david wong

Hey! I'm David, a security consultant at Cryptography Services, the crypto team of NCC Group . This is my blog about cryptography and security and other related topics that I find interesting.

Hashes, MACs, Signatures

posted March 2014

I was very confused when I was introduced to signatures and macs because I thought they were just Hashes. I got to understand what it was and... it's actually super simple.

Here's a great explanation on the crypto stackexchange but here's mine:

  • I have a huuuge message that I want to transfer to a friend. I'm scared some of the words would change during transit. Solution? I just hash it and send the hash with the message. hash = Hash(message). A hash is pretty small (for example a md5 hash is 32 characters) so it's no trouble. My friend then receives the message and the hash, he can Hash(message) it and see if it gives him the same hash. If it doesn't then he knows that the message was changed and he can ask me for a new copy.

You can also call that an unkeyed hash, simply because it doesn't use a key. You just apply the algorithm to the message, no other arguments are given to the hash function.

  • Okay now, We had some problems because some bad guy has sent numerous bad messages to my friends pretending he was me. I still want to hash my message but I also want to tell my friend it was me who wrote it. So, like a symmetric cipher, I generate a key that I share with my friend. And I hash my message with that key Hash = HMAC(key, message). My friend can now hash it with the same key when he receives the message and see that we have the same hash.

We just used a (symmetric) keyed hash or a HMAC (Hash-based message authentication code). Note that we could have used a MAC based on a Cipher as well (CMAC).

  • So me and my friend have been writing many messages to a community of coders. We want to sign each messages with our name, but that's not enough, another bad guy is posting bad stuff signed with our names on different websites. So let's use a Hash that people can verify, like an asymmetric cipher, we generate both a secret key and a public key, we hash the message with our secret key and we post the message, the hash and the public key. Hash = Sign(secret_key, message). People can then verifiy that Hash with the public key. Voila ! We just used a Signature or how I like to call them a asymmetric keyed hash. It allows for integrity of data, thanks to the hash, authentification of the authors, thanks to the secret key (this is a MAC), non-repudiation thanks to the public key (and now we have a signature).

So if you got it right, Hash < Mac < Signature. They're all useful and you should use the one relevant according to the context.

I'll just copypasta the table on the stackoverflow answer, because it's a real nice summary:

Cryptographic primitive | Hash |    MAC    | Digital
Security Goal           |      |           | signature
------------------------+------+-----------+-------------
Integrity               |  Yes |    Yes    |   Yes
Authentication          |  No  |    Yes    |   Yes
Non-repudiation         |  No  |    No     |   Yes
------------------------+------+-----------+-------------
Kind of keys            | none | symmetric | asymmetric
                        |      |    keys   |    keys
comment on this story

Elliptic Curve Cryptography

posted March 2014

A video I found about Elliptic Curve Cryptography that talks about the Discreet Logarithm Problem and the Diffie-Hellman Handshake with ECCs. Class is in english, with bits of german and even some french :)

Such a nice lecture, Christof Paar makes me think of a younger Gilbert Strang, seems to be a great professor. I was captivated until the end and I started liking ECCs again :)

comment on this story

Hacking Week

posted February 2014

A teacher from my uni (and who was teaching Programming last semester) is organizing a Hacking Week next week. Signs up are still possible there : http://hackingweek.fr/contestant/list/

It should be a Capture The Flag kind of contest. It should be interesting, although I'm going to ski with some friends so I won't be able to be really into it...

comment on this story

Initial Permutations in DES

posted January 2014

I have to code a whitebox using DES encryption in a class. Which is pretty cool (I would have prefered doing it with AES but the other group got tails and we got heads).

Here is where the Stanford course I passed on Coursera shines. The explanation of DES on it is brilliant. I was wondering about the initial and final permutations that occurs in the algorithm though and Dan Boneh doesn't really talk about it besides saying it's not for cryptographic purposes.

I found a solution on a new sub-stackoverflow dedicated to Cryptography : http://crypto.stackexchange.com/questions/3/what-are-the-benefits-of-the-two-permutation-tables-in-des

4 comments

What is the best tool?

posted December 2013

Constantly, when I start a new project, I try to look for better tools to do the job.

Lately I've been using CodeIgniter as a PHP MVC, jQuery as a javascript library, Bootstrap as a blueprint and TWIG as a template engine.

I've been noticing numerous people from the CodeIgniter community moving to Laravel, which seems to be pretty awesome. So I look at Laravel, and I think to myself "gosh this looks fun to learn, but I don't have time and I have a lot of projects in mind". And then as I read more and more about Laravel, I see people talking about how RoR is better. And then about how Django is better... This seems like a never ending search for a better technology.

I read somewhere that good coders code, great coders re-use. And more importantly, amazing coders ship. I have to ship code, I have to be productive, and I don't think I should be wasting too much time learning new technologies.

The difficult thing is to judge whether or not the time wasted in learning a new technology would be less than the time wasted coding with an outdated one.

So I want to learn, and I want to ship. And it's hard to do both.

comment on this story

Monty Hall visualization

posted December 2013

monty hall

The Monty Hall problem is to me one of the most fascinating probability problem (for it's simpleness and unintuitive results) that got my mind blown since I learned about it in high school.

One day in high school, in my Math class, the teacher told us about that famous problem. Monty Hall was an old and popular TV show in the states were you had to choose a door to open from three different ones. Behind one of them was a car, behind the two others were goats. Obviously, the goal of the game was to win the car (except if you were really into goats, but then I guess you could have bought a lot of those with a car).

Anyway, the tricky part was that when you made a choice, the host asked you to wait before opening it and would open another door, revealing a goat. Then he would give you the opportunity to waive your initial choice and swap door one last time.

Here lies the probability problem. Do you think you would have more chance of winning if you changed your choice?

My math teacher said yes, and I could not believe that, I remember loudly objecting, telling the teacher it was not possible, that it was not logical. I declined what seemed grotesque at the time, I refused to acknowledge such an unintuitive result, such a simple thing, my brain could do the calculation easily so why would you tell me I was wrong on such a trivial thing.

But yes, I was wrong. I knew I was wrong. I was upset at my own mind. I didn't understand how I could be so convinced that changing choice wouldn't change my chances of winning the car. The problem was simple, so simple. And yet my mind couldn't make its way around it.

After many years of training my brain to think differently about probabilities, I can know see how this problem works. 7 years after my first introduction to this problem, I can now grasp a part of it. I understand it, I know the probabilities enrolled in the resolution of this problem, I've learned them at uni and I made the effort to think about that problem quite a lot during those last years. I actually often ask that problem to my friends, to blow their mind. But still, 7 years after being introduced to that problem, I still have troubles finding its probabilities "natural". My brain still cannot process the fact that it HAS to work that way, that the world is turning in that direction and no others.

I hope I didn't send you to sleep with this. If you want to know more about the mathematician who published this result and got insulted by numerous math PHD for being wrong, you can take a stroll on the wikipedia page.

My technique to wire my brain on the right path? Thinking about a hundred doors, 1 car, 99 goats. I open one door, the host closes 98 others. It feels easier to process when told this way, but there is still a part of me, somewhere, that tells me it wouldn't change a thing. Even with 98 doors opened. What is wrong with my brain?

If you still don't believe me, there is a short and visually clear explanation here.

PS: this is one of my go to when I want to be amazed at how unintuitive or how little we know about how things work. If you like that kind of thing, you can also check the twin paradox or the biography of Milton H. Erickson.

comment on this story

Reed-Solomon

posted December 2013

picture of a cd

The last things we studied in Arithmetic are the Reed-Solomon codes. It's a type of code you use to, not encrypt your information, but create redundant information in your final code. So when you read your code, if there are errors or missing parts, you can still decode it. It's not perfectly redundant like dog's ADN is. The redundant code is changed in a certain way so you can guess what the missing parts are.

A few days ago I was on the road to La Fête des Lumières (in Lyon) with 4 germans I met in Bordeaux. The driver had an old CD with a few mainstream and german songs on it that he wanted to play, problem, the CD was damaged, solution? None. Didn't need a solution. The CD still played, although sometimes it was indeed jumping, most of the time it was playing correctly. How is that?

Well, the information burned on the CD is coded thanks to Reed-Solomon's algorithm so that you can still guess what was burned on it through particular redundant code. This redundant code is (and I'm taking a guess here) what is used when your computer asks you "do you want to check if there was no error?" right after burning your CD.

more info on wikipedia

comment on this story

NP Complexity

posted December 2013

Ahhhh, what is P, NP, NP-Complete and NP-hard. Found this quick explanation. Still reading on the subject. I feel like It might take me a lot of time until I can be able to explain that easily to someone who has no idea what it is.
true mastery of a subject is achieved when you can explain it simply
Here's a stackoverflow pretty simple explanation
A decision problem is in P if there is a known polynomial-time algorithm to get that answer. A decision problem is in NP if there is a known polynomial-time algorithm for a non-deterministic machine to get the answer.
comment on this story

Canal discret sans mémoire

posted November 2013

In my quest to better support to learn, I've again stumbled into a complicated, badly explained and unclear paper from my prof about discreet and time-memoryless channels.

Although it might be just me, but when I don't understand something from one source I like to diversify, and papers from Polytechnique (in french) are always a good snack :

http://www.enseignement.polytechnique.fr/profs/informatique/Nicolas.Sendrier/TI/cours6.pdf comment on this story

Claude Shannon

posted November 2013

Learning about Shannon's theorem in class I got curious and googled the guy.

One extract I found interesting in his wikipedia biography :

Shannon and his wife Betty also used to go on weekends to Las Vegas with M.I.T. mathematician Ed Thorp, and made very successful forays in blackjack using game theory type methods co-developed with fellow Bell Labs associate, physicist John L. Kelly Jr. based on principles of information theory. They made a fortune, as detailed in the book Fortune's Formula by William Poundstone and corroborated by the writings of Elwyn Berlekamp, Kelly's research assistant in 1960 and 1962. Shannon and Thorp also applied the same theory, later known as the Kelly criterion, to the stock market with even better results. Claude Shannon's card count techniques were explained in Bringing Down the House, the best-selling book published in 2003 about the MIT Blackjack Team by Ben Mezrich. In 2008, the book was adapted into a drama film titled 21.

Apart for inventing most of cryptography concepts, and doing chess IA, he also made a fortune from gambling and playing with stocks. Interesting.

comment on this story

bordeaux1 url

posted November 2013

My portfolio/vitrine/online resume... call it what you want, which is available on davidwong.fr, is now available on david.wong.emi.u-bordeaux1.fr as well. I thought that was pretty cool to have a bordeaux1.fr url. I think I can also have a univ-lyon1.fr since my account is still active but I can't be bothered looking at where it is.

Anyway, just this small piece of news in the ocean of bitcoin/litecoin news I've been posting here. Exams are coming soon and I should blog more about them than cryptocoins but yeah...

comment on this story

Done!

posted November 2013

So after a long night staying up and coding I finally handed in my project including my report in LaTeX.

I'm not really proud of what I did, I felt like I could have done much better if given more time (okay I slacked and I had enough time).

BUT, as I already said earlier, I've accomplished a lot and even though I'm done with this project I still kinda want to keep working on it.

Things that I've learned doing this class :

  • C is awful. But now I know the basics. I wish we had one more project to code in C to really get it though.
  • Makefile? Headers? I still don't really get the structure of a C project (and I'm ashamed).
  • I know Linux! Okay I don't know Linux that much, but I'm getting really causy there. I installed debian on a VM and I'm considering setting up a dual boot on my laptop now.
  • Emacs emacs! I was postponing learning it because I was afraid, and just forced myself to use it for this project and goshh am I fast when I use it. When I go back to Sublime Text I just want to C-M-F, C-A, C-K, C-Y...
  • LaTeX! As a Math major I've always been ashamed not knowing it. Now that I got a taste of it I'm wondering if I should use it to write my book on.
  • Svn and Git. I'm not a stranger anymore! And I use them for all my websites as well now :)

I think that's it, but I feel like I've learned a lot and I wished this course was a year thing rather than a semester thing.

The course is not over yet though and next week we'll dive into java for... a quick swim since it will be our last week.

comment on this story

I'm turning nuts

posted November 2013

I feel like I've been doing a hackaton these past few days trying to finish my sudoku solver. I had to hand it in 2 hours ago but still haven't finished... I really hope this won't affect my grade too much.

I've been learning a lot of Emacs, C, using gcov, gprof, LaTeX... I'm so confused right now and my code has became so dense that it's hard for me to debug it.

Yesterday, suddenly, I found something really stupid in my sudoku grid generation that I couldn't fix. A day after, I found the solution, randomly, fixing it created a huge load of other issues. I have been re-inspecting my whole code all day long and I'm stressed by this deadline that I already passed.

Gosh that is a hard course.

And... because of this, I missed a day writing on my new application. I was on a 9-day strike :(

comment on this story

What is the enlightenment I'm supposed to attain after studying finite automata?

posted November 2013

I'm studying automata, it's sort of a "logical" subject that reminds me of studying mathematics. It looks cool, it only asks your brain to think, not to memorize, and you don't really know what's the real use of it.

If you want to take a peak at what I'm studying, you can find a similar course on Coursera given by Jeff Ullman from Stanford (yes, obviously I should have moved to the US and attend Stanford).

Well, someone nicely asked what I was thinking on Stackoverflow, and someone else nicely answered.

comment on this story