one-way encryption
DESCRIPTION
One-way encryption. Follow-up on distributed processing. Follow-up on encryption. Client-side versus server side Homework: postings, talks, comments. Distributed processing. Strategies for doing sorting of known set of values (e.g., card deck) sorting of unknown set of values - PowerPoint PPT PresentationTRANSCRIPT
One-way encryption
Follow-up on distributed processing. Follow-up on encryption.
Client-side versus server sideHomework: postings, talks, comments
Distributed processing
Strategies for doing
• sorting of known set of values (e.g., card deck)
• sorting of unknown set of values
• encrypting message– Is this embarrassingly parallel?
Status
• You can make your weekly posting on encryption.
• More guest lecturers coming.
• Readings: – Check out moodle for chapter 10 on
databases. This will be useful for today!– There will be a paper on AI.
Follow-up from talk
• Summarize?
• Comment?
mod
• JavaScript and Processing each use % for the mod (aka modulo) operator
• You can think of it as remainder• 10 % 5 => 0• 100 % 10 => 0• 101 % 10 => 1• 5 % 10 => 5• ???
Uses of mod
• Slide show
• Wrap around screen
• Computing change
• Checking if one number is divisible by another
• ?
My summary• Pick 2 very big primes (each at least 300
digits) p and q• Compute n = p*q• Compute (n) = (p-1)* (q-1)• Choose e such that gcd(e, (n) ) is 1
(meaning no common divisors)• Compute d such that d*e = 1 mod ((n) )• Public key is (e, n)• Private key is (d,n)
Bits and bytes
• Bit is 0 or 1
• Bit stands for binary digit
• Byte is 8 bits
Is a picture worth a 1000 words?
• Assume straight encoding of picture in which each pixel element is– black or white for how many bits?– one of 256 different colors (i.e., reference to a
pallette) for how many bits?– 0 to 255 levels of Red, 0 to 255 levels of
Green, 0 to 255 levels of Blue for how many bits?
Is a picture…, cont.
• How big is the picture?
• How many pixels wide and how many high?
How much space is taken up by 1000 words?
• Standard ASCII encoding is 8 bits for 1 byte for character.
• What would be reasonable estimate for a word?– word plus space?
Do computations!
Image encodings
• Good topic for presentation
• lossless means that the full original can be restored– gif is lossless
• lossy means that it cannot– jpeg is lossy
Redundancy in messages
• In some sense, the opposite of steganography and cryptography
• Make a message longer so receiver can check if message is correct.
• Send extra information.• Ultimate form: send the whole message
twice.• Receiver can detect a problem and
request new transmission.
Check bit, parity bit
• Using a 7 bit encoding,
• Decide between even or odd parity. Say odd
• Send 8 bits, when the 8th bit makes it be an odd number of bits0000010 would be expanded to 00000100
0101011 would be expanded to 01010111
check digit
• Various methods
• One: compute sum of digits of message and compute modulo 10 and make this be the extra digit sent
• Alternative (that can catch transpositions of numbers) Give weighting to numbers, compute the sum module 10 and make this be extra digit sent
ISBN-10
http://en.wikipedia.org/wiki/Check_digit
• Uses modulo 11. Weights positions 1, 2, ….10. Computes sum modulo 11
• and adds 0, 1, 2, …, X to message.
Today
• one-way encryption meaning no attempt to decode
• Typical use is passwords!
Passwords
• What does using input type="password" do?
My term
• over the shoulder security
• password still sent over the web.
• A secure connection means that it will be encrypted and then decrypted.
One-way encryption
• Typical use: take password and immediately encrypt it using one-way encryption and store the encrypted form.
• Your program makes sure that the plaintext is the only way…
• Protects against inside jobs!
• Other uses???
SHA256 function
• One of several possibilities
• aka 'hash' or 'digest'.
• http://www.webtoolkit.info/javascript-sha256.html
Where to do this?
• One choice is to do this on the client, that is, using JavaScript and send it (along with other information) to the server (the middleware program = the php program)
• Client side (HTML & JavaScript)– or other languages
• Server side (php and also MySql)– OR other languages…
HTML form handling
• onSubmit indicates program done immediately on the client
• action indicates program on the server
• So, this example does work on client and then on server
• Note: in the book chapter, I use a table to format the form.
HTML<form name="f" action="completereg.php"
onSubmit="return encode();" method="post">
User id (email address)
<input type="email" name="un" required />
Password <input type="password" name="pw" required />
Confirm password <input type="password" name="cpw" required/>
<input type="submit" value="Register"/>
</form>
Notice
• use of input type="password"
• Notice typical device of having user/customer/client/…. enter password twice.
• SOME HTML5 implementations will check that any input field that has the required attribute have a value. My code also checks.
The encode function
• checks if user name and password entered
• checks if two passwords match
• if both true, invokes the SHA256 function to produce the digest and returns true
• else returns false, and so action is not taken.
function encode() { var pw1 = document.f.pw.value; if ((document.f.un.value.length<1) ||(pw1.length<1)) { alert("Need to enter User Name and Password.
Please try again."); return false; } else if (pw1 == document.f.cpw.value) {document.f.pw.value = SHA256(pw1);
document.f.cpw.value = document.f.pw.value; return true; }
else { alert("passwords do not match. Please try again.");
return false; } }
Discussion
and possible posting
• How can this be done using cloud computing? That is, cloud computing to all the computation on server computers…– simple answer: start authentication on the
client.– Research security, authentication, passwords,
etc. on cloud computing
Homework
• Review chapter 10
• Read AI article
• Read about visualizations
• Read about duolingo
• Be prepared for next guest speakers