Wednesday, November 2, 2011

The MU system

Suppose there are the symbols M, I, and U which can be combined to produce strings of symbols called words.

I'm giving you a word for free, MI, which you can transform into others according to the following rules:
  1. Add a U to the end of any string ending in I. For example:
    MI -> MIU
  2. Double any string after the M (that is, change Mx, to Mxx). For example:
    MIU -> MIUIU
  3. Replace any III with a U. For example:
    MUIIIU -> MUUU
  4. Remove any UU. For example:
    MUUU -> MU

Using these four rules is it possible to change MI into MU in a finite number of steps?

The MU puzzle is a puzzle stated by Douglas Hofstadter and found in Gödel, Escher, Bach.
Posted by at No comments:

Wednesday, October 5, 2011

You Are Not So Smart - Procrastination



I strongly recommend you to suscribe to this blog, the basic idea they're trying to show us is that we're not really rational and logical people, we're being deluded by our brain as it tries to keep itself sane.
Posted by at No comments:
Labels:

Saturday, February 12, 2011

BRB

This semester I'm viewing Computers' Architecture and Data Bases (and a bunch of other math/physics courses), so I'll post about them about twice a week.

About the SIIP project, it's blocked while I'm learning server-side scripting with Python and PHP.
Well, that's it.

Posted by at No comments:
Labels: ,

Saturday, January 15, 2011

SIIP revision

Creating a new Public-key for each communication is a bad idea because of two things:
1. The idea behind a Public-key it's to use it with everyone instead of using different Public-keys for every single communication.
2. This makes SIIP much more likely to suffer a Man In The Middle attack (intercepting Public-key and replacing it with your own.)

Thus, the Public-key will generate about once a month and will be located in a file in the server.
Handshake, then, will look something like this:
User -> Server: Public-Crypt(Symmetric-key)
Server -> User: Success/Failure

The Symmetric-key will be saved encrypted in a temporary database (provided by GEP) and each time needed will be decrypted.

The hash in the Register will be a Cryptographic hash. A regular hash may map the months (January, February...) into values from 0-11. If you can get the value, e.g. 11, you can know the month, e.g. December. In a cryptographic hash, the months will be mapped to values through a one-way function, this is a nontrivial process, and I will implement a known algorithm (such as SHA-2) and invent a new one, just for fun, that won't be used in the project.

Register will return: 'Success', 'Already registered', 'Unknown key' or 'Failure decrypting'. In the latter you should try again and report the error.

Login will follow a similar procedure to Register, just that instead of writing the database, will read it looking for a hash. Will return: 'Success', 'Already connected', 'Not registered', 'Unknown key' or 'Failure decrypting'.

Send will contain messages up to 140 characters and will be mapped by a non-cryptographic hash into 140 character string. This message will not contain new-lines or non-printable characters. The message stream will follow the following structure:
"From:User\nTime:Sent\nMessage\n\n"
Each message is encrypted and added to the stream. The client will provide an option to crypt the message with a symmetric-key. This symmetric-key is different to the one used by the server and must be agreed between users before or at the start of the communication.
Returns: 'Success', 'Not authenticated', 'Unknown user', 'Syntax error', 'Unknown key' or 'Failure decrypting'. Note that 'Unknown user' doesn't means the user is not registered, it just means is not online.

There is no way for an user to know what other users are connected, so you must know the username to contact an user.

Look and Logout remain unchanged.

Posted by at No comments:
Labels:

Wednesday, January 12, 2011

SIIP (8)

I've found a server that lets me run scripts in Python and provides me with a (kind of) database. Google App Engine.

The problem is that GEP runs Python 2.5, so I have to port my code from Python 3.1, which hasn't been a problem except for the library names and the print structure.

However, when this project grows complex, this situation of maintaining the same code for two different versions will be a lot of work, even with the help of 2to3 or 3to2.

If you have suggestions, please comment.

BTW
In about a week I will publish the code for the server side, the client side and the implemented server in GEP. That will be quite a lot of work, so don't expect much entries. I will try to publish at least once a day.

Posted by at No comments:
Labels:

Tuesday, January 11, 2011

Prezi

Prezi its a great tool to create amazing presentations, I'll use it from time to time to introduce a new topic.

I have made them available to download, so feel free to save a copy and use it on your own.

Information Security on Prezi

Posted by at No comments:
Labels:

Cryptocourse

A long time ago, in November 2007, Google made a cryptocoruse.

That course is composed by 4 videos, the presentations are available and 3 sets of exercises to practice what we've learnt.

The first video is available here (embedding has been disabled.)

Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)