Skip to main content

Posts

Cryptographic Primitive III: RSA Asymmetric Keys

RSA cryptosystems involves, a private key (which is kept private) and a public key, which is kept public i.e. known to everyone. The security of RSA hinges on the mathematically difficult problem of finding prime factorization of a very large number. Let's quickly disuss how a public, private key pair can be generated, Let, p and q be two large primes, then $n = q \times q$ $\phi(n) = (p-1) \times (q-1)$ Here, $\phi(n)$ is called euler's totient function Choose a random number $e$ such that, $e \in \left\{0,1,2...\phi(n)-1\right\}$ and $gcd(e,\phi(n)) = 1$ The gcd condition will ensure that we have an inverse of $e$ in $\mathbb{Z}_{26}$. Now, using extended euclidian algorithm one can get the inverse of e as d such that, $d \equiv e \pmod{\phi(n)}$ So, there we have it, the private key is $e$ and the public key is $(n,d)$. Few points to note here are, $p$ and $q$ are both $\geq 2^{512}$, although the recommened size is $2^{1024}$ $n$ is $\geq 2^{1024}$, although the recommended...
Recent posts

Cryptography Primitive II: Feistel Network

 Feistel Networks are building blocks of many stream cipher notably DES, SwordFish etc, wherein one performs a fixed number of rounds of the feistel network, for both excryptopn and decrypton. Feistel Network The abbreviations are as follows, F: Round function K i : Subkey for round i L i : Left half of the intermediate value at round i, L 0 would be the left half of clear text. R i : Right half of the intermediate value at round i, R 0 would be the right half of clear text. Micheal Luby and Charles Rackoff proved that,  If the round function is a cryptographically secure pseudorandom function, then 3 rounds are sufficient to make the block cipher a pseudorandom permutation, while 4 rounds are sufficient to make it a "strong" pseudorandom permutation. Strong psuedorandom permutation means that it remains pseudorandom even to an adversary who gets oracle access to its inverse permutation. Note that in one round of a feistal network, only the left half of the cleartext is enc...

Cryptography Primitives 1: Merkel - Damgard Construction

 This is basically a basic building block for constructing a hash function based on Ralph Merkel's PhD thesis which basically states that,  if an appropriate padding scheme is used and the compression function is collision-resistant, then the hash function will also be collision-resistant Block Diagram for Merkel Damgard Construction Important things to consider, Padding IV Padding is basically a long string of 1 followed by as many number of 0s as required and ends with a binary representation of the message length. So to pad a message, 1001101, we pad it with 1001101[100000...00111], where the part inside square brackets are the padded bits.

Reliability and Availability Metrics and Calculations

For a complex software solution, you usually have to stick to customer requirements for reliability and availability as defined in the SLA. For a monolithic appliance, this could be trivially determined, but most real world applications requires multiple physical nodes, VM or machine. Extrapolating the reliability and availability figures for a complex multi-tier software system could pose a challenge to an IT practitioner who is not familiar with reliability engineering. So, let's dine right into it. Let's first define some key terms, MTTF: Mean Time To Failure aka 'Average time betwwen two failure of a non-reparable component'. MTBF: Mean Time Between Failure aka 'Average time between two failures of a reparable component'. MTTR: Mean Time To Repair aka 'Average time to repair a component'. Now, let's estabish the concept of failure rate (λ) as , $\lambda = \frac{1}{MTBF}$ or $    = \frac{1}{MTTF}$ The reliability function is defined as,  $R(t) = ...

Reset root password RHEL/Rocky/CentOS 9

Unlike the earlier versions of Rethat variants, version 9 doesn't allow single user mode to change password, as maintanance mode in 9 requires root password . Single user mode (runlevel 1) can easily be obtained by appending the word ' single ' at the end of the line starting with 'linux' by editing the entry in boot menu by pressing ' e ' at boot menu. To reset the root password on the other hand, one requires to follow a specific set of commands, At the boot menu, edit rescue mode to append 'rd.break ' at the end of the line starting with kernel. Boot with the edited line by pressing Ctrl+X or F10. At the new prompt starting with switch_root, type the following commands, mount -o remount, rw /sysroot chroot /sysroot touch /.autorelabel passwd <new root password> exit reboot       

Updating OSM data in PostgreSQL snapshot schema from latest pbf

Getting pbf files from Geofabrik and uploading them into your own datastore has been discussed in this blog earlier. In this blog, we are gonna see how to update the data, as OSM data changes every day by millions of controbutors worldwide.  It is important to preseve the most recent pbf file in your hard drive, as we'll see in further. The steps to be followed are the following, Download the latest pbf file as per your business requirement. Generate the changes between the last pbf and the earlier version. Apply the change to your PostgreSQL data store. Let's follow this with a concrete example,  Assuming the last pbf we have applied is, india-20220122.osm.pbf dated Jan, 22, 2022. Download the most recent india osm pbf file, india-latest.osm.pbf Generate the change-log in xml format, osmosis-0.48.0/bin/osmosis --read-pbf file="india-latest.osm.pbf" --read-pbf file="india-20220122.osm.pbf" --derive-change --write-xml-change file=inddiff.osc Aplpy the changes...

Opensteetmap Data Models

Opensteetmap is the crowdsourced mapping of the planet and can be accessed at https://opensteetmap.org The map data is freely downloadable and can be hosted locally for any purpose whatsoever under GPL license. Map data is downloadable in multiple archive formats like pbf  (Protocolbuffer Binary Format) and others. OSM's internal data model is represented as shown in the ER diagram above, but when it's imported from the PBF, it has to be efficient, fast and easy to use. Primarily, OSM databases can either be, Snapshot or  Historical Snapshot databases don't contain historical infromation (for instance, how a river changed it's course of the years or how landuse of a forested land changed over the year) whereas, Historical database contains this information. Naturally, historical databases are much more complex and requires more effort. Various parameters on how to judge various data stores are, Updatability Transactibility Concurrent Read/Writability Snapshot/Historical...