Thursday, August 21, 2008
I left a terrible bug in version 1.3 of my replacement Gina. I didn’t want to miss any test case this time, so I wrote a batch file that tests every one of them. That batch file adds a user to a group and a group to the registry. There are two possible groups in the registry, and the user can be a member of either two groups, making 2^(2+2) possibilities, 16 use cases.
After a few lines in, I realized that I would be less work to order the tests in a way that would minimize the change to the configuration between any two tests. In other words, when a n+1 test case required a change to the registry, then the user group membership should not change, and vice-versa. That would also make it easy to investigate a failed test, because only one thing would change between any two tests.
Then it hit me.
Well actually, I had to stop and think for a while. Kind of like my mind restoring a dusty old tape archive… I remembered that mathematician Richard Hamming had a code for that. It’s a numbering scheme where only 1 bit changes between any two numbers. The number of bits that change is the Hamming distance between two numbers. Using four information bits to represent each possible use case, I came up with the following table. The first two rows (MSB, in blue) are user membership to a group, and the two last rows (LSB, in green) is the presence of that group in the registry. Ordering my tests that way gave me a constant Hamming distance of 1.
| Decimal value |
0 |
1 |
3 |
2 |
6 |
7 |
5 |
4 |
12 |
13 |
15 |
14 |
10 |
11 |
9 |
8 |
| Unlock |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
1 |
1 |
1 |
1 |
1 |
1 |
1 |
1 |
| Logoff |
0 |
0 |
0 |
0 |
1 |
1 |
1 |
1 |
1 |
1 |
1 |
1 |
0 |
0 |
0 |
0 |
| Unlock |
0 |
0 |
1 |
1 |
1 |
1 |
0 |
0 |
0 |
0 |
1 |
1 |
1 |
1 |
0 |
0 |
| Logoff |
0 |
1 |
1 |
0 |
0 |
1 |
1 |
0 |
0 |
1 |
1 |
0 |
0 |
1 |
1 |
0 |
| Expected test result |
Gina |
Gina |
Gina |
Gina |
Gina |
Force logoff |
Force logoff |
Gina |
Gina |
Force logoff |
Unlock |
Unlock |
Unlock |
Unlock |
Gina |
Gina |
The only drawback to this is that all the typing I saved writing my test batch file, I wasted on this blog post !
I noticed a new link in my GMail account (I am using gmail for your domain), showing the sessions used to connect to an account and the last time since it had activity on that session.
Pretty neat, although I doubt a regular user will be able to make sense of any of that… In my case, it shows that from the last time I was online at home (IP 66.x.x.x) and the next time I was online at work (IP 199.x.x.x), there were only seven hours.
| Recent activity: |
Access Type [ ? ]
(Browser, mobile, POP3, etc.) |
IP address [ ? ] |
Date/Time
(Displayed in your time zone) |
| Browser |
199.x.x.x * |
8:16 am (0 minutes ago) |
| Google Toolbar |
66.x.x.x |
12:41 am (7 hours ago) |
| Browser |
66.x.x.x |
12:09 am (8 hours ago) |
| Browser |
66.x.x.x |
11:50 pm (8 hours ago) |
| Browser |
199.x.x.x * |
Jul 10 (16 hours ago) |
|
| |
And yes, I took time to sleep, wake up the kids and have breakfast with them.
Time for coffee now !
I wanted to test the relative strength of a password policy. I wanted to run a password cracking tool over different passwords, from a dictionary based password (like Banana42) to a random one (generated with Password Safe). Creating users setting passwords and running different password extraction tools was a lot of trouble.
I found a detailed explanation of the MSCASH format. Here is how you make your own MSCASH hashes to do close to reality benchmarks of your favourite password cracking tool.
(Continued)
This Notifu update allows you to concatenate multiple /m and /p switches. It is usefull when a paramater to Notifu is feed by a program you have no control over.
For example, this command line now works :
notifu /p Concatenate /p " this" /m "Hello" /m ", " /m "World"
Nothing is added to your parameters. If you want a space, you must add it.
Note to self : Got to fix my release script… A simple update takes longer to post online than to code !
I fixed a bug in notifu that made it ignore quotes that were escaped with a backslash. For example, this command line works now :
notifu /m "\"Theo Est\" test@example.com"
Thanks to Sof for the heads up !
IBM WebSphere stores its passwords in files. Everybody does that and it is hard to do otherwise. When I am confronted with the problem, I usually say that the only option you have is what file you want a password in. IBM (in WebSphere) went a little further by applying a hardcoded XOR. Each caracter is XORed with the caracter ‘_’, and the resulting string is encoded in base64. This is not cryptography, it is just enough encoding so that a casual glance at the file will not reveal the password.
If you have access to security.xml and need to know the passwords it contains, compile and run this tool. It supports :
- Encoded passwords on the command line (as many as you like)
- Passwords piped in (default if no arguments are passed)
- With or without the leading {xor}
- It builds with Visual C++ and GNU g++ (tested with mingw32 version only)
- A crude but working parsing so you can pipe the result of a grep, like this :
grep -i password security.xml | waspass
You can get the source from my Subversion server with this command :
svn co http://src.paralint.com/spikes/waspass/trunk waspass
I am also posting the full source inline, just to show off that cool javascript code parser I just installed…
(Continued)
When ever I teach cryptography to beginners, they are confused with what you can do with the private and public key, in an asymmetric cryptographic scheme. I start by saying the your private key never leaves you, no matter what. No exception to the rules.
To help with the rest, I made this chart.
| Operation (below) key used (right) |
Public key |
Private key |
| Encryption (done by the sender) |
Encrypt a message for an individual (that “message” is often a symmetric key) |
Generate a digital signature (encrypt a document hash) |
| Decryption (done by the receiver) |
Verify a digital signature (decrypt a hash of the message) |
Decrypt a message destined to you (that “message is often a symmetric key) |
The colors in that chart indicate operations that are related to each other. To put it in words:
- If you use a public key for encryption, you will use your private key for decryption.
- If you use a private key for encryption, you will use a public key for decryption
But most students need some time to reach the asymmetric cryptography enlightenment. When they do reach it, I have to convince them that it is not the silver bullet it looks like. I found that remembering this chart helps them cram study for an exam.
Hope this helps !
Here is just a little update to my Notifu utility. It is a drop-in replacement (no new command-line switches) that features
- Vista Home Premium and Vista Business support (same binary works on XP and Vista)
- Better error handling on platforms that don’t support IUserNotification
- Option to specify pop-up delay in seconds (/d 5 or /d 5000 will give you 5 seconds)
I updated the main project page. There are a couple of typos and the email link is gone. I will fix that sometimes this week. Click on the bitmap here or on the project page to download.
Enjoy !
I was a little overwhelmed by the reaction to my custom GINA. The good thing about it is that it motivated me to put a better version out that addresses all the comments I had so far, namely :
- Allow force log off without being a member of the administrator group
- Allow an arbitrary group to be excluded from this GINA unlock policy
- Show a notice that a custom GINA is in place
I also put up a permanent page for the project. It has better documentation and fancy graphics. Enjoy !
Here is a trick I found that solved an old problem: How can coin flipping ever be fair if only one person chooses head or tail ?
I remember Chrissy complaining about that to Jack in an episode of “Three’s Company”. Above the humour, I remember thinking about fair coin flipping back then, many years before I learned anything about cryptography.
The other day, I was asked the very same question by my daughter. Children are great entropy generators (you can tell by the mess they make of their toys). I found a way to solve the problem by having both of them part of the coin flipping. Well I don’t flip a coin. I hide it in one of my hands, behind my back. Here is how it goes:
- I lay out the outcome first. Something like “If you get the coin, you’re the one who take her bath first”
- I start shuffling the coin from one hand to the other, behind my back.
- One of them says “stop”.
- I leave the coin in the hand it was when I was told to stop.
- I show both hands (fists, actually) to my other kid, who gets to choose a hand.
(The entropy gathering is at step 3). If she gets the coin, she knows the outcome. No more “it’s not fair” complaints 