Return-Path: william@bourbon.usc.edu Delivery-Date: Thu May 8 08:37:39 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m48FbdpN023121 for ; Thu, 8 May 2008 08:37:39 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m48FDfW3000389 for ; Thu, 8 May 2008 08:13:41 -0700 Message-Id: <200805081513.m48FDfW3000389@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: LKH Question Date: Thu, 08 May 2008 08:13:41 -0700 From: Bill Cheng Someone wrote: > In the lecture notes for Logical Key Hierarchy (LKH) Group Key > Management (Lecture 23, slide 25), it's stated that when U3 is joining > the group: (It should be Lecture 24.) > > K’34 is only needed by U4, so it can be encrypted using K4, denoted > > by {K’34}K4 > > However, in LKH each node must know they keys of all of it's > ancestors. So, when U3 is joining, doesn't it need to be informed of > K'34? On slide 27, it showed that K'34 is encrypted with K'3. That's how node U3 gets it. Alternatively, U3 can get K'34 (and all the new keys in its ancestor set). Therefore, there is a node on slide 27 saying that {K'34}K'3 is not really needed. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed May 7 16:54:02 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m47Ns2jN002684 for ; Wed, 7 May 2008 16:54:02 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m47NU9lE015047 for ; Wed, 7 May 2008 16:30:09 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m47NU9nX015046 for cs530@merlot; Wed, 7 May 2008 16:30:09 -0700 Date: Wed, 7 May 2008 16:30:09 -0700 From: Bill Cheng Message-Id: <200805072330.m47NU9nX015046@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Final exam reminder... Hi everyone, Just a reminder that the final exam is tomorrow in OHE 132 from 2pm to 4pm. Please bring a photo ID. See you tomorrow! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed May 7 13:09:00 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m47K90UL014959 for ; Wed, 7 May 2008 13:09:00 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m47Jj9GQ010291 for ; Wed, 7 May 2008 12:45:09 -0700 Message-Id: <200805071945.m47Jj9GQ010291@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS530: Age Question Date: Wed, 07 May 2008 12:45:09 -0700 From: Bill Cheng Someone wrote: > In Esoteric Protocols under the Secure Multi-Party Computation that > finds out if Bob's is older than Alice (lecture on April 3 slide 12), > step 7 states that Alice will checks if the 4th number in the sequence > sent in step 6 is congruent to x mod p. But at this stage, Alice can > count all the number that are congruent to x mod p in step 6 and deduce > Bobs age. Is this a weakness in this protocol? If you look at all the numbers in this example, none of them are congruent to 39 modulo 31! So, I'm not sure how Alice can figure out Bob's age! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed May 7 13:00:40 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m47K0eTh014192 for ; Wed, 7 May 2008 13:00:40 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m47JamqN010065 for ; Wed, 7 May 2008 12:36:48 -0700 Message-Id: <200805071936.m47JamqN010065@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: on tree-based batch signing Date: Wed, 07 May 2008 12:36:48 -0700 From: Bill Cheng Someone wrote: > Professor, I just wanted to ask a quick question. In the last > slides on group key mgmt where you describe tree-based batching, > is it really necessary to send R in messages? I mean we can > compute R from all the other hashes, and then verify it's > correctness by DS[R]. Conceptually, you are correct. But the reason it is there is because we usually denote a signed document as R+DS[R]. So, you should treat DS[R] as inseparable from R, and therefore, R needs to be included. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue May 6 10:13:51 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m46HDpLf029503; Tue, 6 May 2008 10:13:51 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m46Go8SO007460; Tue, 6 May 2008 09:50:08 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m46Go8ms007459; Tue, 6 May 2008 09:50:08 -0700 Date: Tue, 6 May 2008 09:50:08 -0700 From: Bill Cheng Message-Id: <200805061650.m46Go8ms007459@bourbon.usc.edu> To: cs530@merlot.usc.edu, cs551@merlot.usc.edu, cs558@merlot.usc.edu Subject: Office hour today... Hi everyone, I'm on campus today. So, I'll hold office hour between 1:30pm and 3:30pm. If you already have an appointment with me, please come at your appointment time. If you cannot make it during this time, please send e-mail to me to make an appointment. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon May 5 13:45:53 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m45KjrA7013262 for ; Mon, 5 May 2008 13:45:53 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m45KMIkF014532 for ; Mon, 5 May 2008 13:22:18 -0700 Message-Id: <200805052022.m45KMIkF014532@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Mathematical questions Date: Mon, 05 May 2008 13:22:18 -0700 From: Bill Cheng Someone wrote: > Will there be any mathematical questions for this exam? (Something > like RSA and LeGrange in the midterm) and if so, can you provide us with > an example please (So, we can practice on). These types of questions in the midterm were *straight* from the lecture slides (with only values being changed). You should do the same with other lecture slides for practice! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sun May 4 23:36:32 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m456aW9J003088 for ; Sun, 4 May 2008 23:36:32 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m456D2cw030783 for ; Sun, 4 May 2008 23:13:02 -0700 Message-Id: <200805050613.m456D2cw030783@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Possible typo in the slides Date: Sun, 04 May 2008 23:13:02 -0700 From: Bill Cheng Someone wrote: > For the slides of Esoteric protocols, slide number- 9 step number 6 says that > Bob sends Alice the following sequence : 26,18,2,8,31. Shouldn,t the > sequence sent be 2,8,25,21,31? You are correct! (I'll fix this typo on the slides when I get to campus.) -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu May 1 16:50:35 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m41NoZvj008927 for ; Thu, 1 May 2008 16:50:35 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m41NRVPs008484 for ; Thu, 1 May 2008 16:27:31 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m41NRV0g008483 for cs530@merlot; Thu, 1 May 2008 16:27:31 -0700 Date: Thu, 1 May 2008 16:27:31 -0700 From: Bill Cheng Message-Id: <200805012327.m41NRV0g008483@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Final exam topics... Hi everyone, I've posted a summary of the topics covered (not all topics covered are listed) at the class web page. Please see the "news" (red) section of the class web page. The final exam will be closed book, closed notes, and closed everything (and no "cheat sheet"). Also, no calculators, cell phones, or any electronic gadgets are allowed. Please bring a photo ID. Your ID will be collected at the beginning of the exam and will be returned to you when you turn in your exam. There will be assigned seating. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Apr 30 08:29:06 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3UFT5fM031751 for ; Wed, 30 Apr 2008 08:29:05 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3UF6CZ0005929 for ; Wed, 30 Apr 2008 08:06:12 -0700 Message-Id: <200804301506.m3UF6CZ0005929@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Citation Query Date: Wed, 30 Apr 2008 08:06:12 -0700 From: Bill Cheng Someone wrote: > I had a small query regarding > citations. I am talking about message authentication in my paper > and I borrowed a layman's definition of message authentication > from google definitions. Are such citations required? If yes, > what would be the format for citing such web links since this was > obtained by straightaway googling for define:message > authentication? Since the intended audience is anyone who has taken CS 530, there should be no need to define message authentication, unless you are trying stree the difference between the definition you use and what was give in class. If it's a web document, you should mention the title of the page, the place it's being published (for example, wikipedia pages has something like "Wikipedia, the free encyclopedia"), and the URL. If the title is missing, you should say "(no title)". If there is no information about where it is being published, you can skip that. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sun Apr 27 15:11:08 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3RMB81Z002589 for ; Sun, 27 Apr 2008 15:11:08 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3RLmbi8017629 for ; Sun, 27 Apr 2008 14:48:37 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m3RLmb6T017628 for cs530@merlot; Sun, 27 Apr 2008 14:48:37 -0700 Date: Sun, 27 Apr 2008 14:48:37 -0700 From: Bill Cheng Message-Id: <200804272148.m3RLmb6T017628@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Late policy for termpaper... Hi everyone, I noticed that the late policy for the termpaper was incorrect. It should be the same as HW assignments. It is corrected now. Please see: http://merlot.usc.edu/cs530-s08/termpaper.html#late -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Apr 19 15:07:46 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3JM7kPm001107 for ; Sat, 19 Apr 2008 15:07:46 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3JLkKUg014863 for ; Sat, 19 Apr 2008 14:46:20 -0700 Message-Id: <200804192146.m3JLkKUg014863@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Term Paper doubt CS 530 Date: Sat, 19 Apr 2008 14:46:20 -0700 From: Bill Cheng Someone wrote: > I just wanted to confirm that for the references can we just cite a minimum > of 3 published peer-reviewed papers from 1 approved author and none from the > others since the spec says that we have to cite 3 published peer-reviewed > papers authored by *atleast one* of the 5 authors? All 3 can come from the same approved author. They can also come from different authors in any combinations. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Apr 17 23:58:01 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3I6w1e1016159 for ; Thu, 17 Apr 2008 23:58:01 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3I6amqQ008229 for ; Thu, 17 Apr 2008 23:36:48 -0700 Message-Id: <200804180636.m3I6amqQ008229@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Fwd: [USC-Theory] Hoeteck Wee Colloquium, 04/22/2008, 3:30pm Date: Thu, 17 Apr 2008 23:36:48 -0700 From: Bill Cheng Hi everyone, There is a security/crypto talk next Tuesday at 3:30pm in SSL 150. It is possible that the talk may be on the dry side, but one never knows! :-) You are encouraged to attend the talk. (You will not be responsible for the materials presented at the talk as far as the final exam goes.) -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- From: David Kempe Date: April 17, 2008 4:13:36 PM PDT To: USC-Theory@googlegroups.com Subject: [USC-Theory] Hoeteck Wee Colloquium, 04/22/2008, 3:30pm Reply-To: USC-Theory-owner@googlegroups.com Hi everyone, after a brief hiatus, we have a strong finale of exciting theory talks coming up. The first one will be by our faculty candidate Dr. Hoeteck Wee (Ph.D. Berkeley, Postdoc Columbia), this coming Tuesday, 04/22. However, mark your calendars and expect announcements on two more talks, one a distinguished lecture by Avrim Blum from CMU on "Semi-supervisied learning" (04/24, 3:30pm), and one by Sanjoy Dasgupta from UCSD on "Random Projection Trees and Low Dimensional Manifolds" (04/29, 3:30pm). Without further ado, here's the key information on the most imminent talk: Title: Simple encryption schemes against sophisticated attacks Speaker: Dr. Hoeteck Wee, Columbia University Time: Tuesday, 04/22/2008, 3:30pm Location: SSL 150 Abstract: Along with the increasing reliance on computers and the Internet for myriad tasks from voting to auctions evolves a pressing need to develop cryptographic tools and protocols with stronger guarantees. Traditional cryptographic guarantees such as data privacy amidst wiretapping and security against a static collection of malicious network entities do not meet the security requirements for many of these tasks: -- An adversary may be unable to learn your bid in an online auction if the bid is encrypted; however, it could potentially modify the ciphertext to obtain one corresponding to a bid that is a dollar higher than yours. -- An adversary that adaptively determines which electronic voting machines to break into during the course of an election has a better chance at influencing the outcome of an election than one that makes its choices before the election commences. I will present new constructions of encryption schemes addressing each of these attacks. The first scheme guarantees that given an encryption of a message, it is infeasible to generate an encryption of a related message. The second improves upon an important building block used in constructing protocols for general multi-party computation that are secure against an adversary that adaptively corrupts up to one third of the parties. Compared to most previous constructions, our schemes are simpler, more efficient, and can be realized under a larger class of cryptographic assumptions. Biography: Hoeteck Wee is a postdoctoral researcher at Columbia University. He completed his undergraduate studies at MIT and his PhD at UC Berkeley under the supervision of Luca Trevisan. He was a visiting student at Tsinghua University (Beijing) from Aug 2005 till Jun 2006, a core participant in the program on Securing Cyberspace at IPAM (UCLA) in Fall 2006, and a (one-time photographic) contributor to the Schmap Amsterdam Guide. -- David Kempe Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Apr 15 11:41:28 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3FIfSUT013754 for ; Tue, 15 Apr 2008 11:41:28 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3FIBh0a023473 for ; Tue, 15 Apr 2008 11:11:43 -0700 Message-Id: <200804151811.m3FIBh0a023473@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: FWD: Online Course Evaluations for DEN Sections Date: Tue, 15 Apr 2008 11:11:43 -0700 From: Bill Cheng Hi, This message is for DEN students only... The online course evaluations for DEN students are now available. Please see the message below and: http://merlot.usc.edu/cs530-s08/den-eval.pdf I think the online form is *not* available for non-DEN students. (If this is not the case, please let me know.) -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Mon, 14 Apr 2008 17:04:52 -0700 From: Neil Teixeira Subject: Online Course Evaluations for DEN Sections Dear Professors, The online course evaluations for DEN students are now available. The official course evaluation period begins Monday, April 14 and ends Friday, May 2. Please review the attached instructions with your class as well. These ONLINE evaluations are available for DEN students only. * On-campus students should fill out evaluation forms in class, as usual! * At the end of the evaluation period, all results are sent to the Dean's office to be included in the course evaluation process. Please note that the online evaluation is the same as the paper version and only accessible by students in the course. The information submitted by students is typed and is completely anonymous. * If you have additional questions that you want students to respond to, please format a document with supplemental questions and provide it directly to your students. The evaluation has space (Questions 24-28) for 10 responses on a scale of 1 - 5, as well as an area for optional, open-ended comments. Once again, please review the attached instructions with your class. A PowerPoint file is also included if you wish to make it part of your lecture. We will send regular reminders to students who have not submitted a course evaluation. Thank you very much for your assistance in completing these evaluations. If you have any questions, please feel free to contact me. Best regards, Neil Teixeira Faculty Support Manager Distance Education Network Viterbi School of Engineering University of Southern California (213) 740-0122 teixeira@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sun Apr 13 19:40:22 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3E2dwAL022617; Sun, 13 Apr 2008 19:39:58 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3E2ARKG009227; Sun, 13 Apr 2008 19:10:27 -0700 Message-Id: <200804140210.m3E2ARKG009227@bourbon.usc.edu> To: cs551@merlot.usc.edu, cs530@merlot.usc.edu, cs558@merlot.usc.edu Subject: FWD: USC Programming Contest Date: Sun, 13 Apr 2008 19:10:27 -0700 From: Bill Cheng Hi everyone, Please see the information below regarding the USC Programming Contest. You are encouraged to participate if you have time! Please note that participating in this contest does *not* execuse you from turning in assignments on time (sorry)! -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Sun, 13 Apr 2008 18:22:36 -0700 (PDT) From: Sven Koenig To: chengw@usc.edu Cc: Sven Koenig Subject: USC Programming Contest USC Programming Contest Saturday, April 26, 2008 in RTH 105/115 practice (1-2pm) and contest (2-6pm) www.cs.usc.edu/contest organized by David Kempe, Sven Koenig and Upsilon Pi Epsilon from the USC Computer Science Department Have fun! Extend your resume! Show how smart you are! Impress your friends! Win cash and other prizes! Represent USC at the ACM Programming Contest! Do you like to solve problems like the following ones? To pay your friends a dollar, you can give them, for example, four quarters, or five dimes and ten nickels. Write a program that calculates how many different combinations of coins there are that make up a given amount of money from pennies, nickels, dimes and quarters. You are given the description of a lake as a polygon, as well as your own position in a boat somewhere on the lake. When you throw a rock in the water, the waves travel away from the impact point at a speed of 1 meter per second. Write a program to calculate the earliest time at which a wave will hit the shore. You are given the names of n people, who are to be divided into k alphabetical segments, for instance, to stand in line for registration at USC. An "alphabetical segment" consists of all people whose last name starts with a letter between two given endpoints (for example, D-H). Write a program that finds a division into k alphabetical segments such that each person is in exactly one segment, and the number of people in the largest segment is minimized. Participate in the USC Programming Contest! The contest is open to all undergraduate and graduate USC students, regardless of major, as long as they were born in 1985 or later. We use the USC Programming Contests to pick students that we train for the ACM Regional Programming Contest. Find out more by visiting the contest webpage www.cs.usc.edu/contest If you would like to keep updated about the contest, please sign up for our mailing list at groups.yahoo.com/group/usc-programmingcontest Please contact Prof. David Kempe (dkempe@usc.edu) with any questions and to register for the contest. Registration deadline is April 23, 2008. Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Apr 11 23:20:00 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3C6K0VH013282 for ; Fri, 11 Apr 2008 23:20:00 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3C5oiCc015523 for ; Fri, 11 Apr 2008 22:50:44 -0700 Message-Id: <200804120550.m3C5oiCc015523@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Edit command doubt Date: Fri, 11 Apr 2008 22:50:44 -0700 From: Bill Cheng Someone wrote: > When a file is opened in the temp file and thn closed without > editing, i am displayin a message that says that The file has > not been modified. > Is it ok? > Or should it not be displayed? Either way would be fine. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: Bill Cheng Date: Friday, April 11, 2008 9:19 pm Subject: Re: Edit command doubt To: cs530@merlot.usc.edu > Someone wrote: > > > I have one doubt in the edit command. I need to create a tmp > > directory which will store the temporary file. Now when i write a > > command to create a directory then while doing "diff" everytime > > it gives that Failed to make a directory. And this is because > > the directory already exist and I do not have to delete it > > according to your suggestion. So is it ok if i get such a message > > saying "failed to make directory file exist." I hope there is no > > negative marking for it! > > You should check if the directory exists before trying > to create it. > > Also, I'm not sure what you meant by "write a command to > create a directory". Do you mean calling mkdir()? You > need to do this programmatically (from your C/C++ program) > and not write a script. (But there is probably no time to > fix it now.) > -- > Bill Cheng // bill.cheng@usc.edu > Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Apr 11 21:39:45 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3C4dj1O002344 for ; Fri, 11 Apr 2008 21:39:45 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3C4ATo9014234 for ; Fri, 11 Apr 2008 21:10:29 -0700 Message-Id: <200804120410.m3C4ATo9014234@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Edit command doubt Date: Fri, 11 Apr 2008 21:10:29 -0700 From: Bill Cheng Someone wrote: > I have one doubt in the edit command. I need to create a tmp > directory which will store the temporary file. Now when i write a > command to create a directory then while doing "diff" everytime > it gives that Failed to make a directory. And this is because > the directory already exist and I do not have to delete it > according to your suggestion. So is it ok if i get such a message > saying "failed to make directory file exist." I hope there is no > negative marking for it! You should check if the directory exists before trying to create it. Also, I'm not sure what you meant by "write a command to create a directory". Do you mean calling mkdir()? You need to do this programmatically (from your C/C++ program) and not write a script. (But there is probably no time to fix it now.) -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Apr 11 19:16:59 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3C2Gx1Z022425 for ; Fri, 11 Apr 2008 19:16:59 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3C1lia1012023 for ; Fri, 11 Apr 2008 18:47:44 -0700 Message-Id: <200804120147.m3C1lia1012023@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Edit command doubt Date: Fri, 11 Apr 2008 18:47:44 -0700 From: Bill Cheng Someone wrote: | On Fri, 11 Apr 2008 14:51:34 -0700, Bill Cheng | wrote: | > > Now if we open it in vi and don't do anything and exit without saving | > > , then what we should do ? | > | > You should not create the file. You should print a | > message in this case to let the user know that nothing | > was created. | | Is this specified in the guidelines anywhere? I looked through the grading guidelines and the spec and couldn't find this. Actually, in the Encrypted File Format, it says that for an empty file, do this and that. So, it's possible to have an empty file. | I implemented mine so that if the user creates a new file using edit and | doesn't make any changes to the file (the temporary file is empty), the | empty file is then encrypted and saved. This seemed like the most logical | action in absence of any specific direction. Well, another logical interpretation is that if the file has not been modified in the editor, don't touch the encrypted file. Since the encrypted did not exist, you can interpret this as not creating the file. | I don't mind changing my code (it's an easy fix), but I just want to make | sure that I'm doing the right thing here. It wouldn't matter in this case since this case will not be tested! If we end up creating this case, either way would be fine. | Also: If we are supposed to throw an error, what should be done if a user | is editing an *existing file* and uses their editor to completely clear the | contents of the file (make it empty)? Should we prevent them from doing so, | or should we only raise an error if they're creating a brand new file which | happens to be empty? I guess it's not necessary to print a message. It's another one of those GUI issue. I just tried "vi" by running it and not create a file. vi did not print a message. So, there is no need to print a message. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Apr 11 15:20:47 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3BMKlmd001769 for ; Fri, 11 Apr 2008 15:20:47 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3BLpYHP008185 for ; Fri, 11 Apr 2008 14:51:34 -0700 Message-Id: <200804112151.m3BLpYHP008185@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Edit command doubt Date: Fri, 11 Apr 2008 14:51:34 -0700 From: Bill Cheng Someone wrote: > I am little confused with the following line in spec > > " Edit file using the editor specified by the EDITOR environment > variable. If file does not exist, after the editor is closed, you must > encrypt (using DES_ede3_cbc_encrypt()) the file and save the content > in file. " > > Now if we open it in vi and don't do anything and exit without saving > , then what we should do ? > I can think of following options but not sure > > 1) Exit printing some message because no file was saved to decrypt > > 2) Still create an empty file and decrypt it (though I know this > doesn't make any sense) You should not create the file. You should print a message in this case to let the user know that nothing was created. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Apr 11 12:46:39 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3BJkcMC020554 for ; Fri, 11 Apr 2008 12:46:38 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3BJHQhR005499 for ; Fri, 11 Apr 2008 12:17:26 -0700 Message-Id: <200804111917.m3BJHQhR005499@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Regarding HW4 Date: Fri, 11 Apr 2008 12:17:26 -0700 From: Bill Cheng Someone wrote: > I have one small query regarding HW4 of CS530.. In the spec it is > mentioned that when user enters "./hw4" ,it should output "Sig > size is 128". However, In grading guidelines, it states that it > should produce malformed command. > > Does that mean,in spec it is mentioned for debugging purpose, but > for grading we have to follow grading guidelines? The sample provided in the spec is just a sample to serve as a starting place for your assignment. It is not implemented according to the spec. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Apr 11 10:59:20 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3BHxKlZ011092 for ; Fri, 11 Apr 2008 10:59:20 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3BHU8TA003426 for ; Fri, 11 Apr 2008 10:30:08 -0700 Message-Id: <200804111730.m3BHU8TA003426@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS 530 edit doubt Date: Fri, 11 Apr 2008 10:30:08 -0700 From: Bill Cheng Someone wrote: > When I edit a file that already exists, I decrypt it and store it in a > temporary file. The editor then opens and displays the correct plaintext. > Then I delete some text from the temporary file and encrypt that text using > the DES_ede3_cbc_encrypt(). But my problem is when encrypting now, > encryption is not done correctly and the output thats written to the > original file is different from the output I get when I encrypt the saved > temporary file separately. I cant understand why this is happening as my > code for encryption is working when running the grading guidelines. Am I > missing some step before encrypting the data being read from the temporary > file? Thanks. Debug, debug, debug! Use a very small file (say 2 bytes long) and figure out what's wrong in the debugger! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Apr 11 10:04:33 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3BH4WC1006230 for ; Fri, 11 Apr 2008 10:04:33 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3BGZLVb002035 for ; Fri, 11 Apr 2008 09:35:21 -0700 Message-Id: <200804111635.m3BGZLVb002035@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: HW4 doubt Date: Fri, 11 Apr 2008 09:35:21 -0700 From: Bill Cheng Someone wrote: | On Apr 10, 2008, at 10:42 PM, Bill Cheng wrote: | > I'm not sure how tempnam() works! The man pages say that it | > returns a unique filename. But I don't understand how it | > guarantees that the name is unique. | | In general, it doesn't. From the FreeBSD tempnam() manpages: | | SECURITY CONSIDERATIONS | The tmpnam() and tempnam() functions are susceptible to a race condition | occurring between the selection of the file name and the creation of the | file, which allows malicious users to potentially overwrite arbitrary | files in the system, depending on the level of privilege of the running | program. Additionally, there is no means by which file permissions may | be specified. It is strongly suggested that mkstemp(3) be used in place | of these functions. (See the FSA.) | | The Solaris documentation suggests that they have implemented some | sort of locking mechanism, but I don't believe it's standard. And even | then, they note that the lock only applies to concurrent calls to | tempnam(), so it can't be relied upon. I agree! Thanks for forwarding the above. | > With mkstemp(), the unique file is opened inside mkstemp(). | > So, I'm guessing that inside mkstemp(), it calls some kind | > of file locking function (such as flock()) to guarantee | > that there is only one file with the returned filename. | | When calling open(), you can just set the O_EXCL flag and you'll get | an error back if a file already exists with the given name. No lock | required. :) Right! | > There is a security note in mkstemp(). But that's not a | > concern for us since we are creating temporary files in | > your ~/tmp directory and not /tmp! | | What security note? I've checked the man pages from three OSes | (Solaris, FreeBSD, and MacOS) and haven't found any warnings about | mkstemp(). I was looking at the wrong man pages. On Fedora Core 5, it has the following note: The old behaviour (creating a file with mode 0666) may be a secu- rity risk, especially since other Unix flavours use 0600, and somebody might overlook this detail when porting programs. So, I think mkstemp() is the way to go. If you need a file stream pointer (of the type FILE*), you can convert a file descriptor (of the type in) to it by calling fdopen(). -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Apr 10 23:35:22 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3B6ZMkr014468 for ; Thu, 10 Apr 2008 23:35:22 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3B66ENe024927 for ; Thu, 10 Apr 2008 23:06:14 -0700 Message-Id: <200804110606.m3B66ENe024927@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: About libhw9sc.so Date: Thu, 10 Apr 2008 23:06:14 -0700 From: Bill Cheng Someone wrote: > If i am not wrong...does this mean that this all functions should be called > as a dummy function in ha()..in the start of hw4() I don't think you have to. But if it doesn't work without calling these functions in ha(), you should call them in a function like ha(). -- Bill Cheng // bill.cheng@usc.edu On Thu, Apr 10, 2008 at 9:56 PM, Bill Cheng wrote: > Someone wrote: > > > During compatibility test, after doing > > cp ~csci530/public/hw4/libhw9sc.so libhw4sc.so > > chmod 755 libhw4sc.so > > > > my program cannot use these new library, then I try > > nm libhw4sc.so > > it lists nothing > > > > Is this library invalid, or I'm wrong? > > This shared library has its symbol table stripped. You can > strip the symbol table of any executable by running the > "strip" command. You can try that with your .so file. > > libhw9sc.so has the following unresolved symbols: > > [75] | 0| 0|NOTY |GLOB |0 |UNDEF |BN_bin2bn > [34] | 0| 0|NOTY |GLOB |0 |UNDEF |RAND_bytes > [48] | 0| 0|NOTY |GLOB |0 |UNDEF |RSA_free > [72] | 0| 0|NOTY |GLOB |0 |UNDEF |RSA_new > [67] | 0| 0|NOTY |GLOB |0 |UNDEF > |RSA_private_encrypt > [39] | 0| 0|NOTY |GLOB |0 |UNDEF |RSA_size > [78] | 0| 0|NOTY |GLOB |0 |UNDEF |SHA1_Final > [82] | 0| 0|NOTY |GLOB |0 |UNDEF |SHA1_Init > [50] | 0| 0|NOTY |GLOB |0 |UNDEF |SHA1_Update > > If your "hw4" is complete, all these functions should be > referenced in your "hw4". If not, please create a dummy > function (which you do not call) that includes calls to > these functions. > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Apr 10 23:18:45 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3B6IjNL012957 for ; Thu, 10 Apr 2008 23:18:45 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3B5ncSH024493 for ; Thu, 10 Apr 2008 22:49:38 -0700 Message-Id: <200804110549.m3B5ncSH024493@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: verify Date: Thu, 10 Apr 2008 22:49:38 -0700 From: Bill Cheng Someone wrote: > regarding the random input script for verify, my verify function > works perfectly fine, but the way I do it is for each 2 bytes of > input read I check if they compose a hexstring representation of > a byte. This means that if you press Enter, it will throw an > error and exit (except if you read 20 bytes for a valid input), > but the functionality is correct. Are we supposed to neglect > linefeeds for verify, and if yes can they be in the middle of a > hexstring representation? If you encounter anything that's not a hexstring character, you can just print an error message and quit. So, the hexstring should not span across multiple lines. Your program should *never* crash! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Apr 10 23:12:07 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3B6C709012429 for ; Thu, 10 Apr 2008 23:12:07 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3B5gxi7024420 for ; Thu, 10 Apr 2008 22:42:59 -0700 Message-Id: <200804110542.m3B5gxi7024420@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: HW4 doubt Date: Thu, 10 Apr 2008 22:42:59 -0700 From: Bill Cheng Someone wrote: > You can use tempnam() which takes as argument the directory > and at most 5 prefix bytes. I'm not sure how tempnam() works! The man pages say that it returns a unique filename. But I don't understand how it guarantees that the name is unique. With mkstemp(), the unique file is opened inside mkstemp(). So, I'm guessing that inside mkstemp(), it calls some kind of file locking function (such as flock()) to guarantee that there is only one file with the returned filename. There is a security note in mkstemp(). But that's not a concern for us since we are creating temporary files in your ~/tmp directory and not /tmp! -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: Bill Cheng Date: Thursday, April 10, 2008 4:32 pm Subject: Re: HW4 doubt To: cs530@merlot.usc.edu > Someone wrote: > > > FYI, I just read in man mkstemp that tmpfile() is preferred > instead. > But you cannot control where the file is with tmpfile()! For > HW4, you need to use ~/tmp. > -- > Bill Cheng // bill.cheng@usc.edu > > > > > ----- Original Message ----- > From: Bill Cheng > Date: Thursday, April 10, 2008 4:01 pm > Subject: Re: HW4 doubt > To: cs530@merlot.usc.edu > > > Someone wrote: > > > > > I am having a doubt with hw4 edit > > > > > > I open the file if its there or create a new file > > > If its there i decrypt it using the passphrase. > > > > > > My question is should i hardcode the address of the temp > file ? > > > > You should *never* hardcode the path of a temporary file. > > You should call mkstemp() to create a unique filename to be > > used as a temporary file. > > > > If you run two instances of your program, you don't want them > > to affect each other. > > > > > The file is opened in the default editor i make changes and > then > > I close the file . > > > How do I know that the file is closed . Is there a way to make > > > the program wait. > > > > If you use system() to invoke the editor, when system() > > returns, you can be certain that the file is closed. > > -- > > Bill Cheng // bill.cheng@usc.edu > > Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Apr 10 22:58:00 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3B5vxAF011013 for ; Thu, 10 Apr 2008 22:57:59 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3B5SqYV024024 for ; Thu, 10 Apr 2008 22:28:52 -0700 Message-Id: <200804110528.m3B5SqYV024024@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: using function in Smartcard.c Date: Thu, 10 Apr 2008 22:28:52 -0700 From: Bill Cheng Someone wrote: > i did so...i had one more question. Do i have to include all functions?? > like RSA_public_encrypt,RSA_size().. such functions also?? I don't think so! If you link to the right crypto library (~csci551b/openssl/lib/libcrypto.a), all these functions seem to get picked up! Here is how I verify it. My "hw4" does not contain a call to RSA_public_encrypt(). I set a breakpoint just inside main(). At this point, I have not loaded "libhw4sc.so". Here's what I would type: $ gdb hw4 (gdb) break main (gdb) run Starting program: /auto/home-scf-22/csci530/bill/src/rsatest-1.1.0/hw4/hw4 (no debugging symbols found) Breakpoint 1, 0x0001d154 in main () (gdb) print RSA_public_encrypt $1 = {} 0x2b87c (gdb) print RSA_size $2 = {} 0x2b854 (gdb) quit -- Bill Cheng // bill.cheng@usc.edu On Thu, Apr 10, 2008 at 4:19 PM, Bill Cheng wrote: > Someone wrote: > > > Sir, i had come to you asking that RSA_new() was not working in my > > smartcard.c. > > You suggested me to include that function also in HW4.c > > I did so but than i m getting this error during compilation? > > > > Undefined first referenced > > symbol in file > > socket > > /home/scf-22/csci551b/openssl/lib/libcrypto.a(rand_egd.o) > > connect > > /home/scf-22/csci551b/openssl/lib/libcrypto.a(rand_egd.o) > > ld: fatal: Symbol referencing errors. No output written to hw4 > > collect2: ld returned 1 exit status > > *** Error code 1 > > make: Fatal error: Command failed for target `hw4' > > > > Can you suggest me whats the error??? > > I think you need to add -lsocket when you try to create hw4. > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Apr 10 22:26:01 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3B5Q1KV008077 for ; Thu, 10 Apr 2008 22:26:01 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3B4urYS022918 for ; Thu, 10 Apr 2008 21:56:53 -0700 Message-Id: <200804110456.m3B4urYS022918@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: About libhw9sc.so Date: Thu, 10 Apr 2008 21:56:53 -0700 From: Bill Cheng Someone wrote: > During compatibility test, after doing > cp ~csci530/public/hw4/libhw9sc.so libhw4sc.so > chmod 755 libhw4sc.so > > my program cannot use these new library, then I try > nm libhw4sc.so > it lists nothing > > Is this library invalid, or I'm wrong? This shared library has its symbol table stripped. You can strip the symbol table of any executable by running the "strip" command. You can try that with your .so file. libhw9sc.so has the following unresolved symbols: [75] | 0| 0|NOTY |GLOB |0 |UNDEF |BN_bin2bn [34] | 0| 0|NOTY |GLOB |0 |UNDEF |RAND_bytes [48] | 0| 0|NOTY |GLOB |0 |UNDEF |RSA_free [72] | 0| 0|NOTY |GLOB |0 |UNDEF |RSA_new [67] | 0| 0|NOTY |GLOB |0 |UNDEF |RSA_private_encrypt [39] | 0| 0|NOTY |GLOB |0 |UNDEF |RSA_size [78] | 0| 0|NOTY |GLOB |0 |UNDEF |SHA1_Final [82] | 0| 0|NOTY |GLOB |0 |UNDEF |SHA1_Init [50] | 0| 0|NOTY |GLOB |0 |UNDEF |SHA1_Update If your "hw4" is complete, all these functions should be referenced in your "hw4". If not, please create a dummy function (which you do not call) that includes calls to these functions. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Apr 10 16:53:03 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3ANr3TH011455 for ; Thu, 10 Apr 2008 16:53:03 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3ANNw1M019362 for ; Thu, 10 Apr 2008 16:23:58 -0700 Message-Id: <200804102323.m3ANNw1M019362@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: HW4 doubt Date: Thu, 10 Apr 2008 16:23:58 -0700 From: Bill Cheng Someone wrote: > FYI, I just read in man mkstemp that tmpfile() is preferred instead. But you cannot control where the file is with tmpfile()! For HW4, you need to use ~/tmp. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: Bill Cheng Date: Thursday, April 10, 2008 4:01 pm Subject: Re: HW4 doubt To: cs530@merlot.usc.edu > Someone wrote: > > > I am having a doubt with hw4 edit > > > > I open the file if its there or create a new file > > If its there i decrypt it using the passphrase. > > > > My question is should i hardcode the address of the temp file ? > > You should *never* hardcode the path of a temporary file. > You should call mkstemp() to create a unique filename to be > used as a temporary file. > > If you run two instances of your program, you don't want them > to affect each other. > > > The file is opened in the default editor i make changes and then > > I close the file . > > How do I know that the file is closed . Is there a way to make > > the program wait. > > If you use system() to invoke the editor, when system() > returns, you can be certain that the file is closed. > -- > Bill Cheng // bill.cheng@usc.edu > Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Apr 10 16:48:57 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3ANmvff011090 for ; Thu, 10 Apr 2008 16:48:57 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3ANJpmL019155 for ; Thu, 10 Apr 2008 16:19:51 -0700 Message-Id: <200804102319.m3ANJpmL019155@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: using function in Smartcard.c Date: Thu, 10 Apr 2008 16:19:51 -0700 From: Bill Cheng Someone wrote: > Sir, i had come to you asking that RSA_new() was not working in my > smartcard.c. > You suggested me to include that function also in HW4.c > I did so but than i m getting this error during compilation? > > Undefined first referenced > symbol in file > socket > /home/scf-22/csci551b/openssl/lib/libcrypto.a(rand_egd.o) > connect > /home/scf-22/csci551b/openssl/lib/libcrypto.a(rand_egd.o) > ld: fatal: Symbol referencing errors. No output written to hw4 > collect2: ld returned 1 exit status > *** Error code 1 > make: Fatal error: Command failed for target `hw4' > > Can you suggest me whats the error??? I think you need to add -lsocket when you try to create hw4. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Apr 10 16:21:16 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3ANLGmU008675 for ; Thu, 10 Apr 2008 16:21:16 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3AMqA0B018213 for ; Thu, 10 Apr 2008 15:52:10 -0700 Message-Id: <200804102252.m3AMqA0B018213@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: HW4 doubt Date: Thu, 10 Apr 2008 15:52:10 -0700 From: Bill Cheng Someone wrote: > I am having a doubt with hw4 edit > > I open the file if its there or create a new file > If its there i decrypt it using the passphrase. > > My question is should i hardcode the address of the temp file ? You should *never* hardcode the path of a temporary file. You should call mkstemp() to create a unique filename to be used as a temporary file. If you run two instances of your program, you don't want them to affect each other. > The file is opened in the default editor i make changes and then > I close the file . > How do I know that the file is closed . Is there a way to make > the program wait. If you use system() to invoke the editor, when system() returns, you can be certain that the file is closed. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Apr 10 12:34:05 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3AJY5nP021347 for ; Thu, 10 Apr 2008 12:34:05 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3AJ51HG015070 for ; Thu, 10 Apr 2008 12:05:01 -0700 Message-Id: <200804101905.m3AJ51HG015070@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: tmp dir Date: Thu, 10 Apr 2008 12:05:01 -0700 From: Bill Cheng Someone wrote: > Yes, I remember we were talking about something similar with > unlink in the previous class. Thank you! Right. unlink() is for removing a specific file. You need to remember the file name which you've created and delete it before your program quits. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: Bill Cheng Date: Thursday, April 10, 2008 11:42 am Subject: Re: tmp dir To: cs530@merlot.usc.edu > Someone wrote: > > > If tmp dir doesn't exist, create it. If we create it, should we > > remove it in the end or it doesn't make any difference? > > You can create a directory programmatically, but you should > *not* remove it programmatically! It's risky! (One bug > will remove everything from your home directory!) > -- > Bill Cheng // bill.cheng@usc.edu > Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Apr 10 12:02:41 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3AJ2f0n018548 for ; Thu, 10 Apr 2008 12:02:41 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3AIXbTJ014301 for ; Thu, 10 Apr 2008 11:33:37 -0700 Message-Id: <200804101833.m3AIXbTJ014301@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: tmp dir Date: Thu, 10 Apr 2008 11:33:37 -0700 From: Bill Cheng Someone wrote: > If tmp dir doesn't exist, create it. If we create it, should we > remove it in the end or it doesn't make any difference? You can create a directory programmatically, but you should *not* remove it programmatically! It's risky! (One bug will remove everything from your home directory!) -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Apr 10 00:39:42 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3A7dgXI022644 for ; Thu, 10 Apr 2008 00:39:42 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3A7AfEG031097 for ; Thu, 10 Apr 2008 00:10:42 -0700 Message-Id: <200804100710.m3A7AfEG031097@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS 530 edit command doubt Date: Thu, 10 Apr 2008 00:10:41 -0700 From: Bill Cheng Someone wrote: > In the edit command, when a file exists, I decrypt it and write it to a > temporary file in the home/tmp directory. Now when I try to open that > temporary file using the editor it is always empty. However when I manually > open the file by going into that directory, it opens with the correct data > in it. My editor program is similar to the sample program given with only > the pathname and editor name changed. Any hints on what could be wrong? I assume you are calling system(s) where s is a string. If you go into the debugger and set a breakpoint right before this and print out s, what do you see? Is it identical to what you are typing in the commandline? If not, make them identical (and execute the command from the current working directory and not from your ~/tmp directory). -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Apr 10 00:23:27 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3A7NQ4o021244 for ; Thu, 10 Apr 2008 00:23:26 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3A6sQDc030740 for ; Wed, 9 Apr 2008 23:54:27 -0700 Message-Id: <200804100654.m3A6sQDc030740@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Grading Guidelines for C2 Date: Wed, 09 Apr 2008 23:54:26 -0700 From: Bill Cheng SOmeone wrote: > I happened to notice a missing line between the following two > lines in the grading guidelines for section C2: > > /bin/rm -f secret.c > cp secret.c.$f secret.c > > After removing secret.c, secret.c.$f is not being generated using > our ./hw4 secret command. > Hence we get compile time warnings for running this script. > > I guess this is what's happening, or am I missing anything on > this interpretation? Have you run the script near the top of the grading guidelines (right after "Do this first:")? That's where secret.c.$f are generated. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Apr 9 19:29:04 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3A2T4Y5027239 for ; Wed, 9 Apr 2008 19:29:04 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3A205Ip026487 for ; Wed, 9 Apr 2008 19:00:05 -0700 Message-Id: <200804100200.m3A205Ip026487@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS 530: HW4 Regarding edit command Date: Wed, 09 Apr 2008 19:00:05 -0700 From: Bill Cheng Someone wrote: > Since the grading guidelines for the edit command are meant to work with vi, > does it mean we have no other choice apart from working in vi OR can we work > with Emacs and then by executing the "setenv EDITOR vi" command while > running the grading guidelines be good enough? Thanks. The EDITOR environment variable for the grading account is set to "vi". But your code should work with other editors (such as emacs and pico). If you are not familiar with vi, you can change your EDITOR environment variable to "vi" and simply follow the grading guidelines. If you use a different editor, vi commands such as ":q" certainly would not work. So, you need to adapt the script for your editor. But the grader will be using the script and vi. This is similar to the situation that the grading guidelines is written for csh/tcsh, if you use a different shell, you need to modify the commands or run it under csh/tcsh. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Apr 9 14:00:44 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m39L0iv9031100 for ; Wed, 9 Apr 2008 14:00:44 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m39KVm6x019831 for ; Wed, 9 Apr 2008 13:31:48 -0700 Message-Id: <200804092031.m39KVm6x019831@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Error dlopen Date: Wed, 09 Apr 2008 13:31:48 -0700 From: Bill Cheng Hi everyone, I'm forwarding the following from a student regarding the dlopen() issue on nunki. -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Wed, 09 Apr 2008 01:00:30 -0700 To: Bill Cheng Subject: Re: Error dlopen On Apr 8, 2008, at 11:04 PM, Bill Cheng wrote: > A better way is to make sure that this function is > incorporated into your smartcard shared library. I think > instead of using -lcrypto when you create the smartcard, > you should specify a full path to libcrypto.a in the openssl > directory in ~csci551b. I have not tested this so I don't > know if this will work for sure. I had problems when I tried this a few weeks ago. Our copy of libcrypto.a seems to have been compiled without -fPIC, and therefore isn't relocatable. Since shared libraries have to be relocatable, it's incompatible with our smart card library. This manifests itself as a linker error stating that symbols have unresolved text relocations. As a result, the only solution is to make sure that any symbols used in the smart card library are available within the hw4 executable when invoking the dynamic linker. (However, I was able to get this to get this approach to work on Mac OS X, where the GCC documentation suggests that -fPIC is used by default.) Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Apr 8 23:43:48 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m396hmOb019865 for ; Tue, 8 Apr 2008 23:43:48 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m396EuGu004588 for ; Tue, 8 Apr 2008 23:14:56 -0700 Message-Id: <200804090614.m396EuGu004588@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CSCI-530 HW4: Specification Clarification Date: Tue, 08 Apr 2008 23:14:56 -0700 From: Bill Cheng Someone wrote: > The project spec says that in the verify command, that we print out the > first 20 bytes of the result in hexstring format. Does this mean 20 > pure binary bytes (which expand to 40 hex digits), or 20 hex digits > (which represent 10 pure binary bytes)? In the sample given in the Encrypted File Format section of the spec, it shows that you should print out a 40 characters long hexstring representation of a SHA1 value. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Apr 8 23:40:56 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m396euGh019671 for ; Tue, 8 Apr 2008 23:40:56 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m396C4uc004491 for ; Tue, 8 Apr 2008 23:12:04 -0700 Message-Id: <200804090612.m396C4uc004491@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Header format Date: Tue, 08 Apr 2008 23:12:04 -0700 From: Bill Cheng Someon wrote: > Has the header format changed? I mean is the header format as > follows > The first 3 bytes are HW4 > The next byte is the number of bytes in the last segment. > > After this the whole encrypted file and then after the encrypted > file we append the sha1 of the file?? > > Is this how it should look?? Please read the spec! You can also check with the data in the grading guidelines to make sure. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Apr 8 23:33:17 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m396XGob018944 for ; Tue, 8 Apr 2008 23:33:16 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m3964PsU004276 for ; Tue, 8 Apr 2008 23:04:25 -0700 Message-Id: <200804090604.m3964PsU004276@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Error dlopen Date: Tue, 08 Apr 2008 23:04:25 -0700 From: Bill Cheng Someone wrote: > I have an error with the dlopen command. > When i try to execute this command, the following error comes up > on the terminal: > > hw4: fatal: relocation error: file ./libhw4sc.so: symbol > BN_hex2bn: referenced symbol not found One quick and dirty way to get around the problem is to make sure that you call the same function in your hw4 code. This way, when you try to load the smartcard, the dynamic linker will be able to resolve the symbol since it's already in your executable. A better way is to make sure that this function is incorporated into your smartcard shared library. I think instead of using -lcrypto when you create the smartcard, you should specify a full path to libcrypto.a in the openssl directory in ~csci551b. I have not tested this so I don't know if this will work for sure. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Apr 8 11:56:45 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m38IujZX022353 for ; Tue, 8 Apr 2008 11:56:45 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m38IRvuZ025408 for ; Tue, 8 Apr 2008 11:27:57 -0700 Message-Id: <200804081827.m38IRvuZ025408@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: possible bug in guidelines Date: Tue, 08 Apr 2008 11:27:57 -0700 From: Bill Cheng Someone wrote: > Part C (sign and verify), in loop C2 there is written > > cp secret.c.$f secret.c > > shouldn't it be the following? > > cp $srcdir/secret.c.$f secret.c These secret.c.$f files should be the ones generated in your current working directory. Please see the top of the grading guidelines (where it says "Do this first"). -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sun Apr 6 20:00:44 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m3730i46001759 for ; Sun, 6 Apr 2008 20:00:44 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m372WAZT015294 for ; Sun, 6 Apr 2008 19:32:10 -0700 Message-Id: <200804070232.m372WAZT015294@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Regarding Edit command Date: Sun, 06 Apr 2008 19:32:10 -0700 From: Bill Cheng Someone wrote: > I have a doubt regarding edit. It is as follows: > > 1. when do I have to ask user for passphrase? Do I have to ask > immediately after he runs " hw4 edit -so=./libhw4sc.so fee" > command. or after he edit the file and save it. Using the "vi -x" model, you should ask the passphrase before you open the editor. > 2. Do I have create $HOME/temp directory from my edit.c program > or Can I create manually using mkdir on shell prompt ? First of all, it's not "$HOME/temp", it's "$HOME/tmp". You should create it programmatically from your "hw4" executable. Just call mkdir(). -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Apr 5 20:44:13 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m363iDMu007163 for ; Sat, 5 Apr 2008 20:44:13 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m363Flia004286 for ; Sat, 5 Apr 2008 20:15:47 -0700 Message-Id: <200804060315.m363Flia004286@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: very trivial bug in guidlines Date: Sat, 05 Apr 2008 20:15:47 -0700 From: Bill Cheng Someone wrote: > I know its not a big deal, but just wanted to let you know. The bug is: > > In the last line in part D (testing encrypt), instead of: > /bin/rm -f f?.des f?.hex > > it should be: > /bin/rm -f f?.enc Thanks for letting me know. I've made the modification. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Apr 4 12:39:17 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m34JdH0u030117 for ; Fri, 4 Apr 2008 12:39:17 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m34JB2jR007756 for ; Fri, 4 Apr 2008 12:11:02 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m34JB2av007755 for cs530@merlot; Fri, 4 Apr 2008 12:11:02 -0700 Date: Fri, 4 Apr 2008 12:11:02 -0700 From: Bill Cheng Message-Id: <200804041911.m34JB2av007755@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: digital cash protocol #1... Hi everyone, There was a question regarding the last slide of yesterday's lecture (Lecture 20). The question was about why blind signature was used in steps (1) through (5) of the digital cash protocol #1. I think procotol #1 was a made-up protocol since nobody will ever use something like this. So, it was written in such a way that protocols #2 through #4 can be easily explained by modifying protocol #1 (which is what we will do in the next lecture)! So, I agree with the discussion in class that steps (1) through (5) of protocol #1 can be replaced by a single step where Alice's bank creates a single signed money order and send it to Alice. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Apr 2 09:39:39 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m32GddhU014366 for ; Wed, 2 Apr 2008 09:39:39 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m32GBfZw020027 for ; Wed, 2 Apr 2008 09:11:41 -0700 Message-Id: <200804021611.m32GBfZw020027@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Regarding RSA_private_encrypt Date: Wed, 02 Apr 2008 09:11:41 -0700 From: Bill Cheng Someone wrote: > I am doing my 530 assignment and got stuck up at one place in > SC_sign(). > > I have written the following code to support > RSA_private_encrypt(....), But still I am getting return value of > it as -1. (i.e error). I am trying since last 2 days. But I > couldn't solve it. > > ... Just a friendly warning to those who plan to start working on HW4 near the deadline... Part of this assignment is to figure out how to make functions such as RSA_private_encrypt() work. As you can see above, it may take a while and a lot of trial and error to get it working. If you come to me close to assignment due date, I will not be able to help you with things like this since you need to figure them out as part of the assignment. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Apr 2 09:34:24 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m32GYOFx013964 for ; Wed, 2 Apr 2008 09:34:24 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m32G6Qq6019883 for ; Wed, 2 Apr 2008 09:06:26 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m32G6QpI019882 for cs530@merlot; Wed, 2 Apr 2008 09:06:26 -0700 Date: Wed, 2 Apr 2008 09:06:26 -0700 From: Bill Cheng Message-Id: <200804021606.m32G6QpI019882@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: blind signatures... Hi everyone, Yesterday during lectures, a question came up regarding blind signatures. It seemed that if we use the "solution" (with cut and choose), the signer will be able to see the original message. I've updated the lecture notes to say that, with the "solution": it's no longer a *completely blind* signature scheme (this is not as useful, Schneier's book as an application for this) -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Mar 31 13:46:34 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2VKkIqV002849; Mon, 31 Mar 2008 13:46:18 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2VKIZan024482; Mon, 31 Mar 2008 13:18:35 -0700 Message-Id: <200803312018.m2VKIZan024482@bourbon.usc.edu> To: cs558@merlot.usc.edu, cs530@merlot.usc.edu, cs551@merlot.usc.edu Subject: Faculty candidate talk tomorrow on Distribute Systems / Security / OS Date: Mon, 31 Mar 2008 13:18:35 -0700 From: Bill Cheng Hi everyone, Below is a talk announcement for tomorrow from 3:30pm-5pm in SSL 150. You are encouraged to attend the talk. (Attendence is optional and you will not be responsible for the talk material as far as grading/exam is concerned.) -- Bill Cheng // bill.cheng@usc.edu ---------------------------------- cut here ---------------------------------- Title: Securing the Web With Decentralized Information Flow Control Speaker: Maxwell Krohn, MIT, CS and AI Laboratory Venue: SSL 150 Date & Time: 3:30-5:00pm, Tuesday April 1st The recent successes of server-side applications (e.g. Google and Facebook applications) hint that tomorrow's computing platform might not be the local desktop but rather the extensible remote Web site. Unfortunately, these new server-side platforms, built on conventional operating systems, are committing the same security mistakes already ossified in today's insecure desktops. In this talk, I will discuss how to secure both today's Web sites and tomorrow's Web computing platforms with a new OS technique called Decentralized Information Flow Control (DIFC). A DIFC system tracks the flow of secret data as it is copied from file to file and communicated from process to process. In the end, the OS lets modules known as "declassifiers" legislate policies for secret data exiting to the network. DIFC provides better security than standard OSes because it allows developers to concentrate security-critical code in small, audit-friendly declassifiers, which remain small and contained even as the overall system balloons with new features. This talk presents DIFC, an implementation of DIFC for Linux, and a case study of a complex, popular open-source application (MoinMoin Wiki) secured with DIFC. MoinMoin is a prototype for more ambitious and general work to come, such as a novel Web-based application platform with encouraging security guarantees. Joint work with: Micah Brodsky, Natan Cliffer, Petros Efstathopoulos, Cliff Frey, Eddie Kohler, David Mazieres, Robert Morris, Frans Kaashoek, Steve VanDeBogart, Mike Walfish, Alex Yip, David Ziegler Bio: Maxwell Krohn is a PhD candidate in Computer Science at MIT. He received his BA from Harvard in 1999, and was a staff research scientist at NYU from 2002-2003. In between, he co-founded and co-built several community Web sites, some vintage (TheSpark.com), others live and kicking (SparkNotes.com and OkCupid.com). His research interests are in operating systems, distributed systems and security. Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Mar 31 11:02:28 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2VI2Sg7020464 for ; Mon, 31 Mar 2008 11:02:28 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2VHYkIp020299 for ; Mon, 31 Mar 2008 10:34:46 -0700 Message-Id: <200803311734.m2VHYkIp020299@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CSCI 530 HW4: Bad Commands Date: Mon, 31 Mar 2008 10:34:46 -0700 From: Bill Cheng Someone wrote: > In the grading guidelines for CSCI 530 HW4, under "Bad commandline" we > are told that we need to inform the user about error conditions > generated by bad command line input. > > How specific do these errors need to be? Is it sufficient to print out > the documentation for the command, or do we actually need to list the > cause of the error? It depends. The reason for printing out an error message is so that the user can fix the commandline. So, your error message should be informative. If the commandline is malformed, you can say "malformed command", brief mention why, and print the correct format. For example, if someone entered "hw4 sign -so=... -x /etc/motd", you can say something like: malformed command: invalid commandline option -x usage: hw4 sign -so=sopath file This is just an example. You can certainly have reason variations on this. On the other hand, if someone entered "hw4 sign -so=... /etc/nosuchfile", you should probably just say that "/etc/nosuchfile does not exist" since there is nothing wrong with the way the user entered the command. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sun Mar 30 22:48:52 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2V5mqLX019544 for ; Sun, 30 Mar 2008 22:48:52 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2V5LEN8007772 for ; Sun, 30 Mar 2008 22:21:15 -0700 Message-Id: <200803310521.m2V5LEN8007772@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS 530 HW4 doubt Date: Sun, 30 Mar 2008 22:21:14 -0700 From: Bill Cheng Someone wrote: > I have a few elementary doubts. When I run hw4 secret, the output i.e. the > rsa_private_key, rsa_public_modulus, rsa_public_exponent, random_bits_1 and > random_bits_2 should be redirected to a file "secret.c". Am i right? The spec is very clear about this! The output of "hw4 secret" must go to stdout! Please do *not* hardcode any file names. (This should also be clear from the grading guidelines.) > Now as per the sample output for secret.c that is provided, it contains a > few static int declarations viz. static unsigned char > HW4_rsa_public_exponent_size etc. If secret.c cannot be hardcoded, how can > we initialize these ints. Should we initialize them in hw4.c and redirect > them also. Your "hw4.c" need to generate the values in the arrays by calling functions such as RSA_generate_key() and other functions that genreates random/pseudorandom numbers. > Also, if everything is redirected then they are just placed one after > another in the file secret.c .Just by looking at the file there is no way > one can understand where the private key ends and where the other outputs > begin. So how should we distinguish where rsa_private_key ends and where > rsa_public_modulus begins? You don't need to *parse* a "secret.c" file. You just need to #include it when you compile your smartcard. Please look at the sample code provided. > Also, how do we declare the #includes in secret.c. I'm not sure what you meant here. The output of "hw4 secret" should look exactly like the sample "secret.c" that's provided in the spec, but with different values. > Hope you got my point. > Finally, everytime that I run hw4 secret I get different values for > rsa_private_key and rsa_public modulus. That should be expected behavior. > I hope I'm correct in that they have > to be different everytime you run the program. If you are not sure, please come see me during office hours. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sun Mar 30 19:37:53 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2V2bqY7002467 for ; Sun, 30 Mar 2008 19:37:52 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2V2AG74004591 for ; Sun, 30 Mar 2008 19:10:16 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m2V2AGmM004590 for cs530@merlot; Sun, 30 Mar 2008 19:10:16 -0700 Date: Sun, 30 Mar 2008 19:10:16 -0700 From: Bill Cheng Message-Id: <200803310210.m2V2AGmM004590@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: A mistake on the term paper web page... Hi everyone, I apologize that there was a mistake on the web page regarding the term paper. I've just fixed it. Please submit your term paper proposal to the TA. The TA will be approving your proposals. The approval is mainly about approving your 3 required references. Thanks! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sun Mar 30 00:09:57 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2U79vFP024769 for ; Sun, 30 Mar 2008 00:09:57 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2U6gRx2022974 for ; Sat, 29 Mar 2008 23:42:27 -0700 Message-Id: <200803300642.m2U6gRx2022974@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Regarding SmartcardState Date: Sat, 29 Mar 2008 23:42:27 -0700 From: Bill Cheng Someone wrote: > Why we are passing SmartcardState > in all functions because as per my knowledge we are not keeping > any critical state information in it, that is necessary to know > by other functions. > > I would appreciate your brief explanation for the reason to use > SmartcardState. Your implementation of the "hw4" application should be able to use the smartcard developed by another student, Alice. Alice may develop her smartcard using C++ and her SmartcardState may be a C++ object. Alice's implementation of the other smartcard functions may depend on this C++ object and she expects you to pass the SmartcardState back when you call other smartcard functions. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Mar 29 23:48:46 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2U6mkaF023026 for ; Sat, 29 Mar 2008 23:48:46 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2U6LGv7022783 for ; Sat, 29 Mar 2008 23:21:16 -0700 Message-Id: <200803300621.m2U6LGv7022783@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS530: HW4: Compatability Test G Date: Sat, 29 Mar 2008 23:21:16 -0700 From: Bill Cheng Someone wrote: > Same applies for test G, 10.edit is missing. The grading guidelines only mentioned "f10.edit" and it's there! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Mar 29 23:44:30 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2U6iUFU022670 for ; Sat, 29 Mar 2008 23:44:30 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2U6H0Z0022713 for ; Sat, 29 Mar 2008 23:17:00 -0700 Message-Id: <200803300617.m2U6H0Z0022713@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS530: HW4: Compatability test: E Date: Sat, 29 Mar 2008 23:17:00 -0700 From: Bill Cheng Someone wrote: > When running: > # (E1) > ./hw4 dec -so=./libhw4sc.so $srcdir/f3.1.enc >! f3.dat > > The test file appears to be missing: > > nunki.usc.edu(35): less ~csci530/public/hw4/f3.1.enc > /home/scf-22/csci530/public/hw4/f3.1.enc: No such file or directory > nunki.usc.edu(36): stat ~csci530/public/hw4/f3.1.enc > Can't lstat /home/scf-22/csci530/public/hw4/f3.1.enc > > Could you upload the file? Or am I misinterpreting the test? Oops! Thanks for catching it! I've uploaded the file. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Mar 29 23:28:21 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2U6SLWP021221 for ; Sat, 29 Mar 2008 23:28:21 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2U60pEB022389 for ; Sat, 29 Mar 2008 23:00:51 -0700 Message-Id: <200803300600.m2U60pEB022389@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS 530 HW4 doubt Date: Sat, 29 Mar 2008 23:00:51 -0700 From: Bill Cheng Someone wrote: > I had a question , is it ok to build the code from the sample you > have provided or should we write the code from scratch. It's perfectly okay to start from the sample I provided. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Mar 28 14:47:42 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2SLlgkh007670 for ; Fri, 28 Mar 2008 14:47:42 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2SLKNrS021238 for ; Fri, 28 Mar 2008 14:20:23 -0700 Message-Id: <200803282120.m2SLKNrS021238@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS530: HW4: #include secret.c Date: Fri, 28 Mar 2008 14:20:23 -0700 From: Bill Cheng Someone wrote: > The spec says: > Do a "grep 'secret.c' *.c* *.h*" and see what files are #include > "secret.c". The only source or header file that is allowed to #include > "secret.c" is the smartcard source file. If any other file is > including "secret.c", skip all the positive points. > I include secret.c in a file called CWSmartcardState.cpp. This is > compiled only into the shared object file. This is OK, yes? Yes! Your "CWSmartcardState.cpp" is considered to be a "smartcard source file". -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Mar 28 00:07:10 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2S77ArB026044 for ; Fri, 28 Mar 2008 00:07:10 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2S6dudE004391 for ; Thu, 27 Mar 2008 23:39:56 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m2S6duuj004390 for cs530@merlot; Thu, 27 Mar 2008 23:39:56 -0700 Date: Thu, 27 Mar 2008 23:39:56 -0700 From: Bill Cheng Message-Id: <200803280639.m2S6duuj004390@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: HW4 grading guidelines posted... Hi everyone, If you find bugs in the grading guidelines of HW4, please let me know ASAP! Thanks! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Mar 27 19:49:31 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2S2nUdM000552 for ; Thu, 27 Mar 2008 19:49:30 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2S2MIvV030507 for ; Thu, 27 Mar 2008 19:22:18 -0700 Message-Id: <200803280222.m2S2MIvV030507@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS530: Compiler Warnings Date: Thu, 27 Mar 2008 19:22:18 -0700 From: Bill Cheng Someone wrote: > Is it OK to get these compiler warnings when building secret.c into > the .so file? > > secret.c:5: warning: ‘HW4_rsa_private_key’ defined but not used > secret.c:23: warning: ‘HW4_rsa_private_key_size’ defined but not used > secret.c:25: warning: ‘HW4_rsa_public_exponent’ defined but not used > secret.c:28: warning: ‘HW4_rsa_public_exponent_size’ defined but not > used > secret.c:30: warning: ‘HW4_rsa_public_modulus’ defined but not used > secret.c:48: warning: ‘HW4_rsa_public_modulus_size’ defined but not used > secret.c:50: warning: ‘HW4_random_bits_1’ defined but not used > secret.c:56: warning: ‘HW4_random_bits_2’ defined but not used You should not have a rule to compile "secret.c" to "secret.o". But if you are using some automatic way of generating Makefile and there is no way to turn off the automatic compilation of "secret.c", please mention it at the top of the README file and there will be no deduction. If you hand-write your Makefile, you should not get these warnings. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Mar 26 21:12:57 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2R4CvI7003896 for ; Wed, 26 Mar 2008 21:12:57 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2R3jqhO002030 for ; Wed, 26 Mar 2008 20:45:52 -0700 Message-Id: <200803270345.m2R3jqhO002030@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS530: HW4: SC interface Date: Wed, 26 Mar 2008 20:45:52 -0700 From: Bill Cheng Someone wrote: > Are we allowed to modify the interface given in scintrf.h? There's a > few typedefs I want to add to make it easier to use. Please make sure that your modifications are backward-compatible. We will be testing your HW4 with our smartcard and your smartcard with our HW4. One way to make sure it's backward-compatible is to use another .h file that your program will include and this .h file will #include "scintrf.h". -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Mar 26 16:50:02 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2QNo1bD013047 for ; Wed, 26 Mar 2008 16:50:01 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2QNMwiA029881 for ; Wed, 26 Mar 2008 16:22:58 -0700 Message-Id: <200803262322.m2QNMwiA029881@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS530: HW4: Optional [file] argument Date: Wed, 26 Mar 2008 16:22:58 -0700 From: Bill Cheng Someone wrote: > The spec says that optional arguments may occur in any order. Does > this mean that for "hw4 verify", [file] can appear anywhere? Even > before the verify argument? Or, can [file] appear only at the end? [file] can only appear at the end. Only optional commandline arguments that begin with a "-" can occur in any order. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sun Mar 23 23:32:42 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2O6Wgke017828 for ; Sun, 23 Mar 2008 23:32:42 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2O662pq023702 for ; Sun, 23 Mar 2008 23:06:02 -0700 Message-Id: <200803240606.m2O662pq023702@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CSCI HW4: Modifications To secret.(c|h) Date: Sun, 23 Mar 2008 23:06:02 -0700 From: Bill Cheng Someone wrote: | On Mar 22, 2008, at 8:03 AM, Bill Cheng wrote: | | > The "static" was intentional and you should only #include | > "secret.c" in only one source file! Please do not change it | > (although it is a bit weird). "secret.c" should not be | > separately compiled (i.e., you should not have a rule to | > compile it in your Makefile). | | | Could you then explain what the purpose of secret.h is in the sample | code? It doesn't seem to be used anywhere, and it doesn't add any | information that the compiler can't determine directly from secret.c. You are absolutely right! There is no need for "secret.h" since you are suppose to #include "secret.c". -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Mar 22 08:29:31 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2MFTVvb004557 for ; Sat, 22 Mar 2008 08:29:31 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2MF34R1030499 for ; Sat, 22 Mar 2008 08:03:04 -0700 Message-Id: <200803221503.m2MF34R1030499@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CSCI HW4: Modifications To secret.(c|h) Date: Sat, 22 Mar 2008 08:03:04 -0700 From: Bill Cheng Someone wrote: > Do you mind if we make minor modifications to the the format of > secret.c/secret.h? > > Specifically, I'd like to propose changing: > > static unsigned char HW4_rsa_private_key[]; > > to this: > > extern unsigned char HW4_rsa_private_key[]; > > (Of course, the other variables in secret.(c|h) would be modified in a > similar fashion.) > > By not declaring these variables as external, secret.c needs to be > #included into any files where the RSA constants are used. While this > is the technique used in the sample code provided (see smartcard.c), > the existing code violates the principle of separate compilation. The "static" was intentional and you should only #include "secret.c" in only one source file! Please do not change it (although it is a bit weird). "secret.c" should not be separately compiled (i.e., you should not have a rule to compile it in your Makefile). -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Mar 22 08:26:02 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2MFQ2n1004225 for ; Sat, 22 Mar 2008 08:26:02 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2MExZ6m030419 for ; Sat, 22 Mar 2008 07:59:35 -0700 Message-Id: <200803221459.m2MExZ6m030419@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CSCI 530 HW4: RSA Blinding Date: Sat, 22 Mar 2008 07:59:35 -0700 From: Bill Cheng Someone wrote: > Should we enable OpenSSL's RSA Blinding feature when implementing HW4? > It seems like a good idea, but I just wanted to check with you. Please use the definition of "signature" in the spec and just do a simple encryption with the private key. We must use something that does not contain any randomness so we can grade! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Mar 19 15:19:20 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2JMJKuj010828; Wed, 19 Mar 2008 15:19:20 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2JLrEqX020907; Wed, 19 Mar 2008 14:53:14 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m2JLrEjM020906; Wed, 19 Mar 2008 14:53:14 -0700 Date: Wed, 19 Mar 2008 14:53:14 -0700 From: Bill Cheng Message-Id: <200803192153.m2JLrEjM020906@bourbon.usc.edu> To: cs530@merlot.usc.edu, cs551@merlot.usc.edu, cs558@merlot.usc.edu Subject: Being on campus tomorrow... Hi everyone, As it turns out, I will only be on campus between 11:30am and 1:30pm. If you plan to see me, please send me an e-mail to make an appointment during that period. Thanks! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Mar 17 19:40:59 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-0.4 required=5.0 tests=AWL,BAYES_50,PLING_QUERY autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2I2exkp004788; Mon, 17 Mar 2008 19:40:59 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2I2F9q6009259; Mon, 17 Mar 2008 19:15:09 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m2I2F9XB009258; Mon, 17 Mar 2008 19:15:09 -0700 Date: Mon, 17 Mar 2008 19:15:09 -0700 From: Bill Cheng Message-Id: <200803180215.m2I2F9XB009258@bourbon.usc.edu> To: cs530@merlot.usc.edu, cs558@merlot.usc.edu Subject: Office Hours during Spring Break?! Hi everyone, Since it's Spring Break, there are no office hours! So, if you'd like to see me, it's best to make an appointment. I should be in my office between 1pm and 4pm tomorrow. But if you want to make sure that I'm there, please send me e-mail to make an appointment for a specific time. Thanks! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Mar 14 10:53:51 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2EHrp0c021862 for ; Fri, 14 Mar 2008 10:53:51 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2EHSSJE031369 for ; Fri, 14 Mar 2008 10:28:28 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m2EHSSxL031368 for cs530@merlot; Fri, 14 Mar 2008 10:28:28 -0700 Date: Fri, 14 Mar 2008 10:28:28 -0700 From: Bill Cheng Message-Id: <200803141728.m2EHSSxL031368@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: midterm grading and final exam coverage... Hi everyone, I'm almost done with midterm grading and I'm changing my mind about whether the final exam should be comprehensive or not! I've decided that the final exam will *not* be comprehensive. So, topics covered by the final exam will not overlap with the topics covered by the midterm exam. But, since the 2nd part of the semester builds on top of the first part of the semester, you should still required to know everything covered by the midterm. I just will not ask anything explicitly about what was covered by the midterm. For example, in Tuesday's lecture, we talked about flipping a coin over the modem, and one of the protocols used RSA. RSA was covered by the midterm. So, for the final, I won't ask you anything about how to compute e and d and do encryption and decryption with small integers. But I can ask you about how RSA was used in the protocol for flipping a coin over the modem. I'll send out the midterm exam scores later today. Have a nice Spring Break! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Mar 13 20:57:57 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2E3vuIA011703 for ; Thu, 13 Mar 2008 20:57:56 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2E3Wcgs015446 for ; Thu, 13 Mar 2008 20:32:38 -0700 Message-Id: <200803140332.m2E3Wcgs015446@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: minus points confusion Date: Thu, 13 Mar 2008 20:32:38 -0700 From: Bill Cheng Someone wrote: > Hope you are doing good. > I was a little confused about the following line in the minus > points in grading guidelines. > --->Extra passphrase for verification for DES decryption : -2 > point > Does this mean that during DES decryption we should not verify > the passphrase?? Exactly! Only once during decryption. > Also,is it compulsory to use -BIO_set_callback(). No. It's a suggestion. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Mar 13 19:56:02 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2E2u2VR006360 for ; Thu, 13 Mar 2008 19:56:02 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2E2UiY0013778 for ; Thu, 13 Mar 2008 19:30:44 -0700 Message-Id: <200803140230.m2E2UiY0013778@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS 530 HW3 Date: Thu, 13 Mar 2008 19:30:44 -0700 From: Bill Cheng Someone wrote: > I just want a little clarification on "Extra passphrase for verification for > DES decryption: -2 points" in the grading guidelines. Does this mean we do > not need to verify the password entered while doing decryption? Correct. > Currently, > in my implementation we need to enter the passphrase 2 times (initial + > verification) during encryption, 2 times during decryption and 4 times > during (encryption followed by decryption). Should I remove the verification > of passphrase while decrypting? Yes. The reason you want to ask for passphrase 2 times during encryption is that if you misstype your passphrase, you may never be able to decrypt! So, it would be serious problem. There is no such problem during decryption. > Also, from the spec: > "After you've decrypt the file, you must computer the SHA-1 hash of your > result and compare with the SHA-1 hash stored in the encrypted file. If they > are not the same, you must report it." > I am assuming we do not have to print out the hash values and that just a > comparison and an error message in case of no match will do. Am I right in > assuming that or do I have to print out the SHA-1 hash values also? There is no need to print the hash value. Just an error message would do. The hash value is not useful because hash function has the onewayness property! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Mar 13 08:19:37 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2DFJaW4008417 for ; Thu, 13 Mar 2008 08:19:37 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2DEsNsd032286 for ; Thu, 13 Mar 2008 07:54:23 -0700 Message-Id: <200803131454.m2DEsNsd032286@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Possible bug Date: Thu, 13 Mar 2008 07:54:23 -0700 From: Bill Cheng Someone wrote: > The helloworld.txt.enc file provided by you for verfication in > enc-des does not have a new line character at the end. Could this > be a possible bug? "helloworld.txt.enc" is a binary file, so it is not required to have a "\n" at the end. (The rule in the Miscellaneoud section is for ASCII output only, as indicated.) > Because my output matches that of the file provided with one > flaw, that my file has a new line character and > helloworld.txt.enc doesnot have a new line character at the end. > I have not used a "\n" anywhere. The new line character is > generated by the openssl library function. You need to figure out where your "\n" came from. The out file size for enc-des should always be a multiple of 8 bytes! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Mar 13 08:07:17 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2DF7GTW007343; Thu, 13 Mar 2008 08:07:16 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2DEg3AT031877; Thu, 13 Mar 2008 07:42:03 -0700 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m2DEg3Ro031876; Thu, 13 Mar 2008 07:42:03 -0700 Date: Thu, 13 Mar 2008 07:42:03 -0700 From: Bill Cheng Message-Id: <200803131442.m2DEg3Ro031876@bourbon.usc.edu> To: cs530@merlot.usc.edu, cs551@merlot.usc.edu, cs558@merlot.usc.edu Subject: Today's office hour delayed by 30 minutes... Hi everyone, Looks like I won't be able to make it in by 10am this morning. So, I'm delaying today's office hour by 30 minutes to start at 10:30am. Sorry about the short notice. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Mar 12 10:53:46 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2CHrktp020891 for ; Wed, 12 Mar 2008 10:53:46 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2CHSele008370 for ; Wed, 12 Mar 2008 10:28:40 -0700 Message-Id: <200803121728.m2CHSele008370@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: hw3, des empty pass phrase Date: Wed, 12 Mar 2008 10:28:40 -0700 From: Bill Cheng Someone wrote: > For enc-des and dec-des operations if the user enters an empty > pass phrase should it be treated as an error case ? > > - OR - > > assume user entrered 0 bytes, Take SHA-1 hash of 0 bytes > ("da39a3ee5e6b4b0d3255bfef95601890afd80709") and work from there > on ? An empty string should not be allowed as a passphrase. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Mar 12 10:52:35 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2CHqZZY020871 for ; Wed, 12 Mar 2008 10:52:35 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2CHRSUj008339 for ; Wed, 12 Mar 2008 10:27:28 -0700 Message-Id: <200803121727.m2CHRSUj008339@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: hw3 des_read_pw() question Date: Wed, 12 Mar 2008 10:27:28 -0700 From: Bill Cheng Someone wrote: > des_read_pw() takes a constant size buffer from the caller where > it stores the input pass phrase from the user. > > If the input pass phrase entered from the user is greater than > the buffer size given to des_read_pw(), the API returns a > failure. > > Is it ok to give a large buffer like 1024 bytes to this API and > assume user will enter less than that as the pass phrase and > return failure if pass phrase is larget than that ? Sure! 1024 bytes sounds good. This means that you are assuming that no one can memorize a 1024 bytes long password, and that's probably a good assumption. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Mar 11 19:59:06 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2C2x6M9005652 for ; Tue, 11 Mar 2008 19:59:06 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2C2Y5Ld025545 for ; Tue, 11 Mar 2008 19:34:05 -0700 Message-Id: <200803120234.m2C2Y5Ld025545@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: BIO_set_callback doubt Date: Tue, 11 Mar 2008 19:34:05 -0700 From: Bill Cheng Someone wrote: > I am having trouble understanding the BIO_set_callback function . > Could you please explain me how a callback function works. Well, I cannot say too much. You should play around with it and figure out what it's doing. If you do "man BIO_set_callback", you should see: #define BIO_set_callback(b,cb) ((b)->callback=(cb)) typedef long callback(BIO *b, int oper, const char *argp, int argi, long argl, long retvalue); If you look through , you may be able to figure out that the first argument of BIO_set_callback() should be of type (BIO*) because struct bio_st is typedef'ed to be BIO. (struct bio_st is the only structure in that header file that has a field called "callback".) So, you need to declare a function of the callback type (as mentioned in the output of "man BIO_set_callback"). Then you read through the man pages and try to make sense out of everything there. You should also write some test code, set breakpoints in your callback function, and see what's going on. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Mar 11 00:29:20 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2B7TJ7F028877 for ; Tue, 11 Mar 2008 00:29:20 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2B74PkC002963 for ; Tue, 11 Mar 2008 00:04:25 -0700 Message-Id: <200803110704.m2B74PkC002963@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS530: HW3 Submission Question Date: Tue, 11 Mar 2008 00:04:25 -0700 From: Bill Cheng Someone wrote: > The submission instructions say: > > % ~csci551b/bin/bsubmit upload \ > -event bourbon.usc.edu_9996_1188496026_23 \ > -file hw3.pdf > That should be hw3.tar.gz, no? Yes! Thanks for catching it! I've updated the web page. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Mar 10 19:40:38 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2B2eci5002958 for ; Mon, 10 Mar 2008 19:40:38 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2B2FjxF031570 for ; Mon, 10 Mar 2008 19:15:45 -0700 Message-Id: <200803110215.m2B2FjxF031570@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: base 64 decoding Date: Mon, 10 Mar 2008 19:15:45 -0700 From: Bill Cheng Someone wrote: > Professor, for base 64 decoding should we assume that the input > is in columns of 64 characters (as produced by the openssl base > 64 encoding)? No! > Or can it be in any form and we should neglect all line feeds? Yes! And if you want your code to also work with Windows files, you should also neglect carriage returns. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Mar 10 18:51:46 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2B1pknA030843 for ; Mon, 10 Mar 2008 18:51:46 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2B1Qrvm030851 for ; Mon, 10 Mar 2008 18:26:53 -0700 Message-Id: <200803110126.m2B1Qrvm030851@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: small bug in specs (missing file) Date: Mon, 10 Mar 2008 18:26:53 -0700 From: Bill Cheng Someone wrote: > In the grading guidelines, in the last part of the minus points > section, the file "f0.des" in the following command cannot be found: > > ./hw3 dec-des $srcdir/f0.des >! fout > > I think you meant "f0.des.1" Yes! It's fixed now. Thanks for catching it! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Mar 10 10:12:42 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2AHCg2V015291 for ; Mon, 10 Mar 2008 10:12:42 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2AGlqRe018045 for ; Mon, 10 Mar 2008 09:47:52 -0700 Message-Id: <200803101647.m2AGlqRe018045@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Padding trailing zeros Date: Mon, 10 Mar 2008 09:47:52 -0700 From: Bill Cheng Someone wrote: > I was just going through the spec for des_ncbc_encrypt and > it says that zeros are automatically padded. > I am copying this from the spec: > DES_ncbc_encrypt() encrypts/decrypts using the cipher- > block-chaining (CBC) mode of DES. If the encrypt argument > is non-zero, the routine cipher-block-chain encrypts the > cleartext data pointed to by the input argument into the > ciphertext pointed to by the output argument, using the > key schedule provided by the schedule argument, and initialization > vector provided by the ivec argument. If the > length argument is not an integral multiple of eight > bytes, the last block is copied to a temporary area and > zero filled. The output is always an integral multiple of > eight bytes. > > As per you spec: > Since DES is a block cipher and it encrypts a 8-byte block > at a time, the size of an encrypted file is always a multiple > of 8 bytes. (If the input file size is not a multiple of 8 bytes, > please pad enough bytes of '\0's at the end.) > > So do we have to pad those 8 bits?? Or does the function do it automatically? I would always pad! (Unless you are not paranoid like me!) -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Mar 10 10:11:02 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2AHB1h9015103 for ; Mon, 10 Mar 2008 10:11:02 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m2AGkCDa018009 for ; Mon, 10 Mar 2008 09:46:12 -0700 Message-Id: <200803101646.m2AGkCDa018009@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: enc-des function Date: Mon, 10 Mar 2008 09:46:12 -0700 From: Bill Cheng Someone wrote: > I am a little confused with the following function > > void DES_ncbc_encrypt(const unsigned char *input, unsigned char > *output, long length, DES_key_schedule *schedule, > DES_cblock *ivec, int enc); > > This function is part of the openssl library. I was wondering as > to what DES_key_schedule represents? For DES, you need to derive 16 subkeys from the key. This is called "key scheduling" in DES. When you do CBC mode encryption, you will be doing encryption over and over again with the same set of subkeys. So, it is more efficient to generate the 16 subkeys once and use it over and over again. This is why DES_ncbc_encrypt() requires that you perform key scheduling first. You need to find out what you need to call in order for this to happen. > Because I did implement all the following things in my program > 1) 3 bytes stating - DES > 2) 1 byte showing the number of bytes in the end in the file. > 3) SHA1 of the file > 4) 16 bytes of encrypted data. > > And during encrypting 16 bytes of data i also append "0" whenver > required. > I still get a wrong output for the last 16 bytes of encryption. I'm not sure why you are appending zeroes if you are encrypting 16 bytes of data. If your input is a multiple of 8 bytes, there is no padding required. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Mar 7 22:55:23 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m286tNwj025639 for ; Fri, 7 Mar 2008 22:55:23 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m286Ur9I026124 for ; Fri, 7 Mar 2008 22:30:53 -0800 Message-Id: <200803080630.m286Ur9I026124@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: HW3 grading guidlines Date: Fri, 07 Mar 2008 22:30:53 -0800 From: Bill Cheng Someone wrote: > I was just wondering when you would be posting grading guidelines for hw3. I just got the HW3 grading guidelines posted. If you see bugs, please let me know! Thanks! And sorry about the delay. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Mar 7 00:44:16 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m278iG5U003140 for ; Fri, 7 Mar 2008 00:44:16 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m278JrKi032435 for ; Fri, 7 Mar 2008 00:19:53 -0800 Message-Id: <200803070819.m278JrKi032435@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS 530 HW2 grade... Date: Fri, 07 Mar 2008 00:19:53 -0800 From: Bill Cheng Hi everyone, In the grades e-mail I just sent to you with your HW2 score, I forgot to mention that there were minor modifications in the grading guidelines. The reason is that I have changed the testdata and some of them have different filesizes than before. I also used a different set of offset values. The difference between the new grading guidelines and the old ones are that I replaced: set skip=(113 497 13 1216 343 245 80 15 54 1239) set len=(231 310 165 51 1537 27 1148 599 120 251) with: set skip=(1239 54 15 80 256 8 1216 10 497 113) set len=(1537 27 1148 599 120 251 231 310 165 51) -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Mar 6 11:46:04 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m26Jk4NY030528 for ; Thu, 6 Mar 2008 11:46:04 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m26JLk8d018138 for ; Thu, 6 Mar 2008 11:21:46 -0800 Message-Id: <200803061921.m26JLk8d018138@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: secret sharing Date: Thu, 06 Mar 2008 11:21:46 -0800 From: Bill Cheng Someone wrote: > Hi professor, I think I caught a small typo, in slides of > lecture 13, page #16, you say "divide secret s into r shares". > Shouldn't it be "into n shares" ? You are correct! Thanks for catching it! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Mar 5 20:04:45 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2644jSo008901 for ; Wed, 5 Mar 2008 20:04:45 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m263eWQF028926 for ; Wed, 5 Mar 2008 19:40:32 -0800 Message-Id: <200803060340.m263eWQF028926@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Typo in CSCI 530 Lecture 7 Slides Date: Wed, 05 Mar 2008 19:40:32 -0800 From: Bill Cheng Someone wrote: > I am just wondering that is some part of last lecture will come in > midterms, because it seems that there is some overlap between 13th and > 14th lecture. As I've mentioned in my message with timestamp "Wed 05 Mar 15:32", it's not necessary to use the Extended Euclidean Algorithm to solve the system of modular equations. You can use it if you want to. There will be no questions in the exam that would *require* you to use the Extended Euclidean Algorithm. So, the coverage of the midterm is still the end of lecture 13. -- Bill Cheng // bill.cheng@usc.edu On 05/03/2008, Bill Cheng wrote: > Someone worte: > > > You have an typo on the slides for CSCI 530 Lecture 7. Page 10 > > "Anatomy Of A Block Cipher" lists DES as having a "Fiestel Network > > structure". This should instead be spelt "Feistel". > > Thanks for catching it! I've changed it in 03_crypto.pdf > (but have not changed the actual lecture slides). > > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Mar 5 19:22:14 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m263MEvH005109 for ; Wed, 5 Mar 2008 19:22:14 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m262w1iC027718 for ; Wed, 5 Mar 2008 18:58:01 -0800 Message-Id: <200803060258.m262w1iC027718@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Typo in CSCI 530 Lecture 7 Slides Date: Wed, 05 Mar 2008 18:58:01 -0800 From: Bill Cheng Someone worte: > You have an typo on the slides for CSCI 530 Lecture 7. Page 10 > "Anatomy Of A Block Cipher" lists DES as having a "Fiestel Network > structure". This should instead be spelt "Feistel". Thanks for catching it! I've changed it in 03_crypto.pdf (but have not changed the actual lecture slides). -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Mar 5 16:06:14 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m2606EPX019743 for ; Wed, 5 Mar 2008 16:06:14 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m25Ng3tY023245 for ; Wed, 5 Mar 2008 15:42:03 -0800 Message-Id: <200803052342.m25Ng3tY023245@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Salt in RSA Date: Wed, 05 Mar 2008 15:42:03 -0800 From: Bill Cheng Someone wrote: > What if the purpose of adding salt to message being encrypted > using RSA? There are some specific attacks on RSA. For these attacks, if you add salt to the message, then the attacks are not effective. I cover the details of these attackes in CS 531. > And is salt added to messages that are not specific > length or is it added to all the messages?? Salt needs to be added in a specific way. Its needed size depends on the message you are encrypting. Clearly, if n is 1024 bit long and your message is 1024 bit long, there is really no room at add salt directly. So, if you need to salt the message, you must specify it ahead of time so that everyone who is using the system will be able to decrypt properly. > Since the slide says > "Always add salt." Since RSA is mostly used as an envelop is salt > used to cover up for the key length in case it is shorter then > desired? Key length is public knowledge. > But if thats the case then it would mean tht the keys > generated by DES or AES are actually short and this means that > the message encryption itself is weak? > Isnt this the case? As I've mentioned in lectures, larger key length does not necessarily mean stronger crypto. Just because AES uses 128-bit keys, it doesn't mean that it is weaker than 512-bit RSA. Is AES-256 stronger than 1024-bit RSA? I don't know. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Mar 5 15:56:58 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m25Nuw5c018846 for ; Wed, 5 Mar 2008 15:56:58 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m25NWkdR023044 for ; Wed, 5 Mar 2008 15:32:46 -0800 Message-Id: <200803052332.m25NWkdR023044@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Extended euclidean algorithm - mid term Date: Wed, 05 Mar 2008 15:32:46 -0800 From: Bill Cheng Someone wrote: > For solving a system of 3 modular equations and 3 unknowns, you talked about > the extended euclidean algorithm and that it is a good way to solve these. > From the point of view of the mid-term, is it necessary we solve these using > the extended euclidean algorithm? It's not necessary. > Or can we solve them using other methods as well? For small modulus, you can just do a brute-force search for a multiplicative inverse as I described in class. Let's say that you are trying to find the multiplicative inverse of a mod p. You can simplying calculate: (p * 1) + 1 (p * 2) + 1 (p * 3) + 1 (p * 4) + 1 ... As soon as you get a number that is a multiple of a, you are done! If (p * i) + 1 is a multiple of a, then the multiplicative inverse of a mod p is ((p * i) + 1) / a. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Mar 5 13:16:15 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m25LGFUu004257 for ; Wed, 5 Mar 2008 13:16:15 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m25Kq4Pg019374 for ; Wed, 5 Mar 2008 12:52:04 -0800 Message-Id: <200803052052.m25Kq4Pg019374@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Relatively Prime Date: Wed, 05 Mar 2008 12:52:04 -0800 From: Bill Cheng Someone wrote: > So does that mean that a non prime number can also be used as > a relatively prime number? I was under the impression that > the search space for relative prime numbers is the prime > numbers themselves. There is no such thing as a "relative prime number". Sorry about the typo in my previous e-mail. It should be: a and b are integers. a and b are relatively prime if gcd(a,b)=1 So, when you use the term "relatively prime", you need to specify two numbers. 9 and 16 are relatively prime with respect to each other. Neither 9 nor 16 are prime numbers. But gcd(9,16)=1, and therefore, they are relatively prime to each other. > But your explanation states otherwise: > In the small example given in class, anything that's relative > prime to 40 would be okay. So, 3, 7, 9, 11, 13, 17, ... would > all work. All these numbers are relatively prime with respect to 40. gcd(3,40)=1, gcd(7,40)=1, gcd(9,40)=1, ... > So does that mean that search space includes the entire > spectrum of integers? Since we are talking about modular arithmetics, the number of values will be finite. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: Bill Cheng Date: Wednesday, March 5, 2008 12:31 pm Subject: Re: Relatively Prime To: cs530@merlot.usc.edu > Someone wrote: > > > I have a doubt with the term relatively prime. i understood that > > it means that the largest common divsor between (p-1)(q-1) and > > the prime number should be one. > > a and b are relative prime if gcd(a,b)=1. > > > But do we have to choose the > > smallest prime number of all the possible relative primes?? > > No. > > > BEcause in the example provided 3 is relatively prime to 40 . But > > 7 also is relatively prime. > > Or am i thinking in the wrong direction?? > > In the small example given in class, anything that's relative > prime to 40 would be okay. So, 3, 7, 9, 11, 13, 17, ... would > all work. > > For RSA, usually people choose e to be 65537 (which is 2^16+1). > Usually, we don't want e to be too big. If e is small, > encryption is faster. > -- > Bill Cheng // bill.cheng@usc.edu > Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Mar 5 12:48:44 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m25KmhZ8001651 for ; Wed, 5 Mar 2008 12:48:43 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m25KOXMk018915 for ; Wed, 5 Mar 2008 12:24:33 -0800 Message-Id: <200803052024.m25KOXMk018915@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Relatively Prime Date: Wed, 05 Mar 2008 12:24:33 -0800 From: Bill Cheng Someone wrote: > I have a doubt with the term relatively prime. i understood that > it means that the largest common divsor between (p-1)(q-1) and > the prime number should be one. a and b are relative prime if gcd(a,b)=1. > But do we have to choose the > smallest prime number of all the possible relative primes?? No. > BEcause in the example provided 3 is relatively prime to 40 . But > 7 also is relatively prime. > Or am i thinking in the wrong direction?? In the small example given in class, anything that's relative prime to 40 would be okay. So, 3, 7, 9, 11, 13, 17, ... would all work. For RSA, usually people choose e to be 65537 (which is 2^16+1). Usually, we don't want e to be too big. If e is small, encryption is faster. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Mar 4 21:39:54 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m255dsMv013936 for ; Tue, 4 Mar 2008 21:39:54 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m255Fn9N031593 for ; Tue, 4 Mar 2008 21:15:49 -0800 Message-Id: <200803050515.m255Fn9N031593@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Substitution Box Date: Tue, 04 Mar 2008 21:15:49 -0800 From: Bill Cheng Someone wrote: > I have a question regarding the S-BOX datastructure. Could you > please tell me how the data is arranged within a S-BOX. Since, > the total number of bits to enter the S-BOX is 48 how do they get > arranged within a 4X16 matrix?? There are 8 S-boxes! The input to each S-box is 6 bits long. 6 bits times 8 is 48 bits. For the 4x16 matrix, 2 of the above 6 bits selects a row of the matrix and 4 of the 6 bits selects a column of the matrix. To see one of the S-boxes of DES, please see: http://en.wikipedia.org/wiki/Substitution_box -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sun Mar 2 20:02:09 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m23429MA005865 for ; Sun, 2 Mar 2008 20:02:09 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m233cL1C009959 for ; Sun, 2 Mar 2008 19:38:21 -0800 Message-Id: <200803030338.m233cL1C009959@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CSCI-530 HW3 DES Spec clarification Date: Sun, 02 Mar 2008 19:38:21 -0800 From: Bill Cheng Someone wrote: > If the input file to be DES-encrypted is empty, are we supposed to abort? > > From the spec: "The next byte is the number of bytes in the last 8-byte > block of the original file (which must be between 1 and 8, inclusive)." > > If the input file is empty, then we cannot meet that "between 1 and 8" > requirement. However, in the past, we've had to deal with empty input > files, so I wanted to make sure. Good ponit! Thanks for pointing this out. Let's allow encryption and put 0x08 in the 4th byte of the output file. Following the 4th byte, please put the SHA1 hash of an empty file, which should be: da39a3ee5e6b4b0d3255bfef95601890afd80709 Since there is nothing to encrypt, after the SHA1 value, nothing should follow. I've just added the following to the spec right after what you quoted above: [BC: Added 3/2/2008] If the input file is empty, this byte must be 8. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Mar 1 10:21:31 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m21ILVrq012488 for ; Sat, 1 Mar 2008 10:21:31 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m21Hvsnv013508 for ; Sat, 1 Mar 2008 09:57:54 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m21HvsbD013507 for cs530@merlot; Sat, 1 Mar 2008 09:57:54 -0800 Date: Sat, 1 Mar 2008 09:57:54 -0800 From: Bill Cheng Message-Id: <200803011757.m21HvsbD013507@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Solving system of modular equations ... Hi everyone, In yesterday's lecture, towards the end, we were solving a system of 3 modular equations and 3 unkonwns. I mentioned that solving it is like solving a regular system of equations. You need to manipulate the equations to make the coefficients zero in the lower triangular area. For example, if you start with: (1) 3 = 4a + 2b + m mod 13 (2) 7 = 9a + 3b + m mod 13 (3) 5 = 25a + 5b + m mod 13 You want to manipuate (via "substitution") these equations until they look something like: (1') ? = ?a + ?b + ?m mod 13 (2') ? = 0 + ?b + ?m mod 13 (3') ? = 0 + 0 + ?m mod 13 Then you can easily solve the last equation to get m, then you plug the value of m into the middle equation and easily solve for b, then you plug the values of m and b into the top equation and easily solve for a. To substitute for (2), you can multiple (2) by -4/9 and add it to (1), then the coefficient for a will become zero. But what's -4/9 in mod 13 arithmatics? I mentioned that you can use the Extended Euclidean Algorithm to compute 1/9. I did not talk about the Extended Euclidean Algorithm yesterday but said that you can just try all possible values since 13 is a small number. Come to think of it, it's probably not a good way to go for the midterm exam. Therefore, I've added information about Extended Euclidean Algorithm to the "basic cryptographic protocols" slides in the Tentative Slides section of the Lectures web page. I have updated the solution method on these slides. I will talk about it at the beginning of the next lecture, but you should read ahead to prepare for the midterm. A quick way to perform the Extended Euclidean Algorithm is to use the Table Method. Let's say you want to solve: ax + by = d where a is the modolus and b is the number that you want to find the inverse for. So, in our example above, a is 13 and b is 9. The Table Method goes as follows: rem[1] = a; rem[2] = b; x[1] = 0; x[2] = 1; for (i=3; rem[i] > 1; i++) { rem[i] = rem[i-2] % rem[i-1]; quo[i] = rem[i-2] / rem[i-1]; x[i] = -quo[i] * x[i-1] + x[i-2]; } inverse = x[i]; If you use on a=13 and b=9, you will get: i quot rem x ================== 1 13 0 ------------------ 2 9 1 ------------------ 3 1 4 -1 ------------------ 4 2 1 3 Therefore, the "multiplicative inverse of 9" (or 1/9) is 3 mod 13. As you can see, this is really easy to do by hand! And you should always verify your answer. 9 * 3 = 27 and 27 mod 13 = 1. Checked! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Feb 29 08:17:02 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1TGH2qT014662 for ; Fri, 29 Feb 2008 08:17:02 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1TFrYv0010950 for ; Fri, 29 Feb 2008 07:53:34 -0800 Message-Id: <200802291553.m1TFrYv0010950@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: HW3 enc-des Date: Fri, 29 Feb 2008 07:53:34 -0800 From: Bill Cheng Someone wrote: > Hope you are doing good today. > The spec says that we need to be able to store the output to a > file for decryption after the enc-des is done. Could you tell me which paragraph of which section are you referring to? I cannot find such text. > Does this mean we > have to store the output to a file? Or do we have to store the > ouput to a file and display it on the console too?? Or are you > talking about redirection? > I am a little unclear about the requirement. Output of all commands should go to stdout. It's UNIX, so you can always redirect. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Feb 28 16:42:48 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1T0glOo013974 for ; Thu, 28 Feb 2008 16:42:47 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1T0JPxA022474 for ; Thu, 28 Feb 2008 16:19:25 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m1T0JPLX022473 for cs530@merlot; Thu, 28 Feb 2008 16:19:25 -0800 Date: Thu, 28 Feb 2008 16:19:25 -0800 From: Bill Cheng Message-Id: <200802290019.m1T0JPLX022473@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Summary of midterm topics posted Hi, I'm just posted a quick summary of the topics (not all topics covered are listed) on the class web page. Please take a look. I've decided that materials from lecture 4 (lecture given by Ho Chung) will not be on the midterm exam. At the end of today's lecture, I talked about midterm exam format. I mentioned that I would ask questions such as, "In N words or less, please answer the following question..." The idea is that I will stop reading your answer at N+1st word. So you need to give your best answer in the first N words. (You actually don't need to count the number of words if you put the most important and most relavent answer near the beginning.) The other important part of my message was that "better answers may get more points". For example, if I ask, "In 20 words or less, why was it necessary to send the 3rd message in the NSPK (Needham Schroeder Public Key) authentication protocol?" If your answer is "because without it, the protocol is insecure" without explaining why, you will receive either zero or very little partial credit for such a generic answer! Clearly, this answer is *technically correct*. But it just doesn't worth much! I want you to demonstrate that you know the difference between answers of different qualities. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Feb 27 22:38:39 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1S6cdP4002920 for ; Wed, 27 Feb 2008 22:38:39 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1S6FMng001488; Wed, 27 Feb 2008 22:15:22 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m1S6FMqJ001487; Wed, 27 Feb 2008 22:15:22 -0800 Date: Wed, 27 Feb 2008 22:15:22 -0800 From: Bill Cheng Message-Id: <200802280615.m1S6FMqJ001487@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: lab grades posted at Blackboard... Cc: davidmor@usc.edu, jeyachan@usc.edu Hi everyone, The lab grader has posted the grades for the first 3 labs at the Blackboard system. Please login to the Blackboard system to check your grade. 1 is a passing grade for a lab and 0 is no-pass (could be that you did not do the lab). The grading was performed by the lab grader Sridher Jeyachandran . The lab grader has applied one standard to all the labs. My instructions for the grader regarding regrade is that he may only change your score if he has made a mistake. If he did not make a mistake, there is no point arguing that he should change your score. Everyone got the same grade for turning the same thing. If you are not able to resolve grading issues with the grader, please then contact the lab TA, David Morgan (please write down the issues in some detail). For the regrade policy, please see the Regrading Policy section of the Course Description page: http://merlot.usc.edu/cs530-s08/description.html#regrade Please also remember that you need to *request* a regrade within 1 week of receiving this e-mail. The actual regrade by the grader can take place after the 1 week deadline. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Feb 26 20:48:35 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1R4mZfu025515 for ; Tue, 26 Feb 2008 20:48:35 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1R4PRTa006619 for ; Tue, 26 Feb 2008 20:25:27 -0800 Message-Id: <200802270425.m1R4PRTa006619@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS530: Interlock Protocol Date: Tue, 26 Feb 2008 20:25:27 -0800 From: Bill Cheng Someone wrote: | On Feb 26, 2008, at 19:29 , Bill Cheng wrote: | | > Someone wrote: | > | > | On Feb 26, 2008, at 18:52 , Bill Cheng wrote: | > | | > | > Someone wrote: | > | > | > | >> The interlock protocol has been bothering me. After looking it | > up in | > | >> the book, I still can't shake the fact that it is still | > possible to | > | >> transparently tap a previously unauthenticated key exchange and | > | >> subsequent conversation. | > | >> | > | >> p. 55 of the "Applied Cryptography" book says that "Donald | > Davies and | > | >> Wyn Price describe how the interlock protocol (described in | > Section | > | >> 3.1) can defeat this [Man in the Middle, public-key based | > | >> authentication] attack." | > | >> | > | >> Section 3.1 describes (paraphrased here) the steps to "thwart" | > the | > | >> would be attacker allowing Mallory to "substitute public keys | > for | > | >> Alice's and Bob's" (p. 49): | > | >> | > | >> 1. Alice sends her public key | > | >> 2. Bob sends his | > | >> 3. Alice encrypts and sends 1/2 msg using Bob's public key | > | >> 4. Bob encrypts and sends 1/2 using Alice's public key | > | >> 5. Alice encrypts and sends other 1/2 using Bob's public key | > | >> 6. Bob decrypts Alice's message | > | >> 7. Bob encrypts and sends other 1/2 using Alice's public key | > | >> 8. Alice decrypts Bob's message | > | >> | > | >> However, if an attacker can substitute his/her keys for the | > public | > | >> keys of either Alice or Bob (or both), the conversation becomes: | > | >> 1. Alice sends her public key to Bob | > | >> 2. Mallory intercepts, sends own public key to Bob pretending | > to be | > | >> Alice (PukMA) and retains private key (PrkMA) | > | >> 3. Bob sends his public key to Alice | > | >> 4. Again, Mallory intercepts, sends own public key to Alice | > | >> pretending | > | >> to be Bob (PukMB) and retains private key (PrkMB) | > | >> 5. Alice sends 1/2 her message to Bob using PukMB, as she | > believes | > | >> this to be Bob's public key, encrypted and sends it to "Bob" | > | >> 6. Mallory intercepts the message, creates a new message, | > encrypts | > | >> the | > | >> new message using PrkMB, and forwards that message to Bob | > | >> 7. Bob sends his encrypted half, using PukMB, as he believes | > this to | > | >> be Alice's public key, encrypted and sends it to "Alice" | > | >> 8. Malloy intercepts the message, creates a new message, | > encrypts it | > | >> using PrkMA, and forwards that message to Alice | > | >> 9. Alice then sends the second 1/2 of the encrypted message to | > "bob" | > | >> 10. Mallory intercepts and now has the complete, decryptable | > message | > | >> from Alice | > | >> 11. Mallory forwards part 2 of his message to Bob | > | >> 12. Bob sends the second 1/2 of his message to "alice" | > encrypted with | > | >> PukMB | > | >> 13. Mallory intercepts and now has the complete, decryptable | > message | > | >> from Bob and has successfully inserted himself, transparently | > into | > | >> the | > | >> conversation | > | >> | > | >> The book claims this thwarts the attack as Mallory will be | > unable to | > | >> predict what conversation will he held. Clearly, the first | > round is | > | >> undeniably insecure. Subsequent rounds are also insecure as, | > although | > | >> Mallory will have no clue what Alice is originally sending to | > Bob, it | > | >> does not matter because Bob will still think Mallory is Alice | > and | > | >> Alice will still think Mallory is Bob. | > | >> | > | >> I suppose my ultimate question is, how is this a viable | > replacement | > | >> to | > | >> the PKI or chain of trust? | > | > | > | > I think I didn't explained it correctly today in class. I | > | > was one minute over time and I didn't get across the crucial | > | > bit of information. I've added a slide in today's lecture. | > | > Hopefully, that will make it clear. Please see slide 35 of | > | > lecture 12. | > | > | > | > When I mentioned "half a message", the "message" was not the | > | > message Alice tried to send to Bob, but it was half of | > | > everything Alice was trying to send to Bob. In the new slide, | > | > I now have: | > | > | > | > 1) let oh(m) denote the odd-byte half of m | > | > 2) Alice sends oh(E_Kses(message) || E_PK_B(Kses)) | > | > | > | > and *not* E_Kses(oh(message)) || E_PK_B(Kses). | > | > | > | > So, if Mallory was the active attacker, instead of having | > | > E_PK_B(Kses), Alice will send E_PK_M(Kses), but only | > | > every other byte of it! | > | > | > | > At this point, Mallory cannot extract the session key (Kses) | > | > so he cannot re-encrypt anything. What is Mallory suppose to | > | > do? He still requires to forward *something* to Bob. Mallory | > | > is stuck! | > | | > | Right, but he now has 2 session keys between two parties that think | > | they are talking with each other securely. The book mentions that | > this | > | only frustrates the attack if the conversation between A & B is not | > | known in advance, but there must be some hand-shake protocol that | > | Mallory will be able to anticipate. | > | > I think I know what you are saying... If Mallory just | > forward what he intercepted, Bob won't know that the half | > message was bad. When Alice send the 2nd half of the | > message, Mallory will be able to extract the session key and | > get Alice's data. Although at this point, Bob will discover | > that there is an attacker, but it's all too late. | | Well, it doesn't benefit Mallory to just forward it blindly, I'm | saying that he should impersonate the other party and carry on two | different conversations at once to obtain confidential information. But what can Mallory forward to Bob after he only received the first half of Alice's message? Mallory doesn't know Kses at this point. Recall that Mallory has: oh(E_Kses(message) || E_PK_M(Kses)) The best that Mallory can do is to create Kses' and message' and send to Bob: oh(E_Kses'(message') || E_PK_B(Kses')) When Mallory gets the 2nd half of Alice's message, he is now stuck with message' and must send: eh(E_Kses'(message') || E_PK_B(Kses')) Therefore, if message' makes sense in the conversation, then Mallory may be able to fool Alie and Bob. Also, if Alice and Bob continues with the conversation with the same session key, Mallory has to continue the conversation with something that makes sense. | > I think you are correct. But the important thing about this | > protocol is that Alice and Bob will be able to detect that | > there is an active attacker. (The worst part about the | > previous, broken, protocol was that Alice and Bob did not | > know that there was an active attacker.) | > | > So, the appliation of the Interlock Procotol should be just a | > key exchange, so that Alice and Bob can stay in the long | > conversation. Therefore, the first message should just have | > something like "Hello" in it. After the first couple of | > messages, if Alice or Bob detects an active attacker, the | > conversation is over. | | Well, even with a key exchange, the key isn't the goal of the attack. | The secret data that the key would have encrypted is. So, Mallory need | only convince Alice or Bob to send confidential information. This is | something this protocol does not appear to prevent. You are right. But Alice and Bob will be able to detect that there is an attack, unless message' makes good sense to Bob. If Mallory is a person, he may be able to come up with a message' that makes sense and be able to carry on the conversation. But if Mallory is only a piece of software, I think an automated attack without Alice and Bob noticing would be difficult. But then again, like you said, Mallory get to walk away with the secret, so this defense should not be considered a total success. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Feb 26 19:52:30 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1R3qUgb019584 for ; Tue, 26 Feb 2008 19:52:30 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1R3TMEn005670 for ; Tue, 26 Feb 2008 19:29:22 -0800 Message-Id: <200802270329.m1R3TMEn005670@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS530: Interlock Protocol Date: Tue, 26 Feb 2008 19:29:22 -0800 From: Bill Cheng Someone wrote: | On Feb 26, 2008, at 18:52 , Bill Cheng wrote: | | > Someone wrote: | > | >> The interlock protocol has been bothering me. After looking it up in | >> the book, I still can't shake the fact that it is still possible to | >> transparently tap a previously unauthenticated key exchange and | >> subsequent conversation. | >> | >> p. 55 of the "Applied Cryptography" book says that "Donald Davies and | >> Wyn Price describe how the interlock protocol (described in Section | >> 3.1) can defeat this [Man in the Middle, public-key based | >> authentication] attack." | >> | >> Section 3.1 describes (paraphrased here) the steps to "thwart" the | >> would be attacker allowing Mallory to "substitute public keys for | >> Alice's and Bob's" (p. 49): | >> | >> 1. Alice sends her public key | >> 2. Bob sends his | >> 3. Alice encrypts and sends 1/2 msg using Bob's public key | >> 4. Bob encrypts and sends 1/2 using Alice's public key | >> 5. Alice encrypts and sends other 1/2 using Bob's public key | >> 6. Bob decrypts Alice's message | >> 7. Bob encrypts and sends other 1/2 using Alice's public key | >> 8. Alice decrypts Bob's message | >> | >> However, if an attacker can substitute his/her keys for the public | >> keys of either Alice or Bob (or both), the conversation becomes: | >> 1. Alice sends her public key to Bob | >> 2. Mallory intercepts, sends own public key to Bob pretending to be | >> Alice (PukMA) and retains private key (PrkMA) | >> 3. Bob sends his public key to Alice | >> 4. Again, Mallory intercepts, sends own public key to Alice | >> pretending | >> to be Bob (PukMB) and retains private key (PrkMB) | >> 5. Alice sends 1/2 her message to Bob using PukMB, as she believes | >> this to be Bob's public key, encrypted and sends it to "Bob" | >> 6. Mallory intercepts the message, creates a new message, encrypts | >> the | >> new message using PrkMB, and forwards that message to Bob | >> 7. Bob sends his encrypted half, using PukMB, as he believes this to | >> be Alice's public key, encrypted and sends it to "Alice" | >> 8. Malloy intercepts the message, creates a new message, encrypts it | >> using PrkMA, and forwards that message to Alice | >> 9. Alice then sends the second 1/2 of the encrypted message to "bob" | >> 10. Mallory intercepts and now has the complete, decryptable message | >> from Alice | >> 11. Mallory forwards part 2 of his message to Bob | >> 12. Bob sends the second 1/2 of his message to "alice" encrypted with | >> PukMB | >> 13. Mallory intercepts and now has the complete, decryptable message | >> from Bob and has successfully inserted himself, transparently into | >> the | >> conversation | >> | >> The book claims this thwarts the attack as Mallory will be unable to | >> predict what conversation will he held. Clearly, the first round is | >> undeniably insecure. Subsequent rounds are also insecure as, although | >> Mallory will have no clue what Alice is originally sending to Bob, it | >> does not matter because Bob will still think Mallory is Alice and | >> Alice will still think Mallory is Bob. | >> | >> I suppose my ultimate question is, how is this a viable replacement | >> to | >> the PKI or chain of trust? | > | > I think I didn't explained it correctly today in class. I | > was one minute over time and I didn't get across the crucial | > bit of information. I've added a slide in today's lecture. | > Hopefully, that will make it clear. Please see slide 35 of | > lecture 12. | > | > When I mentioned "half a message", the "message" was not the | > message Alice tried to send to Bob, but it was half of | > everything Alice was trying to send to Bob. In the new slide, | > I now have: | > | > 1) let oh(m) denote the odd-byte half of m | > 2) Alice sends oh(E_Kses(message) || E_PK_B(Kses)) | > | > and *not* E_Kses(oh(message)) || E_PK_B(Kses). | > | > So, if Mallory was the active attacker, instead of having | > E_PK_B(Kses), Alice will send E_PK_M(Kses), but only | > every other byte of it! | > | > At this point, Mallory cannot extract the session key (Kses) | > so he cannot re-encrypt anything. What is Mallory suppose to | > do? He still requires to forward *something* to Bob. Mallory | > is stuck! | | Right, but he now has 2 session keys between two parties that think | they are talking with each other securely. The book mentions that this | only frustrates the attack if the conversation between A & B is not | known in advance, but there must be some hand-shake protocol that | Mallory will be able to anticipate. I think I know what you are saying... If Mallory just forward what he intercepted, Bob won't know that the half message was bad. When Alice send the 2nd half of the message, Mallory will be able to extract the session key and get Alice's data. Although at this point, Bob will discover that there is an attacker, but it's all too late. I think you are correct. But the important thing about this protocol is that Alice and Bob will be able to detect that there is an active attacker. (The worst part about the previous, broken, protocol was that Alice and Bob did not know that there was an active attacker.) So, the appliation of the Interlock Procotol should be just a key exchange, so that Alice and Bob can stay in the long conversation. Therefore, the first message should just have something like "Hello" in it. After the first couple of messages, if Alice or Bob detects an active attacker, the conversation is over. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Feb 26 19:15:24 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1R3FONo016254 for ; Tue, 26 Feb 2008 19:15:24 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1R2qH1f005250 for ; Tue, 26 Feb 2008 18:52:17 -0800 Message-Id: <200802270252.m1R2qH1f005250@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS530: Interlock Protocol Date: Tue, 26 Feb 2008 18:52:17 -0800 From: Bill Cheng Someone wrote: > The interlock protocol has been bothering me. After looking it up in > the book, I still can't shake the fact that it is still possible to > transparently tap a previously unauthenticated key exchange and > subsequent conversation. > > p. 55 of the "Applied Cryptography" book says that "Donald Davies and > Wyn Price describe how the interlock protocol (described in Section > 3.1) can defeat this [Man in the Middle, public-key based > authentication] attack." > > Section 3.1 describes (paraphrased here) the steps to "thwart" the > would be attacker allowing Mallory to "substitute public keys for > Alice's and Bob's" (p. 49): > > 1. Alice sends her public key > 2. Bob sends his > 3. Alice encrypts and sends 1/2 msg using Bob's public key > 4. Bob encrypts and sends 1/2 using Alice's public key > 5. Alice encrypts and sends other 1/2 using Bob's public key > 6. Bob decrypts Alice's message > 7. Bob encrypts and sends other 1/2 using Alice's public key > 8. Alice decrypts Bob's message > > However, if an attacker can substitute his/her keys for the public > keys of either Alice or Bob (or both), the conversation becomes: > 1. Alice sends her public key to Bob > 2. Mallory intercepts, sends own public key to Bob pretending to be > Alice (PukMA) and retains private key (PrkMA) > 3. Bob sends his public key to Alice > 4. Again, Mallory intercepts, sends own public key to Alice pretending > to be Bob (PukMB) and retains private key (PrkMB) > 5. Alice sends 1/2 her message to Bob using PukMB, as she believes > this to be Bob's public key, encrypted and sends it to "Bob" > 6. Mallory intercepts the message, creates a new message, encrypts the > new message using PrkMB, and forwards that message to Bob > 7. Bob sends his encrypted half, using PukMB, as he believes this to > be Alice's public key, encrypted and sends it to "Alice" > 8. Malloy intercepts the message, creates a new message, encrypts it > using PrkMA, and forwards that message to Alice > 9. Alice then sends the second 1/2 of the encrypted message to "bob" > 10. Mallory intercepts and now has the complete, decryptable message > from Alice > 11. Mallory forwards part 2 of his message to Bob > 12. Bob sends the second 1/2 of his message to "alice" encrypted with > PukMB > 13. Mallory intercepts and now has the complete, decryptable message > from Bob and has successfully inserted himself, transparently into the > conversation > > The book claims this thwarts the attack as Mallory will be unable to > predict what conversation will he held. Clearly, the first round is > undeniably insecure. Subsequent rounds are also insecure as, although > Mallory will have no clue what Alice is originally sending to Bob, it > does not matter because Bob will still think Mallory is Alice and > Alice will still think Mallory is Bob. > > I suppose my ultimate question is, how is this a viable replacement to > the PKI or chain of trust? I think I didn't explained it correctly today in class. I was one minute over time and I didn't get across the crucial bit of information. I've added a slide in today's lecture. Hopefully, that will make it clear. Please see slide 35 of lecture 12. When I mentioned "half a message", the "message" was not the message Alice tried to send to Bob, but it was half of everything Alice was trying to send to Bob. In the new slide, I now have: 1) let oh(m) denote the odd-byte half of m 2) Alice sends oh(E_Kses(message) || E_PK_B(Kses)) and *not* E_Kses(oh(message)) || E_PK_B(Kses). So, if Mallory was the active attacker, instead of having E_PK_B(Kses), Alice will send E_PK_M(Kses), but only every other byte of it! At this point, Mallory cannot extract the session key (Kses) so he cannot re-encrypt anything. What is Mallory suppose to do? He still requires to forward *something* to Bob. Mallory is stuck! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Feb 26 18:58:52 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1R2wpsS014834 for ; Tue, 26 Feb 2008 18:58:51 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1R2ZihI004989 for ; Tue, 26 Feb 2008 18:35:44 -0800 Message-Id: <200802270235.m1R2ZihI004989@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Hw3 Date: Tue, 26 Feb 2008 18:35:44 -0800 From: Bill Cheng Someone wrote: > Hw3 specifies that we have to do enc-base 64 and dec-base 64! Do > we stright away use openssl header for it and use the inbuilt > funstions? or do we use the program created during the first > homework? As I've mentioned in class today, you must only use the OpenSSL library functions to perform enc-base64 and dec-base64. You cannot use your code from HW1. I've just updated the spec (in the Miscellaneous section) to make the explicit. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sun Feb 24 16:28:43 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1P0ShFG032473 for ; Sun, 24 Feb 2008 16:28:43 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1P05rFc004194 for ; Sun, 24 Feb 2008 16:05:53 -0800 Message-Id: <200802250005.m1P05rFc004194@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Hw3 Date: Sun, 24 Feb 2008 16:05:53 -0800 From: Bill Cheng Someone wrote: > I can't see HW3 posted . Can you please tell me when you'll be posting that. Oops! Sorry! I just got it posted. We will talk about HW3 briefly on Tuesday. Please read the spec so you can ask questions. Also, as usual, if you see bugs in the spec, please let me know ASAP. Thanks! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Feb 23 22:25:44 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1O6Phjb000825 for ; Sat, 23 Feb 2008 22:25:43 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1O62xCI026535 for ; Sat, 23 Feb 2008 22:02:59 -0800 Message-Id: <200802240602.m1O62xCI026535@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: XSA doubt Date: Sat, 23 Feb 2008 22:02:59 -0800 From: Bill Cheng Someone wrote: > I'm not the person who originally asked this question, but I know some > people who were confused in the same way. > > I think one of the places was in Cheng08a.pdf, Section IIIA, third > paragraph (page 10). It implied that only repeating messages shorter > than 128 bytes was sufficient to meet the MSR requirement. It led some > people to ask me "what about 128 Bill Cheng wrote: > Someone wrote: > > > While implementing the XSA-Strengthening algorithm, the paper says that if > > the imput message is less than 128 bytes then the input message must be > > repeated and expanded to conform to the message self-repeat requirement. > > I'm not sure why you said 128. It's 256. Could you point me > to the place in the paper where it says 128? > > > I just wanted to confirm that in XSA the input message must be repeated > > untill the size reaches 256 and not 128? > > It's all 256. Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Feb 23 09:34:11 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1NHYBmI030169 for ; Sat, 23 Feb 2008 09:34:11 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1NHBVhd015114 for ; Sat, 23 Feb 2008 09:11:31 -0800 Message-Id: <200802231711.m1NHBVhd015114@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: XSA doubt Date: Sat, 23 Feb 2008 09:11:31 -0800 From: Bill Cheng Someone wrote: > While implementing the XSA-Strengthening algorithm, the paper says that if > the imput message is less than 128 bytes then the input message must be > repeated and expanded to conform to the message self-repeat requirement. I'm not sure why you said 128. It's 256. Could you point me to the place in the paper where it says 128? > I just wanted to confirm that in XSA the input message must be repeated > untill the size reaches 256 and not 128? It's all 256. > In the sample output of XSA, > > 0001 > 0203 e0d5 > 04050607 03 > 08090a0b0c0d0e0f fa643697 > 000102030405060708090a0b0c0d0e0f > 000102030405060708090a0b0c0d0e0f > 000102030405060708090a0b0c0d0e0f 0c > 000102030405060708090a0b0c0d0e0f > 000102030405060708090a0b0c0d0e0f > 000102030405060708090a0b0c0d0e0f > 000102030405060708090a0b0c0d0e0f d83eef6a > 000102030405060708090a0b0c0d0e0f > 000102030405060708090a0b0c0d0e0f > 000102030405060708090a0b0c0d0e0f > 000102030405060708090a0b0c0d0e0f > 000102030405060708090a0b0c0d0e0f > 000102030405060708090a0b0c0d0e0f > 000102030405060708090a0b0c0d0e0f > 000102030405060708090a0b0c0d0e0f e254 > 6608deeb510ca3af7c7912a4435b5e95564154307ed2b88a > 24bcfbcc5990c08211672e196c3e01ff776a87982abbd337 > 5f4c4ecdbd768063736de948b538ba > > Also, just wanted confirmation that we add the shrunken noise bytes after > 2^k bytes every time and then when the entire input is read and the final > noise byte is added, we compute the shrunken ARC4 hash of this expanded > input message (minimum length message + shrunken noise bytes) and append it > after the last noise byte added. Thanks a lot. For k=1 through 8, you add the shrunken noise bytes after 2^k bytes of input has been processed. After that, for every 256 bytes of input, you clock out 16 noise bytes and add the shrunken version of these bytes. When all data is processed, you append the SA hash. I found myself repeating the above over and over again. I'm going to update the spec with this soon. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Feb 23 09:22:25 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1NHMOO9029038 for ; Sat, 23 Feb 2008 09:22:24 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1NGxjY5014710 for ; Sat, 23 Feb 2008 08:59:45 -0800 Message-Id: <200802231659.m1NGxjY5014710@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: SA and XSA Date: Sat, 23 Feb 2008 08:59:45 -0800 From: Bill Cheng Someone wrote: > I am a little confused about the SA and XSA strengthening > algorithms. > > 1) For the SA strengthening, are we supposed to append the > Shrunken ARC4 Hash to the very end of the message? Yes. For the "sa" command, you should output: msr(m)||sah(m) > Or are we > supposed to compute an sah(m) for each block of 256 bytes and > append the Shrunken ARC4 Hash at the end of each 256-byte block. No. > 2) For XSA strengthening, we have to add up to 8 noise bytes to > the end of a 256 block. In addition to that, do we also have to > add the shrunken arc4 hash to the end of the entire message? Yes. This should be clear from the sample output of "hw2 xsa testvec.bin". > 3) For XSA, do we need to read the input file 2 times? Once to > find out how long the input is and to compute shrunken arc4 hash > for the entire message. And a second time to clock out the 16 > bytes to append to the end of each 256-byte block. You should not do this because going 2 pass is too much for a hash function. You should try to read 256 bytes of data into a memory buffer and see if you have reached the end of file. If you have, then you can apply MSR (message self repeat). Otherwise, you can process through the buffer and reuse the buffer for the rest of the file by reading data into it 256 bytes at a time. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Feb 22 22:16:24 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1N6GOGE001950 for ; Fri, 22 Feb 2008 22:16:24 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1N5rmVc003337 for ; Fri, 22 Feb 2008 21:53:48 -0800 Message-Id: <200802230553.m1N5rmVc003337@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: reading from stdin Date: Fri, 22 Feb 2008 21:53:48 -0800 From: Bill Cheng Someone wrote: > I am done with hw2 and tested all cases, though I am not using > temporary file for expansion and then calling MD5/SHA1 on it .But > still I am using temp file for reading from stdin. > > So even if I go with it penalty for using temp file for reading in > stdin is 10(at max). > > Correct me if i am wrong , though I would try my best not to use temp file. You will lose 10 points. There should be very little difference in your code between reading from stdin and reading from a file if you don't call functions such as rewind() or functions that put back bytes into the input stream. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Feb 22 16:16:56 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1N0GuAs002452 for ; Fri, 22 Feb 2008 16:16:56 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1MNsMUH030058 for ; Fri, 22 Feb 2008 15:54:22 -0800 Message-Id: <200802222354.m1MNsMUH030058@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Creation of intermediate file by XSA for md5, sha1 Date: Fri, 22 Feb 2008 15:54:22 -0800 From: Bill Cheng Someone wrote: > I am actually now stuck with hw2-> xsa part , in that I am not sure what > should be hash which we append in the end. I know you mentioned in the > class that it would be different from sa . At the end, you need to print out the SA-hash. The algorithm is the same as the "sa" command, but the values will be different because generating noise bytes changes the internal states. > So my question is do we have to include the noise bytes also > when calculating hash from key scheduling algorithm. For the "xsa" command, the noise bytes just get printed out. You don't need to feed the noise bytes into the key scheduling algorithm. -- Bill Cheng // bill.cheng@usc.edu On 21/02/2008, Bill Cheng wrote: > Someone wrote: > > > Earlier you mentioned that its not a good practice to make use of > > temp file for applying sa/xsa and then using that file for MD5 . > > But as there was nothing written earlier in grading guidelines so I > > already implemented that thing . > > > At the top of the grading guidelines, item (6) says that we > reserve the right to modify the grading guidelines. Since > I've written an explicit e-mail to the whole class and said > that it's not a good idea, then it's find to update the > grading guidelines, even after the submission deadline. > > You are really not suppose to code based on the grading > guidelines! You are suppose to do your best and use the > grading guidelines to check your implementation. > > > > Can we get a day extension because > > there would be lot of change in code now and now hardly there is any > > time left. > > Kindly grant us a day extension if u find my request appropriate. > > > Fine. I've just updated the web page. The due time is now > 11:45PM on 2/23/2008. > > > > Other thing is that I am creating temporary file which I remove in the > > end form the folder when we are reading Input from Stdin . So my doubt > > is does same rule(penalty) > > applies to when we are reading from stdin and pasting that to temp file. > > > You will lose 10 points for this. You are really not > suppose to go through the data more than one time for > a cryptographic hash function. > > -- > Bill Cheng // bill.cheng@usc.edu > > > > > On 21/02/2008, Bill Cheng wrote: > > > Someone wrote: > > > > > > > Is it valid to create an intermediate file in xsa to work > > > > as an input to md5 or sha1? > > > > So if md5 or sha1 has called xsa, xsa would write to file instead of stdout. > > > > md5, sha1 would then read this file. > > > > > > As I mentioned before, for debugging, it's fine. But you > > > should implement this in memory! I'm going to add this > > > to the grading guidelines. > > > > > > -- > > > Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Feb 21 22:21:35 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1M6LYC6003153 for ; Thu, 21 Feb 2008 22:21:34 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1M5x6bg009512 for ; Thu, 21 Feb 2008 21:59:07 -0800 Message-Id: <200802220559.m1M5x6bg009512@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Creation of intermediate file by XSA for md5, sha1 Date: Thu, 21 Feb 2008 21:59:06 -0800 From: Bill Cheng Someone wrote: > Earlier you mentioned that its not a good practice to make use of > temp file for applying sa/xsa and then using that file for MD5 . > But as there was nothing written earlier in grading guidelines so I > already implemented that thing . At the top of the grading guidelines, item (6) says that we reserve the right to modify the grading guidelines. Since I've written an explicit e-mail to the whole class and said that it's not a good idea, then it's find to update the grading guidelines, even after the submission deadline. You are really not suppose to code based on the grading guidelines! You are suppose to do your best and use the grading guidelines to check your implementation. > Can we get a day extension because > there would be lot of change in code now and now hardly there is any > time left. > Kindly grant us a day extension if u find my request appropriate. Fine. I've just updated the web page. The due time is now 11:45PM on 2/23/2008. > Other thing is that I am creating temporary file which I remove in the > end form the folder when we are reading Input from Stdin . So my doubt > is does same rule(penalty) > applies to when we are reading from stdin and pasting that to temp file. You will lose 10 points for this. You are really not suppose to go through the data more than one time for a cryptographic hash function. -- Bill Cheng // bill.cheng@usc.edu > On 21/02/2008, Bill Cheng wrote: > > Someone wrote: > > > > > Is it valid to create an intermediate file in xsa to work > > > as an input to md5 or sha1? > > > So if md5 or sha1 has called xsa, xsa would write to file instead of stdout. > > > md5, sha1 would then read this file. > > > > As I mentioned before, for debugging, it's fine. But you > > should implement this in memory! I'm going to add this > > to the grading guidelines. > > > > -- > > Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Feb 21 16:48:13 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1M0mDSW006078 for ; Thu, 21 Feb 2008 16:48:13 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1M0Plvc005554 for ; Thu, 21 Feb 2008 16:25:47 -0800 Message-Id: <200802220025.m1M0Plvc005554@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Creation of intermediate file by XSA for md5, sha1 Date: Thu, 21 Feb 2008 16:25:47 -0800 From: Bill Cheng Someone wrote: > Is it valid to create an intermediate file in xsa to work > as an input to md5 or sha1? > So if md5 or sha1 has called xsa, xsa would write to file instead of stdout. > md5, sha1 would then read this file. As I mentioned before, for debugging, it's fine. But you should implement this in memory! I'm going to add this to the grading guidelines. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Feb 21 16:46:18 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1M0kHF3005895 for ; Thu, 21 Feb 2008 16:46:17 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1M0NpLF005508 for ; Thu, 21 Feb 2008 16:23:51 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m1M0Npea005507 for cs530@merlot; Thu, 21 Feb 2008 16:23:51 -0800 Date: Thu, 21 Feb 2008 16:23:51 -0800 From: Bill Cheng Message-Id: <200802220023.m1M0Npea005507@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: one more file for your debugging pleasure... Hi, For the "arc4" command and for the "~csci530/public/hw2/f0" file, I generated all the internal state of the modified ARC4 cipher at the end of each iteration of the key scheduling algorithm. I've put the file at: ~csci530/public/hw2/f0.all-states -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Feb 21 08:10:10 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1LGAAHj024408 for ; Thu, 21 Feb 2008 08:10:10 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1LFllhZ029114 for ; Thu, 21 Feb 2008 07:47:47 -0800 Message-Id: <200802211547.m1LFllhZ029114@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: hw2 -offset Date: Thu, 21 Feb 2008 07:47:47 -0800 From: Bill Cheng Someone wrote: > In Arc4 does the offset mean that we skip the bytes everytime: > example : file size is 1289 and offset is 1239 > now we have to make sure that the length of the input message is > 256 bytes => we have to keep on appending bytes to make the > size 256.My question is do we append bytes from the offset every > time or we are allowed to read from the start of the message i.e > in the above scenario the first 50 bytes are read from 1239 to > 1289...but what abt the bytes after that...should they be from > byte 1 to 205 approx or should they we read from 1239 to 1289 5 > odd times. If the file size is 1289 and the offset is 1239, you should treat the input as being only 1289-1239=50 bytes long (skipping the first 1239 of the input). So, the effect should be the same as if you simply start with the last 50 bytes of the input in a different file. The implementation is very simple, if you see "-s offset" is specified, just stay in a loop to read "offset" bytes of input. The rest of your code should stay exactly the same! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Feb 20 22:12:54 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1L6CsdP003182 for ; Wed, 20 Feb 2008 22:12:54 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1L5oYxY019872 for ; Wed, 20 Feb 2008 21:50:34 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m1L5oYgE019871 for cs530@merlot; Wed, 20 Feb 2008 21:50:34 -0800 Date: Wed, 20 Feb 2008 21:50:34 -0800 From: Bill Cheng Message-Id: <200802210550.m1L5oYgE019871@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: More information for your debugging pleasure for the XSA command... Hi, I've added the following table to the spec for the "hw2 xsa testvec.bin" command: k noise bytes shrunken noise bytes ------------------------------------------------------------- 1 35e1 (none) 2 08e0cad5 e0d5 3 c46793162903 03 4 bdfa2b641436a697 fa643697 5 6d58cf40933db4f54402 (none) 6 7ef3a62a00e3693eea0c2913 0c 7 d84e98d8333e4a09ebb394efde6a d83eef6a 8 bc444d8a39d98ee735b301e220727a54 e254 Hopefully, this may help you debug your code. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Wed Feb 20 10:45:03 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1KIj3PW006826 for ; Wed, 20 Feb 2008 10:45:03 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1KIMl4l007496 for ; Wed, 20 Feb 2008 10:22:47 -0800 Message-Id: <200802201822.m1KIMl4l007496@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: ARC4 script Date: Wed, 20 Feb 2008 10:22:47 -0800 From: Bill Cheng Someone wrote: > Professor, the ARC4 script still has -l len after -s offset. > Is it gonna be changed it or should we use it the way it is? Oops! I forgot to do it. It's been updated now. Thanks for the reminder! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Feb 19 20:49:49 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1K4nnsB029161; Tue, 19 Feb 2008 20:49:49 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1K4Rc8k025813; Tue, 19 Feb 2008 20:27:38 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m1K4RcHe025812; Tue, 19 Feb 2008 20:27:38 -0800 Date: Tue, 19 Feb 2008 20:27:38 -0800 From: Bill Cheng Message-Id: <200802200427.m1K4RcHe025812@bourbon.usc.edu> To: cs530@merlot.usc.edu, cs551@merlot.usc.edu, cs558@merlot.usc.edu Subject: Thursday's office hour moved to the afternoon... Hi everyone, I won't be able to be on campus this Thursday morning. So, I'm moving the office hour this Thursday to 3:30-4:40pm in the afternoon. Sorry about the inconvenience. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Feb 19 00:10:55 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1J8AtWC015565 for ; Tue, 19 Feb 2008 00:10:55 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1J7mpR9004620 for ; Mon, 18 Feb 2008 23:48:51 -0800 Message-Id: <200802190748.m1J7mpR9004620@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: HW2 question - using the openssl library API Date: Mon, 18 Feb 2008 23:48:51 -0800 From: Bill Cheng Someone wrote: > I have a question about implementing the SHA1 and MD5 algorithms. > The hw2 page, in the Miscellaneous Requirements and Hints > section, it states that we are supposed to call the openssl > library directly. But I have looked at the openssl documentation > and still don't know how to accomplish this. Which API functions > in the library are we supposed to use? Do we have to use the > SSL_library_init() function and the SSL_CTX object? Are there > more direct functions I can call for computing SHA1 and MD5 > digests? Please see slide 4 of lecture 6. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sun Feb 17 21:23:20 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1I5NKm6001774 for ; Sun, 17 Feb 2008 21:23:20 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1I51PeS011345 for ; Sun, 17 Feb 2008 21:01:25 -0800 Message-Id: <200802180501.m1I51PeS011345@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Hw2 -> sa Date: Sun, 17 Feb 2008 21:01:25 -0800 From: Bill Cheng Someone wrote: > In parity accumulator , I am not able to understand meaning of > > if parity(pacc) = 1 > > what does parity(pacc)= 1 means . parity(x) returns the parity of byte x, where parity of byte x is defined by adding all the bits of x together; if the result is odd, parity(x) returns 1; if the result is even, parity(x) returns 0; > Can you please illustrate it by taking example. > > suppose pacc=0x1f > > then parity(pacc) =?? 0x1f has 5 ones, so parity(pacc) returns 1. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Feb 16 21:33:25 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1H5XPrN005289 for ; Sat, 16 Feb 2008 21:33:25 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1H5BcYc031424 for ; Sat, 16 Feb 2008 21:11:38 -0800 Message-Id: <200802170511.m1H5BcYc031424@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: xsa Date: Sat, 16 Feb 2008 21:11:38 -0800 From: Bill Cheng Someone wrote: > I see another bug if I'm not wrong. For example, for f1 (which is > greater than 256 bytes), after the first 256 bytes we should > compute the noise every chunk of 256 bytes, and then we output > the contents of the chunk plus the shrunk noise. For the last > chunk (maybe < 256 bytes) we don't output the noise, but we > should output the contents of the chunk as in SA. > > I've traced the hexdump of your file since I was getting errors > and this last chunk is not included. The difference is exactly 99 > bytes as expected, since sizeof(f1) = 5987 = 256*23 + 99. Are we > supposed to include the contents of the last chunk in XSA or only > in SA? You are absolutely right! Thanks for catching the bug. I've fixed this. Please let me know if there are more bugs! Thanks! -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: Bill Cheng Date: Saturday, February 16, 2008 4:43 pm Subject: Re: xsa To: cs530@merlot.usc.edu > Hi everyone, > > I've fix the bugs. If you see more bugs, please let me know! > Thanks! > > --Bill > > > > -----Original Message----- > Date: Sat, 16 Feb 2008 15:20:51 -0800 > From: Bill Cheng > To: cs530@merlot.usc.edu > Subject: Re: xsa > > Someone wrote: > > > I'm running the scripts for SA and XSA, for SA all are correct > > but for XSA I get errors in the diff. I look at the folder > > ~csci530/public/hw2 and I determine the following: > > > > - the size of file f1 is 5987 bytes > > - the size of f1.sa.1 is 6054 bytes, which is logically larger > > than f1 since it's extended > > - the size of f1.xsa.1 is only 355 bytes, isn't that strange? > > You are right. All the f?.xsa.? files are quite small. I'll > take a look and see where the bugs are. > -- > Bill Cheng // bill.cheng@usc.edu > Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Feb 16 17:11:27 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1H1BRsP014083 for ; Sat, 16 Feb 2008 17:11:27 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1H0nf8i028140 for ; Sat, 16 Feb 2008 16:49:41 -0800 Message-Id: <200802170049.m1H0nf8i028140@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Grading guidelines hw2 Date: Sat, 16 Feb 2008 16:49:41 -0800 From: Bill Cheng Someone wrote: > On Feb 16, 2008, at 3:24 PM, Bill Cheng wrote: > > >> ./hw2 arc4 should not be there as it is not a valid command line . > > > > Fixed! Thanks for pointing it out! > > Why is this invalid? Wouldn't './hw2 arc4' just output all of the > bytes generated after key scheduling has run to completion? The commandline syntax in the spec says: hw2 arc4 {-states|-l len} [-s offset] [file] This means that the 2nd argument must be either "-states" or "-l len" (since there are no square brackets around the 2nd argument). For the arc4 command, if neither -states nor -l is used, there would be no output! > If this isn't the case, why would it be beneficial to implement a > cipher that always requires an upper bound on the output (as '-l' > does)? Isn't the most common use case to output the entirety of the > input file after encryption? For our arc4 command, the input data (file or stdin) is *not* the plaintext to be encrypted. Up to the first 256 bytes of the input data is to be used as the *key* for the key scheduling algorithm. We are not doing any encryption here. When -l is specified, we are just outputing len bytes of keystream. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Feb 16 17:04:25 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1H14PRD013516 for ; Sat, 16 Feb 2008 17:04:25 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1H0getJ028048 for ; Sat, 16 Feb 2008 16:42:40 -0800 Message-Id: <200802170042.m1H0getJ028048@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Question on md5 using sa input Date: Sat, 16 Feb 2008 16:42:40 -0800 From: Bill Cheng Someone wrote: > When we use the 'sa' argument for the 'md5' function, can we store > the output of 'sa' into a temporary file and use this file as an input > for 'md5'? (since we aren't allowed to store more than 4096 bytes in the > memory) You should not. SA and XSA enhanced hash functions are also hash functions. So, they should only go through the input data with a single pass! (Of course, I have not talked about this in class.) What you are suggesting is basically have a buffer (in a file) about the size of the input, and that's really not a good way to implement. But for debugging, you can certainly do this. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Feb 16 16:58:47 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1H0wluQ012969 for ; Sat, 16 Feb 2008 16:58:47 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1H0b1WV027974 for ; Sat, 16 Feb 2008 16:37:01 -0800 Message-Id: <200802170037.m1H0b1WV027974@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: xsa Date: Sat, 16 Feb 2008 16:37:01 -0800 From: Bill Cheng Hi everyone, I've fix the bugs. If you see more bugs, please let me know! Thanks! --Bill -----Original Message----- Date: Sat, 16 Feb 2008 15:20:51 -0800 From: Bill Cheng To: cs530@merlot.usc.edu Subject: Re: xsa Someone wrote: > I'm running the scripts for SA and XSA, for SA all are correct > but for XSA I get errors in the diff. I look at the folder > ~csci530/public/hw2 and I determine the following: > > - the size of file f1 is 5987 bytes > - the size of f1.sa.1 is 6054 bytes, which is logically larger > than f1 since it's extended > - the size of f1.xsa.1 is only 355 bytes, isn't that strange? You are right. All the f?.xsa.? files are quite small. I'll take a look and see where the bugs are. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Feb 16 15:46:26 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1GNkPhc006474 for ; Sat, 16 Feb 2008 15:46:26 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1GNOepK026760 for ; Sat, 16 Feb 2008 15:24:40 -0800 Message-Id: <200802162324.m1GNOepK026760@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Grading guidelines hw2 Date: Sat, 16 Feb 2008 15:24:40 -0800 From: Bill Cheng Someone wrote: > In grading guidelines in last part > > Bad behavior for random input : -1 point each for each not handling properly > # > # for these commands, just pound on the keyboard and hit > # at random times and see if the program behaves > # properly by not crashing, you don't have to look at the > # output data > # > # if the program seg faults, please apply the seg fault rule > # above > # > ./hw2 arc4 > ./hw2 sa > ./hw2 xsa > ./hw2 md5 > > > ./hw2 arc4 should not be there as it is not a valid command line . Fixed! Thanks for pointing it out! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Feb 16 15:42:37 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1GNgaoB006054 for ; Sat, 16 Feb 2008 15:42:36 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1GNKpSA026643 for ; Sat, 16 Feb 2008 15:20:51 -0800 Message-Id: <200802162320.m1GNKpSA026643@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: xsa Date: Sat, 16 Feb 2008 15:20:51 -0800 From: Bill Cheng Someone wrote: > I'm running the scripts for SA and XSA, for SA all are correct > but for XSA I get errors in the diff. I look at the folder > ~csci530/public/hw2 and I determine the following: > > - the size of file f1 is 5987 bytes > - the size of f1.sa.1 is 6054 bytes, which is logically larger > than f1 since it's extended > - the size of f1.xsa.1 is only 355 bytes, isn't that strange? You are right. All the f?.xsa.? files are quite small. I'll take a look and see where the bugs are. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Feb 16 10:09:10 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1GI99lT008431 for ; Sat, 16 Feb 2008 10:09:09 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1GHlQJe020145 for ; Sat, 16 Feb 2008 09:47:26 -0800 Message-Id: <200802161747.m1GHlQJe020145@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Regarding output algorithm of ARC4 Date: Sat, 16 Feb 2008 09:47:26 -0800 From: Bill Cheng Someone wrote: > I have a little doubt regarding the output algorithm of ARC4. > When -states is used in the command line do we have to use the > output algorithm to output the internal state of array or we can > use printf statement directly to output the state of array? Just the internal states, sequentially. I think printf() can only produce "formatted" output, which means formatted for human reading. It's probably no good for printing binary data. You can just use fwrite(). > Can you please guide me when to use the output algorithm exactly? For HW2, you only need to use the output algorithm in generating the noise bytes for the XSA algorithm. I'm not sure exactly what you need to know. Please review the lecture videos or come talk to me during office hours. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Feb 15 23:52:34 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1G7qY9h018172 for ; Fri, 15 Feb 2008 23:52:34 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1G7UsZU011021 for ; Fri, 15 Feb 2008 23:30:54 -0800 Message-Id: <200802160730.m1G7UsZU011021@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: question Date: Fri, 15 Feb 2008 23:30:54 -0800 From: Bill Cheng Someone wrote: > Professor, another quick question, in the command-line syntax for > arc4 it's specified that -l len comes before -s offset. However > in the last script of test cases -s comes before -l. Should we > make it position-independent or is it a mistake in the test > cases? It's a UNIX convention that *optional* commandline options can come in any order. I've just added a note in the spec to say this. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Feb 15 20:46:54 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1G4ks2S001626 for ; Fri, 15 Feb 2008 20:46:54 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1G4PGbt007407 for ; Fri, 15 Feb 2008 20:25:16 -0800 Message-Id: <200802160425.m1G4PGbt007407@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Question about the Hw2 spec Date: Fri, 15 Feb 2008 20:25:16 -0800 From: Bill Cheng Someone wrote: > I had a question regarding the use of openssl > > The minus points in the grading guideline say that > ---visually inspect the code and look for system(), popen(), > "exec", to make sure that an external program (such as > openssl) is not called to do the work > > However, the spec says this > ---You must call MD5 and SHA-1 related functions in the > OpenSSL library directly. > > I got a little confused. Do we have to use openssl?? > or do we avoid its use?? You need to call openssl *functions* and link to the crypto library (use -lcrypto). You must *not* do something like: system("openssl md5 ..."); system("openssl sha1 ..."); That would be invoking openssl as an external program and that's not allowed for HW2. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Feb 15 20:39:39 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1G4ddQs000842 for ; Fri, 15 Feb 2008 20:39:39 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1G4I1oX007296 for ; Fri, 15 Feb 2008 20:18:01 -0800 Message-Id: <200802160418.m1G4I1oX007296@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Suspected typing error in grading guidelines for HW2 Date: Fri, 15 Feb 2008 20:18:01 -0800 From: Bill Cheng Someone wrote: > Under part (A) in the grading guidelines for HW2, the last script uses files > 0,2,4,6 and 8. But logically, the ouput can't be correct since for diff you > are using the same files as you used in the script just before that and we > skip some bytes in this. > > cat $srcdir/f$f | ./hw2 arc4 -l $len[$i] > f$f.len > and > ./hw2 arc4 -s $skip[$i] -l $len[$i] $srcdir/f$f > f$f.len > shouldn't produce the same output unless after skipping the said number of > bytes we encounter the same bytes as we did when we run the first script. > > I think you meant to use files 1,3,5,7 and 9. You are absolutely right. I've fixed it. Thanks for pointing out the bug! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Feb 15 16:38:43 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1G0ch5p012195 for ; Fri, 15 Feb 2008 16:38:43 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1G0H6CD004273 for ; Fri, 15 Feb 2008 16:17:06 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m1G0H6OM004272 for cs530@merlot; Fri, 15 Feb 2008 16:17:06 -0800 Date: Fri, 15 Feb 2008 16:17:06 -0800 From: Bill Cheng Message-Id: <200802160017.m1G0H6OM004272@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: grading guidelines for HW2 has been posted Hi, The grading guidelines for HW2 has been posted. Please see: http://merlot.usc.edu/cs530-s08/homeworks/hw2/#grading If you see bugs, please let me know! Thanks! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Feb 15 12:32:18 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1FKWIb8022240 for ; Fri, 15 Feb 2008 12:32:18 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1FKAhFL032690 for ; Fri, 15 Feb 2008 12:10:43 -0800 Message-Id: <200802152010.m1FKAhFL032690@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Three questions about hw2 Date: Fri, 15 Feb 2008 12:10:43 -0800 From: Bill Cheng Someone wrote: > I have three question about hw2. > > Q1. > About the command of "hw2 md5(or sha1)", spec is different from slide: > In spec: hw2 md5 [{-sa|-xsa}] [-s offset] [file] > In slide: hw2 md5 {-sa|-xsa} [-s offset] [file] > Which is correct? The spec is correct. -sa or -xsa are optional. > Q2. > About the arguments of the command: > hw2 md5 [{-sa|-xsa}] [-s offset] [file] > > what if these three arguments change the order like: > hw2 md5 -s 16 -sa file1 > hw2 md5 file1 -sa -s 16 > ... > Is it OK or malformed command? You can switch the positions for any of the *optional* commandline arguments that begins with "-". So, the first one is fine but the 2nd one is malformed. > Q3. > I wrote a program on nunki using "log" function, when I compile it, > an error occured: > "Undefined symbol log, ld: fatal: Symbol referencing errors." > > But I did include , I replace the "log" function with other > several math functions like "sin,cos,exp,pow", same error occured. I > guess it didn't find math.h > > Is there any path I should add to the enviroment variable or when compile? The error is a linker error (and not a compile-time error). During compilation, it found "math.h". If it didn't, you will get an error message about it. You need to include "-lm" when you try to create the executable. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Feb 15 12:08:34 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1FK8Yfu020072 for ; Fri, 15 Feb 2008 12:08:34 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1FJkwbj032249 for ; Fri, 15 Feb 2008 11:46:58 -0800 Message-Id: <200802151946.m1FJkwbj032249@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Question Regarding HW2 Date: Fri, 15 Feb 2008 11:46:58 -0800 From: Bill Cheng Someone wrote: > I have finished writing the "SA" according to the specs. However, > I'm getting different output than the one you posted for "testvec.bin" file. > If possible, could you please give us the internal states (i.e. the > content of the array S[i]) after applying the ARC4 hash, and before > applying the Shrunken ARC4 hash for debugging purposes? (I want to make > sure that the problem is from calculating the parity for pacc) Before you implement the "sa" command, you should first make sure that your "arc4" implementation is correct. If it's correct, then what you are asking is exactly the output of the following command: hw2 arc4 -states testvec.bin I will post the grading guidelines today, so you can have more testdata to verify that your solution is correct. > by the way, here is what I've done: > > - Initialize S using aes_box. > - Applying ARC4 hash algorithm on S using the input (after repeating the > msr since its only 16 bytes in testvec.bin). > - Applying the Shrunken ARC4 hash on S (looping for the size of S which > is 256) This is why "hw2 arc4 -states testvec.bin" should give the state information by the end of your step 2 above. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Feb 12 23:02:22 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1D72Mdj023406; Tue, 12 Feb 2008 23:02:22 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1D6f74b008654; Tue, 12 Feb 2008 22:41:07 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m1D6f7fg008653; Tue, 12 Feb 2008 22:41:07 -0800 Date: Tue, 12 Feb 2008 22:41:07 -0800 From: Bill Cheng Message-Id: <200802130641.m1D6f7fg008653@bourbon.usc.edu> To: cs530@merlot.usc.edu, cs551@merlot.usc.edu, cs558@merlot.usc.edu Subject: Permanently changing my office hours... Hi, I don't feel that my office hours are working out too well on Mondays and Wednesdays. I'm moving them to TuTh 10am to 11am. Sorry about the inconvenience this may have caused. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Feb 11 22:11:27 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_50,WHOIS_NETSOLPR autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1C6BREw017743; Mon, 11 Feb 2008 22:11:27 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1C5oLOk017899; Mon, 11 Feb 2008 21:50:21 -0800 Message-Id: <200802120550.m1C5oLOk017899@bourbon.usc.edu> To: cs551@merlot.usc.edu, cs558l@merlot.usc.edu, cs530@merlot.usc.edu Subject: FWD: Participation request for a survey ($20 amazon gift certificate drawing for participants) Date: Mon, 11 Feb 2008 21:50:21 -0800 From: Bill Cheng Hi Everyone, I'm forwarding the following e-mail for a survey conducted at USC (online, ~20 minutes long). You are under no obligation to participate. Only male students ages 18-30, of Caucasian or Asian descent may participate. There is a $20 amazon gift certificate drawing for participants. Please read below for details if you are interested. -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Mon, 11 Feb 2008 21:43:55 -0500 From: Joanne Kim To: chengw@usc.edu Subject: Participation request for your students Dear USC Student, You are being invited to participate in an online research survey about attitudes toward seeking professional psychological help. If you are a male between the ages of 18 and 30 and are currently enrolled as an undergraduate or graduate student at the University of Southern California, you are eligible to participate in this study. You will have the opportunity to enter a confidential raffle drawing in which you may win one of ten $20 gift certificates for Amazon.com. To enter the drawing, you will need to provide your name and e-mail address so that you can be contacted in the event that you win. However, this identifying information will not be linked in any way to your responses in the survey and will be stored in a separate electronic file. Your name and e-mail address will not at any time be used for any purpose other than to notify you if you have won a gift certificate in the drawing. The odds of winning a gift card are approximately one-in-twenty. You do not need to complete the online survey or participate in the research study in order to be eligible for the drawing. If you have any questions, please contact Joanne Kim, M.S.Ed. at jyk@usc.edu or Ruth Chung, Ph.D. at rchung@usc.edu before deciding whether or not to participate. Your participation is entirely voluntary, and you can refuse to participate without penalty or loss of benefits to which you are otherwise entitled. Your refusal will not influence your current or future relationships with USC. Please be assured that your participation in this study is entirely voluntary, and you may withdraw your consent at any time. Your actual survey responses will not be linked to your name, and will never be associated with you or any personally identifiable information. Your survey will be assigned a random number, which serve as the only identifier for purposes of record keeping. This random number will not be linked to your name or any personally identifiable information about you. As a result, your responses cannot be linked to your identity at any point in time. You can access the study online at: http://www.surveymonkey.com/s.asp?u=865742130453 The login page provides full information about the study and a consent form. You will also find information about how to enter the raffle drawing. If you have questions about the survey or have difficulty accessing the survey on the Web, please contact Joanne Kim at jyk@usc.edu. Thank you! Return-Path: william@bourbon.usc.edu Delivery-Date: Sun Feb 10 23:30:00 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1B7U06n002791 for ; Sun, 10 Feb 2008 23:30:00 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1B791O2026012 for ; Sun, 10 Feb 2008 23:09:01 -0800 Message-Id: <200802110709.m1B791O2026012@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CSCI-530 HW2 Sample input/output problem Date: Sun, 10 Feb 2008 23:09:01 -0800 From: Bill Cheng Someone wrote: > While I was testing with the sample input/output pairs, I noticed that > the hex representation of "hw2 xsa testvec.bin" does not match the raw > binary file > http://merlot.usc.edu/cs530-s08/homeworks/hw2/testvec-xsa.bin . The > first byte where it differs is byte #3. > > I also noticed that the having openssl SHA1 hash testvec-xsa.bin does > not give the same result as what is posted on the website. Thanks for catching the bug! The binary file "testvec-xsa.bin" was bad. I have replaced it with the correct one. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sun Feb 10 22:59:22 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.5 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1B6xLXm031544 for ; Sun, 10 Feb 2008 22:59:21 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1B6cNab025259 for ; Sun, 10 Feb 2008 22:38:23 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m1B6cNCp025258 for cs530@merlot; Sun, 10 Feb 2008 22:38:23 -0800 Date: Sun, 10 Feb 2008 22:38:23 -0800 From: Bill Cheng Message-Id: <200802110638.m1B6cNCp025258@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS 530 HW1 grade... Hi everyone, There was a bug in my script in the e-mail I sent about your HW1 grade. It said: Total score (out of 100) and it should say out of 50 points. Sorry about the bug! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sun Feb 10 00:11:33 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.5 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1A8BXcF018890 for ; Sun, 10 Feb 2008 00:11:33 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1A7ohSF008219 for ; Sat, 9 Feb 2008 23:50:43 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m1A7ohn6008218 for cs530@merlot; Sat, 9 Feb 2008 23:50:43 -0800 Date: Sat, 9 Feb 2008 23:50:43 -0800 From: Bill Cheng Message-Id: <200802100750.m1A7ohn6008218@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Sample Output section for HW2 added... Hi, I've added a Sample Output section to the HW2 spec. As it turned out, many of the test vectors in [Cheng08a] are incorrect! Please use the values shown in the spec. If you see bugs, please let me know! Thanks! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Feb 7 08:16:00 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.5 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m17GG0vq002154; Thu, 7 Feb 2008 08:16:00 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m17FtVt3013894; Thu, 7 Feb 2008 07:55:31 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m17FtVOA013893; Thu, 7 Feb 2008 07:55:31 -0800 Date: Thu, 7 Feb 2008 07:55:31 -0800 From: Bill Cheng Message-Id: <200802071555.m17FtVOA013893@bourbon.usc.edu> To: cs530@merlot.usc.edu, cs551@merlot.usc.edu Subject: Class canceled today... Hi, I'm quite sick with a cold today. My throat hurts a lot and I cannot lecture. I won't be coming to school today, so I'm canceling office hour and lecture. Sorry about the inconvenience. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Feb 5 21:29:06 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.5 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m165T6ig008960; Tue, 5 Feb 2008 21:29:06 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m1658niW010940; Tue, 5 Feb 2008 21:08:49 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m1658nec010939; Tue, 5 Feb 2008 21:08:49 -0800 Date: Tue, 5 Feb 2008 21:08:49 -0800 From: Bill Cheng Message-Id: <200802060508.m1658nec010939@bourbon.usc.edu> To: cs530@merlot.usc.edu, cs551@merlot.usc.edu, cs558@merlot.usc.edu Subject: Office hour tomorrow moved to Thursday... Hi, I just found out that I need to go to a funeral tomorrow. So, I'm moving office hour tomorrow (Wed, 2/6/2008) to Thursday, 2/7/2008, 10:30am-11:30pm. Sorry about the inconvenience. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sun Feb 3 22:59:39 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.5 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m146xdZb017049; Sun, 3 Feb 2008 22:59:39 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m146db4S025040; Sun, 3 Feb 2008 22:39:37 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m146dbCv025039; Sun, 3 Feb 2008 22:39:37 -0800 Date: Sun, 3 Feb 2008 22:39:37 -0800 From: Bill Cheng Message-Id: <200802040639.m146dbCv025039@bourbon.usc.edu> To: cs530@merlot.usc.edu, cs551@merlot.usc.edu, cs558@merlot.usc.edu Subject: Tomorrow's office hour moved one hour ahead... Hi everyone, I need to leave campus early tomorrow. So, the office hour tomorrow (Monday, 2/4/2008) has been moved one hour ahead to 12:30pm - 1:30pm. Sorry about the inconvenience. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sun Feb 3 20:07:49 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.5 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1447nDo001603 for ; Sun, 3 Feb 2008 20:07:49 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m143lmbi023019 for ; Sun, 3 Feb 2008 19:47:49 -0800 Message-Id: <200802040347.m143lmbi023019@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CSCI-530 HW2 Specification Clarification Date: Sun, 03 Feb 2008 19:47:48 -0800 From: Bill Cheng Someone wrote: > The noise bytes modify the internal state array, which is why I asked > that question. Correct. So, generating noise bytes has two purposes. One is to add more bytes to the input stream. Two is to cause internal state array changes. > Is the shrunken hash at the end of the SA-strengthened message supposed > to be identical to the shrunken hash at the end of the XSA-strengthened > message? The algorithm is the same. But for XSA, generating noice bytes will modify the internal state array, so the shrunken ARC4 hash *values* will be different. > If yes, then the noise-byte generating ARC4 code and hashing ARC4 code > do not share the same state array, and are independent. If not, then > they must share the same state array. They must share the same state array. -- Bill Cheng // bill.cheng@usc.edu Bill Cheng wrote: > Someone wrote: > > > In the XSA-strengthening algorithm, there are two types of locations > > where ARC4 data are inserted. Do both of these come from the same state > > array (S[i])? Or, is the ARC4 algorithm that "clocks out" 16 bytes at a > > time independent of the ARC4 algorithm that computes the final appended > > hash? > > The "noise bytes" come from the "ARC4 output algorithm". > The "ARC4 hash" comes from 256 the internal states. > -- > Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sun Feb 3 16:46:20 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.5 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m140kKj6016603 for ; Sun, 3 Feb 2008 16:46:20 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m140QKjf020175 for ; Sun, 3 Feb 2008 16:26:20 -0800 Message-Id: <200802040026.m140QKjf020175@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CSCI-530 HW2 Specification Clarification Date: Sun, 03 Feb 2008 16:26:20 -0800 From: Bill Cheng Someone wrote: > In the XSA-strengthening algorithm, there are two types of locations > where ARC4 data are inserted. Do both of these come from the same state > array (S[i])? Or, is the ARC4 algorithm that "clocks out" 16 bytes at a > time independent of the ARC4 algorithm that computes the final appended > hash? The "noise bytes" come from the "ARC4 output algorithm". The "ARC4 hash" comes from 256 the internal states. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Feb 2 22:59:33 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.5 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m136xX5I019179 for ; Sat, 2 Feb 2008 22:59:33 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m136dd4F012170 for ; Sat, 2 Feb 2008 22:39:39 -0800 Message-Id: <200802030639.m136dd4F012170@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CSCI-530 HW2 Clarification Date: Sat, 02 Feb 2008 22:39:39 -0800 From: Bill Cheng Someone wrote: > I noticed that the first bullet point of the "Miscellaneous Requirements > and Hints" stated that we must use the openssl functions directly > (including base64), without forking, etc. > > Am I allowed to continue using my own base64 encoding/decoding > implementations? They work, and using them would simplify my own code's > design. Oops! There should be no mention of "base64" in the spec! Sorry! I have removed them. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Feb 1 22:57:46 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.5 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m126vkDY019839 for ; Fri, 1 Feb 2008 22:57:46 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m126c1Fg023017 for ; Fri, 1 Feb 2008 22:38:01 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m126c1pN023016 for cs530@merlot; Fri, 1 Feb 2008 22:38:01 -0800 Date: Fri, 1 Feb 2008 22:38:01 -0800 From: Bill Cheng Message-Id: <200802020638.m126c1pN023016@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: HW1 is due tonight! Hi, If you have not submitted anything, this is probably a good time to clean up your code and make a submission before you do more debugging! Please be very careful if you have never created a tar file and not wipe out anything accidentically. It's probably a good idea to back things up before you try creating a tar file. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Fri Feb 1 22:49:45 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.5 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m126njkU019123 for ; Fri, 1 Feb 2008 22:49:45 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m126U04u022727 for ; Fri, 1 Feb 2008 22:30:00 -0800 Message-Id: <200802020630.m126U04u022727@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: 530 submission question Date: Fri, 01 Feb 2008 22:30:00 -0800 From: Bill Cheng Someone wrote: > Professor, I have a quick question. Before the submission we set > the email address. Are we supposed to get a confirmation email > for the submission? I submitted 20 minutes ago and haven't yet > got anything. Please see my message with timestamp "Tue 29 Jan 23:27". > Where you say domain are we supposed to write usc.edu or should > we put the domain from where we're sending, i.e. nunki? I'm not sure what you are referring to. For e-mails, usc.edu would be the domain name. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Jan 31 16:06:44 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.5 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m1106iUP015273 for ; Thu, 31 Jan 2008 16:06:44 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m0VNl9ck022746 for ; Thu, 31 Jan 2008 15:47:09 -0800 Message-Id: <200801312347.m0VNl9ck022746@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: HW2 doubt Date: Thu, 31 Jan 2008 15:47:09 -0800 From: Bill Cheng Hello Prof. Cheng, > I am not able to understand meaning of the offset ? > What I understand from the > > hw2 arc4 {-states|-l len} [-s offset] [file] > > In the following text > > "if the -s commandline is specified you should skip offset number of > bytes from the beginning of the input data (file or stdin)." > > is that we should not consider first bytes till ofst in the file. I'm not sure what you meant. For the arc4 command, you are using the input (file or stdin) in the key scheduling algorithm. If -s is specified, instead of starting a byte 0 of the input, you should discard the first "offset" number of bytes and pretend that byte "offset" of the input is byte 0 of the key that you will use. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Jan 31 12:18:11 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.5 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m0VKIBNX027573 for ; Thu, 31 Jan 2008 12:18:11 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m0VJwbwB018964 for ; Thu, 31 Jan 2008 11:58:37 -0800 Message-Id: <200801311958.m0VJwbwB018964@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS Colloq: Feb 7 3:30pm SSL 150, Stephen Chong (Cornell) Date: Thu, 31 Jan 2008 11:58:37 -0800 From: Bill Cheng Hi everyone, This may be an interesting talk for our class! (Attendance is optional and you will *not* be responsible for the materials given in this talk as far as exams are concerned.) -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Thu, 31 Jan 2008 11:40:54 -0800 (PST) From: cschair@usc.edu To: csfaculty-L@usc.edu Subject: CS Colloq: Feb 7 3:30pm SSL 150, Stephen Chong (Cornell) ************************************************************* * NOTE: Videocast to ISI or ICT can be arranged if there is * sufficient interest. If you would like to attend the * seminar at one of these locations, please send email to * colloq_admin@vista.usc.edu at least 24 hours prior to the * start of the seminar. ************************************************************* Title: Secure Web Applications and Expressive Security Policies Speaker: Stephen Chong (Cornell) Time: 3:30 pm - 5:00 pm Date: Feb 07, 2008 Location: SSL 150 Host: Prof. Ramesh Govindan ABSTRACT: Information-flow control promises strong, end-to-end security. In this talk, I'll present two recent projects that make programming with information-flow control more practical: a new way of writing secure web applications, and a framework for expressive security policies. Swift is a new, principled approach to building web applications that are secure by construction. Swift automatically partitions application code while providing assurance that the resulting placement of code and data on client and server is secure and efficient. Application code is written as Java-like code, annotated with information flow policies that specify the confidentiality and integrity of information. Using these policies, the compiler partitions a web application into JavaScript code to run on the client, and Java code to run on the server. Code and data are placed to ensure that the specified policies are obeyed, and also to provide good interactive performance. However, security critical code and data are always placed on the server. Swift makes it easier to write secure web applications: the programmer uses just one language, and does not need to worry about the secure or efficient placement of code and data. Computer systems often have detailed and complicated information security requirements, perhaps derived from legislation, or organizational policy. However, it is difficult to ensure that these requirements are correctly enforced in a system's implementation. We have developed a framework for specifying, reasoning about, and enforcing, two common requirements: declassification and erasure. Declassification occurs when the confidentiality of information is weakened, for example, allowing more people to read. Erasure is the opposite, and occurs when confidentiality is strengthened, for example, allowing fewer people to read, perhaps removing the information from the system entirely. The framework's policies specify when declassification may occur, and when erasure must occur. A security-type system, in conjunction with a trusted runtime system, ensures that the policies are enforced. We have used the policies to implement a secure remote voting service, giving increased assurance that the voting service satisfies its information security requirements. BIO: Stephen Chong is a Ph.D. candidate at Cornell University, in Ithaca, NY, where he is advised by Andrew Myers. Steve's research focuses on language-based security and programming languages. He received a bachelor's degree from Victoria University of Wellington, New Zealand, and plans to complete his doctorate by May 2008. ------------------------------------------------------------------- Schedule for upcoming seminar available at http://vista.usc.edu/colloq Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Jan 31 12:12:06 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_50,FUZZY_AMBIEN autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m0VKC6wd027006 for ; Thu, 31 Jan 2008 12:12:06 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m0VJqXhB018782 for ; Thu, 31 Jan 2008 11:52:33 -0800 Message-Id: <200801311952.m0VJqXhB018782@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: hw1 - reading from stdin Date: Thu, 31 Jan 2008 11:52:33 -0800 From: Bill Cheng Someone wrote: > For hw1 if the command is give like > >hw1 hexdump > the the program is supposed to read input from stdin. > > How long should the program read from stdin ? > > If the user enters should it be interpreted to stop reading from > stdin ? If not can we assume a maximum size if bytes to read from stdin ? You have to wait for the end-of-file condition to occur. Please note that on UNIX systems, end-of-file is *not* a special character; it's a boolean condition on a file descriptor or a stream. If you are typing things in at a terminal, if you press at the beginning of a line, your program should see the end-of-file condition to become true. Please try the following. Run the word counting program by entering "wc" on a terminal and press . If you type "hello worldhow are you", it should output "2 5 24". -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Jan 31 01:42:41 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.6 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m0V9gehO031522 for ; Thu, 31 Jan 2008 01:42:40 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m0V9NA1c003580 for ; Thu, 31 Jan 2008 01:23:10 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m0V9NAea003579 for cs530@merlot; Thu, 31 Jan 2008 01:23:10 -0800 Date: Thu, 31 Jan 2008 01:23:10 -0800 From: Bill Cheng Message-Id: <200801310923.m0V9NAea003579@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: HW2 spec posted Hi, I've posted the spec for HW2 and a set of tentative slides for it. We will spend a little bit of time at the beginning of the next lecture to discuss HW2. If you have time, it would be benefiticial if you can read the spec and the slides before coming to the next lecture. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Jan 29 23:46:24 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.6 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m0U7kNnL018378 for ; Tue, 29 Jan 2008 23:46:23 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m0U7R2Uf001508 for ; Tue, 29 Jan 2008 23:27:02 -0800 Message-Id: <200801300727.m0U7R2Uf001508@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Clarification about 530 programming assignments Date: Tue, 29 Jan 2008 23:27:02 -0800 From: Bill Cheng SOmeone wrote: > I just want to clarify , do we get confirmation on email after > submitting code via bsubmit. Please see item 9 on: http://merlot.usc.edu/cs530-s08/homeworks.html The "ticket" is the proof of your submission. Please make sure you have a valid one. Please read item 9 mentioned above carefully. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Jan 29 22:56:24 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.6 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m0U6uOS6013352 for ; Tue, 29 Jan 2008 22:56:24 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m0U6b3Cs000306 for ; Tue, 29 Jan 2008 22:37:03 -0800 Message-Id: <200801300637.m0U6b3Cs000306@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Clarification about 530 programming assignments Date: Tue, 29 Jan 2008 22:37:03 -0800 From: Bill Cheng Someone wrote: > I believe you mentioned this already but I couldn't find a > note on the website so I just needed to verify the following: > > "We ARE allowed to copy code from the Internet as long as we > properly cite it" > > Is the above statement correct? Hmm... actually, it's not on the web site. It's on slide 15 of lecture 1. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Jan 28 23:32:05 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.6 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m0T7W5l1018143 for ; Mon, 28 Jan 2008 23:32:05 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m0T7CqEM009641 for ; Mon, 28 Jan 2008 23:12:52 -0800 Message-Id: <200801290712.m0T7CqEM009641@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: Lecture today... Date: Mon, 28 Jan 2008 23:12:52 -0800 From: Bill Cheng Hi, I just realized that in the e-mail I sent last Thursday (see below), I didn't say that I will be back Monday night! I did not officially canceled my office hours today. If you have shown up in my office hour today, I apologize for not being there. -- Bill Cheng // bill.cheng@usc.edu -----Original Message----- Date: Thu, 24 Jan 2008 11:00:01 -0800 From: Bill Cheng To: cs530@merlot.usc.edu Subject: Lecture today... Hi Everyone, Today's lecture will be given by the TA, Ho Chung. He is a PhD candidate in computer security and I think he is planning on talking about his PhD dissertation. This gives all of you an opportunity to see what current computer security research is like. You will be responsible for materials covered in this lecture as far as exams are concerned. I will be traveling today and I'm hoping to have Internet connection starting tonight. I won't be back in town until next Monday. If you send me e-mail and I do not respond in 24 hours, that means that I cannot get an Internet connection where I will be. I apologize in advance if this happens. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Mon Jan 28 22:29:28 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.6 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m0T6TSpR012383 for ; Mon, 28 Jan 2008 22:29:28 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m0T6AF0V008495 for ; Mon, 28 Jan 2008 22:10:15 -0800 Message-Id: <200801290610.m0T6AF0V008495@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Re: CS 530 doubt Date: Mon, 28 Jan 2008 22:10:15 -0800 From: Bill Cheng Hi, > I had a doubt regarding the use of printf statements in the code. > I am using it in a few places in my code. For eg. > In the hexdump assignment...to print the address field I'm using > printf and also in the base64 enc assignment, I'm using printf to > print the encoded values. Is that fine? Well, I cannot answer "is that fine" type question! Please see http://merlot.usc.edu/cs530-s08/description.html#email The question you should ask yourself is "does it work for you"? > I just read on the > website that printf should not be used to input/output binary > data so got a little confused. Hope you understood the question? Are you printing binary data? -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Jan 24 11:18:37 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.6 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m0OJIbDQ025236 for ; Thu, 24 Jan 2008 11:18:37 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m0OJ017K014967 for ; Thu, 24 Jan 2008 11:00:01 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m0OJ010Y014965 for cs530@merlot.usc.edu; Thu, 24 Jan 2008 11:00:01 -0800 Date: Thu, 24 Jan 2008 11:00:01 -0800 From: Bill Cheng Message-Id: <200801241900.m0OJ010Y014965@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Lecture today... Hi Everyone, Today's lecture will be given by the TA, Ho Chung. He is a PhD candidate in computer security and I think he is planning on talking about his PhD dissertation. This gives all of you an opportunity to see what current computer security research is like. You will be responsible for materials covered in this lecture as far as exams are concerned. I will be traveling today and I'm hoping to have Internet connection starting tonight. I won't be back in town until next Monday. If you send me e-mail and I do not respond in 24 hours, that means that I cannot get an Internet connection where I will be. I apologize in advance if this happens. -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Jan 22 11:31:25 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.6 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m0MJVPE2027207 for ; Tue, 22 Jan 2008 11:31:25 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m0MJD54s024080 for ; Tue, 22 Jan 2008 11:13:05 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m0MJD5ds024079 for cs530@merlot; Tue, 22 Jan 2008 11:13:05 -0800 Date: Tue, 22 Jan 2008 11:13:05 -0800 From: Bill Cheng Message-Id: <200801221913.m0MJD5ds024079@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: Grading guidelines for HW1 posted Hi, Grading guidelines for HW1 has been posted in the spec. Please take a look at it. If you see bugs, please let me know. Thanks! -- Bill Cheng // bill.cheng@usc.edu Return-Path: william@bourbon.usc.edu Delivery-Date: Thu Jan 10 23:11:34 2008 X-Spam-Checker-Version: SpamAssassin 3.2.0 (2007-05-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-1.6 required=5.0 tests=AWL,BAYES_50 autolearn=no version=3.2.0 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id m0B7BYlB016161 for ; Thu, 10 Jan 2008 23:11:34 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id m0B6snLj021035 for ; Thu, 10 Jan 2008 22:54:49 -0800 Received: (from william@localhost) by bourbon.usc.edu (8.13.5/8.13.5/Submit) id m0B6snK1021034 for cs530@merlot; Thu, 10 Jan 2008 22:54:49 -0800 Date: Thu, 10 Jan 2008 22:54:49 -0800 From: Bill Cheng Message-Id: <200801110654.m0B6snK1021034@bourbon.usc.edu> To: cs530@merlot.usc.edu Subject: getting on the class mailing list... Hi, If you have not done so, please go to the following page: http://merlot.usc.edu/cs530-s08/mailinglist.html and register with the class mailing list. Register with this list is *required* for this class. Thanks! -- Bill Cheng // bill.cheng@usc.edu