# Mendacity \men-DAS-i-tee\ , noun

IA et Robotique

21 nov. 2013 (il y a 4 années et 10 mois)

103 vue(s)

SPHOORTHY TIMES

Tuesday

2
5
th

Octo
ber

2011

Word for the Day
:

Mendacity
\
men
-
DAS
-
i
-
tee
\

,
noun;

1. A tendency to lie; untruthfulness.

2. An instance of lying; falsehood.

Origin:

Mendacity

is derived from Latin
mendax

"lying, deceitful," which is related to
menda

"fault,
defect, carelessness in writing."

"A group become
s a team when all members are sure enough of themselves and their
contributions to praise the skill of others."

News @ Sphoorthy:

1.

M.Tech
-

I Sem. Supplementary exam

is scheduled today
.

Top

News:

Digital Signature Cryptography with No Real Math
:

Before we
can really understand XML DSIG, we need to have an understanding of some basic
cryptography. I'll cover the concepts in this section, but don't panic: no complex math is
involved.A digital signature provides an integrity check on some content. If a single
byte of the
original content has been modified

an extra zero added to a price, a "2" changed to a "4", or a
"No" to a "Yes"', and so on

then the signature will fail to verify. Here's how it works.

The first step is to ''hash'' the message. A cryptographic
hash takes an arbitrary stream of bytes
and converts it to a single fixed
-
size value known as a
digest
. A digest is a one
-
way process: it's
''computationally infeasible'' to recreate a message from the hash, or to find two different
messages which produce
the same digest value. The most common hash mechanism is SHA1,
the Secure Hash Algorithm. It was created by the US Government and released as a standard in
1995; the full specification is available at http://www.itl.nist.gov/fipspubs/fip180
-
1.htm. SHA1
tak
es any message up to 2**64 bytes in length and produces a 20
-
byte result. (So that means
there are 2**160 possible digest values; by comparison, current estimates put the number of
protons in the universe at around 2**250).

So if I generate a message M, an
d create a digest, (written as
H(M)
, for "the hash of M"), and
M

and
H(M)
, you can create your own digest
H'(M)
, and if the two digest values
match, we know that you got what I sent. To protect
M

against modification, I only need to
protect
H(M
)

from being modified. How do we do that? There are two common approaches. The
first is to mix a shared secret into the digest. In other words, create
H(S+M)
. When you get the
message, you use your own copy of
S

to create
H'(S+M)
. This new digest is called

an HMAC, or
Hashed Messsage Authentication Code.

When we use an HMAC, the strength of the integrity protection depends on the (in)ability of the
attacker to figure out S. Therefore, S should be something not easily guessed, and something that
should be ch
anged often. One of the best ways to meet these requirements is to use Kerberos. In
Kerberos, a central authority distributes "tickets" that contain a temporary session key whenever
two entities want to communicate. This session key is used as the shared s
ecret. When I want to
send you a signature, I get a ticket to talk to you. I open my part of the ticket to get S, and I send
you the message, its HMAC, and your part of the ticket. You open the ticket (using the password
that you originally registered with

Kerberos) and get S and information about my identity. You
can now take the message, M, generate your own H'(S+M), and see if they match. If they do
match, you know that you received my message intact, and Kerberos told you who I am.

Another method to pro
tect the digest is to use public
-
key cryptography, such as RSA. In public
-
key cryptography, there are two k

eys, a private key, known only to the holder, and a public key,
accessible to anyone who wants to communicate with the key holder. In public
-
key
cry
ptography, anything encrypted with the private key can be decrypted with the public key, and
vice versa.