COMPUTER SECURITY issues
one way functions --
http://www.rsasecurity.com/rsalabs/faq/2-3.html
XOR has a big role in encryption -- easy way to scramble data
only one way to put it back :)
problem: if I give you data of all 0's, then you XOR it, i know what
your XOR key was!! user can determine key, given orig. message. yikes!
if you can constantly change what you use to XOR, then fast encryption/
decryption
XOR: toggle
also think of it as bit-by-bit addition with no carries :). Do it twice, and it cancels.
(leads you to think that you could make part of an adder using XORs... which you can).
XOR: make a light switch with 2 inputs. 3 inputs. N inputs.
-to undo an XOR, just XOR again.
A = B XOR C
A XOR C = (B XOR C) XOR C --------> "XOR" both sides by C
A XOR C = B --------> "XORing" by C twice has no effect
lesson: you can just move an XOR over to the other side.
A = B XOR C
A XOR B = C
C = A XOR B
B = A XOR C = C XOR A
solving the men in black hats/white hats problem with XOR. good stuff!! toggle, toggle.
IN PROGRAMMING
use XOR as a toggle. instead of
if (a == 1)
a = 0
else /* a == 0 */
a = 1;
use
a ^= 1; // toggle
one-time pad
generate a random XOR of the entire message length -- perfectly uncrackable.
XOR -- each person gets a key. XOR all the keys together. that is the group key, which
requires everyone to be there in order for it to work.
cryptographic things are just an equation
c_i = E_k(c_{i-1} XOR m_{i-1} XOR m_i)
birthday attack ==> from birthday paradox
m_i = c_{i-1} XOR m_{i-1} XOR D_k(c_i).
use algebraic inverts, etc.
password file: store HASHED/ENCRYPTED values. see if the password the user entered equals
the hashed value stored there.
MAC (message authentication code)-> checksum
(the checksum doesn't have to actually be a sum of the bits. you can simply hash the
encrypted message and store that. to verify the message hasn't been tampered with, hash it
and compare to the stored hash value).
notice!! Factoring is an NP-complete problem. If P = NP, then factoring can be done quickly,
so codes can be broken quickly!! Is the gov't holding this proof from us? :P