edu Message-Id: <200403012040.i21KeN3B020411@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: midterm exam location... Hi, The midterm exam will be held during class time in MHP 101 (south end Trousdale Parkway, just north of Exposition Blvd) on 3/10/2004. This information has been updated on the class web page. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Feb 29 17:04:51 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i2114pqB014096 for ; Sun, 29 Feb 2004 17:04:51 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2114tf7022732 for ; Sun, 29 Feb 2004 17:04:55 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2114tCS022730 for cs530@merlot.usc.edu; Sun, 29 Feb 2004 17:04:55 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i2114sf7022727 for ; Sun, 29 Feb 2004 17:04:54 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i2114sh4022725 for cs530; Sun, 29 Feb 2004 17:04:54 -0800 Date: Sun, 29 Feb 2004 17:04:54 -0800 From: william@bourbon.usc.edu Message-Id: <200403010104.i2114sh4022725@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: important change to the term paper... Hi, I've updated the term paper web page: http://merlot.usc.edu/cs530-s04/termpaper.html The proposal no longer has a deadline! No grade will be given for the proposal. E-mail submissions to *both* the TA and me only. You may work on the term paper as soon as your proposal is approved. The firm deadline for the term paper is 11:45pm on Wednesday 4/21/2004. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Feb 27 07:52:26 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i1RFqPqB004950 for ; Fri, 27 Feb 2004 07:52:26 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1RFqNaC026831 for ; Fri, 27 Feb 2004 07:52:23 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i1RFqNcO026829 for cs530@merlot.usc.edu; Fri, 27 Feb 2004 07:52:23 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1RFqNaC026826 for ; Fri, 27 Feb 2004 07:52:23 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i1RFqNQc026822 for ; Fri, 27 Feb 2004 07:52:23 -0800 Message-Id: <200402271552.i1RFqNQc026822@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: regarding the textbook Date: Fri, 27 Feb 2004 07:52:23 -0800 From: william@bourbon.usc.edu Someone wrote: > Thanks for your reply. And i did find the contents online for both the > editions and they differ a lot. I mean going just by the no. of chapters in > each, the first edition has i suppose 17 chapters and the second one has 27. > So if you could please let me know the course contents for our subject, > specifically by the chapter nos. (i mean.. not too specific with the topics in > the chapters, just the nos. )than i would be highly grateful to you. This information is in the Syllabus section of the course description. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Thursday, February 26, 2004 6:21 pm Subject: Re: regarding the textbook > Someone wrote: > > > I got a quick question. I havent yet bought the text book, > > Network Security: Private communication in public world, by > > C Kaufman, and so i was checking online at half.com to get > > the book. I found that the previous edition of the book is > > available which was released in 1995. So i would like to know > > how much will the books differ in the subject matter if i buy > > the 1st edition or the 2nd one. If you have the knowledge > > regarding it then please let me know. > > Sorry, but I don't know how different they are. > > If you go to amazon.com, you can also find cheapter books. > But read the reviews of the booksellers first! > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Feb 26 18:21:25 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i1R2LOqB022230 for ; Thu, 26 Feb 2004 18:21:25 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1R2LZaC019486 for ; Thu, 26 Feb 2004 18:21:35 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i1R2LZNR019481 for cs530@merlot.usc.edu; Thu, 26 Feb 2004 18:21:35 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1R2LZaC019478 for ; Thu, 26 Feb 2004 18:21:35 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i1R2LZvj019471 for ; Thu, 26 Feb 2004 18:21:35 -0800 Message-Id: <200402270221.i1R2LZvj019471@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: regarding the textbook Date: Thu, 26 Feb 2004 18:21:35 -0800 From: william@bourbon.usc.edu Someone wrote: > I got a quick question. I havent yet bought the text book, > Network Security: Private communication in public world, by > C Kaufman, and so i was checking online at half.com to get > the book. I found that the previous edition of the book is > available which was released in 1995. So i would like to know > how much will the books differ in the subject matter if i buy > the 1st edition or the 2nd one. If you have the knowledge > regarding it then please let me know. Sorry, but I don't know how different they are. If you go to amazon.com, you can also find cheapter books. But read the reviews of the booksellers first! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Feb 25 09:45:31 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i1PHjVqB017196 for ; Wed, 25 Feb 2004 09:45:31 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1PHjjaC020502 for ; Wed, 25 Feb 2004 09:45:45 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i1PHjjJL020500 for cs530@merlot.usc.edu; Wed, 25 Feb 2004 09:45:45 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1PHjjaC020497 for ; Wed, 25 Feb 2004 09:45:45 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i1PHjjr9020493 for ; Wed, 25 Feb 2004 09:45:45 -0800 Message-Id: <200402251745.i1PHjjr9020493@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: HW3 "secret" command Date: Wed, 25 Feb 2004 09:45:45 -0800 From: william@bourbon.usc.edu Someone wrote: > Wouldn't it be simpler to have 'secret' output a binary data file, to be > used by the so library? Then you could omit the intermediate compilation > step (which is a hassle both for implementers and graders). The "smartcard" > would consider it an error for the secret data file to be absent. > > I submit that the coding effort to write and read a binary-formatted secret > file would be significantly less effort than writing an ASCII C input file. > If, for grading purposes, you need to verify the contents of this secret > file, one could use the (conveniently already complete!) hexdump. > > If you were additionally to specify the content and order of the secret > file, it would even permit you to substitute a different, pre-constructed > secret and verify the library with it. Thank you, Professor Cheng. For a smartcard, the secret should be *embedded* in the card. Making the secret an external file defeats the purpose. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: To: Sent: Wednesday, February 25, 2004 7:20 AM Subject: Re: HW3 "secret" command > *This message was transferred with a trial version of CommuniGate(tm) Pro* > Someone wrote: > > > I'm not sure what you're trying to get at with the "secret" command to hw3. > > It would seem that this secret output should not be contained in a C file, > > but rather in some sort of data file. That data file would then be used as > > the (normally invisible, internal) secret component of the smartcard. > > > > The secret command appears designed as a way to bootstrap the smartcard. > > That is, the smartcard is not initialized until the secret command has been > > issued. As specified, though, the secret output would have to be compiled > > into the smartcard (which, alas, must already have been compiled to create > > sopath, an argument to secret!). > > > > Please tell me what I am missing here. > > Oops! It's a typo to have [-so sopath] in "hw3 secret". > > The intent is to run "hw3 secret secret.c" first, then > compile and create "libsmartcard.so", then run the > other "hw3" commands. > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Feb 25 07:25:14 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i1PFPEqB014607 for ; Wed, 25 Feb 2004 07:25:14 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1PFPSaC027223 for ; Wed, 25 Feb 2004 07:25:28 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i1PFPSwm027221 for cs530@merlot.usc.edu; Wed, 25 Feb 2004 07:25:28 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1PFPSaC027218 for ; Wed, 25 Feb 2004 07:25:28 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i1PFPSgK027214 for ; Wed, 25 Feb 2004 07:25:28 -0800 Message-Id: <200402251525.i1PFPSgK027214@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: HW3 encrypted file format Date: Wed, 25 Feb 2004 07:25:28 -0800 From: william@bourbon.usc.edu Someone wrote: > In the encrypted file header, is the 4-byte size of the encrypted > file to be written in native order, or network byte order? (This > matters only if interoperability among programs is required.) It should be in network-byte-order. I've just updated the spec. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Feb 25 07:20:31 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i1PFKVqB014476 for ; Wed, 25 Feb 2004 07:20:31 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1PFKkaC022686 for ; Wed, 25 Feb 2004 07:20:46 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i1PFKjrp022684 for cs530@merlot.usc.edu; Wed, 25 Feb 2004 07:20:45 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1PFKjaC022681 for ; Wed, 25 Feb 2004 07:20:45 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i1PFKjuB022677 for ; Wed, 25 Feb 2004 07:20:45 -0800 Message-Id: <200402251520.i1PFKjuB022677@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: HW3 "secret" command Date: Wed, 25 Feb 2004 07:20:45 -0800 From: william@bourbon.usc.edu Someone wrote: > I'm not sure what you're trying to get at with the "secret" command to hw3. > It would seem that this secret output should not be contained in a C file, > but rather in some sort of data file. That data file would then be used as > the (normally invisible, internal) secret component of the smartcard. > > The secret command appears designed as a way to bootstrap the smartcard. > That is, the smartcard is not initialized until the secret command has been > issued. As specified, though, the secret output would have to be compiled > into the smartcard (which, alas, must already have been compiled to create > sopath, an argument to secret!). > > Please tell me what I am missing here. Oops! It's a typo to have [-so sopath] in "hw3 secret". The intent is to run "hw3 secret secret.c" first, then compile and create "libsmartcard.so", then run the other "hw3" commands. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Feb 24 09:38:07 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i1OHc7qB022704 for ; Tue, 24 Feb 2004 09:38:07 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1OHcOaC013560 for ; Tue, 24 Feb 2004 09:38:24 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i1OHcNPG013555 for cs530@merlot.usc.edu; Tue, 24 Feb 2004 09:38:23 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1OHcNaC013552 for ; Tue, 24 Feb 2004 09:38:23 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i1OHcNOK013548 for ; Tue, 24 Feb 2004 09:38:23 -0800 Message-Id: <200402241738.i1OHcNOK013548@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: HW3 and term paper proposal... Date: Tue, 24 Feb 2004 09:38:23 -0800 From: william@bourbon.usc.edu Someone wrote: > I have found it somewhat poor practice to combine two targets into a > single makefile, especially when the targets are fairly divergent (i.e., > a shared library and an executable). It's certainly feasible, but tends > to make the makefile overly complex, and certainly less amenable to > automatic generation (which is a whole other topic...). > > Will you consider alternative implementations that preserve the same > concept? For example, I generally further require that any particular > *directory* contain either a library or an executable, but not both. So > in this case, two subdirectories would be required. Your syntax can be > preserved with a simple makefile or make script in the enclosing > directory. That would be fine if you have separate directories for the library and the executable. Please document this at the top of your README file. No points will be take -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Feb 23 10:16:03 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i1NIG3qB028408 for ; Mon, 23 Feb 2004 10:16:03 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1NIGMaC010679 for ; Mon, 23 Feb 2004 10:16:22 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i1NIGMRo010677 for cs530@merlot.usc.edu; Mon, 23 Feb 2004 10:16:22 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1NIGMaC010674 for ; Mon, 23 Feb 2004 10:16:22 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i1NIGM4I010670 for ; Mon, 23 Feb 2004 10:16:22 -0800 Message-Id: <200402231816.i1NIGM4I010670@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: hw2 question 4 Date: Mon, 23 Feb 2004 10:16:22 -0800 From: william@bourbon.usc.edu Someone wrote: > Are we going to skip homework2 question 4? I didn't hear any > due date for this question. I've mentioned it in a previoius e-mail I sent... When I will be covering authentication in class, I'll set a due date for it. > If we do skip, could you please post > the answer to it. I think it will help us in midterm preparation. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Feb 23 00:38:35 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i1N8cZqB017491 for ; Mon, 23 Feb 2004 00:38:35 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1N8cqaC023730 for ; Mon, 23 Feb 2004 00:38:53 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i1N8cmDK023707 for cs530@merlot.usc.edu; Mon, 23 Feb 2004 00:38:48 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1N8ckaC023698 for ; Mon, 23 Feb 2004 00:38:46 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i1N8ckb9023696 for cs530; Mon, 23 Feb 2004 00:38:46 -0800 Date: Mon, 23 Feb 2004 00:38:46 -0800 From: william@bourbon.usc.edu Message-Id: <200402230838.i1N8ckb9023696@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: HW3 and term paper proposal... Hi, HW3 spec is on the web. I think the size of this HW is about the same as HW1. I've just set the due date for both HW3 and the term paper proposal (1 page plus references) to be on 3/26/2004. I'll talk about them during class today (Monday) after I talked about smartcards. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Feb 20 23:50:07 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i1L7o7qB017118 for ; Fri, 20 Feb 2004 23:50:07 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1L7oXaC005774 for ; Fri, 20 Feb 2004 23:50:33 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i1L7oWsP005772 for cs530@merlot.usc.edu; Fri, 20 Feb 2004 23:50:32 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1L7oWaC005769 for ; Fri, 20 Feb 2004 23:50:32 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i1L7oW4L005759 for ; Fri, 20 Feb 2004 23:50:32 -0800 Message-Id: <200402210750.i1L7oW4L005759@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: man in the middle attach with KDC Date: Fri, 20 Feb 2004 23:50:32 -0800 From: william@bourbon.usc.edu Someone wrote: > Refering to our last lecture..description of TGS and AS. > You have mentioned that day key is good for one day or so.. and it gets > changed every day.... > > Well my question is HOW? > Bcz.. Kc remains the same every day... K-TGS ( private Key of TGS remains the > same)..Then how come {Kc,TGS}TGS change from one day to another... > > My point simply is when all the inputs to AS are same.. How can it generate > different key every day... > Am i missing something... I think the notation is a bit confusing. I'll use square brackets to denote things that should be kept together (in the subscript) to make things clearer. I'll also use lowercase letters to denote a party in the communication. So, let's use K_c for the long term key for the client, K_[tgs] for the long term key for the TGS, K_[c,tgs] will be the "day key". This day key is like a session key that gets generated every time the client talks to the AS at the beginning of the day. (And the client only talks to AS once every day!) As before, the day key is encrypted twice. Once with K_c and once with K_[tgs]. So, the credential is denoted by {K_[c,tgs]}K_c and the ticket-granting-ticket is denoted by {K_[c,tgs]}K_[tgs]. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Feb 18 15:45:00 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i1INj0qB016774 for ; Wed, 18 Feb 2004 15:45:00 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1INjVaC004179 for ; Wed, 18 Feb 2004 15:45:31 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i1INjVMl004177 for cs530@merlot.usc.edu; Wed, 18 Feb 2004 15:45:31 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1INjVaC004174 for ; Wed, 18 Feb 2004 15:45:31 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i1INjV9f004170 for ; Wed, 18 Feb 2004 15:45:31 -0800 Message-Id: <200402182345.i1INjV9f004170@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: HW1 grade... Date: Wed, 18 Feb 2004 15:45:31 -0800 From: william@bourbon.usc.edu Someone wrote: > >Decrypting to get exactly the original file is a requirement. > > Not stated in the spec. Granted it's reasonable, and I did > it anyway, but you didn't *say* that. ;-). (Can we get a > change order?) Many things are not stated explicitly! But the standing rule is that if someone does a better job than you did, you may get less points! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Feb 18 10:13:39 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i1IIDdqB010456 for ; Wed, 18 Feb 2004 10:13:39 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1IIE8aC006172 for ; Wed, 18 Feb 2004 10:14:08 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i1IIE8Er006170 for cs530@merlot.usc.edu; Wed, 18 Feb 2004 10:14:08 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1IIE8aC006167 for ; Wed, 18 Feb 2004 10:14:08 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i1IIE7C1006163 for ; Wed, 18 Feb 2004 10:14:08 -0800 Message-Id: <200402181814.i1IIE7C1006163@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: HW1 grade... Date: Wed, 18 Feb 2004 10:14:07 -0800 From: william@bourbon.usc.edu Someone wrote: > > > So what I did was just padded blanks at the end of the file while > > > encrypting & preserved them while decrypting(because, what if the > > > original file actually contained blanks at the end).Decrypted > > > text files will treat these extra characters as blanks. The > > > decrypted image files (atleast bmp,tiff,jpg) are structured such > > > that they will not consider this extra characters. So I think > > > this scheme is better than the padding of numbers. It will have > > > no effect other than to increase the file size by 15 bytes in > > > worst case. > > > > I'm not sure exactly what you said you did. If the decrypted > > text file is not identical to the original text file, you > > are doing it wrong! It must be identical. Also, you should > > not distinguish text files vs. non-text files. > > Without some type of additional encoding, the decrypted file *cannot* be > identical to the original, unless the original happens to be an even > multiple of 8-bytes. That encoding must be some "out-of-band" data -- for > example, either a header specifying the data length, or trailing data, or > some other "enveloping" protocol. > > The problem with header data is that one must a priori know the length of > the input, which may be impossible with a stream input. The alternative > (which openSSL uses) is to add trailing data. > > DES requires input be a multiple of 8-bytes. Therefore *some* padding data > must fill any unused bytes of the last input block. Unless that padding > data provides additional information to determine the length of the original > input, it will simply be decrypted and concatenated to the decrypted > plaintext. The solution is to add "recognizable" padding. > > If one uses arbitrary data specially recognized as padding (i.e., spaces), > there is a finite chance that some plaintext will have that data at the end > of the file. During decryption, then, plaintext that (accidentally) looks > like padding will be erroneously removed. The method used by openSSL > guarantees that the padding data is always distinguishable from the > plaintext, at the cost of increasing the length of the ciphertext by up to > eight bytes. > > (That method was discussed in an earlier email, so there's no need to repeat > it here.) The only point I was trying to make is that whatever you need to do so that decryption results in the original file, do it! > > > The Grader is comparing two outputs generated byte by byte (this > > > is what I think so he is doing using diff/sdiff). So obviously > > > there would be mismatch at the last few extra bytes. So shouldn't > > > the grading criteria be changed ? Or am I totally wrong with this > > > thing? > > > > I think he runs "diff" on the hexdump of the output file and > > observe the difference. If the difference is in the last few > > bytes, he takes a look at why. > > The grader cannot necessarily determine why the last bytes are different. It won't be necessary to determine exactly why they are differnt in order to grade properly. > At best he can verify that the decrypted data matches the original > plaintext, *up through the last byte of the original file*. Any data past > the length of the original plaintext input is simply the arbitrary padding > data, the content of which was unspecified in the hw1 specification (for > example, it could be random). > > Presumably, therefore, the grader *must* assess data only through the last > byte of the source data. He *can* evaluate the remaining padding data past > that point, but it is a waste of his time as the content of that padding > data was unspecified. (I trust Sumeet understands this point.) Since there is no exactly spec as to what to do at the end, the grader must allow variations in the implementations. Decrypting to get exactly the original file is a requirement. As I have mentioned in class, another way to do this is to add 4 bytes in the encrypted file to store the length of the original file. In you takes this approach, then it does not matter what you pad the file with! But of course, doing this will get a completely different encrypted file and you can only encrypt something that you know the size of (which is okay since the spec requires a file to be given). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Feb 18 01:16:17 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i1I9GHqB000317 for ; Wed, 18 Feb 2004 01:16:17 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1I9GnaC031676 for ; Wed, 18 Feb 2004 01:16:49 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i1I9GnUv031674 for cs530@merlot.usc.edu; Wed, 18 Feb 2004 01:16:49 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1I9GnaC031671 for ; Wed, 18 Feb 2004 01:16:49 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i1I9GnVT031667 for ; Wed, 18 Feb 2004 01:16:49 -0800 Message-Id: <200402180916.i1I9GnVT031667@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: man in the middle attach with KDC Date: Wed, 18 Feb 2004 01:16:49 -0800 From: william@bourbon.usc.edu Someone wrote: > in your lecture on key management you mentioned that the attacker > can be man in the middle both between the user and KDC and right > after that between user and server .. the solution you discussed > for this problem was to append the name with Kcs so that the user > knows who hes talking to . > > but how does this eliminate the problem . man in the middle > attack is anyways meant to confise the user in to thinkking that > he is talking to the server. > > the attacker initially disguised as the KDC could send the user a > name meant for himself .. so the user would anyways talk to the > attacker only thinking its the server (when attacker is again man > in the middle between user and server ) .. > > what i mean to ask is that .. cant the man in the middle devise a > name to fool the user into thinking that this is the name of the > server when actually its for the attacker himself. The attacker does not have Kc, the long term secret key of the client. If he impersonate the KDC, it does not know how to generate a credential that the client can understand. If this didn't answer your question, please make sure to ask me during class today. Thanks! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Feb 18 01:09:35 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i1I99ZqB032627 for ; Wed, 18 Feb 2004 01:09:35 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1I9A8aC025157 for ; Wed, 18 Feb 2004 01:10:08 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i1I9A8E0025155 for cs530@merlot.usc.edu; Wed, 18 Feb 2004 01:10:08 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1I9A8aC025152 for ; Wed, 18 Feb 2004 01:10:08 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i1I9A8sL025148 for ; Wed, 18 Feb 2004 01:10:08 -0800 Message-Id: <200402180910.i1I9A8sL025148@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: HW1 grade... Date: Wed, 18 Feb 2004 01:10:08 -0800 From: william@bourbon.usc.edu Someone wrote: > I remember that you once told you in class,that for DES > encryption you can append some bytes to the file, if file size is > not a multiple of 8 bytes. One of the ways you had suggested was > to fill the remaining bytes with a number which is the actual > number of bytes to be padded. But what I thought was that this > would result in loss of data, if the last few bytes in original > file were just the same as that of padded data. Though this case > has a very low probablity, I think, our encryption should take > care of everything. In class, I mentioned that this is what openssl does DES encrption/decryption. So, there is a way to fix this. > So what I did was just padded blanks at the end of the file while > encrypting & preserved them while decrypting(because, what if the > original file actually contained blanks at the end).Decrypted > text files will treat these extra characters as blanks. The > decrypted image files (atleast bmp,tiff,jpg) are structured such > that they will not consider this extra characters. So I think > this scheme is better than the padding of numbers. It will have > no effect other than to increase the file size by 15 bytes in > worst case. I'm not sure exactly what you said you did. If the decrypted text file is not identical to the original text file, you are doing it wrong! It must be identical. Also, you should not distinguish text files vs. non-text files. > The Grader is comparing two outputs generated byte by byte (this > is what I think so he is doing using diff/sdiff). So obviously > there would be mismatch at the last few extra bytes. So shouldn't > the grading criteria be changed ? Or am I totally wrong with this > thing? I think he runs "diff" on the hexdump of the output file and observe the difference. If the difference is in the last few bytes, he takes a look at why. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Feb 17 13:49:36 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i1HLnaqB020214 for ; Tue, 17 Feb 2004 13:49:36 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1HLo7aC028926 for ; Tue, 17 Feb 2004 13:50:07 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i1HLo7Bt028924 for cs530@merlot.usc.edu; Tue, 17 Feb 2004 13:50:07 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1HLo7aC028921 for ; Tue, 17 Feb 2004 13:50:07 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i1HLo7Hx028917 for ; Tue, 17 Feb 2004 13:50:07 -0800 Message-Id: <200402172150.i1HLo7Hx028917@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: problem getting test files Date: Tue, 17 Feb 2004 13:50:07 -0800 From: william@bourbon.usc.edu Someone wrote: > Yes, I successfully copied those files to my account yesterday. I tried it > even now, and I could change to the ~csci530/public/hw1 dir and view the > files. I got three replies already saying that they have no trouble seeing these files! So, I don't think there is anything to fix. For those who couldn't see these files on nunki. The grader has copied these files to the following place on the web: http://www-scf.usc.edu/~savla/csci530/ Please be very careful when you download these files for testing. Sometimes, if you don't save it just right, you may gain an extra byte. Of course, they would mess up things like SHA1 and MD5. Here are the file sizes of these files: -rw-r--r-- 1 csci530 142 Feb 15 14:29 stdin_test.txt -rw-r--r-- 1 csci530 462 Feb 15 14:29 today.txt -rw-r--r-- 1 csci530 1689 Feb 15 14:30 usctommy.gif -rw-r--r-- 1 csci530 471 Feb 15 14:29 yesterday.txt -rw-r--r-- 1 csci530 13912 Feb 15 14:30 zpo.jpg If your file ends up to be of a different size, please do *not* ask us how to fix this. Use a better browser (or figure out how to copy these files on nunki)! Thanks! -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Tuesday, February 17, 2004 11:42 am Subject: Re: problem getting test files > Someone wrote: > > > I connected to nunki via ssh and tried to go to the class > > account but I got permission denied. > > > > nunki.usc.edu(32): cd ~csci530/public/hw1 > > /home/scf-12/csci530/public/hw1: Permission denied. > > nunki.usc.edu(33): > > > > I tried connecting through sftp but that didn't work either. > > Am I doing something wrong or the permissions of hte folder haven't > been > > changed. > > Looks like some people are having trouble reading the > test data files which we used to grade hw1. I'm > curious if anyone can *successfully* execute the > following command on nunki: > > /bin/ls ~csci530/public/hw1 > > If you can do this *successfully* and see the directory > listing, please send me e-mail. Thanks! (If this does > *not* work for you, please do *not* send me e-mail.) > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Feb 17 11:41:32 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i1HJfWqB017762 for ; Tue, 17 Feb 2004 11:41:32 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1HJg6aC012135 for ; Tue, 17 Feb 2004 11:42:06 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i1HJg6aD012133 for cs530@merlot.usc.edu; Tue, 17 Feb 2004 11:42:06 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1HJg6aC012130 for ; Tue, 17 Feb 2004 11:42:06 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i1HJg6wE012126 for ; Tue, 17 Feb 2004 11:42:06 -0800 Message-Id: <200402171942.i1HJg6wE012126@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: problem getting test files Date: Tue, 17 Feb 2004 11:42:06 -0800 From: william@bourbon.usc.edu Someone wrote: > I connected to nunki via ssh and tried to go to the class > account but I got permission denied. > > nunki.usc.edu(32): cd ~csci530/public/hw1 > /home/scf-12/csci530/public/hw1: Permission denied. > nunki.usc.edu(33): > > I tried connecting through sftp but that didn't work either. > Am I doing something wrong or the permissions of hte folder haven't been > changed. Looks like some people are having trouble reading the test data files which we used to grade hw1. I'm curious if anyone can *successfully* execute the following command on nunki: /bin/ls ~csci530/public/hw1 If you can do this *successfully* and see the directory listing, please send me e-mail. Thanks! (If this does *not* work for you, please do *not* send me e-mail.) -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Feb 16 22:49:28 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i1H6n8cM009190 for ; Mon, 16 Feb 2004 22:49:28 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1H6n4aC012870 for ; Mon, 16 Feb 2004 22:49:25 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i1H6miLN012536 for cs530@merlot; Mon, 16 Feb 2004 22:48:44 -0800 Date: Mon, 16 Feb 2004 22:48:44 -0800 From: william@bourbon.usc.edu Message-Id: <200402170648.i1H6miLN012536@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: test cases... Hi, The test data files are in ~csci530/public/hw1: today.txt yesterday.txt zpo.jpg usctommy.gif and for stdin: stdin_test.txt To get these files, please ssh to nunki. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Feb 16 15:31:40 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i1GNVecM000938 for ; Mon, 16 Feb 2004 15:31:40 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1GNWDaC031001 for ; Mon, 16 Feb 2004 15:32:14 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i1GNWDEJ030999 for cs530@merlot; Mon, 16 Feb 2004 15:32:13 -0800 Date: Mon, 16 Feb 2004 15:32:13 -0800 From: william@bourbon.usc.edu Message-Id: <200402162332.i1GNWDEJ030999@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: grader's office hours for HW1... Hi, The grader, Sumeet Savla, will hold office hours on Wednesday 18th February in Leavey Library 2nd Floor from 4pm to 6 pm. Please drop by if you have concerns regarding your HW1 grades. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Feb 13 20:00:04 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i1E404cM010775 for ; Fri, 13 Feb 2004 20:00:04 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1E40laC012395 for ; Fri, 13 Feb 2004 20:00:47 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i1E40ljF012391 for cs530@merlot.usc.edu; Fri, 13 Feb 2004 20:00:47 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1E40laC012387 for ; Fri, 13 Feb 2004 20:00:47 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i1E40krX012380 for ; Fri, 13 Feb 2004 20:00:46 -0800 Message-Id: <200402140400.i1E40krX012380@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Submission - to tar.gz or not? Date: Fri, 13 Feb 2004 20:00:46 -0800 From: william@bourbon.usc.edu Someone wrote: > Do we have to tar.gz the hw2 document in order to turn it in? If it's a single file that you are submitting, you can either tar gzip it or just upload it directly (instead of uploading hw2.tar.gz, just upload hw2.txt). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Feb 13 12:28:35 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i1DKSZcM001517 for ; Fri, 13 Feb 2004 12:28:35 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1DKTJaC016996 for ; Fri, 13 Feb 2004 12:29:19 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i1DKTJDb016986 for cs530@merlot.usc.edu; Fri, 13 Feb 2004 12:29:19 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i1DKTIaC016983 for ; Fri, 13 Feb 2004 12:29:18 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i1DKTIgN016979 for ; Fri, 13 Feb 2004 12:29:18 -0800 Message-Id: <200402132029.i1DKTIgN016979@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: [CS 530] HW 2 part 4 due date Date: Fri, 13 Feb 2004 12:29:18 -0800 From: william@bourbon.usc.edu Someone wrote: > Since we are only responsible for submitting parts 1 - 3 of HW 2 today by > 11:45 pm, could I ask when part 4 would be due? Since we have not even begun the lectures on authentication, I don't really have a good idea when it will be due. Sorry! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Mon Feb 9 02:21:26 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i19ALQcM011260 for ; Mon, 9 Feb 2004 02:21:26 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i19AMMaC015634 for ; Mon, 9 Feb 2004 02:22:22 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i19AMMpu015632 for cs530@merlot.usc.edu; Mon, 9 Feb 2004 02:22:22 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i19AMMaC015629 for ; Mon, 9 Feb 2004 02:22:22 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i19AMMNB015625 for ; Mon, 9 Feb 2004 02:22:22 -0800 Message-Id: <200402091022.i19AMMNB015625@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Encrypt session key w/ private key? Date: Mon, 09 Feb 2004 02:22:22 -0800 From: william@bourbon.usc.edu Someone wrote: > Ok...so this means that ,for the man-in-middle attack to > succeed, the attacker has to get a hold, exactly when the > distribution of keys is taking place between > the end-points of communication. I think we were talking in the context of HTTPS. In HTTPS, I think the server sends down the public key certificate to the client at the beginning of the connection. Plenty of opportunity for the man-in-the-middle. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Sunday, February 8, 2004 10:25 pm Subject: Re: Encrypt session key w/ private key? > Someone wrote: > > > If this was the case (your reply to the email below), there > > cannot be man-in-middle attack. Because, now only the > > holder of private key, can > > only decrypt the session key. Hence even if any one in > > the middle gets hold of > > this encrypted session key , he cannot create two > > different sessions with the > > original sender and receiver. > > But how can you be sure that the public key you are using is > the public key of the intended recipient? What if the public > key you are using is the public key of the man-in-the-middle? > -- > Bill Cheng // bill.cheng@usc.edu > > > > > > ----- Original Message ----- > From: william@bourbon.usc.edu > Date: Friday, February 6, 2004 12:10 pm > Subject: Re: Encrypt session key w/ private key? > > > Someone wrote: > > > > > In your "key exchange" discussion toward the end of the last > lecture, you > > > mentioned that you could create a one-time session > (symmetric) key. You > > > encrypt the message with the session key, and encrypt the > session key with > > > > your (asymmetric) private key. The recipient then decrypts > the > > session key > > > with your public key, and the message with the > (now-decrypted) session > > key. > > > > That method works for non-repudiation, but not for security. > That is, > > > anybody could decrypt the message (=> insecure), but only > the sender could > > > > have encrypted the message (=> non-repudiation). I think > that what you > > > meant was that the session-key would be encrypted using the > recipient's > > > public key. > > > > What you said is correct. But I thought someone pointed the > > same thing out during the lecture and I've acknowledged that > > I've made an error in describing it. Hmm... gotta go check > > the recording... > > -- > > Bill Cheng // bill.cheng@usc.edu > Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sun Feb 8 22:24:58 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i196OwcM006826 for ; Sun, 8 Feb 2004 22:24:58 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i196PtaC013548 for ; Sun, 8 Feb 2004 22:25:55 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i196Pt8D013546 for cs530@merlot.usc.edu; Sun, 8 Feb 2004 22:25:55 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i196PtaC013537 for ; Sun, 8 Feb 2004 22:25:55 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i196PtCo013533 for ; Sun, 8 Feb 2004 22:25:55 -0800 Message-Id: <200402090625.i196PtCo013533@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Encrypt session key w/ private key? Date: Sun, 08 Feb 2004 22:25:55 -0800 From: william@bourbon.usc.edu Someone wrote: > If this was the case (your reply to the email below), there > cannot be man-in-middle attack. Because, now only the > holder of private key, can > only decrypt the session key. Hence even if any one in > the middle gets hold of > this encrypted session key , he cannot create two > different sessions with the > original sender and receiver. But how can you be sure that the public key you are using is the public key of the intended recipient? What if the public key you are using is the public key of the man-in-the-middle? -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Friday, February 6, 2004 12:10 pm Subject: Re: Encrypt session key w/ private key? > Someone wrote: > > > In your "key exchange" discussion toward the end of the last lecture, you > > mentioned that you could create a one-time session (symmetric) key. You > > encrypt the message with the session key, and encrypt the session key with > > your (asymmetric) private key. The recipient then decrypts the > session key > > with your public key, and the message with the (now-decrypted) session > key. > > > That method works for non-repudiation, but not for security. That is, > > anybody could decrypt the message (=> insecure), but only the sender could > > have encrypted the message (=> non-repudiation). I think that what you > > meant was that the session-key would be encrypted using the recipient's > > public key. > > What you said is correct. But I thought someone pointed the > same thing out during the lecture and I've acknowledged that > I've made an error in describing it. Hmm... gotta go check > the recording... > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Feb 6 14:32:57 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i16MWvcM030343 for ; Fri, 6 Feb 2004 14:32:57 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i16MXxaC022371 for ; Fri, 6 Feb 2004 14:34:00 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i16MXxZW022369 for cs530@merlot.usc.edu; Fri, 6 Feb 2004 14:33:59 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i16MXxaC022366 for ; Fri, 6 Feb 2004 14:33:59 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i16MXxih022362 for ; Fri, 6 Feb 2004 14:33:59 -0800 Message-Id: <200402062233.i16MXxih022362@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Man-in-the-middle attacks on HTTPS Date: Fri, 06 Feb 2004 14:33:59 -0800 From: william@bourbon.usc.edu Someone wrote: > Your comments on the possibility of man-in-the-middle attacks > from an ISP struck me. This has implications in the corporate > world, where proxies are often used for Internet connections. > That is, it seems that the proxy could execute a > man-in-the-middle attack on an HTTPS transaction. Not something > that I had really considered, and I'll bet few corporate network > security types have either. Thank you for the insight! The proxy server is often behind the corporate firewall and controlled by admin people that the company hired. Disgruntle employees can certain do nasty stuff on the proxy server. There's even an easier attack from within. Something called "ARP poisoning" can also be done to insert a machine between your desktop and the corporate router and intercepts all your traffic! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Feb 6 12:09:29 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i16K9TcM027605 for ; Fri, 6 Feb 2004 12:09:29 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i16KAWaC031623 for ; Fri, 6 Feb 2004 12:10:32 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i16KAWlk031621 for cs530@merlot.usc.edu; Fri, 6 Feb 2004 12:10:32 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i16KAWaC031618 for ; Fri, 6 Feb 2004 12:10:32 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i16KAWMv031614 for ; Fri, 6 Feb 2004 12:10:32 -0800 Message-Id: <200402062010.i16KAWMv031614@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Encrypt session key w/ private key? Date: Fri, 06 Feb 2004 12:10:31 -0800 From: william@bourbon.usc.edu Someone wrote: > In your "key exchange" discussion toward the end of the last lecture, you > mentioned that you could create a one-time session (symmetric) key. You > encrypt the message with the session key, and encrypt the session key with > your (asymmetric) private key. The recipient then decrypts the session key > with your public key, and the message with the (now-decrypted) session key. > > That method works for non-repudiation, but not for security. That is, > anybody could decrypt the message (=> insecure), but only the sender could > have encrypted the message (=> non-repudiation). I think that what you > meant was that the session-key would be encrypted using the recipient's > public key. What you said is correct. But I thought someone pointed the same thing out during the lecture and I've acknowledged that I've made an error in describing it. Hmm... gotta go check the recording... -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Feb 4 10:14:37 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i14IEbcM030133 for ; Wed, 4 Feb 2004 10:14:37 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i14IFjaC013135 for ; Wed, 4 Feb 2004 10:15:45 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i14IFjSc013133 for cs530@merlot.usc.edu; Wed, 4 Feb 2004 10:15:45 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i14IFiaC013130 for ; Wed, 4 Feb 2004 10:15:44 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i14IFinA013128 for cs530; Wed, 4 Feb 2004 10:15:44 -0800 Date: Wed, 4 Feb 2004 10:15:44 -0800 From: william@bourbon.usc.edu Message-Id: <200402041815.i14IFinA013128@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: HW2 will be due in 2 parts... Hi, There are 4 problems in HW2, problem 4 is related to Authentication which we have not covered. So, I'll make problems 1 through 3 due at the original deadline (on 2/13/2004) and have problem 4 due at a time to be annnounced later. Please see: http://merlot.usc.edu/cs530-s04/homeworks.html Please use the HW2 submission event ID for problems 1 through 3. There will be a different submission event ID for the 2nd part of HW2 (problem 4). As far as grading goes, the 4 problems will make up HW2 and will count equally as HW1 and HW3 (and HW4 if there is one). -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Feb 3 09:33:22 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i13HXMcM002669 for ; Tue, 3 Feb 2004 09:33:22 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i13HWDaC006595 for ; Tue, 3 Feb 2004 09:32:13 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i13HWDLX006593 for cs530@merlot.usc.edu; Tue, 3 Feb 2004 09:32:13 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i13HWDaC006590 for ; Tue, 3 Feb 2004 09:32:13 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i13HWD1I006586 for ; Tue, 3 Feb 2004 09:32:13 -0800 Message-Id: <200402031732.i13HWD1I006586@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Reading for CS530 Date: Tue, 03 Feb 2004 09:32:13 -0800 From: william@bourbon.usc.edu Someone wrote: > Since we will be covering public key cryptography in > the next few lectures, are we responsible for Chapter > 6 in the Network Security text? This chapter covers > Public Key Cryptography. Currently, the syllabus only > states we will be covering chapters 2-5 on the > subject. Hmm... There seems to be a mismatch with the chapter numbers. May be the original syllabus was created using the first edition of the Network Security textbook. There is probably no precise mapping between the topics and book chapters (as you have seen, we do not cover *everything* in a chapter). I'll update the syllabus as we go and try to give a good approximation. Sorry for the confusion. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Feb 3 08:19:49 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i13GJncM001302 for ; Tue, 3 Feb 2004 08:19:49 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i13GIdaC004871 for ; Tue, 3 Feb 2004 08:18:39 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i13GIdVU004869 for cs530@merlot.usc.edu; Tue, 3 Feb 2004 08:18:39 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i13GIdaC004866 for ; Tue, 3 Feb 2004 08:18:39 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i13GIdXB004862 for ; Tue, 3 Feb 2004 08:18:39 -0800 Message-Id: <200402031618.i13GIdXB004862@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: 2/2 lecture not recorded Date: Tue, 03 Feb 2004 08:18:39 -0800 From: william@bourbon.usc.edu Someone wrote: > Yesterday's lecture was not recorded. Not sure if you were out > yesterday and canceled the lecture, or if this is a DEN failure. > If the latter, please let me know if there is any special > material I should review to catch up. I had a family emergency and couldn't come to class and had to cancel it. We will pick up where we left off on cryptography on Wednesday. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Jan 31 19:14:15 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i113EFcM019947 for ; Sat, 31 Jan 2004 19:14:15 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i113DD8T025472 for ; Sat, 31 Jan 2004 19:13:13 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i113DD4p025470 for cs530@merlot.usc.edu; Sat, 31 Jan 2004 19:13:13 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i113DD8T025467 for ; Sat, 31 Jan 2004 19:13:13 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i113DDnt025465 for cs530; Sat, 31 Jan 2004 19:13:13 -0800 Date: Sat, 31 Jan 2004 19:13:13 -0800 From: william@bourbon.usc.edu Message-Id: <200402010313.i113DDnt025465@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: HW2 has been posted... Hi, Please look at the homework page for HW2 (in PDF format). This is a non-programming HW. I've set the due date to be 2/13/2004 and it's tentative because it depends on when I will cover authentication. I'll know the exact due date probably a week from now. But please do start working on it soon. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Jan 31 09:35:26 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0VHZQcM007650 for ; Sat, 31 Jan 2004 09:35:26 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0VHYP8T000440 for ; Sat, 31 Jan 2004 09:34:25 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0VHYPnO000438 for cs530@merlot; Sat, 31 Jan 2004 09:34:25 -0800 Date: Sat, 31 Jan 2004 09:34:25 -0800 From: william@bourbon.usc.edu Message-Id: <200401311734.i0VHYPnO000438@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: modifications to your submission... Hi, You can make minor changes to your HW1 submissions within 24 hours of the original submission deadline. Please see: http://merlot.usc.edu/cs530-s04/homeworks.html#mods for rules. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Sat Jan 31 09:24:43 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0VHOhcM007221 for ; Sat, 31 Jan 2004 09:24:43 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0VHNg8T022787 for ; Sat, 31 Jan 2004 09:23:42 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0VHNg3s022785 for cs530@merlot.usc.edu; Sat, 31 Jan 2004 09:23:42 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0VHNg8T022776 for ; Sat, 31 Jan 2004 09:23:42 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0VHNgjr022772 for ; Sat, 31 Jan 2004 09:23:42 -0800 Message-Id: <200401311723.i0VHNgjr022772@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: [CS530] HW1 Spec conflicts: Entering passphase from keyboard and ability to redirect output to stdout in DES conflicts Date: Sat, 31 Jan 2004 09:23:42 -0800 From: william@bourbon.usc.edu Hi, I'm forwarding a message from a student who knows a lot more about UNIX than I do. This message explains the business about multiple s (when you try to terminate the passphrase without but with ). -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Sat, 31 Jan 2004 07:41:57 -0800 To: Subject: Re: [CS530] HW1 Spec conflicts: Entering passphase from keyboard and ability to redirect output to stdout in DES conflicts Prof Cheng, Since the deadline is passed, this no longer matters. But I thought you might find it interesting should the question arise again. Besides, I don't want you to think that C++ streams are Evil ;-). > > but for input directly, needs to press Ctrl-D twice > > > > ./hw1 md5 > > yesnomaybe > > > > Is this acceptable? > > Yes! If this what the system (nunki) provides, it's fine! I don't think this has anything to do with C++, but rather with the tty driver doing "cooked" input processing. A appears to be processed (as an EOF) by the tty driver only if it is the first character on the line. So typing "yesnomaybe" terminates the input line, and the second terminates the input. You can surmise this by typing: hw1 md5 which you will see does the expected thing, without two 's. When you redirect input, either through a pipe or input redirection, none of this happens because the tty driver is not involved. You can further verify this hypothesis with cat | hw1 md5 yesnomaybe Here cat is getting the initial keyboard input, so neither hw1 nor C++ is involved in the tty input processing. Yet one still needs two 's to end the input. Thank you, Prof Cheng. Regards, Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Jan 30 22:37:31 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0V6bVcM026488 for ; Fri, 30 Jan 2004 22:37:31 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0V6aV8T017709 for ; Fri, 30 Jan 2004 22:36:31 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0V6aVJc017707 for cs530@merlot.usc.edu; Fri, 30 Jan 2004 22:36:31 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0V6aV8T017704 for ; Fri, 30 Jan 2004 22:36:31 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0V6aVwg017702 for cs530; Fri, 30 Jan 2004 22:36:31 -0800 Date: Fri, 30 Jan 2004 22:36:31 -0800 From: william@bourbon.usc.edu Message-Id: <200401310636.i0V6aVwg017702@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: submission deadline is getting close... Hi, Some of you have not even submitted *anything*. Please try to submit something soon. When it gets close to the deadline, you may make mistakes and miss the deadline. The penalty for missing the deadline is severe and non- negotiable. Please submit on-time! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Jan 30 19:50:28 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0V3oScM022671 for ; Fri, 30 Jan 2004 19:50:28 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0V3nS8T018220 for ; Fri, 30 Jan 2004 19:49:28 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0V3nSVH018218 for cs530@merlot.usc.edu; Fri, 30 Jan 2004 19:49:28 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0V3nS8T018211 for ; Fri, 30 Jan 2004 19:49:28 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0V3nSqI018205 for ; Fri, 30 Jan 2004 19:49:28 -0800 Message-Id: <200401310349.i0V3nSqI018205@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Regarding the 'bsubmit' command !! Date: Fri, 30 Jan 2004 19:49:28 -0800 From: william@bourbon.usc.edu Someone wrote: > I am not able to run the 'bsubmit' command successfully. It gives > an error '/home/scf-22/csci551/bin/bsubmiy: Permission denied', > each time I run the command. > Is there any additional thing to be done to get the command > executed ? Please see my message with timestamp "Thu 29 Jan 20:59". -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Jan 30 15:19:13 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0UNJDcM017220 for ; Fri, 30 Jan 2004 15:19:13 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0UNIE8T018839 for ; Fri, 30 Jan 2004 15:18:14 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0UNIE4n018836 for cs530@merlot.usc.edu; Fri, 30 Jan 2004 15:18:14 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0UNIE8T018830; Fri, 30 Jan 2004 15:18:14 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0UNIEON018826; Fri, 30 Jan 2004 15:18:14 -0800 Message-Id: <200401302318.i0UNIEON018826@bourbon.usc.edu> To: cs530@bourbon.usc.edu To: cs551@bourbon.usc.edu Subject: Re: regarding combined setenv for students of cs530 and cs551... Date: Fri, 30 Jan 2004 15:18:14 -0800 From: william@bourbon.usc.edu Someone wrote: > I think for the students who have taken cs530 and cs551 both this > semester, they have to set the setenv variable as following to > enable smooth functioning of both the submissions... > > setenv LD_LIBRARY_PATH \ > /usr/usc/openssl/0.9.7c/lib:/usr/usc/openssl/default/lib:/usr/lib > > This is because, when I set it for cs530 given on cs530 hw page, > my cs551 programs were not working and the vice-versa. LD_LIBRARY_PATH must match which library you link to (must match your Makefile). If you link to the library in /usr/usc/openssl/default/lib (using your Makefile) but your LD_LIBRARY_PATH is set to the above, then you may get incompatible libraries! For 551, you can switch to the 0.9.7c library if you want. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Jan 30 15:13:39 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0UNDdcM017078 for ; Fri, 30 Jan 2004 15:13:39 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0UNCe8T016695 for ; Fri, 30 Jan 2004 15:12:40 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0UNCeUf016693 for cs530@merlot.usc.edu; Fri, 30 Jan 2004 15:12:40 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0UNCe8T016690 for ; Fri, 30 Jan 2004 15:12:40 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0UNCeIs016682 for ; Fri, 30 Jan 2004 15:12:40 -0800 Message-Id: <200401302312.i0UNCeIs016682@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: make clean Date: Fri, 30 Jan 2004 15:12:40 -0800 From: william@bourbon.usc.edu Someone wrote: > when we type "make clean" > do we have to remove the hw1.o file only or the executable named hw1 also? You need to remove *all* generated *binary* files. That includes the .o files and the executable. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Jan 30 15:12:26 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0UNCQcM017068 for ; Fri, 30 Jan 2004 15:12:26 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0UNBR8T016180 for ; Fri, 30 Jan 2004 15:11:27 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0UNBRLk016178 for cs530@merlot.usc.edu; Fri, 30 Jan 2004 15:11:27 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0UNBR8T016175 for ; Fri, 30 Jan 2004 15:11:27 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0UNBRVl016171 for ; Fri, 30 Jan 2004 15:11:27 -0800 Message-Id: <200401302311.i0UNBRVl016171@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Output of MD5 and SHA1 Date: Fri, 30 Jan 2004 15:11:27 -0800 From: william@bourbon.usc.edu Someone wrote: > I output my data like the openssl functions do: > MD5(file name)= "message digest" > SHA1(file name)= "message digest" > > Is this correct or should we only output the message digest? Please just output the message digest. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Jan 30 11:13:22 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0UJDMcM012463 for ; Fri, 30 Jan 2004 11:13:22 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0UJCN8T010443 for ; Fri, 30 Jan 2004 11:12:23 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0UJCNX6010441 for cs530@merlot.usc.edu; Fri, 30 Jan 2004 11:12:23 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0UJCN8T010438 for ; Fri, 30 Jan 2004 11:12:23 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0UJCNqW010434 for ; Fri, 30 Jan 2004 11:12:23 -0800 Message-Id: <200401301912.i0UJCNqW010434@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Question on weak or empty passphrase Date: Fri, 30 Jan 2004 11:12:23 -0800 From: william@bourbon.usc.edu Someone wrote: > What I meant as "old" data from a file is: > > Using "cat file | " all of file's contents get sent to stdin. > File Content: > > [Readable data1]\n This gets read > [Readable data2]\n "old" data: Stays in stdin buffer to be read > on next fgets > [more readable data...] > > I am assuming from your reply that the second line is ok to be > read and we do not have to flush [Readable data2]\n and [more > readable data...] from the stdin buffer. You are probably using the wrong terminology. You have to *read* the data if you want to "flush" the data. > That means the user > would not have to physically enter data ("new" data) again (in > this case only though, if stdin is already empty then they will > have to) and the data that was redirected from the file will be > read (i.e. [Readable data2]\n). > > I hope this makes more sense. May be you are just not familiar enough with file I/O. Please find a C/C++ tutorial somewhere about file I/O. If you do "cat file | ", what you are doing is to say that you are "simulating" what a user would enter, line by line (and a line ends with '\n'). I don't understand why you want to enter the passphrase by doing "cat file |". Why not just type it in interactively? -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Friday, January 30, 2004 9:08 am Subject: Re: Question on weak or empty passphrase > Someone wrote: > > > I have a question about the enc-des passphrase and the way my > > code reads it in. My program will read from stdin until it gets > > a '\n' character or 4095 bytes and then does not read again. I > > was wondering about the case where a file is redirected to stdin > > (using "cat file" for example) and this file has many '\n' chars > > in it or is larger than 4095 bytes. My problem occurs when the > > first read is either an empty string (after removing the white > > spaces) or a weak key is produced. There will be unread data in > > the stdin buffer and the next time I read I will get this "old" > > data and not "new" data from the user. > > > > My question is: Is it ok to read this "old" data or do I have to > > get "new" data from the user? > > If "file" in your "cat file" command contains the following > data: > > [empty line]\n > \n > [empty line]\n > yesnomaybe \n > [something else] > > Assuming you don't call rewind(), then successive fgets() (or > equivalent) will succeed 4 times (and more). You will not > get "old" data unless you force it to. > > > The reason that I do not continue to read is because I do not > > know have to flush the stdin buffer or read the rest of the data > > in without forcing the user to enter more data. If I am not > > making myself clear consider this: > > 1. I prompt the user > > 2. I call my read function > > 3. User enters data > > 4. I read up to the '\n' > > 5. I need to check for more data & I don't know if there is more > > data > > in the stdin buffer so I have to read again > > 6. There is no more data in the stdin buffer so program waits > > for user to enter more data > > I don't understand why you need step 5. > > > If there is a command to flush the stdin buffer or a non-blocking > > read to stdin I would really appreciate a point in the right > > direction. I hope this was not to long and I gave you enough > > information on my situation. > > fflush(stdin) flushes the stdin buffer. But I don't see how > that would help. I think there must be some kind of > misunderstanding. > > You just need to keep reading stdin until you see a '\n'. > (If you haven't encountered a '\n' and the buffer is exhausted, > set an overflow flag and start ignoring what you are reading > from stdin.) Process what you have read (if the overflow > flag is not set). If it's no good (or the overflow flag is > set), repeat! > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Jan 30 09:49:29 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0UHnScM010761 for ; Fri, 30 Jan 2004 09:49:28 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0UHmU8T007778 for ; Fri, 30 Jan 2004 09:48:30 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0UHmU0i007776 for cs530@merlot.usc.edu; Fri, 30 Jan 2004 09:48:30 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0UHmU8T007773 for ; Fri, 30 Jan 2004 09:48:30 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0UHmUci007769 for ; Fri, 30 Jan 2004 09:48:30 -0800 Message-Id: <200401301748.i0UHmUci007769@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: DES last 8 bytes decryption problem Date: Fri, 30 Jan 2004 09:48:30 -0800 From: william@bourbon.usc.edu Someone wrote: > No matter what I do, I cannot get the last 8 bytes > of my message to decrypt properly. Everything else > works fine. I have tried padding before encryption > with several different characters and cannot get it to > work. Is there anything I can do to fix this? Many > students in the newsgroup have mentioned not to worry > about it. If your input is, say: 01 02 03 04 05 and you pad it with zeroes. Now you have: 01 02 03 04 05 00 00 00 you encrypt this and get something, let's call it X. If you decrypt X, why won't you get 01 02 03 04 05 00 00 00 back? -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Jan 30 09:14:31 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0UHEVcM010141 for ; Fri, 30 Jan 2004 09:14:31 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0UHDX8T025926 for ; Fri, 30 Jan 2004 09:13:33 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0UHDXAW025924 for cs530@merlot.usc.edu; Fri, 30 Jan 2004 09:13:33 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0UHDW8T025921 for ; Fri, 30 Jan 2004 09:13:32 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0UHDWC4025913 for ; Fri, 30 Jan 2004 09:13:32 -0800 Message-Id: <200401301713.i0UHDWC4025913@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Make error Date: Fri, 30 Jan 2004 09:13:32 -0800 From: william@bourbon.usc.edu Someone wrote: > When I type in the make command, only the first command gets > executed and the remaining are left un-executed. > > These are the commands: > > Client.o: WARMUP1.h Client.c > gcc -c Client.c -I/usr/usc/openssl/default/include > -L/usr/usc/openssl/default/lib > > Server.o: WARMUP1.h Server.c > gcc -c Server.c -I/usr/usc/openssl/default/include > -L/usr/usc/openssl/default/lib > > Client: Client.o > gcc -o Client Client.o -lsocket -lnsl -lcrypto > > Server: Server.o > gcc -o Server Server.o -lsocket -lnsl -lcrypto > > I'd really apreciate it if you could tell me what the problem > could be? You need to create "client" and "server", not "Client" and "Server". All you need is the following at the top: all: client server Also, the -L is for the link phase, not the separate compile phase. This is all I'll say. I've mentioned in class that you need to start doing all these *early*, which means at least a week ago! Read a makefile tutorials somewhere on the web! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Fri Jan 30 09:09:31 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0UH9UcM010017 for ; Fri, 30 Jan 2004 09:09:31 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0UH8W8T021214 for ; Fri, 30 Jan 2004 09:08:32 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0UH8WPl021212 for cs530@merlot.usc.edu; Fri, 30 Jan 2004 09:08:32 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0UH8W8T021203 for ; Fri, 30 Jan 2004 09:08:32 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0UH8Ved021199 for ; Fri, 30 Jan 2004 09:08:32 -0800 Message-Id: <200401301708.i0UH8Ved021199@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Question on weak or empty passphrase Date: Fri, 30 Jan 2004 09:08:31 -0800 From: william@bourbon.usc.edu Someone wrote: > I have a question about the enc-des passphrase and the way my > code reads it in. My program will read from stdin until it gets > a '\n' character or 4095 bytes and then does not read again. I > was wondering about the case where a file is redirected to stdin > (using "cat file" for example) and this file has many '\n' chars > in it or is larger than 4095 bytes. My problem occurs when the > first read is either an empty string (after removing the white > spaces) or a weak key is produced. There will be unread data in > the stdin buffer and the next time I read I will get this "old" > data and not "new" data from the user. > > My question is: Is it ok to read this "old" data or do I have to > get "new" data from the user? If "file" in your "cat file" command contains the following data: [empty line]\n \n [empty line]\n yesnomaybe \n [something else] Assuming you don't call rewind(), then successive fgets() (or equivalent) will succeed 4 times (and more). You will not get "old" data unless you force it to. > The reason that I do not continue to read is because I do not > know have to flush the stdin buffer or read the rest of the data > in without forcing the user to enter more data. If I am not > making myself clear consider this: > 1. I prompt the user > 2. I call my read function > 3. User enters data > 4. I read up to the '\n' > 5. I need to check for more data & I don't know if there is more > data > in the stdin buffer so I have to read again > 6. There is no more data in the stdin buffer so program waits > for user to enter more data I don't understand why you need step 5. > If there is a command to flush the stdin buffer or a non-blocking > read to stdin I would really appreciate a point in the right > direction. I hope this was not to long and I gave you enough > information on my situation. fflush(stdin) flushes the stdin buffer. But I don't see how that would help. I think there must be some kind of misunderstanding. You just need to keep reading stdin until you see a '\n'. (If you haven't encountered a '\n' and the buffer is exhausted, set an overflow flag and start ignoring what you are reading from stdin.) Process what you have read (if the overflow flag is not set). If it's no good (or the overflow flag is set), repeat! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Jan 29 22:46:48 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0U6kmcM030522 for ; Thu, 29 Jan 2004 22:46:48 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0U6jp8T005448 for ; Thu, 29 Jan 2004 22:45:51 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0U6jpXX005440 for cs530@merlot.usc.edu; Thu, 29 Jan 2004 22:45:51 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0U6jp8T005437 for ; Thu, 29 Jan 2004 22:45:51 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0U6jp6Z005435 for cs530; Thu, 29 Jan 2004 22:45:51 -0800 Date: Thu, 29 Jan 2004 22:45:51 -0800 From: william@bourbon.usc.edu Message-Id: <200401300645.i0U6jp6Z005435@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: getting close to HW1 deadline... Hi, Remember that I have mentioned several times in class that you should start your project *early*! Just want to mention that as the deadline approaches, I will answer e-mail *less* frequent! I'll probably just scan my e-mail once early tomorrow afternoon. If you send me e-mail late tomorrow afternoon or in the evening, chances are, I won't get to respond to your e-mail. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Jan 29 22:38:46 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0U6ckcM030299 for ; Thu, 29 Jan 2004 22:38:46 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0U6bn8T030003 for ; Thu, 29 Jan 2004 22:37:49 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0U6bnnE030001 for cs530@merlot.usc.edu; Thu, 29 Jan 2004 22:37:49 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0U6bn8T029998 for ; Thu, 29 Jan 2004 22:37:49 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0U6bnfA029991 for ; Thu, 29 Jan 2004 22:37:49 -0800 Message-Id: <200401300637.i0U6bnfA029991@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: [CS530] HW1 Spec conflicts: Entering passphase from keyboard and ability to redirect output to stdout in DES conflicts Date: Thu, 29 Jan 2004 22:37:49 -0800 From: william@bourbon.usc.edu Someone wrote: > Someone has tried to ask this question but the answered was not > clear. > > 1) In the spec of enc-des and dec-des, the passpharse will be > prompted to enter from standard-in such as: > > Enter DES encryption passpharse > > Then the user can type something and end with or > to finish, right? The normal convention is to end it with . > At the end of the spec of enc-des/dec-des, it > said that "You should be able to redirect stdout to a file so you > can later decrypt it" There is NO problem by redirect > passpharse from standard in such as: > > echo -n "yesnomaybe" | ./hw1 enc-des yesterday.txt > > but the problem is since the "Enter DES encryption passpharse" is > written to standard out, if we redirect to a file, it will also > included in that file and cannot be decrypted later. Is it okay > to not prompt anything so that when redirecting stdout, the file > is clean and can be decrypted? Another option is write output to > the file directly. Are they acceptable? No. Please see my message with timestamp "Sat 24 Jan 13:31". > 2) Because I am using C++ cin which is buffered and terminated > with Ctrl-D or , for redirection and input from file, they > both work fine. However, if the user type in from standard in > directly in MD5, SHA1, BASE-64, etc.. , it requires If don't > know why the user has to terminate with Ctrl-D twice. Is it > okay? (I noticed that in openssl such as running "openssl md5" > the user has to end with Ctrl-D three times.) > > For example: > > echo -n "yesnomaybe" | ./hw1 md5 <--- OK > ./hw1 md5 < a.file <--- OK > > but for input directly, needs to press Ctrl-D twice > > ./hw1 md5 > yesnomaybe > > Is this acceptable? Yes! If this what the system (nunki) provides, it's fine! > I think or else the only way to do this is > using getchar() from C only. Remember, C is a proper subset of C++. So, if it can be done in C, it can be done in C++. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Jan 29 21:14:10 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0U5EAcM028678 for ; Thu, 29 Jan 2004 21:14:10 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0U5DD8T012944 for ; Thu, 29 Jan 2004 21:13:13 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0U5DD7G012942 for cs530@merlot.usc.edu; Thu, 29 Jan 2004 21:13:13 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0U5DD8T012936 for ; Thu, 29 Jan 2004 21:13:13 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0U5DDEE012929 for ; Thu, 29 Jan 2004 21:13:13 -0800 Message-Id: <200401300513.i0U5DDEE012929@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: cs530: setting LD_LIBRARY_PATH Date: Thu, 29 Jan 2004 21:13:13 -0800 From: william@bourbon.usc.edu Someone wrote: > Are we required to set the environment variable LD_LIBRARY_PATH > inside the Makefile? You should set it in your ~/.login or ~/.cshrc. > Till now I have been setting it at the > command prompt. I tried to learn how to include it in the > Makefile. But I wasn't successful. I spent quite a lot of time > trying to figure it out. > Could you please tell me how to do it? I don't know how to do it in the Makefile. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Jan 29 21:12:37 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0U5CbcM028631 for ; Thu, 29 Jan 2004 21:12:37 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0U5Be8T011424 for ; Thu, 29 Jan 2004 21:11:40 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0U5Be0H011422 for cs530@merlot.usc.edu; Thu, 29 Jan 2004 21:11:40 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0U5Be8T011419 for ; Thu, 29 Jan 2004 21:11:40 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0U5BegW011415 for ; Thu, 29 Jan 2004 21:11:40 -0800 Message-Id: <200401300511.i0U5BegW011415@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: URGENT Date: Thu, 29 Jan 2004 21:11:40 -0800 From: william@bourbon.usc.edu Someone wrote: > I tried a lot to debug the code,but couldnt make it...so > please,if you could help me out...... > > Related part of the code:- > > FILE *fpass,*fs ; > char ch; > > fpass=fopen("passph.txt","w"); > fs=stdin; > > ch=fgetc(); > > while(ch!=EOF)/*ENTERING THE PASSPHRASE INTO A FILE*/ > { > fputc(ch,fpass); > ch=fgetc(); > if(ch==EOF)printf("this is it"); > } > fclose(fpass); > > > QUESTION:- when the program runs,the while loop gets executed > till I enter an EOF > (CTRL-D)........also the characters given at input are copied > into file fpass. I suggest that you should compile your code with full warnings and like I mentioned in class, you should make sure that the compiler does not complain about any part of your code. Again, these are very basic programming problems and not really related to this class. You should look for help elsewhere. > BUT....THE PRINTF STATEMENT IS NOT EXECUTED AND A > SEGMENTATION FAULT OCCURS. HOW DO I TROUBLESHOOT THIS ERROR? What's the point of all these upper case letters? It's extremely hard to read, so I'm not reading it. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Jan 29 21:07:45 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0U57jcM028471 for ; Thu, 29 Jan 2004 21:07:45 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0U56m8T006694 for ; Thu, 29 Jan 2004 21:06:48 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0U56mNN006692 for cs530@merlot.usc.edu; Thu, 29 Jan 2004 21:06:48 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0U56m8T006689 for ; Thu, 29 Jan 2004 21:06:48 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0U56l38006685 for ; Thu, 29 Jan 2004 21:06:47 -0800 Message-Id: <200401300506.i0U56l38006685@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: DES Passphrase Length Confusion Date: Thu, 29 Jan 2004 21:06:47 -0800 From: william@bourbon.usc.edu Someone wrote: > I understand that we are looking for \n to terminate > our passphrase entry, but I don't see how you can ask > us to remove all the leading and trailing whitespace > from a potentially unlimitted size passphrase. > -Suppose your buffer is 4096 bytes, and the last 10 > characters are or followed by a \n to > terminate. What if as you read characters into the > buffer, the last 5 characters of the buffer are > and then the next reads into an empty buffer > are 5 characters followed by \n. This could be > the case for an unlimited number of whitespace > characters. The only way I see a solution, is to > modify the spec to remove all whitespace from the > passphrase, including in between characters. Is this > the case? Given the 4096 buffer size limit, another thing you can do is to reject any passphrase that's longer than 4096 bytes! You don't want to violate the spec by removing blank characters in the middle of the user's input. In any case, please document your design decision. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Jan 29 21:01:30 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0U51UcM028353 for ; Thu, 29 Jan 2004 21:01:30 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0U50X8T000628 for ; Thu, 29 Jan 2004 21:00:33 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0U50Xlh000626 for cs530@merlot.usc.edu; Thu, 29 Jan 2004 21:00:33 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0U50X8T000617 for ; Thu, 29 Jan 2004 21:00:33 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0U50XZj000613 for ; Thu, 29 Jan 2004 21:00:33 -0800 Message-Id: <200401300500.i0U50XZj000613@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: EVP functions in OpenSSL library Date: Thu, 29 Jan 2004 21:00:33 -0800 From: william@bourbon.usc.edu The spec says DES_ncbc_encrypt(). If you want to use something else and the result is different, you will lose points! -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Thu, 29 Jan 2004 15:42:15 -0800 To: william@bourbon.usc.edu Subject: Re: EVP functions in OpenSSL library Sir, What about using EVP_des_cbc() in place of the des_ncbc_encrypt function? Th e EVP functions seem to have the ability to do the des_cbc cypher. Are we rest ricted to only using the des_ncbc_encrypt function?? Thanks, ----- Original Message ----- From: william@bourbon.usc.edu Date: Monday, January 26, 2004 7:01 am Subject: Re: EVP functions in OpenSSL library > Someone wrote: > > > Is it okay to use the EVP digest functions in the OpenSSL > > library? The > > documentation claims that applications should use these instead > > of the md5/sha1 function calls. > > Sure! > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Jan 29 08:42:46 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0TGgkcM014558 for ; Thu, 29 Jan 2004 08:42:46 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0TGfo8T024673 for ; Thu, 29 Jan 2004 08:41:50 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0TGfonZ024671 for cs530@merlot.usc.edu; Thu, 29 Jan 2004 08:41:50 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0TGfo8T024665 for ; Thu, 29 Jan 2004 08:41:50 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0TGfogS024658 for ; Thu, 29 Jan 2004 08:41:50 -0800 Message-Id: <200401291641.i0TGfogS024658@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Multiple Submission Date: Thu, 29 Jan 2004 08:41:50 -0800 From: william@bourbon.usc.edu Someone wrote: > When I submit hw, do I need to type following two lines in every time? > > ~csci551b/bin/bsubmit config -set email=you@yourdomain > ~csci551b/bin/bsubmit upload -event event_id -file submission_file You only have to run the first line once. > since.. I just typed the 2nd line after 1st submission.. > ~csci551b/bin/bsubmit upload -event event_id -file submission_file Exactly! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Thu Jan 29 08:37:47 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0TGblcM014421 for ; Thu, 29 Jan 2004 08:37:47 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0TGap8T019977 for ; Thu, 29 Jan 2004 08:36:51 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0TGapAm019975 for cs530@merlot.usc.edu; Thu, 29 Jan 2004 08:36:51 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0TGap8T019972 for ; Thu, 29 Jan 2004 08:36:51 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0TGapnq019965 for ; Thu, 29 Jan 2004 08:36:51 -0800 Message-Id: <200401291636.i0TGapnq019965@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Octal padding Date: Thu, 29 Jan 2004 08:36:51 -0800 From: william@bourbon.usc.edu Someone wrote: > For DES encryption, does it matter where in the input stream we > insert padding. And does it matter what format of padding we use > (i.e. numerical values, or null characters, etc..). This will be > an issue if our ciphertext is to match ciphertext that you will > be using during grading. You can put it anywhere. Just make sure you document it in your README file. If your encrypted data does not match ours, as long as we know why, it won't be a problem. > It was a little unclear whether we > should be able to decrypt ciphertext not produced by our own > encryption function, and produce ciphertext decryptable by some > other decryption function. You only have to be able to decrypt the files your program created. You do not need to be compatible with any other program. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Jan 28 23:26:24 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0T7QOcM003968 for ; Wed, 28 Jan 2004 23:26:24 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0T7PT8T010433 for ; Wed, 28 Jan 2004 23:25:29 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0T7PT2Y010431 for cs530@merlot.usc.edu; Wed, 28 Jan 2004 23:25:29 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0T7PO8T010339 for ; Wed, 28 Jan 2004 23:25:29 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0T7PO6K010335 for ; Wed, 28 Jan 2004 23:25:24 -0800 Message-Id: <200401290725.i0T7PO6K010335@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: a.out: fatal: libcrypto.so.0.9.7: open failed: No such file or directory Killed Date: Wed, 28 Jan 2004 23:25:24 -0800 From: william@bourbon.usc.edu Someone wrote: > this is the error i am getting when i try to run my code > > a.out: fatal: libcrypto.so.0.9.7: open failed: No such file or directory > Killed > > i have done the reqd setnv in the cshrc file even then the error appears You probably have made a typo. libcrypto.so.0.9.7 is in: /auto/usc/openssl/0.9.7c/lib Did you setenv to the right place? -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Jan 28 23:22:21 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0T7MLcM003884 for ; Wed, 28 Jan 2004 23:22:21 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0T7LQ8T006482 for ; Wed, 28 Jan 2004 23:21:26 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0T7LQdA006480 for cs530@merlot.usc.edu; Wed, 28 Jan 2004 23:21:26 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0T7LQ8T006477 for ; Wed, 28 Jan 2004 23:21:26 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0T7LQTB006473 for ; Wed, 28 Jan 2004 23:21:26 -0800 Message-Id: <200401290721.i0T7LQTB006473@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: clarification for commands with optional file parameter Date: Wed, 28 Jan 2004 23:21:26 -0800 From: william@bourbon.usc.edu Someone wrote: > I want to clarify that in the case of hexdump, md5, sha1, etc., > when the file is optional, do we need to prompt the user(eg. > 'please enter information: ') for the information or just start > doing 'cin's for it? If the filename is *missing*, then whatever data that comes into stdin/cin is the data you need to perform the function on. It should be clear that prompting for a filename is not according to HW1 spec. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Jan 28 23:18:46 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0T7IkcM003790 for ; Wed, 28 Jan 2004 23:18:46 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0T7Hp8T003013 for ; Wed, 28 Jan 2004 23:17:51 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0T7HppF003011 for cs530@merlot.usc.edu; Wed, 28 Jan 2004 23:17:51 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0T7Hp8T003008 for ; Wed, 28 Jan 2004 23:17:51 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0T7Hp9Y003002 for ; Wed, 28 Jan 2004 23:17:51 -0800 Message-Id: <200401290717.i0T7Hp9Y003002@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: cs530 DES passphrase expected max size Date: Wed, 28 Jan 2004 23:17:51 -0800 From: william@bourbon.usc.edu Someone wrote: > I am using des_read_password for reading the passphrase, which BTW is > available in 0.9.7c version of openssl (and hence on nunki). With respect > to your response to someone's question below, would my usage of > des_read_password be acceptable ? I haven't tested as to how an input > greater than 4096 bytes is treated by this function. In particular, i am > not sure if the function returns error if the input size is > 4096 or chops > the extra bytes and creates the key using the initial 4096 bytes. Since > this function uses the des_read_pw_string (des_old.h) which requires one to > specify a buffer size argument and returns error if the user typed more > chars than can be stored in the buffer, my feeling is that the > implementation of des_read_password passes the max buf size (4096) to > des_read_pw_string and hence i am speculating that it will return an error > on input > 4096 bytes. > > I used it before because this function was provided by DES and instead of > writing my own, it only made sense to use the standard, but i will wait for > your response before i replace it. Looks like what you can use is des_read_pw_string() or des_read_pw(). If you use des_read_password(), it will generate a key that violate the HW1 spec. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Jan 28 22:46:37 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0T6kbcM003047 for ; Wed, 28 Jan 2004 22:46:37 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0T6jg8T004470 for ; Wed, 28 Jan 2004 22:45:42 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0T6jgWK004468 for cs530@merlot.usc.edu; Wed, 28 Jan 2004 22:45:42 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0T6jg8T004461 for ; Wed, 28 Jan 2004 22:45:42 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0T6jgnm004455 for ; Wed, 28 Jan 2004 22:45:42 -0800 Message-Id: <200401290645.i0T6jgnm004455@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: CS530 Base64 Decode Question Date: Wed, 28 Jan 2004 22:45:42 -0800 From: william@bourbon.usc.edu Someone wrote: > I have a question about the base64-dec part of the > program. My enc-base64 function works as follows: > > aludra.usc.edu(124): echo -n "yesnomaybe" | hw1 > enc-base64 > eWVzbm9tYXliZQ== > > --I can pipe the output of this to the dec-base64: > aludra.usc.edu(125): echo -n "yesnomaybe" | hw1 > enc-base64 | hw1 dec-base64 > yesnomaybe > > But I get no output in stdout (specified in the > function) when I do the following: > aludra.usc.edu(123): echo -n "eWVzbm9tYXliZQ==" | hw1 > dec-base64 > > I'm at a loss for what is wrong with my program. Any > help would be appreciated. Thank you, This is because the output of "hw1 enc-base64" has a '\n' at the end! So, if you don't add the '\n' at the end of your echo command above (123), the BIO function thinks the input has not end and won't produce the output (yet). Therefore, in (123) above, you should not use "-n". -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Jan 28 22:32:07 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0T6W7cM002701 for ; Wed, 28 Jan 2004 22:32:07 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0T6VD8T022892 for ; Wed, 28 Jan 2004 22:31:13 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0T6VD09022890 for cs530@merlot.usc.edu; Wed, 28 Jan 2004 22:31:13 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0T6VD8T022883 for ; Wed, 28 Jan 2004 22:31:13 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0T6VCm2022877 for ; Wed, 28 Jan 2004 22:31:13 -0800 Message-Id: <200401290631.i0T6VCm2022877@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: What is expected of passphrase? Date: Wed, 28 Jan 2004 22:31:12 -0800 From: william@bourbon.usc.edu Someone wrote: > Since there is yet some confusion with passphrase, this is what I > have lead to believe.)Please correct me if I am going wrong) > The Passphrase must be from the stdin ONLY and not from a file. Stdin is stdin! If you do "cat file | hw1 enc-des datafile.txt", as far as "hw1" is concerned, the passphrase comes from stdin. > Now if the passphrase is from the stdin then there is no question > of CTRL D because in using the stdin the CTRL D is always after > a \n and since we process the passphrase only till the first \n , > we will never have a chance CTRL D in the stdin.Also how can we > have multiline input on the stdin When you say CTRL D, I assume you mean EOF. On nunki, I observed that if you enter: yesnomaybedd and you use something like fgets() to read a line from stdin, fgets() actually returns and there is no '\n' at the end of the input line. The EOF condition was not met. Actually, if you call fgets() again, you will get an EOF. Clearly, you can input multiline, but if your code will not read past a '\n', you will never look for a 2nd line. > 2.Consider the following commands: > a) hw1 enc-des datafile.txt > b) echo "somedata" | hw1 enc-des datafile.txt > c) echo -n "somedata" | hw1 enc-des datafile.txt > > are these commands enough to test the functionality of the > enc-des ? Don't know! You tell me! You are all grad students. You should know how to test your code by now. > 3.Also please tell me whether we have to store the encrypted data > in a file or display it to the stdout? As of now my program can > do both at the same time? is that fine? You must write the encrypted data to stdout. This means that you must write the phrase "Enter DES encryption passphrase:" to stderr! You can redirect the output to a file if you want. If you don't know what does redirection mean in UNIX, please read a UNIX book. > 4.Also regarding the last 8 bytes , I have not encountered any > problem of getting some junk data at the end and the output is > identical to the input? Any ideas why did I not get this problem? You are probably doing something wrong or you haven't try encryption enough on different data! Again, you are all grad students! You should know how to test your code. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Wed Jan 28 07:26:54 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0SFQscM017330 for ; Wed, 28 Jan 2004 07:26:54 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0SFQ08T007929 for ; Wed, 28 Jan 2004 07:26:00 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0SFQ0Su007927 for cs530@merlot.usc.edu; Wed, 28 Jan 2004 07:26:00 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0SFQ08T007918 for ; Wed, 28 Jan 2004 07:26:00 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0SFQ05Z007914 for ; Wed, 28 Jan 2004 07:26:00 -0800 Message-Id: <200401281526.i0SFQ05Z007914@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: cs530 des passphrase question Date: Wed, 28 Jan 2004 07:26:00 -0800 From: william@bourbon.usc.edu Someone wrote: > How should our enc-des function handle the situation where a > passphrase file containing no linefeed characters is redirected > to standard input? Is there a way to ignore the EOF character > and continue accepting input until a linefeed is entered (I cant > seem to figure out how to do this, I am using C++ streams which > is making all of this very tricky). What about the situation > where the first character in standard input is EOF? I'm not sure what you mean by "a passphrase file"! The passphrase is *always* read from stdin. The file to encrypt is *always* specified in the commandline argument! (I hope you are not reading the old spec.) > Right now my program will ignore EOF characters entered from the > keyboard and accept all other characters until a line feed is > entered. But when I redirect output into my hw1 program it will > stop accepting input at a linefeed or eof character, whichever > comes first. Will I lose points for this? I have no idea what you've done, so I cannot answer this question. If you do it right, you will not lose points. If you do it wrong, you may lose points. EOF is entered from the keyboard as d. Are you also handling c? Can you ignore c and keep reading until you get a linefeed? I don't think you can. Or are you getting EOF in a different manner? -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Jan 27 22:19:49 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0S6JncM006727 for ; Tue, 27 Jan 2004 22:19:49 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0S6Iu8T019788 for ; Tue, 27 Jan 2004 22:18:56 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0S6Iujs019783 for cs530@merlot.usc.edu; Tue, 27 Jan 2004 22:18:56 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0S6Iu8T019777 for ; Tue, 27 Jan 2004 22:18:56 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0S6IusV019773 for ; Tue, 27 Jan 2004 22:18:56 -0800 Message-Id: <200401280618.i0S6IusV019773@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: example code in openssl documentation Date: Tue, 27 Jan 2004 22:18:56 -0800 From: william@bourbon.usc.edu Someone wrote: > I remember you saying that we could use example code that we found in > the openssl documentation or elsewhere if the code was public domain as > long as we sited the source. What would happen if, say, our base64 > encoding/decoding look very close to the code in the openssl > documentation but we still sited it as such? You can *derive* code from public domain code base. You should cite it if your code is based on the public domain code. If your code is based on documentation of the openssl package, I guess it wouldn't hurt to cite it. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Jan 27 17:05:42 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0S15gcM000807 for ; Tue, 27 Jan 2004 17:05:42 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0S14p8T023995 for ; Tue, 27 Jan 2004 17:04:51 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0S14omX023993 for cs530@merlot.usc.edu; Tue, 27 Jan 2004 17:04:50 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0S14o8T023990 for ; Tue, 27 Jan 2004 17:04:50 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0S14obV023986 for ; Tue, 27 Jan 2004 17:04:50 -0800 Message-Id: <200401280104.i0S14obV023986@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: need a little help regarding 530 hw1 Date: Tue, 27 Jan 2004 17:04:50 -0800 From: william@bourbon.usc.edu Someone wrote: > I'm working on the des enc/dec part of the project. > > Well i am having a stupid problem. > U were saying we should be able to redirect the output of our > program to a file.. > using something like this.... > > hw1 hexdump abc.txt > cde.txt > or something.... > > similarly for enc-des > hw1 enc-des yesterday.txt > abc.txt > > here one stupid thing is happening... lets say i give this > command. > Now when i prompt the user for passphrase saying > > Enter DES encryption passphrase: > > This also goes into abc.txt file..it's not visible on screen.. > but is there in abc.txt.. > so this is the problem,,,, > > So i was thinking, that i should ask for a file name from the > user and dump my output into that for des case only. Please see my message with timestamp "Sat 24 Jan 13:31" in the message archive. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Jan 27 13:23:47 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0RLNlcM029059 for ; Tue, 27 Jan 2004 13:23:47 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0RLMu8T004013 for ; Tue, 27 Jan 2004 13:22:56 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0RLMt5j004011 for cs530@merlot.usc.edu; Tue, 27 Jan 2004 13:22:55 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0RLMt8T004008 for ; Tue, 27 Jan 2004 13:22:55 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0RLMtDJ004001 for ; Tue, 27 Jan 2004 13:22:55 -0800 Message-Id: <200401272122.i0RLMtDJ004001@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Rearding passphrase input... Date: Tue, 27 Jan 2004 13:22:55 -0800 From: william@bourbon.usc.edu Someone wrote: > Ur response is a little confusing.... > U'r answer to my ques: > > Input of passphrase ends when the user presses the > > key. This produces a '\n' in the input line. > > d is the EOF (end-of-file) character. Not the > > (end-of-line) character. > > > Leading and trailing *blank characters* must be removed from > > the user's input. The rest are considered the actual > > passphrase. Blank characters are: > > > > (or equivalently 0x20) > > (or equivalently '\r') > > (or equivalently '\n') > > (or equivalently '\t') > > -- > > U response says : > 1. input ends with key... > This simply means we can use gets() function.... > becasue it consumes all the spaces n all.... Yes, you can use fgets(). But you do need to watch out if the input is longer than the size of your buffer. > 2. only leading and trailing blank chars are too be > removed...U never said (not in the spec nor in ur reply.. ) > that user can't enter them in b/w the string. Exactly, I've never said that. > Now what im saying is if an input is going to end with > '\n' then how come it will contain '\n' in b/w... Of course it cannot! > What i've made is... > Written code which can take input which does not start or > end with a space, \n \r \t etc.... > but it can contain all these in the middle. As was written in the specs... As long as you are following the spec, there's no problem. It's not clear to me what you are doing. If the input line is "yesnomaybe", the passphrase should be "yesnomaybe". > I meet the TA (Nadim ) of 551 today and showed him the > specs and confirmed the same from him... he said u have done write.... Please remember that Nadim is the TA for my 551 class and not this class. Of course, you can get advise from anyone on the planet. Just don't complain to me later on that Nadim said this is that is okay for 530 and you got points taken off (and I'm not saying that what he said was right or wrong). > But for all this my input ends with an EOF. Passphrase ends with '\n'. Stdin ends with d, which is EOF. If you look for the EOF character when you read the passphrase, you will lose points! -- Bill Cheng // bill.cheng@usc.edu > ----- Original Message ----- > From: william@bourbon.usc.edu > Date: Tuesday, January 27, 2004 10:50 am > Subject: Re: Rearding passphrase input... > > > Someone wrote: > > > > > This is in the spec.... > > > >For the enc-des and dec-des commands, you must prompt the user > > > for a passphrase. You >must first remove leading and trailing > > > blanks characters (including trailing '\n' >and '\r' characters) > > > from the passphrase, if the remaining string is empty, you > > > >should ask the user for a passphrase again > > > > > > What i need to ask is.... > > > Input of passphase ends with cntrl+D or can it end with user > > > pressing enter key? > > > > Input of passphrase ends when the user presses the > > key. This produces a '\n' in the input line. > > > > d is the EOF (end-of-file) character. Not the > > (end-of-line) character. > > > > > Because from the specs it seems that the passphrase itself can > > > contain /n and /r and space chars in between but not in the > > > ends... > > > > Leading and trailing *blank characters* must be removed from > > the user's input. The rest are considered the actual > > passphrase. Blank characters are: > > > > (or equivalently 0x20) > > (or equivalently '\r') > > (or equivalently '\n') > > (or equivalently '\t') > > -- > > Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Jan 27 11:04:06 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0RJ46cM026558 for ; Tue, 27 Jan 2004 11:04:06 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0RJ3F8T016352 for ; Tue, 27 Jan 2004 11:03:15 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0RJ3F4p016347 for cs530@merlot.usc.edu; Tue, 27 Jan 2004 11:03:15 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0RJ3F8T016341 for ; Tue, 27 Jan 2004 11:03:15 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0RJ3F1r016337 for ; Tue, 27 Jan 2004 11:03:15 -0800 Message-Id: <200401271903.i0RJ3F1r016337@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Passphrase size Date: Tue, 27 Jan 2004 11:03:15 -0800 From: william@bourbon.usc.edu Someone wrote: > For the enc-des/dec-des, will the passphrase be entered from pipe? > For example, cat /usr/share/gtk-2.0/demo/gtk-logo-rgb.gif | hw1 enc-des > yesterday.txt What you meant by "entered from pipe" is just "stdin". Your code cannot tell the difference (easily) if you are entering data from stdin or from pipe, so they are equivalent! If you have a passphrase file (let's call it "pass"), you can do cat pass | hw1 enc-des yesterday.txt Therefore, your passphrase file can come from any other file, such as /usr/share/gtk-2.0/demo/gtk-logo-rgb.gif. But, you should *only* read till you get the first '\n' character from stdin and ignore the rest. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Jan 27 10:58:50 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0RIwocM026432 for ; Tue, 27 Jan 2004 10:58:50 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0RIvx8T014348 for ; Tue, 27 Jan 2004 10:57:59 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0RIvxwp014346 for cs530@merlot.usc.edu; Tue, 27 Jan 2004 10:57:59 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0RIvx8T014343 for ; Tue, 27 Jan 2004 10:57:59 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0RIvxmU014339 for ; Tue, 27 Jan 2004 10:57:59 -0800 Message-Id: <200401271857.i0RIvxmU014339@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: how to check enc-des Date: Tue, 27 Jan 2004 10:57:59 -0800 From: william@bourbon.usc.edu Someone wrote: > 1)I have written the code for enc-des but I dont know how to > verify whether the output that i get is correct. Do we have to > check the 1st 256 bytes of the output against the 256 bytes of > output that you have given in the homepage (which is rather > unreadable) Yes. Right-click and save the file. Then use your HW1 to do hexdump. > 2)I have read 8 bytes of data from the file and then I call the > des_ncbc_encrypt() for the 8 bytes read .This process is in the > loop . I just wonder whether I am going in the right direction? Sounds about right! -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Jan 27 10:51:46 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0RIpjcM026283 for ; Tue, 27 Jan 2004 10:51:45 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0RIos8T011660 for ; Tue, 27 Jan 2004 10:50:54 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0RIosgE011658 for cs530@merlot.usc.edu; Tue, 27 Jan 2004 10:50:54 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0RIos8T011655 for ; Tue, 27 Jan 2004 10:50:54 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0RIosaC011651 for ; Tue, 27 Jan 2004 10:50:54 -0800 Message-Id: <200401271850.i0RIosaC011651@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Rearding passphrase input... Date: Tue, 27 Jan 2004 10:50:54 -0800 From: william@bourbon.usc.edu Someone wrote: > This is in the spec.... > >For the enc-des and dec-des commands, you must prompt the user > for a passphrase. You >must first remove leading and trailing > blanks characters (including trailing '\n' >and '\r' characters) > from the passphrase, if the remaining string is empty, you > >should ask the user for a passphrase again > > What i need to ask is.... > Input of passphase ends with cntrl+D or can it end with user > pressing enter key? Input of passphrase ends when the user presses the key. This produces a '\n' in the input line. d is the EOF (end-of-file) character. Not the (end-of-line) character. > Because from the specs it seems that the passphrase itself can > contain /n and /r and space chars in between but not in the > ends... Leading and trailing *blank characters* must be removed from the user's input. The rest are considered the actual passphrase. Blank characters are: (or equivalently 0x20) (or equivalently '\r') (or equivalently '\n') (or equivalently '\t') -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Jan 27 10:43:34 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0RIhYcM026125 for ; Tue, 27 Jan 2004 10:43:34 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0RIgh8T008590 for ; Tue, 27 Jan 2004 10:42:43 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0RIghWL008582 for cs530@merlot.usc.edu; Tue, 27 Jan 2004 10:42:43 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0RIgh8T008579 for ; Tue, 27 Jan 2004 10:42:43 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0RIgh1U008575 for ; Tue, 27 Jan 2004 10:42:43 -0800 Message-Id: <200401271842.i0RIgh1U008575@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: Lectures vs. textbook Date: Tue, 27 Jan 2004 10:42:43 -0800 From: william@bourbon.usc.edu Someone wrote: > Have you published a syllabus that tells (at least roughly) the > correspondence between your lectures and the textbook(s)? I must > (sheepishly) admit I haven't cracked the textbook yet, as I > assumed you were covering introductory material and would mention > the textbook when we got to it. Apparently that assumption was > wrong. > > If you could please give me some guidance on this point, I would > appreciate it. In the Syllabus/Topics Covered section of the course description web page, it mentioned approximately the correspondance between lecture topics and textbook chapters and papers. -- Bill Cheng // bill.cheng@usc.edu Return-Path: cs530@bourbon.usc.edu Delivery-Date: Tue Jan 27 10:13:46 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0RIDkcM025573 for ; Tue, 27 Jan 2004 10:13:46 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0RICt8T029575 for ; Tue, 27 Jan 2004 10:12:55 -0800 Received: (from cs530@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0RICtOZ029573 for cs530@merlot.usc.edu; Tue, 27 Jan 2004 10:12:55 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0RICt8T029570 for ; Tue, 27 Jan 2004 10:12:55 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0RICtY4029566 for ; Tue, 27 Jan 2004 10:12:55 -0800 Message-Id: <200401271812.i0RICtY4029566@bourbon.usc.edu> To: cs530@bourbon.usc.edu Subject: Re: cs530 DES passphrase expected max size Date: Tue, 27 Jan 2004 10:12:55 -0800 From: william@bourbon.usc.edu Someone wrote: > When we prompt the user for a DES passphrase can we make any > assumptions about the maximum length of this passphrase? No. > If not, > should be write our code to handle situations where this > passphrase might exceed the maximum allowable buffer size stated > in the spec? Just want to be extra careful. Yes. Let's say that you use a buffer of 4,096 bytes for reading the passphrase and you are trying to read from stdin. You read and you read and there's no end. Well, you whould copy the first 4,095 bytes into your buffer and drop the rest of the input (until you see a '\n'). By dropping, I mean you still have to read it (may be one character at a time or serveral characters at a time) but just ignore what you read. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Jan 26 16:28:29 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0R0STcM005077 for ; Mon, 26 Jan 2004 16:28:29 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0R0Re8T021002 for ; Mon, 26 Jan 2004 16:27:40 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0R0Reiu020998 for ; Mon, 26 Jan 2004 16:27:40 -0800 Message-Id: <200401270027.i0R0Reiu020998@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: C++ problem with base64 decoding Date: Mon, 26 Jan 2004 16:27:40 -0800 From: william@bourbon.usc.edu Hi, I'm forwarding a message from a student on the fstream issue. -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Mon, 26 Jan 2004 14:58:05 -0800 To: william@bourbon.usc.edu Subject: Re: C++ problem with base64 decoding Yes, you "have to" use the BIO methods. But you *don't* have to attach the B IO to a FILE descriptor. OpenSSL provides a mechanism to construct a BIO pipel ine completely internal to the program. See the BIO_new_pair() man page for de tails. Using this, you write to one end of the pipeline, and read from the oth er. Depending on which end of the pipe you push the BIO_f_base64() onto, the B IO either encodes or decodes. Very neat and symmetrical. On Mon, 26 Jan 2004 13:43:12 -0800 william@bourbon.usc.edu wrote: >Someone wrote: > > > Amid all these questions regarding using C++ fstream for base64 > > encoding, I would like to say a few things. First and foremost, > > you can use the fstream while encoding the file; but while > > decoding, you have to use the BIO read/write functions.I say so, > > because the Openssl Base64 documentation says > > "BIO_f_base64() returns the base64 BIO method. This is a filter > > BIO that base64 encodes any data written through it and decodes > > any data read through it ". > > So in order to decode, you 'have to' read using BIO functions. > > > > Just wanted to know, whether my interpretation is correct? > >I'm sorry that I don't know the answer to your question >because I don't do fstream (and I don't do any stream in >general)! >-- >Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Jan 26 13:44:01 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0QLi1cM002075 for ; Mon, 26 Jan 2004 13:44:01 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0QLhC8T024340 for ; Mon, 26 Jan 2004 13:43:12 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0QLhCxf024336 for ; Mon, 26 Jan 2004 13:43:12 -0800 Message-Id: <200401262143.i0QLhCxf024336@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: C++ problem with base64 decoding Date: Mon, 26 Jan 2004 13:43:12 -0800 From: william@bourbon.usc.edu Someone wrote: > Amid all these questions regarding using C++ fstream for base64 > encoding, I would like to say a few things. First and foremost, > you can use the fstream while encoding the file; but while > decoding, you have to use the BIO read/write functions.I say so, > because the Openssl Base64 documentation says > "BIO_f_base64() returns the base64 BIO method. This is a filter > BIO that base64 encodes any data written through it and decodes > any data read through it ". > So in order to decode, you 'have to' read using BIO functions. > > Just wanted to know, whether my interpretation is correct? I'm sorry that I don't know the answer to your question because I don't do fstream (and I don't do any stream in general)! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Jan 26 13:38:56 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0QLcucM001938 for ; Mon, 26 Jan 2004 13:38:56 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0QLc78T022365 for ; Mon, 26 Jan 2004 13:38:07 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0QLc7PV022363 for cs530@merlot; Mon, 26 Jan 2004 13:38:07 -0800 Date: Mon, 26 Jan 2004 13:38:07 -0800 From: william@bourbon.usc.edu Message-Id: <200401262138.i0QLc7PV022363@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: MD5_Update, (EVP_MD_Update(), etc.) Someone wrote: > In the spec, there is a requirement for nothing larger than a 4K > buffer. There are function calls for the digest algorithms that update > the message that is to be hashed. Is it okay to be constantly calling > this update function until the file is all the way read in and then call > the Final() function to output the data? Yes. > I am assuming this is okay, > but I was thinking last night that the internal storage mechanism for > the digest function(s) will end up being as large as the file that it > read in until it is completely hashed. These functions keep state information in the *_CTX. The internal buffer size in *_CTX does not grow. > Then I had a panic attack and > thought that we could never store anything larger than 4K. The 4K > buffer you are talking about is just so that we don't read the entire > contents of a file first, and then hash it, correct? There is nothing > preventing me from just reading in a file byte by byte and continuously > calling the update function, correct? Looking at doing it this way, I > don't even really need a buffer, unless I really want to just read in 4K > chunks. The 4K buffer size limit is on the buffer *you* created. Anything internal to the system or library functions does not apply since you have no control over it. You need a file buffer. Even if it's one byte in size, it's still a buffer! > Please correct me if I am wrong about the function calls. I wasn't sure > if I had to do some funky math to combine a bunch of hash values for 4K > worth of data over and over. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Jan 26 09:30:13 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0QHUDcM029717 for ; Mon, 26 Jan 2004 09:30:13 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0QHTP8T027694 for ; Mon, 26 Jan 2004 09:29:25 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0QHTPWm027684 for ; Mon, 26 Jan 2004 09:29:25 -0800 Message-Id: <200401261729.i0QHTPWm027684@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: C++ problem with base64 decoding Date: Mon, 26 Jan 2004 09:29:25 -0800 From: william@bourbon.usc.edu Hi, I'm forwarding a message from a student. -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Mon, 26 Jan 2004 08:22:19 -0800 To: william@bourbon.usc.edu Subject: Re: C++ problem with base64 decoding Prof Cheng, Yes, you can use fstream, but it's quite complex to do it directly. Not wort h it for a homework, as you would have to deal directly with the underlying str eambuf's. I use fstream, but indirectly. Use fstream to read into a buffer, then push that data through the BIO. You can't use BIO_new_fp(), though, you have to use a BIO_new_pair(). There's a "t rick", too, as (due to the base64 expansion), you have to make buffer on the ba se64 side of the pair bigger (by at least 1/3) than the unencoded side. It's about 6-8 lines of code, so above your limit to share. The problem with using stdio is that it doesn't mix well with streams. So yo u really have to choose one or the other. Streams make the overall implementat ion more orthogonal to non-file I/O, so (for me, at least) seemed preferable. On Sun, 25 Jan 2004 21:59:21 -0800 william@bourbon.usc.edu wrote: >Someone wrote: > > > is there a way to use base64 decoding functions provided by the > > openssl library with "fstream" in C++? the functions that use the > > base 64 decoding explicitly use FILE* of C. > >I assume there is a way to map FILE* to a C++ file stream >since the C++ I/O stream library is HUGE. > > > In my program i have used Fstream and in the constructor itself i > > get the file / stdin's contents into a memory buffer. due to this > > i'm reduced the trouble of worrying about the type of input > > further in the program. but in base64 decoding the BIO_new_fp() > > method takes stdin as a parameter, but since i've already read > > the contents of stdin further reading the buffer gives nothing. > >I'm not sure exactly what you are asking. You can call >rewind() on the input file (if it's not stdin). > >I don't understand why you *have to* use fstream if the BIO >function that's already implemented in openssl deals >directly with (FILE*). Just call fopen() and use the BIO >functions and you are done! > >Another way is of course to implement your base64 encoding >and decoding without using openssl functions so you can >use fstream. But that's just crazy! > >When you go get a job in the industry, you often will have >to be forced to use libraries supplied by other vendors. >Some will only have C interface routines and only deal with >C structures. You should not get into the habbit of only >know how to deal with specific interfaces or data types! >-- >Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Jan 26 07:09:58 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0QF9wcM027124 for ; Mon, 26 Jan 2004 07:09:58 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0QF9A8T024233 for ; Mon, 26 Jan 2004 07:09:10 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0QF9AHk024229 for ; Mon, 26 Jan 2004 07:09:10 -0800 Message-Id: <200401261509.i0QF9AHk024229@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Regarding the commandline arguments for md5, sha5, hexdump, etc.. Date: Mon, 26 Jan 2004 07:09:10 -0800 From: william@bourbon.usc.edu Someone wrote: > consider the following example.. > > hw1 md5 abc.txt > > Here say if the file abc.txt does not exist or the user does not > have access rights. > Still its a valid input as "abc.txt" can be considered stdin and > its checksum can be found out. Same thing applies for hexdump, > sha1, etc.. who have file argument as optional. No! The spec says that you should take the 2nd argument as a filename if the first argument is "md5". -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Jan 26 07:06:49 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0QF6ncM027077 for ; Mon, 26 Jan 2004 07:06:49 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0QF618T021271 for ; Mon, 26 Jan 2004 07:06:01 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0QF61W0021267 for ; Mon, 26 Jan 2004 07:06:01 -0800 Message-Id: <200401261506.i0QF61W0021267@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: des "yesnomaybe" Date: Mon, 26 Jan 2004 07:06:01 -0800 From: william@bourbon.usc.edu Someone wrote: > I have tried to read the pass phrase from either the > stdin or a file > Now when i encode the passphrase using sha1 , the output is > de 07..... > > where as the output that you have given in your spec is: > fe c4 ..... > > which is not the same as my output.Is this fine or is their any > programming fault in my code? I'm pretty sure it's a bug in your code. If you do: echo -n "yesnomaybe" | openssl sha1 you will get exactly what's in the spec! There should be one unique output when you compute the SHA1 value of a string! Is your SHA1 code working correctly? Have you compared your results against running openssl from a command prompt? -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Jan 26 07:02:16 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0QF2GcM026996 for ; Mon, 26 Jan 2004 07:02:16 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0QF1S8T017074 for ; Mon, 26 Jan 2004 07:01:28 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0QF1SH0017067 for ; Mon, 26 Jan 2004 07:01:28 -0800 Message-Id: <200401261501.i0QF1SH0017067@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: EVP functions in OpenSSL library Date: Mon, 26 Jan 2004 07:01:28 -0800 From: william@bourbon.usc.edu Someone wrote: > Is it okay to use the EVP digest functions in the OpenSSL > library? The > documentation claims that applications should use these instead > of the md5/sha1 function calls. Sure! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sun Jan 25 22:00:09 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0Q609cM016802 for ; Sun, 25 Jan 2004 22:00:09 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0Q5xM8T020984 for ; Sun, 25 Jan 2004 21:59:22 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0Q5xLSL020980 for ; Sun, 25 Jan 2004 21:59:21 -0800 Message-Id: <200401260559.i0Q5xLSL020980@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: C++ problem with base64 decoding Date: Sun, 25 Jan 2004 21:59:21 -0800 From: william@bourbon.usc.edu Someone wrote: > is there a way to use base64 decoding functions provided by the > openssl library with "fstream" in C++? the functions that use the > base 64 decoding explicitly use FILE* of C. I assume there is a way to map FILE* to a C++ file stream since the C++ I/O stream library is HUGE. > In my program i have used Fstream and in the constructor itself i > get the file / stdin's contents into a memory buffer. due to this > i'm reduced the trouble of worrying about the type of input > further in the program. but in base64 decoding the BIO_new_fp() > method takes stdin as a parameter, but since i've already read > the contents of stdin further reading the buffer gives nothing. I'm not sure exactly what you are asking. You can call rewind() on the input file (if it's not stdin). I don't understand why you *have to* use fstream if the BIO function that's already implemented in openssl deals directly with (FILE*). Just call fopen() and use the BIO functions and you are done! Another way is of course to implement your base64 encoding and decoding without using openssl functions so you can use fstream. But that's just crazy! When you go get a job in the industry, you often will have to be forced to use libraries supplied by other vendors. Some will only have C interface routines and only deal with C structures. You should not get into the habbit of only know how to deal with specific interfaces or data types! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sun Jan 25 08:02:06 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0PG26cM001068 for ; Sun, 25 Jan 2004 08:02:06 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0PG1K8T018143 for ; Sun, 25 Jan 2004 08:01:20 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0PG1KDH018139 for ; Sun, 25 Jan 2004 08:01:20 -0800 Message-Id: <200401251601.i0PG1KDH018139@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: path specify Date: Sun, 25 Jan 2004 08:01:20 -0800 From: william@bourbon.usc.edu Someone wrote: > Do we need to mention the environment settings (path and all > which are there in the specs ) in our readme file.. If you think it's worth mentioning, then put it in your README file. If not, leave it out! (Again, this is a graduate class, I cannot give detailed instructions for things like this.) You can also pretend for a moment that you are the grader/TA, what information do you *want to* see in order to grade? -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Jan 24 22:26:31 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0P6QVcM011493 for ; Sat, 24 Jan 2004 22:26:31 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0P6Pl8T023364 for ; Sat, 24 Jan 2004 22:25:47 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0P6Plmj023360 for ; Sat, 24 Jan 2004 22:25:47 -0800 Message-Id: <200401250625.i0P6Plmj023360@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: enc-dec des issue Date: Sat, 24 Jan 2004 22:25:47 -0800 From: william@bourbon.usc.edu Someone wrote: > I am facing a peculiar problem in "enc-des" part of the hw. > Inspite of including > #include , If I try to instantiate > "DES_key_schedule" structure, I get the following error- > `DES_key_schedule' undeclared (first use in this function) > > In fact I am unable to use any of the functions/typedef's defined > in that des.h. Am I missing on something? Please see my message with timestamp "Fri 23 Jan 00:39". -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Jan 24 22:09:44 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0P69icM011085 for ; Sat, 24 Jan 2004 22:09:44 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0P68x8T007260 for ; Sat, 24 Jan 2004 22:08:59 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0P68xg8007256 for ; Sat, 24 Jan 2004 22:08:59 -0800 Message-Id: <200401250608.i0P68xg8007256@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: enc-base 64 Date: Sat, 24 Jan 2004 22:08:59 -0800 From: william@bourbon.usc.edu Someone wrote: > Are we expected to save the output of enc-base64 in a file so > that we can decode it later. I know we should do it for testing > but do we have to do it for the spec. If you output the data to stdout, you can save it into a file by doing I/O redirection (namely, ">" in UNIX). I'm not understand what you mean in your last sentense. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Jan 24 13:32:02 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0OLW1cM001469 for ; Sat, 24 Jan 2004 13:32:02 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0OLVI8T010282 for ; Sat, 24 Jan 2004 13:31:18 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0OLVIZb010278 for ; Sat, 24 Jan 2004 13:31:18 -0800 Message-Id: <200401242131.i0OLVIZb010278@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: hw1 spec Date: Sat, 24 Jan 2004 13:31:18 -0800 From: william@bourbon.usc.edu Someone wrote: > If you are redirecting stdout to a file, 'prompting the user' for > a password > doesn't exactly happen smoothly (read: it becomes the first line > of your output) > > So.. for enc/dec-des shouldn't our programs operate silently as > to not corrupt stdout with improper file output? You can prompt to stderr. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Jan 23 23:41:59 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0O7fxcM018289 for ; Fri, 23 Jan 2004 23:41:59 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0O7fH8T005840 for ; Fri, 23 Jan 2004 23:41:17 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0O7fHAr005836 for ; Fri, 23 Jan 2004 23:41:17 -0800 Message-Id: <200401240741.i0O7fHAr005836@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Sample cleartext & ciphertext? In-Reply-To: My message of "Fri, 23 Jan 2004 22:56:18 PST." <200401240656.i0O6uJNH027584@bourbon.usc.edu> Date: Fri, 23 Jan 2004 23:41:16 -0800 From: william@bourbon.usc.edu Hi, Let me clarify the "trick" I mentioned below. If everyone uses a different method to solve the problem I'm eluding to, then a file encrypted by one student cannot be decrypted by another student. So, interoperability is not a requirement! -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Fri, 23 Jan 2004 22:56:18 -0800 From: william@bourbon.usc.edu To: cs530@merlot.usc.edu Subject: Re: Sample cleartext & ciphertext? Someone wrote: > Would it be possible for you to provide us with a short sample of > cleartext and its accompanying ciphertext with which to validate > our code? As it stands, one can easily verify the code is > symmetrical (can decrypt text it has encrypted), but not that it > is interoperable (can decrypt text others encrypted with the same > key and algorithm). > > Now I realize that it is "possible" to make this verification > using only the openssl tools provided. But the openssl > documentation is rather incomplete, so it is unclear whether > openssl is being initialized exactly the way you want, short of > inspecting the openssl source code :-(. Right... Well, I mentioned in class that there is a little trick you need to do for encrypting and decrypting with DES. In order for me *not* to reveal the secret, I'll only provide the first 256 bytes of the DES encrypted file of "yesterday.txt" using "yesnomaybe" as the passphrase. Please check the updated spec. You should document what trick you use to make DES encryption and descyption works in your README file. If you don't know what I mean, it's probably because you haven't spent enough time coding the DES part of HW1. > Of course, if you're only planning to evaluate the programs for > symmetry, none of this matters ;-). Thank you, Prof Cheng. Symmetry would be the minimal, but how would we know you are really using DES unless we read every line of your code?! So, we will test your solution against our solution. If you can decrypt the encrypted you've produced and your encrypted file does not match ours, please let me know (or at least put it in the README file). -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Jan 23 23:14:12 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0O7ECcM017727 for ; Fri, 23 Jan 2004 23:14:12 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0O7DU8T011572 for ; Fri, 23 Jan 2004 23:13:30 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0O7DUBW011564 for ; Fri, 23 Jan 2004 23:13:30 -0800 Message-Id: <200401240713.i0O7DUBW011564@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CSCI530 HW1 Date: Fri, 23 Jan 2004 23:13:30 -0800 From: william@bourbon.usc.edu Someone wrote: > When I use DES_ncbc_encrypt() in enc-des/dec-des, I always find the > first 8 bytes were wrongly encrypted, no matter how long is the input > string. All other data in the put file can be decypted correctly. > > For example, if the input string = "12345678901234567890", > after encypt/decypt, the output = "LmĪ¯901234567890". > > Is there any trick to use this ncbc function? Thanks! I cannot tell what's going on. You should search the web, read the documentation, discuss in class newsgroup and figure out how to call DES_ncbc_encrypt(). Sorry that I cannot help much here. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Jan 23 23:07:54 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0O77scM017569 for ; Fri, 23 Jan 2004 23:07:54 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0O77C8T005581 for ; Fri, 23 Jan 2004 23:07:12 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0O77Cu2005577 for ; Fri, 23 Jan 2004 23:07:12 -0800 Message-Id: <200401240707.i0O77Cu2005577@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Using old code Date: Fri, 23 Jan 2004 23:07:12 -0800 From: william@bourbon.usc.edu Someone wrote: > Let say a user types.... > > >cat abc.txt|hw1 hexdump cde.txt > > I've made code which will work for either > >cat abc.txt|hw1 hexdump > or > >hw1 hexdump cde.txt > or > hw1 hexdump > > cntrl+D > > I guess that's enough.... The first example when you have specified a file, you should just ignore stdin. So, you've made the right decision. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Jan 23 22:57:01 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0O6v1cM017369 for ; Fri, 23 Jan 2004 22:57:01 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0O6uJ8T027588 for ; Fri, 23 Jan 2004 22:56:19 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0O6uJNH027584 for ; Fri, 23 Jan 2004 22:56:19 -0800 Message-Id: <200401240656.i0O6uJNH027584@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Sample cleartext & ciphertext? Date: Fri, 23 Jan 2004 22:56:18 -0800 From: william@bourbon.usc.edu Someone wrote: > Would it be possible for you to provide us with a short sample of > cleartext and its accompanying ciphertext with which to validate > our code? As it stands, one can easily verify the code is > symmetrical (can decrypt text it has encrypted), but not that it > is interoperable (can decrypt text others encrypted with the same > key and algorithm). > > Now I realize that it is "possible" to make this verification > using only the openssl tools provided. But the openssl > documentation is rather incomplete, so it is unclear whether > openssl is being initialized exactly the way you want, short of > inspecting the openssl source code :-(. Right... Well, I mentioned in class that there is a little trick you need to do for encrypting and decrypting with DES. In order for me *not* to reveal the secret, I'll only provide the first 256 bytes of the DES encrypted file of "yesterday.txt" using "yesnomaybe" as the passphrase. Please check the updated spec. You should document what trick you use to make DES encryption and descyption works in your README file. If you don't know what I mean, it's probably because you haven't spent enough time coding the DES part of HW1. > Of course, if you're only planning to evaluate the programs for > symmetry, none of this matters ;-). Thank you, Prof Cheng. Symmetry would be the minimal, but how would we know you are really using DES unless we read every line of your code?! So, we will test your solution against our solution. If you can decrypt the encrypted you've produced and your encrypted file does not match ours, please let me know (or at least put it in the README file). -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Jan 23 17:02:39 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0O12dcM010500 for ; Fri, 23 Jan 2004 17:02:39 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0O11v8T015041 for ; Fri, 23 Jan 2004 17:01:57 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0O11vax015037 for ; Fri, 23 Jan 2004 17:01:57 -0800 Message-Id: <200401240101.i0O11vax015037@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: openssl/e_os2.h: No such file or directory Date: Fri, 23 Jan 2004 17:01:57 -0800 From: william@bourbon.usc.edu Someone wrote: > I did the changes you have put up for openssl. But not it is not > compiling. With the earlier one it was compiling and running from > the program and not from the prompt. With the new changes it is > running from the prompt but not compiling. > this is my compiling error: > > > In file included from hw1.cc:4: > /usr/usc/openssl/0.9.7c/include/openssl/md5.h:62: > openssl/e_os2.h: No such file or directory > In file included from hw1.cc:6: > /usr/usc/openssl/0.9.7c/include/openssl/sha.h:62: > openssl/e_os2.h: No such file or directory > *** Error code 1 "e_os2.h" is in /usr/usc/openssl/0.9.7c/include/openssl and it is accessible. You can verify this. If you put: #include "/usr/usc/openssl/0.9.7c/include/openssl/md5.h" in your source code, this means that you are not reading the spec. You should use the class newsgroup to resolve these UNIX/compile problems. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Jan 23 10:20:16 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0NIKGcM002803 for ; Fri, 23 Jan 2004 10:20:16 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0NIJZ8T013490 for ; Fri, 23 Jan 2004 10:19:35 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0NIJZY7013486 for ; Fri, 23 Jan 2004 10:19:35 -0800 Message-Id: <200401231819.i0NIJZY7013486@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Runtime error cs530 Date: Fri, 23 Jan 2004 10:19:35 -0800 From: william@bourbon.usc.edu I'm forwarding an e-mail from a student regarding compiler warnings in a previous message. In general, you should have *zero* compiler warnings! -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Fri, 23 Jan 2004 01:46:59 -0800 To: william@bourbon.usc.edu Subject: Re: Runtime error cs530 Prof Cheng, Given some of the questions on the Yahoo group, I suspect the actual problem is an error in the programmer's use of the MD5_Update parameters. At least one other person has passed the 2nd argument as the MD5_CTX itself, rather than a POINTER to the MD5_CTX. That would generate this particular warning (and not w ork at all, to boot ;-). On Fri, 23 Jan 2004 00:41:13 -0800 william@bourbon.usc.edu wrote: >*This message was transferred with a trial version of CommuniGate(tm) Pro* >Someone wronte: > > > My code is compiling with 2 warnings but no errors.But i am > > getting runtime error and I dont know anything about this error. > > > > bash-2.05b$ gcc argc1.c -L/usr/usc/openssl/default/lib -lcrypto > > -I/usr/usc/openssl/default/include > > argc1.c: In function `md5': > > argc1.c:39: warning: passing arg 2 of `MD5_Update' makes pointer > > from integer without a cast > > argc1.c: In function `hexdump': > > argc1.c:88: warning: comparison is always false due to limited > > range of data type > > bash-2.05b$ a.out md5 tfile.txt > > ld.so.1: a.out: fatal: libcrypto.so.0.9.6: open failed: No such > > file or directory > > Killed > >That's because you didn't do: > > setenv LD_LIBRARY_PATH /usr/usc/openssl/default/lib:/usr/lib > >If you are running bash, you need to do: > > export LD_LIBRARY_PATH="/usr/usc/openssl/default/lib:/usr/lib" >-- >Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Jan 23 10:13:42 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0NIDgcM002641 for ; Fri, 23 Jan 2004 10:13:42 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0NID18T011075 for ; Fri, 23 Jan 2004 10:13:01 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0NID1WV011071 for ; Fri, 23 Jan 2004 10:13:01 -0800 Message-Id: <200401231813.i0NID1WV011071@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Use newer gcc? Date: Fri, 23 Jan 2004 10:13:01 -0800 From: william@bourbon.usc.edu Someone wrote: > Would it be acceptable to use a newer version of gcc than 2.95.2, > which is a couple of years old? I note that nunki has 3.3.2, > which is the newest version. gcc 2.95.2 has a rather incomplete > (and buggy) STL implementation. > > The hw1 implementation is very clean and orthogonal if the > iostream library is used. As you know, this is the preferred I/O > approach in C++, rather than using the C I/O functions. > > I can code the Makefile to explicitly invoke gcc 3.3.2, if this > approach is acceptable to you. Please let me know. If it's installed in nunki's system directories, it's no problem at all. (Personally, I would *never* use iostream or templates of any form. But that's just me.) -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Jan 23 00:41:52 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0N8fqcM024190 for ; Fri, 23 Jan 2004 00:41:52 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0N8fD8T028072 for ; Fri, 23 Jan 2004 00:41:13 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0N8fDfu028070 for cs530@merlot; Fri, 23 Jan 2004 00:41:13 -0800 Date: Fri, 23 Jan 2004 00:41:13 -0800 From: william@bourbon.usc.edu Message-Id: <200401230841.i0N8fDfu028070@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Runtime error cs530 Someone wronte: > My code is compiling with 2 warnings but no errors.But i am > getting runtime error and I dont know anything about this error. > > bash-2.05b$ gcc argc1.c -L/usr/usc/openssl/default/lib -lcrypto > -I/usr/usc/openssl/default/include > argc1.c: In function `md5': > argc1.c:39: warning: passing arg 2 of `MD5_Update' makes pointer > from integer without a cast > argc1.c: In function `hexdump': > argc1.c:88: warning: comparison is always false due to limited > range of data type > bash-2.05b$ a.out md5 tfile.txt > ld.so.1: a.out: fatal: libcrypto.so.0.9.6: open failed: No such > file or directory > Killed That's because you didn't do: setenv LD_LIBRARY_PATH /usr/usc/openssl/default/lib:/usr/lib If you are running bash, you need to do: export LD_LIBRARY_PATH="/usr/usc/openssl/default/lib:/usr/lib" -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Jan 23 00:40:38 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0N8eccM024180 for ; Fri, 23 Jan 2004 00:40:38 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0N8dw8T028014 for ; Fri, 23 Jan 2004 00:39:58 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0N8dwkw028012 for cs530@merlot; Fri, 23 Jan 2004 00:39:58 -0800 Date: Fri, 23 Jan 2004 00:39:58 -0800 From: william@bourbon.usc.edu Message-Id: <200401230839.i0N8dwkw028012@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CSCI530 HW1 Someone wrote: > For enc-des/dec-des, is the only *.h file we need to inlude? > I found those macros could not be found during compile. e.g: DES_cblock, > const_DES_cblock, etc. > > Is there other header files we need to use? Hmm... Looks like /usr/usc/openssl/default points to version 0.9.6g of openssl and the documentation on the web is for version 0.9.7c. Please use "openssl/0.9.7c" whenever you see "openssl/default" in the HW1 spec. I've just made a bunch of changes in the spec. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Jan 23 00:13:33 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0N8DXcM023544 for ; Fri, 23 Jan 2004 00:13:33 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0N8Cr8T027593 for ; Fri, 23 Jan 2004 00:12:53 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0N8CreD027589 for ; Fri, 23 Jan 2004 00:12:53 -0800 Message-Id: <200401230812.i0N8CreD027589@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: MD5_Init Date: Fri, 23 Jan 2004 00:12:53 -0800 From: william@bourbon.usc.edu Someone wrote: > Since we are not allowed to use a buffer of size greater than > 4K , I was trying to use MD5_Init(), MD5_Update(), and > MD5_Final() functions. This is what I have done. > > MD5_CTX *c; > MD5_Init(c); > .... > ... > > but the problem is that I am getting a segmentation fault > while trying this on the MD5_Init. Can you help me out? You did not allocate memory for it! You can either use malloc() to allocate memory, or you can do: MD5_CTX c; MD5_Init(&c); > Also when I run the md5 and sha1 functions from the command > line only md5 works but the sha1 does not work. Also I just > use 'md5 filename' and not 'openssl md5 filename'. It does > not work when I use openssl. If you are running csh/tcsh, please do: set path=(/usr/usc/openssl/0.9.7c/bin $path) rehash I've recently added this information to the HW1 spec. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Jan 22 23:40:29 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0N7eTcM022669 for ; Thu, 22 Jan 2004 23:40:29 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0N7do8T027328 for ; Thu, 22 Jan 2004 23:39:50 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0N7doSB027324 for ; Thu, 22 Jan 2004 23:39:50 -0800 Message-Id: <200401230739.i0N7doSB027324@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS530 - Openssl access denied Date: Thu, 22 Jan 2004 23:39:50 -0800 From: william@bourbon.usc.edu Someone wrote: > When i try to login to nunki, > i don't have access to openssl. Even if i add the path > /usr/usc/openssl/default to my path, it says permission denied. Would you > or the TA grant me the right permission ? I called up ISD to see if they > could do the needful, but they have asked me to resolve it with you/TA. If you do "ls /usr/usc/openssl/default", you can see that there is no "openssl" in it. Also, since you can see the content of that directory, you do have access. You should add "/usr/usc/openssl/default/bin" to your path. If there are real permissions problem, please let me know. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Jan 22 23:30:44 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0N7UicM022470 for ; Thu, 22 Jan 2004 23:30:44 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0N7U48T027225 for ; Thu, 22 Jan 2004 23:30:04 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0N7U4gJ027221 for ; Thu, 22 Jan 2004 23:30:04 -0800 Message-Id: <200401230730.i0N7U4gJ027221@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: requirement for enc-des/dec-des Date: Thu, 22 Jan 2004 23:30:04 -0800 From: william@bourbon.usc.edu Someone wrote: > I agree. What I was referring to was that the requirement wording > seemed to convey that a file or stdin could be used. The wording as > "Encrypt file (or stdin)..." makes me think that I can encrypt stdin > for enc-des. Perhaps removing the (or stdin) from the sentence would > clear things up. I really don't mean to be picky or sound horribly > anal. I've just removed it from the spec. -- Bill Cheng // bill.cheng@usc.edu On Wed, 2004-01-21 at 23:45, william@bourbon.usc.edu wrote: > Someone wrote: > > > I am not sure if this has been discussed or not, but I was > > wondering about something I was reading in the homework spec. It > > says that since file is optional for md5, sha1, etc, if there is > > no file, then the program will read from standard in. File is > > required for enc-des and dec-des. Therefore, should there really > > be (or stdin) for enc-des and dec-des since there must be a file > > given as a parameter? > > The reason why enc-des and dec-des must have an input file > specified in the commandline is because you need to prompt > the user for a passphrase. And when you prompt for a passphrase, > you would read what the user will type from stdin! So, if > the file is from stdin and the passphrase is also from stdin, > it would be tricky to get it to work. > > For other commands, you won't need to prompt the user for > anything, so it's okay to have the file data at stind. > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Jan 22 23:06:32 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0N76VcM021962 for ; Thu, 22 Jan 2004 23:06:31 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0N75q8T027054 for ; Thu, 22 Jan 2004 23:05:52 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0N75q0I027050 for ; Thu, 22 Jan 2004 23:05:52 -0800 Message-Id: <200401230705.i0N75q0I027050@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CSCI530 HW1 first 2 characters in md5 output Date: Thu, 22 Jan 2004 23:05:52 -0800 From: william@bourbon.usc.edu Someone wrote: > What do you mean when you say "The left most 2 character should correspond > to byte 0 of the output buffer." for the md5 and sha1 commands? Let's say you define: unsigned char md5_buf[MD5_DIGEST_LENGTH]; After you've called the MD5 related functions, md5_buf[] contains the message digest (or hash value). The question is, should you print the value out in an output line this way: md5_buf[0] md5_buf[1] md5_buf[2] ... md5_buf[MD5_DIGEST_LENGTH-1] or md5_buf[MD5_DIGEST_LENGTH-1] md5_buf[MD5_DIGEST_LENGTH-2] md5_buf[MD5_DIGEST_LENGTH-3] ... md5_buf[0] The above spec says that you should do it the first way. That's all. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Jan 22 09:41:37 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0MHfbcM006332 for ; Thu, 22 Jan 2004 09:41:37 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0MHeuW5001399 for ; Thu, 22 Jan 2004 09:40:56 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0MHeuLm001395 for ; Thu, 22 Jan 2004 09:40:56 -0800 Message-Id: <200401221740.i0MHeuLm001395@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: makefile Date: Thu, 22 Jan 2004 09:40:56 -0800 From: william@bourbon.usc.edu Someone wrote: > Must my makefile conform to make or gmake? Currently my makefile > uses features provided by gmake and not make. Can my submission > include a readme on how to compile my project? Yes! You should describe anything unusual in your README file. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Jan 21 23:46:31 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0M7kVcM027516 for ; Wed, 21 Jan 2004 23:46:31 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0M7jpW5021772 for ; Wed, 21 Jan 2004 23:45:51 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0M7jpxV021768 for ; Wed, 21 Jan 2004 23:45:51 -0800 Message-Id: <200401220745.i0M7jpxV021768@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: requirement for enc-des/dec-des Date: Wed, 21 Jan 2004 23:45:51 -0800 From: william@bourbon.usc.edu Someone wrote: > I am not sure if this has been discussed or not, but I was > wondering about something I was reading in the homework spec. It > says that since file is optional for md5, sha1, etc, if there is > no file, then the program will read from standard in. File is > required for enc-des and dec-des. Therefore, should there really > be (or stdin) for enc-des and dec-des since there must be a file > given as a parameter? The reason why enc-des and dec-des must have an input file specified in the commandline is because you need to prompt the user for a passphrase. And when you prompt for a passphrase, you would read what the user will type from stdin! So, if the file is from stdin and the passphrase is also from stdin, it would be tricky to get it to work. For other commands, you won't need to prompt the user for anything, so it's okay to have the file data at stind. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Jan 21 22:03:00 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0M630cM025486 for ; Wed, 21 Jan 2004 22:03:00 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0M62KW5019346 for ; Wed, 21 Jan 2004 22:02:20 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0M62KxW019342 for ; Wed, 21 Jan 2004 22:02:20 -0800 Message-Id: <200401220602.i0M62KxW019342@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Deadline for Term Paper Date: Wed, 21 Jan 2004 22:02:20 -0800 From: william@bourbon.usc.edu Someone wrote: > I was just wondering about the deadline for the proposal of the > term paper we are supposed to submit. I could not find it on the > class web site. Because it hasn't been decided. There is also no deadline for HW2, HW3, HW4, etc. If I have to take a guess, I would say that it would be around the time of the midterm exam. May be 3/8, the week before midterm would be a good date! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Jan 21 16:04:18 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0M04IcM018802 for ; Wed, 21 Jan 2004 16:04:18 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0M03dW5012067 for ; Wed, 21 Jan 2004 16:03:39 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0M03dVU012063 for ; Wed, 21 Jan 2004 16:03:39 -0800 Message-Id: <200401220003.i0M03dVU012063@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CSCI530 HW1 Date: Wed, 21 Jan 2004 16:03:39 -0800 From: william@bourbon.usc.edu Someone wrote: > >You've just caught a bug in the spec (I think someone was trying to > >point out the same thing at the end of today's class). I've just > >modified the spec to say that the "file" argument for enc-des/dec-des > >is *required*! Otherwise, there is no way to read the passphrase > >from the user! > > Not true! One can open /dev/tty to prompt the user and read his > response, regardless of the input source. I did not know about this trick! :-) I guess that would be too much UNIX hacking for this course. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Jan 21 13:18:04 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0LLI4cM015399 for ; Wed, 21 Jan 2004 13:18:04 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0LLHPW5008075 for ; Wed, 21 Jan 2004 13:17:25 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0LLHP5F008073 for cs530@merlot; Wed, 21 Jan 2004 13:17:25 -0800 Date: Wed, 21 Jan 2004 13:17:25 -0800 From: william@bourbon.usc.edu Message-Id: <200401212117.i0LLHP5F008073@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: extra slide in today's lecture... Hi, I added a slide about gdb in today's lecture slides. I forgot to talk about it in class today. Gdb is a C/C++ debugger on nunki. You should use a debugger to inspect memory and not rely on your print routines. You can also use the debugger to debug your print routines! The slide I include has the basic commands I use in gdb. As you can see, it's fairly simple. Don't be afraid to use it. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Jan 21 13:04:36 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0LL4acM015079 for ; Wed, 21 Jan 2004 13:04:36 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0LL3wW5007723 for ; Wed, 21 Jan 2004 13:03:58 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0LL3wMi007719 for ; Wed, 21 Jan 2004 13:03:58 -0800 Message-Id: <200401212103.i0LL3wMi007719@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CSCI530 HW1 Date: Wed, 21 Jan 2004 13:03:58 -0800 From: william@bourbon.usc.edu Someone wrote: > 1. Do we also need to support file input option in enc-des/dec-des? If > user put passphrase in the input file. You've just caught a bug in the spec (I think someone was trying to point out the same thing at the end of today's class). I've just modified the spec to say that the "file" argument for enc-des/dec-des is *required*! Otherwise, there is no way to read the passphrase from the user! > 2. I could NOT find any difference in the function description for > enc-base64 and dec-base64? > Is there any corresponding function call for enc-base64? Looks to me like the same function is used for encryption and decryption. From the example on the web page, if you call BIO_write(), it encrypts, and if you call BIO_read(), it decrypts. > 3. Could you please tell me how to use openssl command with stdin? > So that I can compare my stdin result with the openssl result. > I typed in "openssl md5", then hit "Return", it is sitting there > waiting for input. > But I don't know how to terminate the input and get the result. My > program works for stdin case. Try not to type data in from the keyboard! That's often confusing. Write your data into a file, say "foo.txt", then do: cat foo.txt | openssl md5 If your text is simply "hello world", then you can do: echo "hello world" | openssl md5 Please note that in this case, there's a "\n" after "hello world"! If you want it not to have "\n", do: echo -n "hello world" | openssl md5 -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Jan 21 09:57:36 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0LHvacM011241 for ; Wed, 21 Jan 2004 09:57:36 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0LHuvW5003545 for ; Wed, 21 Jan 2004 09:56:57 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0LHuudX003541 for ; Wed, 21 Jan 2004 09:56:57 -0800 Message-Id: <200401211756.i0LHuudX003541@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: cs_530 yahoogroup Date: Wed, 21 Jan 2004 09:56:56 -0800 From: william@bourbon.usc.edu Someone wrote: > I have started the yahoo group "cs_530" as you had suggested me. > It would be very helpful for the students in the course to find > the group if you could place an announcement on the class > webpage. The URL is: http://groups.yahoo.com/group/cs_530/ I've added a link from the class home page. I've also added a section in the course description web page regarding what can and cannot be posted in this newsgroup. Please see: http://merlot.usc.edu/cs530-s04/description.html#newsgroup -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Jan 21 09:39:03 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0LHd3cM010831 for ; Wed, 21 Jan 2004 09:39:03 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0LHcPW5003129 for ; Wed, 21 Jan 2004 09:38:25 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0LHcPJS003125 for ; Wed, 21 Jan 2004 09:38:25 -0800 Message-Id: <200401211738.i0LHcPJS003125@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CSCI530 HW1 Date: Wed, 21 Jan 2004 09:38:24 -0800 From: william@bourbon.usc.edu Someone wrote: > "Adjusting least significant bytes in each byte so that each > byte has odd parity..." should probably read "..least > significant bit..". Oops! It's fixed in the spec now. Thanks! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Jan 20 22:40:22 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0L6eMcM030487 for ; Tue, 20 Jan 2004 22:40:22 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0L6djW5020917 for ; Tue, 20 Jan 2004 22:39:45 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0L6djSL020913 for ; Tue, 20 Jan 2004 22:39:45 -0800 Message-Id: <200401210639.i0L6djSL020913@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CSCI530: HW1 - read 1 line at a time? Date: Tue, 20 Jan 2004 22:39:45 -0800 From: william@bourbon.usc.edu Someone wrote: > In response to someone's question, you gave a example. But in the > example, 'hw1' takes input from stdout (data that will be > displayed after the execution of cat command). Doesn't this > contradict the statement in the problem definition page which > says 'If file is not specified, your program should read from > stdin'. In the example, I used a UNIX pipe. The stdout of the command on the left becomes the stdin of the command on the right. > And if we are using stdin (keyboard), then whatever text that > will be entered after the 'hw1 ', will be ofcourse free > of newline characters; because once we hit the enter key, all > that written text will be pushed into stdin buffer. So can we > give a continuous string of characters as input to our program > when using stdin? There should be no difference between inputing from keyboard and piping the data from a previous command. If you are entering text from the keyboard, you can have newline characters. Just try it! You can terminate the keyboard input by entering the EOF character (which is d). -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Jan 20 15:39:51 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0KNdpcM022195 for ; Tue, 20 Jan 2004 15:39:51 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0KNdFW5012246 for ; Tue, 20 Jan 2004 15:39:15 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0KNdEEY012242 for ; Tue, 20 Jan 2004 15:39:14 -0800 Message-Id: <200401202339.i0KNdEEY012242@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CSCI530: HW1 - read 1 line at a time? Date: Tue, 20 Jan 2004 15:39:14 -0800 From: william@bourbon.usc.edu Someone wrote: > If we are reading from > console, i wonder if we have to read one line at a time, so that > every time user enters ("\n") it will dump the hex values in the > following line, or should user write multiple lines and then > enter a special character to break the reading? thus dump the all > lines in one block, but then there will be a character that > cannot be read. Please give me a suggestion. Thank you very much. You are *not* allowed to assume that the user will enter a special character to break the lines. What's coming from stdin does *not* have to be ASCII. For example, you can do: cat /usr/share/gtk-2.0/demo/gtk-logo-rgb.gif | hw1 md5 should generate: 2aab4522e368372ae5169005648a2365 -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Jan 20 15:32:37 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0KNWbcM022080 for ; Tue, 20 Jan 2004 15:32:37 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0KNW1W5012005 for ; Tue, 20 Jan 2004 15:32:01 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0KNW0T1012001 for ; Tue, 20 Jan 2004 15:32:01 -0800 Message-Id: <200401202332.i0KNW0T1012001@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS530: HW1 - usage of %x Date: Tue, 20 Jan 2004 15:32:00 -0800 From: william@bourbon.usc.edu Someone wrote: > I've read some documentation > of C language, and I found that if we print a char using %x > (printf("%x",ch)) it will print the hex value of the char. 'Y' > will be 59, 'N' will be 4e and so on, just like your example. so > can we use it? it saves a lot of work. Thank you printf() is a Standard C Library Functions (when you do "man -s 3c printf", it says that at the top). You can use anything that's documented on nunki (this includes openssl). -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Jan 20 11:59:23 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0KJxNcM017772 for ; Tue, 20 Jan 2004 11:59:23 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0KJwkW5007029 for ; Tue, 20 Jan 2004 11:58:46 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0KJwkOB007025 for ; Tue, 20 Jan 2004 11:58:46 -0800 Message-Id: <200401201958.i0KJwkOB007025@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: how to compile java programs on aludra or nunki? Date: Tue, 20 Jan 2004 11:58:46 -0800 From: william@bourbon.usc.edu Someone wrote: > I wrote a simple java program for the 1st Home work for CS 530. > But I couldn't compile it on the nunki or aludra server as > whenever I do "javac" it says command not found, whereas "java" > works. When I run "whereis javac" command, it shows \usr\bin > which is same as "whereis java", so the path is there in the > classpath .cshrc. > I will be writing a similar C program lateron from the java file, > but since I am more comfortable in java I thought of writing a > java program first. I don't think this is a good approach! But, if you really want to do this, you should: 1) add /usr/usc/java/default/bin to your path 2) set the JAVA_HOME environment variable to /usr/usc/jdk/default if you use csh/tcsh, you can do: setenv JAVA_HOME /usr/usc/jdk/default if you use bash, you can do: export JAVA_HOME=/usr/usc/jdk/default -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Jan 20 07:29:11 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0KFTAcM012593 for ; Tue, 20 Jan 2004 07:29:11 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0KFSVW5000872 for ; Tue, 20 Jan 2004 07:28:31 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0KFSVD7000868 for ; Tue, 20 Jan 2004 07:28:31 -0800 Message-Id: <200401201528.i0KFSVD7000868@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: problems in hw1 Date: Tue, 20 Jan 2004 07:28:31 -0800 From: william@bourbon.usc.edu Someone wrote: > 1)I have written a partial code for the hexdump function > It can be compiled and run using the "cc" compiler but when I use > "gcc" it gets compiled but there is no output generated > Note : In the code , I just take a string from the user and > display it in the format as required in the hw1 . I need to see what happened in order to tell what may be the problem. Could you send me and the TA a transcript of what happened? To get a transcript named foo.script in your home directory on nunki, do: script ~/foo.script [ run your commands as normal ] exit Then you can cut and paste the content of foo.script. You should not edit it much because you may delete important information. > 2) Also when I write #include in the code , the code > does not get compiled > although it compiles with # include I'm not sure what you mean by "get compiled". Please produce a transcript and send it to me. These are all very basic questions especially since you have cleared the CS 402 prerequisite! I'll help you a couple of times at most. You are a grad student, you should be able to find answers yourself (from the web or books) or find classmates or study buddies that can help you. Another way is to find other students who are not familiar with UNIX and try to solve common problems together. You can start a Yahoo Group and have discussions there. If you have created one and would like to make an announcement in class, please let me know. But please be careful not to commit plagiarism. Resolving compiler errors (error in Makefile or #include statements) with others is *not* considered plagiarism. Copying *code* from each other is. > 3)Now also I did not understand the spec in the course homepage > which is "The rules for the last 16 characters in a line is as > follows. > If the data byte is >=0x20 and <=0x7e you should use the > corresponding ASCII character. If the data byte is <=0x1f or > equals to 0x7f, you should print a period character. If the data > byte is >=0x80 you should print a ~ character. " You should see the sample output and look at the right-most column and the hex bytes in the middle of the output and compare it against the above paragraph and see if would make sense. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Jan 19 19:32:54 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0K3WscM031441 for ; Mon, 19 Jan 2004 19:32:54 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0K3WKW5017420 for ; Mon, 19 Jan 2004 19:32:20 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0K3WJ0t017418 for cs530@merlot.usc.edu; Mon, 19 Jan 2004 19:32:19 -0800 Date: Mon, 19 Jan 2004 19:32:19 -0800 From: william@bourbon.usc.edu Message-Id: <200401200332.i0K3WJ0t017418@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: HW1 spec changed... Hi, I don't know if I have mentioned this... The spec for homeworks may change without notice. You should check the class web page and the spec page occasionally. For homeworks, parts that have changed will be denoted by some blue text, surrounded by square brackets and look something like [BC: ...] I just changed the part in the HW1 spec regarding the initialization vector for DES. I decided to use a non-null initialization vector instead. Please check the updated spec. (And please remember to click on Reload on your browser and/or flush the cache.) Thanks! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Jan 16 10:53:47 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0GIrkcM026714 for ; Fri, 16 Jan 2004 10:53:47 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0GIr8W5007278 for ; Fri, 16 Jan 2004 10:53:08 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0GIr8V6007276 for cs530@merlot; Fri, 16 Jan 2004 10:53:08 -0800 Date: Fri, 16 Jan 2004 10:53:08 -0800 From: william@bourbon.usc.edu Message-Id: <200401161853.i0GIr8V6007276@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: additional requirement for HW1... Hi, I just added the following paragraph in the Miscellaneous section of the HW1 spec: [BC: Added 1/16/2004] You *must* call the MD5, SHA-1, BASE64, and DES related functions in the OpenSSL library *directly*. You will lose a lot of points if you invoke the openssl program using popen(), fork your process and call one of the exec system calls, or call system(). -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Jan 14 16:38:39 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0F0cdcM009228 for ; Wed, 14 Jan 2004 16:38:39 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0F0cIW5029542 for ; Wed, 14 Jan 2004 16:38:18 -0800 Received: from bourbon.usc.edu (william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) with ESMTP id i0F0cIoS029538 for ; Wed, 14 Jan 2004 16:38:18 -0800 Message-Id: <200401150038.i0F0cIoS029538@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: cs530 question Date: Wed, 14 Jan 2004 16:38:18 -0800 From: william@bourbon.usc.edu Someone wrote: > What would my rank have to be in class to ensure an A grade? For example in > top 5% , or top 10% etc? > How would the cutoff for A grade be decided? There is no fixed formula! The way I grade is the following. I calculate your score based on the points you scored in the HW, midterm, final, and term paper using the percentages mentioned in the class description web page. (I will not consider anything else except the points you earned in those items!) Then I plot everything on a single curve. B+ would be around the class average. Then I look for a break in the range of points to figure out the starting point of A-minuses. After the A-minuses, I look for a break in the points again to figure out the starting point of As. And so on. In general, I feel it's unfair to use strick percentages. two students whose total points difference is 0.1 should not get different letter grades! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Jan 13 12:34:10 2004 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.12.8/8.12.8) with ESMTP id i0DKYAcM007604 for ; Tue, 13 Jan 2004 12:34:10 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.12.8/8.12.8) with ESMTP id i0DKXqW5021446 for ; Tue, 13 Jan 2004 12:33:52 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.12.8/8.12.8/Submit) id i0DKXqC4021444 for cs530@merlot; Tue, 13 Jan 2004 12:33:52 -0800 Date: Tue, 13 Jan 2004 12:33:52 -0800 From: william@bourbon.usc.edu Message-Id: <200401132033.i0DKXqC4021444@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: getting on the class mailing list... Hi, If you have not done so, please go to the following page: http://merlot.usc.edu/cs530-s04/mailinglist.html and register with the class mailing list. Thanks! -- Bill Cheng // bill.cheng@usc.edu