Quick access to articles on this page:
more on the next page...
I'm in holidays for a week, easter I think, anyway, I didn't know what to do so I coded the Diffie-Hellman handshake, the ElGamal cryptosystem and the RSA cryptosystem in python.
You can check the code on github here: github.com/mimoo/crypto_studies
tests.py file to see how the classes are used. Here's an extract:
"""Testing Diffie Hellman
# 1. BOB
bob = DiffieHellman()
# G and g are generated automatically
print("G is a group mod %i and of order %i, and the generator g is %i" % (bob.G, bob.G, bob.g))
# We generate a secret and a public key
# 2. ALICE
# We already know G and g
alice = DiffieHellman(bob.G, bob.g)
# We generate the secret key and the public key
# 3. WE CREATE THE SHARED KEY
# Bob and Alice now have the same _sharedkey and the same public (G, g)
README says, it might be oversimplified and not totally correct. I mostly did that to do something in Python and also try to memorize how those systems work.
I've also done a lot of Unity this week-end. And also a bit of WxPython but I don't really like it. I think I should focus on QT and C++.
Those past few months I've been working on a C implementation of a whitebox using Chow et al's paper and the DES algorithm.
It's not done yet but the code is available on github. I also did a C implementation of DES just to get a grip on it, it's available on github as well.
I just did a presentation of the research my team and I did, I think it went pretty well. The slides are here
I've been looking for a summer internship and I haven't really found anything sor far. Although I've had some interviews with some start ups from the Silicon Valley (including TrueVault that really seemed like a good fit for a cryptographer in progress like me :D). But I've been unlucky so far since they're pretty busy, it's demo day-time for those applying to ycombinator there.
Anyway I still have 4 months of holidays this summer and I'm wondering what I'll do if I can't find anything in Mountain View (n_n I really want to go there).
If you know someone, or are interested in a passionate coder and eager learner, you can take a look at my resume here and rush to contact me before someone else does :)
Otherwise I'll spend more time coding personal projects and writing this summer (by the way, Korben, a famous influential blogger in France has written about me and my application 3pages.fr in a blog post. Huge amount of traffic in a few hours, 600 people signing up in a day. I envy his traffic.)
I've used Django for my last project and I found the documentation unclear and the list of things I had to do to code simple things and deploy were... a bit too much for a simple project.
I've glanced at the Flask documentation and have found it über-clear. The syntax seems to be pretty straight-forward as well. I'm really thinking about learning Flask for my next project and putting Django on hold. What do you guys think?
There's also a talk on web2py in the current PyCon. I don't know if it's for me but I really need something I can do quick prototypes on.
Sometimes I wonder if I should go back to PHP and try the new Laravel that really looks super cool :)
So I know how to use iptables, I know what a NAT is, but I don't want to learn how to exactly do it. Misery... I have to learn how to do it because I have an exam that will probably ask me how to do it in a few days. So I've been looking for a super simple tutorial, a 1 minute tutorial, on how to setup a NAT configuration with iptables in 1 minute. Couldn't really find it so here it is, if this is somewhat useful for someone, you're welcome.
For NAT to work, you have to allow forwarding on your server. Easy peasy:
$ echo 1 > /proc/sys/net/ipv4/ip_forward
Also, before adding new iptables rules, be sure to check what rules you already have
$ iptables -L
you should allow some forwarding for it to work (if the policy is default to DROP). But this not a tutorial about iptables.
I have a server with:
Let's modify the PREROUTING part. Traffic coming from internet on our public address (@pub) and trying to reach our machine:
$ iptables -t nat -A PREROUTING -d @pub -i eth0 -j DNAT --to-destination @priv
Let's modify the table nat, append a rule to the pretrouting section : something is trying to reach @pub ? Let's put it in our input interface eth0, jump to the Destination Nat protocol, which tells us to send the packet to @priv.
Now Let's modify the POSTROUTING part. Traffic coming from inside our network and trying to reach something, somewhere on internet:
$ iptables -t nat -A POSTROUTING -s @priv -o eth1 -j SNAT --to-source @pub
If the packet is coming from @priv, let's put it on our output interface eth1 and jump to the Source Nat Protocol that will modify the packet so it has the public address (@pub) as source.
Here! You did it. One private IP address mapped to one public IP address.
Same kind of configuration but now we have several private addresses and only one public address.
$ iptables -t nat -A POSTROUTING -s @priv/mask -j MASQUERADE
We can modify every packets coming from the subnetwork @priv to get masqueraded.
$ iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
Or we can just tell all the network to get masqueraded.
And this is it. No PREROUTING Needed.
Again, you're welcome ;)
A few hours after the start of the Heartbleed challenge, actually, just 3 hours after the start of the Heartbleed challenge. Fedor Indutny seems to have cracked it.
So now, chaos begins. If you own a certificate, you not only have to change it, but you also have to revoke it. I wonder how many will change, and how many will revoke.
You can check that he indeed did it by doing this:
Just to confirm it: put this into your /etc/hosts “184.108.40.206 http://www.cloudflarechallenge.com ” and visit “https://www.cloudflarechallenge.com/ “.
here why it works:
Putting that mapping in /etc/hosts lets your machine skip DNS lookup for that hostname, and just use his IP for that domain name.
Then, your browser checks the received certificate against the authenticated TLS connection, and sees that all is well, allowing you to connect without a warning.
Since the browser does not warn of a certificate mismatch, he must have a valid certificate for 'cloudflarechallenge.com'. QED.
The Cloudflare team reviewing the attack:
NSA is not happy. NSA is tweeting, tumblring (is this a verb?) and shouting loud and for all of who wants to hear it : they didn't know about the Heartbleed bug.
by the way they're talking about a "zero day" vulnerability, and now is a good time to learn what it is:
a so-called “Zero day” vulnerability because the developers of the vulnerable software have had zero days to fix it
I'm akin to trust them since... well. So many US websites were using OpenSSL and... it's not really nice if someone else eavesdrop on american citizen...
Anyway, this shows that the NSA has a long way to build trust again.
I don't write enough in the "Life in Bordeaux" section of this blog. So, here I am, trying to write something.
What can I tell you about Bordeaux ?
I ***** love Bordeaux. I love its student life, I love how practical it is for me to see my friends, I really like my campus especially that building with all those free-access computers with double screens and everything already setup on them.
I don't really like the weather though, it's raining quite often, I'd say at least once a week, but when it shines, it shines.
The public transport is the worse part of the city. There is no subway and trams are always PACKED. And when I say packed I mean "you will miss 5 trams in a row because you can't get in" packed. And I have to commute, every day... but I'll survive, it's not Paris and its awful subway :) far from that.
The streets are dirty, my apartment is crappy, really, but it's okay, I'm moving in June, hopefully to a better place. Still have to find a new place though, and looking for a place in Bordeaux is HARSH. I shiver just thinking about it.
Girls are pretty :o) and there are many girls. Bad thing is that my part of the campus is full of guys (and sometimes its hard to tell).
I don't know what else I could say. I like it better than Lyon, way better than Hamilton in Ontario, way way better than Paris. It lacks the feeling of "full of opportunities" that Beijing has though. But the air is breathable at least =) so yeah. Later in my life, I will consider settling in Bordeaux. Why not?