Sunday, December 18, 2016

The one-time pad

A long, long time ago, on a blog right, right here, I briefly mentioned that I wanted to write a blog post about the one-time pad. Today is the day that I do so. 

The one-time pad is an elementary part of cryptography and I feel that every computer scientist should know about it. Don't worry, though, I'll keep this understandable for just about everyone. In fact, the one-time pad is very simple and could probably be explained to a seven-year-old.

Let's say that you have written a love letter that you want to be readable only by the target of your affections. In order to hide its content you take piece of paper with completely random letters, which we will call the key.

Now you take the first letter of your love letter and remember its position in the alphabet. Then, you take the first letter of the key and also remember its number. You add the two, and if the total is higher than 26, subtract 26. You end up with a number that can once again be translated back to a letter. This will be the first letter of your encrypted message. 

You do this for the second letter as well. And then for the third. In fact, you keep doing this until you have encrypted the entire love letter. You send this encrypted message to your beloved, who must also have a copy of the key; only people with the key can read your message. 

Do note that you do not loop around on the key. This means that the key must be at least as long as the message itself. Moreover, you cannot use this key again (or at least the part of the key you used, if the key is longer than the message, you can use the remainder it next time). This is really an important part of the strength of the one-time pad. 

In fact, the strength of the one-time pad is such that it is unbreakable. Actually, it has been mathematically proven that it cannot be broken without knowledge of the key. The proof goes something like this: there is any number of possible decrypted messages that the encrypted message could represent. Without any knowledge of the key, each of those is exactly equally likely to be the original message. This means that you can't discern between them in any way. Some might make sense while others may not, but there is absolutely no way to tell which of the decryptions that does make sense is the intended one.

It should be noted that in the way we did this above, we are "leaking" a lot of information because we are not encrypting spaces and punctuation, which compromises the strength of the encryption. There are of course ways to encrypt these as well. In fact, there is no reason we should stick to the traditional alphabetical encryption. Instead of using letters as a basis for the encryption, you could use "bytes of data represented in binary" and instead of asking the key to the message you could use a "bitwise xor". This way you would end up with system that has the same mathematical properties, makes more sense for computers and can represent any type of data. 

Though the one-time pad is very strong, it is not used all that much. This is because it isn't very practical. You need to share a key with the recipient, which needs to be as long as your message. If you can do this securely, why wouldn't you just send the message instead? With that in mind, the only practical use of the one-time pad is that you can share the key at a moment when secure communications are possible and send the message later, when they aren't. 

While the one-time pad may be the ultimate in symmetric encryption, most of the encryption we do today is actually asymmetric. This is when there are different keys for encryption and decryption. One of the two can be public knowledge while the other is kept secret. In order to sign something and prove that you have written it (and nobody has changed anything about it) you use a secret key to encrypt and a public key to decrypt your "signature". In order to make sure there are no eavesdroppers, you use a encryption key that is freely available that has a corresponding decryption that only the intended recipient has.

Using one-time pads isn't entirely trivial. First of all, your key needs to be truly random. Any kind of pattern in it reduces the strength of the encryption. True randomness actually isn't easy, especially not in the large amounts needed for a one-time pad. Computers actually often simulate randomness, which really doesn't cut it for this purpose. 

The second problem is sharing the key. We already mentioned this, but the problem here becomes that you may not know how much data you will want to send later on. This means that you might need to share a very, very long key just to be sure you can send enough long messages later on. And having a long key lying around is a problem in itself, as a stolen key loses all its value...

Finally, you really really really can't reuse (parts of) a key. This really can't be stressed enough. During the Second World War, the Germans actually used one-time pads. Except... they reused keys and thus the encryption wasn't unbreakable and was in fact broken. Because of this, the Allies were able to listen in on their communications...

Allright, that is about all that I feel everyone ought to know about the one-time pad. I do intend to write about the ways I would use pads in different situations some other time, but I don't yet know when that will be. The situations I am thinking of would be modern day espionage and and an interstellar empire, but nothing is set in stone yet.
Posted by at No comments:
Labels: ,

Tuesday, December 13, 2016

Taiga on my Orange Pi PC

Recently, one of my hobby projects made it to a very nice first prototype state. It doesn't do much yet, but it is in a state where I can show it to people and personally I think it shows a lot of potential that is in the ideas I had. However, working on the prototype was kept simple because it was so basic; there were only a couple of tasks to work on. In order to keep the further progress of the project structured, I decided I need some form of an issue tracker. I have used Taiga.io for such a project in the past and it worked well. Unfortunately, though, their hosted version only allows a single private project and I already had one.

Remember all the Single-Board Computers I wrote about a while back? The Pi 2 is still actively running Kodi, the newest Pi 3 is driving an official Pi touch screen and some of the CHIPs are part of the project I mentioned while their versatility means I have ideas for quite a few more of them. However, the Pine and the Orange Pi have been idle since my last post about them. However, for the Orange Pi, this has recently changed.

I took the Orange Pi and installed Taiga on it. It is quite nice to have my own "dev server" and I'm quite happy about the current situation. I won't describe the exact procedure I followed to get where I am now, as it was basically following their guide for installing it. However, I will post a list of notes. Some of them will relate to installing it on the Orange Pi (or on an SBC or on an ARM based device) whereas others will just be my personal gripes with the installation or the guide.

  • The guide uses the user "taiga" instead of telling you where to use your own username. This makes it easy to miss a spot if you are using a different user.
  • To make matters worse, they chose the name of their software, so not every instance of the word should in fact be replaced by your user.
  • I would probably have been better off creating a user and naming it taiga, though. The procedure installs quite a lot in the home directory and now that's under some other user.
  • The procedure calls for installing postgresql 9.5, but Debian only has 9.4 on stable. By simply replacing the 5 by a 4 it works, as the minimum requirement is version 9.4. (Alternatively, I could have used 9.5 from unstable.)
  • The guide installs python3 and then just uses Python 3.5. On Debian, you will have installed Python 3.4. This earlier version does simply seem to work for me.
  • Installation of lxml is known to be problematic on the Raspberry Pi, but can be achieved by increasing the amount of virtual memory. For me, it worked without such hacks, though I do not know if this is due to running Armbian, running a headless image or using an Orange instead of a Raspberry.
  • Circus isn't available in Debian stable, so I had to add the testing repositories and get it from there.
  • Pay attention to the output of "service circus status". This is the only way to tell if the backend is actually running.
  • I skipped everything that was even remotely optional, so I might revisit some of that in the future. The optional parts are sometimes somewhat out of order, which makes it seem you have to pick them up again before the end, but this isn't really the case.
  • I currently use a .local domain. I think that means I use mdns, but it works on Windows (which mdns shouldn't) so I'm not 100% sure how this is working. It definitely isn't working from android, though, which is a shame. 
It's a real pity there is no "normal" installation procedure like running a script or installing a package. Nevertheless, I do now have the whole things running and I am quite happy with having my own development server.
Posted by at No comments:
Labels: , ,

Sunday, July 10, 2016

Space Opera: some observations

With both Dark Matter and Killjoys having just begun their second season a week ago, I feel it's about time I take some time to write about Space Operas once again. Most of this could have been written during the first season of each of the shows, but I didn't actually do so then, so I'm doing it now.

Observations

With Space Opera having come back after such a long period of almost nothing, you basically say we are in a new generation of the genre. What are the things that stand out in this generation so far?

Tasers are hot

Whether it's the bad guys using them for torture and stealthy take-overs or the government trying to do things in a non-lethal way (but often still being more brutal than necessary), everyone is using tasers. Both Dark Matter and Killjoys went with more futuristic "Shock sticks", whereas The Expanse went with traditional tasers, giving the feel that the future isn't all that different after all.

Aliens are not

It's just humans everywhere. Aliens are nowhere to be seen. The only exception to this was Otherspace, which had non-corporeal aliens. However, the only times these aliens could be "seen" they were pretending to be human. Unlike Stargate Universe did some time ago, we do often get fully populated galaxies, it's just that all that population is human.

Space zombies

Everyone's doing space zombies in some sort or form. There's different stories behind each show's zombies but somehow space zombies are a craving that is shared by all the writers.

Space is gorgeous

Of course it depends on resolution and black-quality of your screen, but there's a lot more possible in sfx these days and it shows. Even the low-budget shows like Otherspace showed us some gorgeous outer-space shots. Dark Matter was the one coming up the poorest in this regard in my opinion, but even they upped their sfx game for the second season.

Interpersonal conflict is important

One of the ideas that Gene Roddenberry was very keen to build Star Trek on was the fact that the human race had grown beyond interpersonal conflict. Every other show has some form of this conflict, but there's a lot more of this in this generation if you ask me. Dark Matter is all about people who don't know themselves and trust is a big issue there. Killjoys has a closer team, but what happens between the team members is ultimately what drives much of the plot for the first season. The Expanse has people fighting everywhere, but one of the clearest examples might be the "main crew" which does a lot of fighting before they really start considering themselves a crew. Otherspace was just about a single crew, so much of what they do is getting on each other's nerves. It's always been there, but I feel it's even more there now.

Star Trek

I'm very much looking forward to what the new Star Trek will bring to the table early next year. Many of the observations above wouldn't quite fit the Star Trek brand, which is filled with aliens, doesn't really have a suitable place for taser and doesn't feature interpersonal conflict. It will be interesting to see where they take the genre, even if it's uncertain whether it will be suitable for watching by real Trekkies.

Other shows

The interest in the genre seems to have died down a bit. When the entire pie was on the table, everyone wanted a piece of it. Now, there are three solid shows eating that pie, leaving little for any new venture. Both the Blake's 7 remake and Space: 2099 seem to have died a silent death. Of the other things that were in various stages of development, nothing had been heard for some time, so I assume they aren't getting made. I also haven't been able to find anything hinting towards more new things being developed.

I can understand it. I mean, three shows is a lot and I doubt enough people would be willing to watch yet more Space Opera. That said, I would have loved to hear of more Space Opera, because I definitely would want to watch another series.
Posted by at No comments:
Labels: ,

Saturday, July 2, 2016

SBCs: All hands on deck!

The C.H.I.P.

Introducing: the C.H.I.P.
 Today I received the last of the Single-board computers I ordered. Despite ordering the devices spread over a year, they all ended up arriving within one week. The C.H.I.P. was the device that I was most excited about, so it's sort of appropriate that it arrived last. This way, it couldn't steal the thunder of any of the other packages.

There are many reasons why I was so excited about this delivery. I had waited for this device the longest. I had spent the most money on it. The device has the most interesting features in my opinion. The PocketC.H.I.P. is just pure awesomeness. And there's probably more reasons.

Top view and bottom view
The C.H.I.P actually has some of its most important components moved to its bottom side, including its processor. This happened late in development, as they changed to a larger version of the same processor. To protect the processor, the computer now comes with a case, which only covers its bottom. This is definitely true for all the Kickstarter C.H.I.P.s, but I'm not sure if the "store-bought" C.H.I.P.s will also have this case.

Safe and well
Additionally, the Kickstarter version of the C.H.I.P. also comes with a Composite cable. This is a cable you can just buy at many stores, but it seems to be a bit undermarketed. It is also the same cable you could use for analog video on your Rapberry Pi 2 or 3.

In NTC Pink!
Unlike many of the other boards, this board is definitely not trying to be another Raspberry. Fro example, it uses female GPIO headers, as opposed to the male headers we've gotten so used to since the original Raspberry. This has the advantage that they could actually mark all the headers on the board.

You'll have no reason to use the wrong header


 For comparison's sake, let's just put it side to side with a Raspberry (it's a model 2B).


They're quite different - at least, to the trained eye

I actually own three C.H.I.P.s now. There was one in my pledge, another in the PocketC.H.I.P. that was in my pledge, and then finally one extra I added after the Kickstarted ended. I also pre-ordered a couple more, so there's several more of these machines on the way. I guess I may have gone a little overboard...

The power of threes!

Compared to the Pi Zero

The Chip lives in the same product space as the Pi Zero. It's the closest product in size and cost, and its specs are in fact rather similar. Let's put the two side by side.

Fighting for <$10 mastery
 As you can see, they are actually rather comparable in size. The Pi Zero is thinner, but it's also slightly longer. In the end, the C.H.I.P. is a bit bigger, though.

That's TWO computers!

Putting the Zero on top of the Chip, shows how close in size they are. The Zero actually fits so nicely between the GPIO headers of the Chip that it almost looks like there's only one board there. When talking about height, though, the story is a bit different.

No competition there...

The extras

I backed at the "All the things" level, so there's more things that were in the package. Let's have a look.

All the things!


There's the two C.H.I.P.s, the HDMI extension board, the VGA extension board, the Composite cables (which we already looked at) and the PocketC.H.I.P. Though it's a bit outside of the scope of the single-board computer - and a bit more expensive, I really like the PocketC.H.I.P. so let's have a closer look at it.]
Not truly pocket-size, is it?
On the front, we see a fully featured keyboard and the screen. The screen has a resolution of 480x272 and has a resistive touch layer (so no multitouch!). Neither is exactly optimal, but they definitely kept the costs down. There's also the possibility of using your GPIO headers, as they seem to be connected to the holes at the top of the device.

On the other side...
The backside clearly shows the C.H.I.P. It is held in place by its GPIO headers, so you can get it out with some carefully applied force. You can also see the battery, which gives the device its portability. The battery is charged through the CHIP, which has the required circuitry for this.

Jumpin' 'n' Dashin'
Getting the PocketC.H.I.P. up and running was extremely easy. I just held down the power (and home) button for a couple of seconds and that was it...

The whole family

Since this was the last of the boards I was expecting, let's all pose together for a photo.

Clearly, if a board's green, it must be a Raspberry
Alright, alright. The raspberry belongs in there as well...

You see?

And finally

Before I end this blogpost, there's one more thing I've got to do. You see, I've completely forgotten the shot with the pen for comparison. So here you go:

Same pen as before.



Posted by at 2 comments:
Labels: ,
Subscribe to: Posts (Atom)