This time’s presentation is very interesting. I will mainly conclude most of the presentations and post my notes.
Cyber attack
By Dang Dung Ha & Chan Geck Keat
Generally speaking this presentation is contend and fresh.
Introductions on
w32.dozer; trojan.dozer; w32.Mydoon.A@mm; W32.Mytob!gen.
Harmful to network background area
How is the virus work?
~Download and exclusion malicious file
~Search and delete certain files like .exe
Devastation
Perpetrator
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
The art of encryption
By Wong Kheng Leong & Ho Tian Shun
They did a great job, a very fluent and interesting presentation. However they face the same problem as our group met. There should be more academic on encryption theories. Take the public key and private key part. You can introduce the whole RSA thing to us. It might be much useful than retelling us how ancient people kept their secrets. Besides the content, I have to say that you two did a perfect job.
Here is the notes and out-line:
What is an encryption?
It’s the use of algorithms to transfer messages into other form of messages that others will not recognize.
How encryption works and different ways:
By cycle way wrap
By substitution use a table and transfer to by row and column
By poly-alphabetic substitution (confusing even for presenters)
By symmetric key encryption A become C and so on.
data encryption standard &advanced version
By RSA public key and private key
By secure socket
Here are some supplementary readings for RSA encryption. I hope you like it. I took most of them from CS1101S problem set 3.
The RSA System
People have been using secret codes for thousands of years; for this reason it is surprising that in 1976, Whitfield Diffie and Martin Hellman at Stanford University discovered a major new conceptual approach to encryption and decryption: public-key cryptography.
Cryptography systems are typically based on the notion of using keys for encryption and decryption. An encryption key specifies the method for converting the original message into an encoded form. A corresponding decryption key describes how to undo the encoding. In traditional cryptographic systems, the decryption key is identical to the encryption key, or can be readily derived from it. As a consequence, if you know how to encrypt messages with a particular key then you can easily decrypt messages that were encrypted with that key.
Diffie and Hellman’s insight was to realize that there are cryptographic systems for which knowing the encryption key gives no help in decrypting messages; that is, for which there is no practical way to derive the decryption key from the encryption key. This is of immense practical importance. In traditional cryptographic systems, someone can send you coded messages only if the two of you share a secret key. Since anyone who learns that key would be able to decrypt the messages, keys must be carefully guarded and transmitted only under tight security. In Diffie and Hellman’s system, you can tell your encryption key to anyone who wants to send you messages, and not worry about key security at all. For even if everyone in the world knew your encryption key, no one could decrypt messages sent to you without knowing your decryption key, which you keep private to yourself. Diffie and Hellman called such a system a public-key cryptography system.
A few months after Diffie and Hellman announced their idea, Ronald Rivest, Adi Shamir, and Leonard Adelman at MIT discovered a workable method for implementing it. This RSA cryptography system has remained the most popular technique for public-key cryptography.
The theory behind RSA
RSA uses integers to represent groups of characters3 and uses special functions that transform integers to integers.
In the RSA scheme, you select two large prime numbers, p and q. You then define
n = p*q (1)
m = (p − 1)*(q − 1). (2)
You also select a number e, such that gcd (e, m) = 1. Your public key, which you can advertise to the world, is the pair of numbers n and e. Anyone who wants to send you a message s (represented by an integer) encrypts it using the following RSA transformation defined by n and e:
Encrypted message = s to the power of e, modulo n
or S =(se)mod n.
If you receive an encrypted message S, you decrypt it by performing another RSA transformation with n and a special number d:
s’ = encrypted message to the power of d, modulo n or
s ‘=(Sd)mod n.
The number d is chosen to have the property that s = s for every message s, namely,
s =(se)d mod n.
It can be shown that the number d that has this property is the one for which
de ≡ 1 mod m (3)
that is, for which d is the multiplicative inverse of e modulo m. It turns out that it is easy to compute d efficiently if you know e and m =(p − 1)(q − 1).
Thus, to generate a pair of RSA keys, you choose prime numbers p and q, compute n = p*q, choose e, and use this to compute d. You publish the pair n and e as your public key, but keep d secret to yourself. People send you encrypted messages using the pair(n, e). You decrypt these messages using the pair (n, d).
The security of the RSA system is based on the fact that even if someone knows e and n, the most efficient way known for them to decrypt a message is to factor n to find p and q, then use these to compute m, then use e and m to compute d.
That is to say, cracking an RSA code is, as far as anyone knows, as difficult a computational problem as factoring n into its prime factors p times q. And although there has been a tremendous amount of research on factoring, factoring arbitrary large numbers is not a computationally feasible task. For example, factoring n = p*q where p and q are each 200-digit primes, even with the today’s best factoring algorithms, would requirerunningformorethan100years on today’s fastest supercomputers.
Digital signatures; Encrypting and signing
In their1976paper, Diffie and Hellman suggested applying public-key encryption to solving another important problem of secure communication. The problem is this: suppose you want to send a message by electronic mail. How can people who receive the message be sure that it really comes from you—that it is not a forgery? What is required is some scheme for marking a message in a way that cannot be forged. Such a mark is called a digital signature.
Diffie and Hellman’s suggestion was to proceed as follows: take the message and apply a publicly agreed upon compression function (also called a hash function) that transforms the message to a single, relatively small number. In general, there will be many messages that produce the same hash value. Now transform the hash value using your private key. The transformed hash value is your digital signature, which you transmit along with the message. Anyone who receives a message can authenticate the signature by transforming it using your public key and checking that this gives the same result as applying the compression function to the message.
The reason this scheme works is that anyone who wants to forge a message claiming to be from you must produce a number that, when transformed by your public key, matches the hash value. Anyone can compute the hash value, since the compression function is assumed to be public. But since you are assumed to be the only one who knows your private key, only you can produce the number which is transformed to the hash value by your public key. Trying to forge a digital signature is essentially the same task as trying to crack a public-key encrypted message.
An even cuter idea works as follows: Suppose Barbara wants to send George a signed message that only George will be able to read. She encrypts the message using George’s public key. Then she signs the encrypted result using her own private key. When George receives a message that is supposed to be from Barbara, he first uses Barbara’s public key to authenticate the signature, then decrypts the message using his own private key.
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
Computer Network Attack
Tan Tai Hock
~What is a computer network attack?
~Two kinds of general attack
Passive attack
Active attack
Interruption intersection modification
Fabrication (spoofing)
~Life cycle of an attack
Reconnaissance
Attack
Covering the trace
~Common type of computer network attack
Man in the middle attack
Sniffer attack
Denial-of-services attack
……………..
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
Tan Hong Jing, Qinxian
I believe this topic has been discussed for years. I always like Mac more, because of its great graphics and design. However I can only use windows which are more affordable than a Mac. Now as windows 7 newly launched, Mac’s advantages becomes less than before. Any way it’s just this war between windows and Mac that bring us more and advanced technologies to us.
The presentation is quite good. But it seems a bit too long and many things we already know. Anyway this is still an interesting presentation.
Windows
Windows95 /98 search everything
Windows xp search from files; file indexing
Windows vista faster search and search from start menu
Windows 7
Mac
A bunch of samples on spotlight
You can only search for words not chars.
Interesting videos on youtube:
http://www.youtube.com/watch?v=-d50LfiPWWM
http://www.youtube.com/watch?v=42YGj20qO8U&feature=related
http://www.youtube.com/watch?v=qHO8l-Bd1O4&NR=1&feature=fvwp
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
Internet industry in China
By Tian Beibei
This presentation is somehow political, containing some highly controversial problems. In my own opinion, the main idea for this issue is that a website should adjust itself to suit customer’s appetite. No matter how good or well-know they are.
Why Baidu is more popular in China?
----Chinese people turn to prefer more entertainment than working on the Internet. Most people use internet on their free time. Furthermore, most services provided by Google, like Google reader, are all in English.
----Baidu can bring more fun than search results. There are more communications between people. In other words, Google is more professional but less entertain.
Why QQ is more popular in China?
I have to say that QQ is not as simple as just chatting software. I tried QQ, msn and Skype before. But finally I moved all my work to QQ. This is mainly because QQ has more applications. You can do many things through QQ than other online chatting softwares. The most fascinating feature is the screen shot.
Tudou and YouTube?
This is a quite interesting comparison. If you haven’t tried Tudou.com, I suggest that next time when you want to search for movies or cartons, try to use Tudou. Tudou has no limit to upload time. You can also create your own page and share your videos with others. The webpage is highly free for users to edit. But the categories on Tudou are much less than YouTube especially on research and teaching areas.
No comments:
Post a Comment