AI Data Poisoning

AI Data Poisoning — independent reviews, comparisons, pricing and step-by-step guides on Aizhi.

Pocket (service)

Pocket, formerly known as Read It Later, was a social bookmarking service for storing, sharing and discovering web bookmarks, first released in 2007. Mozilla, the developer of Pocket, announced in May 2025 that it was discontinuing the service and would shut it down in July of that year. == History == Pocket was introduced in August 2007 as a Mozilla Firefox browser extension named Read It Later by Nathan (Nate) Weiner. Once his product was used by millions of people, he moved his office to Silicon Valley and four other people joined the Read It Later team. Weiner's intention was for the application to be like a TiVo directory for web content and to give users access to that content on any device. Read It Later obtained venture capital investments of US$2.5 million in 2011 and $5.0 million in 2012. The 2011 funding came from Foundation Capital, Baseline Ventures, Google Ventures, Founder Collective and unnamed angel investors. The company rejected an acquisition offer by Evernote after showing concerns that Evernote intended to shut down the Read It Later service and amalgamate its functionality into Evernote's main service. Initially, the Read It Later app was available in a free version and a paid version that included additional features. After the rebranding to Pocket, all paid features were made available in a free and advertisement-free app. In May 2014, a paid subscription service called Pocket Premium was introduced, adding server-side storage of articles and more powerful search tools. In June 2015, Pocket was included in Firefox, via a toolbar button and link to a user's Pocket list in the bookmark's menu. The integration was controversial, as users displayed concerns for the direct integration of a proprietary service into an open source application, and that it could not be completely disabled without editing advanced settings, unlike other third-party extensions. A Mozilla spokesperson stated that the feature was meant to leverage the service's popularity among Firefox users and clarified that all code related to the integration was open source. The spokesperson added that "[Mozilla had] gotten lots of positive feedback about the integration from users". On February 27, 2017, Pocket announced that it had been acquired by Mozilla Corporation, the commercial arm of Firefox's non-profit development group. Mozilla staff stated that Pocket would continue to operate as an independent subsidiary but that it would be leveraged as part of an ongoing "Context Graph" project. There were plans to open-source the server-side code of Pocket, though only parts of the project had been open-sourced as of 2024. On May 22, 2025, Mozilla announced that it would shut down Pocket on July 8, 2025. Exports of user data would be available until October 8, 2025, when accounts would be deleted. The email newsletter Pocket Hits was rebranded as Ten Tabs on June 12 as part of the closure, with it being changed to release only on weekdays. == Functions == The application allows the user to save an article or web page to remote servers for later reading. The article is sent to the user's Pocket list (synced to all of their devices) for offline reading. Pocket makes the article more readable by removing clutter and enabling the user to add tags and adjust text settings. == User base == The application had 17 million users and 1 billion saves, as of September 2015. Pocket was listed among Time magazine's 50 Best Android Applications for 2013. == Reception == Kent German of CNET said that "Read It Later is oh so incredibly useful for saving all the articles and news stories I find while commuting or waiting in line." Erez Zukerman of PC World said that supporting the developer is enough reason to buy what he deemed a "handy app". Bill Barol of Forbes said that although Read It Later works less well than Instapaper, "it makes my beloved Instapaper look and feel a little stodgy." In 2015, Pocket was awarded a Material Design Award for Adaptive Layout by Google for their Android application.
Read more →
Memory-hard function

In cryptography, a memory-hard function (MHF) is a function that costs a significant amount of memory to efficiently evaluate. It differs from a memory-bound function, which incurs cost by slowing down computation through memory latency. MHFs have found use in key stretching and proof of work as their increased memory requirements significantly reduce the computational efficiency advantage of custom hardware over general-purpose hardware compared to non-MHFs. == Introduction == MHFs are designed to consume large amounts of memory on a computer in order to reduce the effectiveness of parallel computing. In order to evaluate the function using less memory, a significant time penalty is incurred. As each MHF computation requires a large amount of memory, the number of function computations that can occur simultaneously is limited by the amount of available memory. This reduces the efficiency of specialised hardware, such as application-specific integrated circuits and graphics processing units, which utilise parallelisation, in computing a MHF for a large number of inputs, such as when brute-forcing password hashes or mining cryptocurrency. == Motivation and examples == Bitcoin's proof-of-work uses repeated evaluation of the SHA-256 function, but modern general-purpose processors, such as off-the-shelf CPUs, are inefficient when computing a fixed function many times over. Specialized hardware, such as application-specific integrated circuits (ASICs) designed for Bitcoin mining, can use 30,000 times less energy per hash than x86 CPUs whilst having much greater hash rates. This led to concerns about the centralization of mining for Bitcoin and other cryptocurrencies. Because of this inequality between miners using ASICs and miners using CPUs or off-the shelf hardware, designers of later proof-of-work systems utilised hash functions for which it was difficult to construct ASICs that could evaluate the hash function significantly faster than a CPU. As memory cost is platform-independent, MHFs have found use in cryptocurrency mining, such as for Litecoin, which uses scrypt as its hash function. They are also useful in password hashing because they significantly increase the cost of trying many possible passwords against a leaked database of hashed passwords without significantly increasing the computation time for legitimate users. == Measuring memory hardness == There are various ways to measure the memory hardness of a function. One commonly seen measure is cumulative memory complexity (CMC). In a parallel model, CMC is the sum of the memory required to compute a function over every time step of the computation. Other viable measures include integrating memory usage against time and measuring memory bandwidth consumption on a memory bus. Functions requiring high memory bandwidth are sometimes referred to as "bandwidth-hard functions". == Variants == MHFs can be categorized into two different groups based on their evaluation patterns: data-dependent memory-hard functions (dMHF) and data-independent memory-hard functions (iMHF). As opposed to iMHFs, the memory access pattern of a dMHF depends on the function input, such as the password provided to a key derivation function. Examples of dMHFs are scrypt and Argon2d, while examples of iMHFs are Argon2i and catena. Many of these MHFs have been designed to be used as password hashing functions because of their memory hardness. A notable problem with dMHFs is that they are prone to side-channel attacks such as cache timing. This has resulted in a preference for using iMHFs when hashing passwords. However, iMHFs have been mathematically proven to have weaker memory hardness properties than dMHFs.
Read more →
Computer network engineering

Computer network engineering is a technology discipline within engineering that deals with the design, implementation, and management of computer networks. These systems contain both physical components, such as routers, switches, cables, and some logical elements, such as protocols and network services. Computer network engineers attempt to ensure that the data is transmitted efficiently, securely, and reliably over both local area networks (LANs) and wide area networks (WANs), as well as across the Internet. Computer networks often play a large role in modern industries ranging from telecommunications to cloud computing, enabling processes such as email and file sharing, as well as complex real-time services like video conferencing and online gaming. == Background == The evolution of network engineering is marked by significant milestones that have greatly impacted communication methods. These milestones particularly highlight the progress made in developing communication protocols that are vital to contemporary networking. This discipline originated in the 1960s with projects like ARPANET, which initiated important advancements in reliable data transmission. The advent of protocols such as TCP/IP revolutionized networking by enabling interoperability among various systems, which, in turn, fueled the rapid growth of the Internet. Key developments include the standardization of protocols and the shift towards increasingly complex layered architectures. These advancements have profoundly changed the way devices interact across global networks. == Network infrastructure design == The foundation of computer network engineering lies in the design of the network infrastructure. This involves planning both the physical layout of the network and its logical topology to ensure optimal data flow, reliability, and scalability. === Physical infrastructure === The physical infrastructure consists of the hardware used to transmit data, which is represented by the first layer of the OSI model. ==== Cabling ==== Copper cables such as ethernet over twisted pair are commonly used for short-distance connections, especially in local area networks (LANs), while fiber optic cables are favored for long-distance communication due to their high-speed transmission capabilities and lower susceptibility to interference. Fiber optics play a significant role in the backbone of large-scale networks, such as those used in data centers and internet service provider (ISP) infrastructures. ==== Wireless networks ==== In addition to wired connections, wireless networks have become a common component of physical infrastructure. These networks facilitate communication between devices without the need for physical cables, providing flexibility and mobility. Wireless technologies use a range of transmission methods, including radio frequency (RF) waves, infrared signals, and laser-based communication, allowing devices to connect to the network. Wi-Fi based on IEEE 802.11 standards is the most widely used wireless technology in local area networks and relies on RF waves to transmit data between devices and access points. Wireless networks operate across various frequency bands, including 2.4 GHz and 5 GHz, each offering unique ranges and data rates; the 2.4 GHz band provides broader coverage, while the 5 GHz band supports faster data rates with reduced interference, ideal for densely populated environments. Beyond Wi-Fi, other wireless transmission methods, such as infrared and laser-based communication, are used in specific contexts, like short-range, line-of-sight links or secure point-to-point communication. In mobile networks, cellular technologies like 3G, 4G, and 5G enable wide-area wireless connectivity. 3G introduced faster data rates for mobile browsing, while 4G significantly improved speed and capacity, supporting advanced applications like video streaming. The latest evolution, 5G, operates across a range of frequencies, including millimeter-wave bands, and provides high data rates, low latency, and support for more device connectivity, useful for applications like the Internet of Things (IoT) and autonomous systems. Together, these wireless technologies allow networks to meet a variety of connectivity needs across local and wide areas. ==== Network devices ==== Routers and switches help direct data traffic and assist in maintaining network security; network engineers configure these devices to optimize traffic flow and prevent network congestion. In wireless networks, wireless access points (WAP) allow devices to connect to the network. To expand coverage, multiple access points can be placed to create a wireless infrastructure. Beyond Wi-Fi, cellular network components like base stations and repeaters support connectivity in wide-area networks, while network controllers and firewalls manage traffic and enforce security policies. Together, these devices enable a secure, flexible, and scalable network architecture suitable for both local and wide-area coverage. === Logical topology === Beyond the physical infrastructure, a network must be organized logically, which defines how data is routed between devices. Various topologies, such as star, mesh, and hierarchical designs, are employed depending on the network’s requirements. In a star topology, for example, all devices are connected to a central hub that directs traffic. This configuration is relatively easy to manage and troubleshoot but can create a single point of failure. In contrast, a mesh topology, where each device is interconnected with several others, offers high redundancy and reliability but requires a more complex design and larger hardware investment. Large networks, especially those in enterprises, often employ a hierarchical model, dividing the network into core, distribution, and access layers to enhance scalability and performance. == Network protocols and communication standards == Communication protocols dictate how data in a network is transmitted, routed, and delivered. Depending on the goals of the specific network, protocols are selected to ensure that the network functions efficiently and securely. The Transmission Control Protocol/Internet Protocol (TCP/IP) suite is fundamental to modern computer networks, including the Internet. It defines how data is divided into packets, addressed, routed, and reassembled. The Internet Protocol (IP) is critical for routing packets between different networks. In addition to traditional protocols, advanced protocols such as Multiprotocol Label Switching (MPLS) and Segment Routing (SR) enhance traffic management and routing efficiency. For intra-domain routing, protocols like Open Shortest Path First (OSPF) and Enhanced Interior Gateway Routing Protocol (EIGRP) provide dynamic routing capabilities. On the local area network (LAN) level, protocols like Virtual Extensible LAN (VXLAN) and Network Virtualization using Generic Routing Encapsulation (NVGRE) facilitate the creation of virtual networks. Furthermore, Internet Protocol Security (IPsec) and Transport Layer Security (TLS) secure communication channels, ensuring data integrity and confidentiality. For real-time applications, protocols such as Real-time Transport Protocol (RTP) and WebRTC provide low-latency communication, making them suitable for video conferencing and streaming services. Additionally, protocols like QUIC enhance web performance and security by establishing secure connections with reduced latency. == Network security == As networks have become essential for business operations and personal communication, the demand for robust security measures has increased. Network security is a critical component of computer network engineering, concentrating on the protection of networks against unauthorized access, data breaches, and various cyber threats. Engineers are responsible for designing and implementing security measures that ensure the integrity and confidentiality of data transmitted across networks. Firewalls serve as barriers between trusted internal networks and external environments, such as the Internet. Network engineers configure firewalls, including next-generation firewalls (NGFW), which incorporate advanced features such as deep packet inspection and application awareness, thereby enabling more refined control over network traffic and protection against sophisticated attacks. In addition to firewalls, engineers use encryption protocols, including Internet Protocol Security (IPsec) and Transport Layer Security (TLS), to secure data in transit. These protocols provide a means of safeguarding sensitive information from interception and tampering. For secure remote access, Virtual Private Networks (VPNs) are deployed, using technologies to create encrypted tunnels for data transmission over public networks. These VPNs are often used for maintaining security when remote users access corporate networks but are also used ion other settings. To enhance threat detection and r
Read more →
List of broadband over power line deployments

This is a list of broadband over power line deployments. In this sense, "broadband" usually refers to Internet access using power line communication technology. == BPL pilot projects - 1st Gen (UPA) == === Inactive pilot projects === North America: United States: The United Telecom Council publishes the Federal Communications Commission (FCC)-mandated BPL Interference Resolution website, which provides a list of all BPL deployments in the US. Canada: Quebec: As of 2005, PLC communication technology developed by Ariane Controls is being installed inside and outside existing buildings to control lights and other energy-hungry devices. The cheap devices allow energy consumption to be better managed, and so save much energy and bring a clear return on investment. Western Europe: Sweden: Vattenfall is using PLC technology at 1200 baud for automatic meter reading based on an Iskraemeco product. Central and Eastern Europe, and Eurasia: Russian Federation: Electro-com has deployed widely BPL/PLC technology and offers internet access service in Moscow, Nizhny Novgorod, Ryazan, Kaluga and Rostov-on-Don, planning to extend coverage to main Russian cities. Currently the company does not provide other services, though plans to start providing telephone, and television services someday. Base equipment is a DefiDev modem with a DS2 chipset. The company had 35,000 subscribers and an annual growth of 15-20%. The company has, however, halted operations in Moscow in September, 2008, having sold its client network to an IDSL internet provider. Romania: In January, 2006, the Ministry of Communications and Information Technology introduced a PLC trial in the rural locality of Band, Mureș County, offering phone and broadband internet access for €7 per month. The technology was introduced to 50 households. Montenegro: In March, 2002, the Internet Crna Gora biggest internet provider in Montenegro launched a pilot project in town of Cetinje. Serbia: In August 2002, the Star Engineering from Niš launched a pilot project to show a completely new way to access the Internet, which is a new in that time in most countries around the world. Hungary: The first powerline service in Hungary was realized in September, 2003, in the Riverside apartment house in Budapest by 23Vnet Ltd. The PLC equipment was supplied by ASCOM Powerline. After four months the service was counting 100 users from 450 apartment owners. The bandwidth is 4.5 Mbit/s. Asia, Pacific, and Oceania: Indonesia: PT Kejora Gemilang Internusa "KEJORA", under their banner PLANET BROADBAND, is currently rolling out broadband over power line, with over 300,000 homes expected to be enabled by August 2010. PT. Kejora Gemilang Internusa signed an 8-year Joint Venture concession agreement with ICON+ a division of PT. Perusahaan Listrik Negara (Indonesia electricity company). Under the terms of the agreement PLAnet Broadband are to supply BPL/PLC to Jakarta West and West Java. Another company, PT. Broadband Powerline Indonesia, has been developing broadband over power line in apartment buildings since 2006. PT. BPI also produces data couplers to make broadband over powerline possible in three phases (R, S, T) with a single master. India : In India IIIT Allahabad has completed a project in co-operation with Corinex Communications Canada to implement a prototype of BPL for University campus and nearby villages. Africa and the Middle East: Egypt: The Engineering Office for Integrated Projects (EOIP) has deployed PLC technology widely in Alexandria, Fayed, and Tanta. Based on a locally developed system, the company provides AMR for electricity utilities. Currently, the company has about 70,000 subscribers. South Africa: Goal Technology Solutions (GTS) trialled the technology and is offering service in the suburbs of Pretoria, and plans to extend it to other areas. The tests were done with Mitsubishi equipment using a DS2 chipset, and the company claims a maximum throughput of 90 Mbit/s although initially only "512 Kbits/s ADSL equivalent speeds" are available. Now it uses DefiDev's equipment, and according to GTS's website, it will expand available bandwidth up to 5-20 Mbit/s. Ghana: Cactel Communications, Ltd. successfully deployed an MV solution pilot project in the Graphic Communications Group in Accra in June, 2005. A Cactel Remote Energy Management System (REMS) pilot project for the Electricity Company of Ghana (ECG) is running a 40-user pilot project at the University of Ghana in Legon. The current project combines fiber, radio link, Wi-Fi and PLC to provide broadband internet access and telephony. It showcases the interoperability of PLC technology and the company's expertise in emerging market design and deployment. Cactel hopes to deploy nationally, and is in deliberations with the national stakeholders and with Ghana's Ministry of Communications (MoC). AllTerra Communications successfully implemented a pilot test of broadband over power lines in Akosombo. In partnership with VRA, this test involves demonstrating transmission of broadband from medium to low voltage signals. AllTerra is working with VRA to expand the pilot project to include essential grid management utilities that will help balance and manage the current electricity transmission throughout their various substations. Using IT as a catalyst for economic development, AllTerra is expanding into numerous areas throughout Ghana. Vobiss Solutions Ltd successfully implemented a Hybrid Fibre BPL pilot network within EMEFS Hillview Estate in collaboration with ECG. Saudi Arabia: ElectroNet has been working with the Saudi Electric Company since 2005 on a pilot project using broadband over power lines over medium voltage cables and linking into low voltage distribution within a shopping mall. The pilot project also integrates automatic meter readers. Powerlines Communications Co. Ltd. implemented an AMR pilot project for Saudi Electricity Company in 2006. The project was located in the city of Jeddah on the west coast of Saudi Arabia. Digital KWh meters were installed in parallel with analog KWh meters. Readings taken by the Saudi Electricity Company showed variations of less than 1%. A BPL pilot project was included. Saudi Arabian Computer Management Consultants (SACMAC) has signed a deal to become an official system integrator and distributor for Mitsubishi PLC. It is expected to become a great success, because the existing broadband service, monopolized by the Saudi Telecom Company, is expensive and has poor customer service (some clients report that company techs arrive months after ordering). SACMAC has declined to talk about specifics of availability and price but says it will start rolling out the service in a few months (as of May 2006) and its price will be lower than current broadband providers. === Concluded pilot projects === The following pilot projects have ended: Australia, Tasmania: In November 2007, electricity retailer Aurora Energy ended its involvement with BPL and announced it was switching to Optical Fiber. This ended their commercial trial begun in September 2005, offering BPL services to 500 homes in the suburb of Tolmans Hill near Hobart, which had followed a successful technological trial earlier that year. Portugal ended BPL/PLC deployments in the country in October 2006, reportedly for economic reasons., Russian Federation: In September 2008, Russia's only BPL provider Electro-com ended deployments in Moscow for economic reasons. Spain: In May 2007 Iberdrola and Endesa (the main power companies in Spain) ended their projects to deploy PLC. United States: As of July 2010, the City of Manassas, VA has shut down their BPL deployment, which was the largest in the country. As of April 2007, Motorola has shuttered its Powerline LV Access BPL and reportedly plans to re-purpose the technology to a new system called Powerline MU, which is for use within multiple-unit dwellings. Motorola's system uses only residential-side low-voltage power lines for transmission to reduce the antenna effect, and successfully demonstrated frequency-notching for reduced potential for interference over the Amperion Inc. and Current Technologies LLC systems. Motorola invited the American Radio Relay League to participate with these tests, and even installed the Motorola system at their headquarters. Preliminary results were very positive with regard to interference, because the Motorola system does not use BPL on the powerlines leading up to the neighborhood. The BPL carrier is only used for the last leg of the trip from the pole to the house, and gets the signal to the pole via radio. This limits the interference to the area surrounding the last leg to the house. === Dismantled pilot projects === The following other BPL trials in the US are dismantled as of May 2008:
Read more →
Deep Zoom

Deep Zoom is a technology developed by Microsoft for efficiently transmitting and viewing images. It allows users to pan around and zoom in on a large, high resolution image or a large collection of images. It reduces the time required for initial load by downloading only the region being viewed or only at the resolution it is displayed at. Subsequent regions are downloaded as the user pans to (or zooms into) them; animations are used to hide any jerkiness in the transition. The libraries are also available in other platforms including Java and Flash. == History == The Deep Zoom file format is very similar to the Google Maps image format where images are broken into tiles and then displayed as required. The tiling typically follows a quadtree pattern of increasing resolution of image (in other words twice the zoom and twice the resolution). The main difference is that with Google Maps the actual details on the image change from one zoom level to another, while with Deep Zoom the same image is displayed at each zoom level. Seadragon Software, formerly Sand Codex, first created the Seadragon technology and its implementation of what is now called Deep Zoom. This technology was then absorbed into the Microsoft Live Labs when Seadragon Software was acquired. Engineers from Seadragon now work with Microsoft to integrate their work into technology such as Silverlight and Photosynth. == Deep Zoom examples == The most famous implementation of Deep Zoom was probably the first: the memorabilia collection at the Hard Rock website. Conceived and designed by Duncan/Channon and built by Vertigo, it was demonstrated for the first time in March 2008 at the Microsoft MIX convention in Las Vegas. In 2010, Microsoft Live Labs partnered with the University of California, Berkeley to create ChronoZoom, a DeepZoom-powered time visualization tool that pushed the limits of DeepZoom, since it required zooming from the scale of 13 billion years down to a single day. The project has since graduated to development under Microsoft Research. Another example is the Deep Earth project. It is described by its creators as "a community project focused on creating a rich interactive mapping control using Silverlight2 Deep Zoom. Concentrating on Microsoft Virtual Earth imagery and data the project offers team members the opportunity to learn and share while creating something cool and useful." A paintings collection project http://galleryzoom.co.uk/ shows 1000 high resolution/sensor images individually indexed. (Using Deep Zoom Composer). Blaise Aguera y Arcas gave a demonstration of Seadragon and Photosynth at the 2007 TED conference. In November 2009, 352 Media Group, a Silverlight developer in the Microsoft Silverlight Partner Program, created an example of Deep Zoom using Microsoft Silverlight version 3. It is online at 352 Media Group's Web site. The Winston Churchill Deep Zoom Archived 2010-07-04 at the Wayback Machine mosaic, created by Silverlight developers Shoothill, features as both an online interactive deep zoom and a standalone deep zoom which forms part of the Churchill exhibit in the Churchill War Rooms in Whitehall. In 2010, Shoothill built the Sumatran Tiger Deep Zoom - the largest seen to date - for worldwide conservation charity Fauna and Flora International, featuring thousands of images of endangered species. An early example of Deep Zoom-like technology was implemented at The Department of Maori Affairs in New Zealand in 1997. The technology was used to display Maori land ownership. == Deep Zoom images == The file format used by Deep Zoom (as well as Photosynth and Seadragon Ajax) is XML based. Users can specify a single large image (dzi) or a collection of images (dzc). It also allows for "Sparse Images"; where some parts of the image have greater resolution than others, an example of which can be found on the Seadragon Ajax home page; The bike image displayed is a sparse image. Though used in the proprietary Deep Zoom, the dzi format is open and able to be used by anyone. === Deep Zoom image (dzi) === A DZI has two parts: a DZI file (with either a .dzi or .xml extension) and a subdirectory of image folders. Each folder in the image subdirectory is labeled with its level of resolution. Higher numbers correspond to a higher resolution level; inside each folder are the image tiles corresponding to that level of resolution, numbered consecutively in columns from top left to bottom right. === Deep Zoom collection (dzc) === A DZC is a collection of some number of DZIs linked and referenced by a DZC file (with either a .dzc or .xml extension). At a high level, a collection is a number of image thumbnails whose location is kept track of by the .dzc/.xml file, when zooming into an image, it accesses greater resolutions tiles. A DZC's structure is similar to that of a DZI; the .dzc/.xml file defines the collection and the subdirectory of folders maps to the DZI file structure, each with their set of .dzi/.xml and image tiles. The DZC is used in Microsoft's Pivot, but not in SeaDragon per se. === Sparse Images === Sparse images are a sub-classification of the DZI file type. A sparse image is normally a number of separate photographs with varying resolution levels that have been placed in a single DZI instead of a DZC. Sparse images have no different file structure than that of a DZI and differ only in that there is not a single "highest resolution" level for the entire DZI. == Software that uses Deep Zoom == Image Composite Editor - image stitching tool created by Microsoft Research Deep Zoom Composer - collage maker and simple panorama tool created by Microsoft. Images' resolution is maintained when exporting for web use (via Silverlight Deep Zoom or JavaScript using a third-party template). No longer available for download from Microsoft though it can be found on various other sources such as Internet Archive. == iPhone OS development == Microsoft Live Labs has created an application for the App Store called Seadragon Mobile. It is run over the internet and includes Deep Zoom on the following categories; art, history, maps, photos, Photosynth which anybody can upload to, space and technology & web.
Read more →
Master/Session

In cryptography, Master/Session is a key management scheme in which a pre-shared Key Encrypting Key (called the "Master" key) is used to encrypt a randomly generated and insecurely communicated Working Key (called the "Session" key). The Working Key is then used for encrypting the data to be exchanged. Its advantage is simplicity, but it suffers the disadvantage of having to communicate the pre-shared Key Exchange Key, which can be difficult to update in the event of compromise. The Master/Session technique was created in the days before asymmetric techniques, such as Diffie-Hellman, were invented. This technique still finds widespread use in the financial industry, and is routinely used between corporate parties such as issuers, acquirers, switches. Its use in device communications (such as PIN pads), however, is in decline given the advantages of techniques such as DUKPT.
Read more →
Hybrid argument (cryptography)

In cryptography, the hybrid argument is a proof technique used to show that two distributions are computationally indistinguishable. == History == Hybrid arguments had their origin in a papers by Andrew Yao in 1982 and Shafi Goldwasser and Silvio Micali in 1983. == Formal description == Formally, to show two distributions D1 and D2 are computationally indistinguishable, we can define a sequence of hybrid distributions D1 := H0, H1, ..., Ht =: D2 where t is polynomial in the security parameter n. Define the advantage of any probabilistic efficient (polynomial-bounded time) algorithm A as A d v H i , H i + 1 d i s t ( A ) := | Pr [ x ← $ H i : A ( x ) = 1 ] − Pr [ x ← $ H i + 1 : A ( x ) = 1 ] | , {\displaystyle {\mathsf {Adv}}_{H_{i},H_{i+1}}^{\mathsf {dist}}(\mathbf {A} ):=\left|\Pr[x{\stackrel {\$}{\gets }}H_{i}:\mathbf {A} (x)=1]-\Pr[x{\stackrel {\$}{\gets }}H_{i+1}:\mathbf {A} (x)=1]\right|,} where the dollar symbol ($) denotes that we sample an element from the distribution at random. By triangle inequality, it is clear that for any probabilistic polynomial time algorithm A, A d v D 1 , D 2 d i s t ( A ) ≤ ∑ i = 0 t − 1 A d v H i , H i + 1 d i s t ( A ) . {\displaystyle {\mathsf {Adv}}_{D_{1},D_{2}}^{\mathsf {dist}}(\mathbf {A} )\leq \sum _{i=0}^{t-1}{\mathsf {Adv}}_{H_{i},H_{i+1}}^{\mathsf {dist}}(\mathbf {A} ).} Thus there must exist some k s.t. 0 ≤ k < t(n) and A d v H k , H k + 1 d i s t ( A ) ≥ A d v D 1 , D 2 d i s t ( A ) / t ( n ) . {\displaystyle {\mathsf {Adv}}_{H_{k},H_{k+1}}^{\mathsf {dist}}(\mathbf {A} )\geq {\mathsf {Adv}}_{D_{1},D_{2}}^{\mathsf {dist}}(\mathbf {A} )/t(n).} Since t is polynomial-bounded, for any such algorithm A, if we can show that it has a fixed negligible advantage function ε(n) between distributions Hi and Hi+1 for every i, so in particular, ϵ ( n ) ≥ A d v H k , H k + 1 d i s t ( A ) ≥ A d v D 1 , D 2 d i s t ( A ) / t ( n ) , {\displaystyle \epsilon (n)\geq {\mathsf {Adv}}_{H_{k},H_{k+1}}^{\mathsf {dist}}(\mathbf {A} )\geq {\mathsf {Adv}}_{D_{1},D_{2}}^{\mathsf {dist}}(\mathbf {A} )/t(n),} then it immediately follows that its advantage to distinguish the distributions D1 = H0 and D2 = Ht must also be negligible. == Applications == The hybrid argument is extensively used in cryptography. Some simple proofs using hybrid arguments are: If one cannot efficiently predict the next bit of the output of some number generator, then this generator is a pseudorandom number generator (PRG). We can securely expand a PRG with 1-bit output into a PRG with n-bit output.
Read more →
Blocknots

Blocknots were random sequences of numbers contained in a book and organized by numbered rows and columns and were used as additives in the reciphering of Soviet Union codes, during World War II. The Blocknot consisted of a booklet of fifty sheets of 5-figure random additive, 100 additive groups to a sheet. No sheet was used more than once, thus the blocknots were in effect a form of one-time pad. The Soviet Unions highest grade ciphers that were used in the East, were the 5-figure codebook enciphered with the Blocknot book, and were generally considered unbreakable. == Technical Description == Blocknots were distributed centrally from an office in Moscow. Every Blocknot contained 5-figure groups in a number of sheets, for the enciphering of 5-figure messages. The encipherment was effected by applying additives taken from the pad, of which 50-100 5-figure groups appeared. Each pad had a 5-figure number and each sheet had a 2-figure number running consecutively. There were 5 different types of Blocknots, in two different categories The Individual in which each table of random numbers was used only once. The General in which each page of the Blocknot was valid for one day. The security of the additive sequence rested on the choice of different starting points for each message. In 5-figure messages, the blocknot was one of the first 10 Groups in the message. Its position changed at long intervals, but was always easy to re-identify. The Russians differentiated between three types of blocks: The 3-block, DRIERBLOCK. I-block for Individual Block: 50 pages, additive read off in one direction only. The messages could be used and read only between 2 wireless telegraphy stations on one net. The 6-block, SECHSERBLOCK. Z-block for Circular Block: 30 pages, additive read off in either direction. The messages could be used and read, between all W/T stations in a net. The 2-block, ZWEIERBLOCK. OS-block. Used only in traffic from lower to higher formations. Two other types were used, in lower echelons. Notblock: Used in an emergency. Blocknot used for passing on traffic. The distribution of Blocknots was carried out centrally from Moscow to Army Groups then to Armies. The Army was responsible for their distribution throughout the lower levels of the army down to company level. Independent units took their cipher material with them. Occasionally the same blocknot was distributed to two units on different parts of the front, which enabled Depth to be established. Records of all Blocknots used were kept in Berlin and when a repeat was noticed a BLOCKNOT ANGEBOT message was sent out to all German Signals units, to indicate that it may have been possible to break the code using it. There was no certainty in this. A cryptanalyst with the General der Nachrichtenaufklärung stated while being interrogated by TICOM: It seems that depths of up to 8 were established at the beginning of the Russian Campaign but that no 5-figure code was broken after May 1943 German cryptanalysts who were prisoners of war stated under interrogation, that each of the figures 0 to 9 were placed en clair usually within the first ten groups of the text or sometimes at the end. One indicator was the Blocknot number and the consisted of two random figures, the figure representing the type, and the remaining two, the page of the Blocknot being used. In long messages, 000000 was placed in the message when the end of a page had been reached. == Chi number == The Chi-number was the serial numbering of all 5-figure messages passing through the hands of the Cipher Officer, starting on the first of January and ending on thirty-first December of the current year. It always appeared as the last group in an intercepted message, e.g. 00001 on the 1st January, or when the unit was newly set up. The progression of Chi-numbers was carefully observed and recorded in the form of a graph. A Russian corps had about 10 5-figure messages per day, and Army about 20-30 and a Front about 60–100. After only a relatively short time, the individual curves separated sharply and the type of formation could be recognized by the height of the Chi-number alone. == Monitoring == Blocknots were tracked in a card index, that was maintained by the Signal Intelligence Evaluation Centre (NAAS). The NAAS functionality included evaluation and traffic analysis, cryptanalysis, collation and dissemination of intelligence. The card index, which was one amongst several Card Indexes. A careful recording and study of blocks provided the positive clues in the identification and tracking of formations using 5-figure ciphers. The index was subdivided into two files: Search card index, contained all blocknots and chi-numbers whether or not they were known. Unit card index, contained only known Block and Chi-numbers. Inspector Berger, who was the chief cryptanalyst of NAAS 1 stated that the two files formed: The most important and surest instruments for identifying Russian radio nets, known to him. The Blocknots were also used in the Stationary Intercept Company (Feste), the military unit that were designed to work at a lower level to the NAAS, at the Army level and were semi-motorized, and closer to the front. The Feste used the Blocknot value along with several other parameters to build a network diagram. The network diagram was studied extensively, as part of a 6-stage process, that involved several departments within the Feste. The outcome was a metric which determined the most interesting circuit for traffic monitoring, and least interesting, where monitoring of traffic should cease. == Analysis == Johannes Marquart was a mathematician and cryptanalyst who initially worked for Inspectorate 7/VI and later led Referat Ia of Group IV of the General der Nachrichtenaufklärung. Marquart was assigned the study of the Soviet Union Blocknot traffic. Marquart and his unit conducted extensive research in an attempt to discover the method by which they were produced. All the counts which they made, however, failed to reveal any non-random characteristics in the design of the tables, and while they thought the Blocknots must have been generated by machine, they were never able to draw any concrete deductions as a result of their research. == Example == The Soviet 3rd Guard Tank Army transmits a 5-figure message with the Blocknot of 37581 (one of the first 10 groups in the message). On the same day the Block 37582 was used by the same formation. The next day 37583 appeared. Thereafter, for a period, the Army was not heard by German Wireless telegraphy intercept operators, as it was maintaining wireless silence. After a few days, an unidentified net with the Blocknot 37588 is picked up. This message net is claimed, because of the proximity of the blocks (88/83) to be the 3rd Guard Tank Army. The missing Blocknots 84-87 were presumably used in telegraphic, telephonic or courier communications. The Chi number provides confirmation of the first assumption, based on proximity of blocknots in most cases.
Read more →
Shape context

Shape context is a feature descriptor used in object recognition. Serge Belongie and Jitendra Malik proposed the term in their paper "Matching with Shape Contexts" in 2000. == Theory == The shape context is intended to be a way of describing shapes that allows for measuring shape similarity and the recovering of point correspondences. The basic idea is to pick n points on the contours of a shape. For each point pi on the shape, consider the n − 1 vectors obtained by connecting pi to all other points. The set of all these vectors is a rich description of the shape localized at that point but is far too detailed. The key idea is that the distribution over relative positions is a robust, compact, and highly discriminative descriptor. So, for the point pi, the coarse histogram of the relative coordinates of the remaining n − 1 points, h i ( k ) = # { q ≠ p i : ( q − p i ) ∈ bin ( k ) } {\displaystyle h_{i}(k)=\#\{q\neq p_{i}:(q-p_{i})\in {\mbox{bin}}(k)\}} is defined to be the shape context of p i {\displaystyle p_{i}} . The bins are normally taken to be uniform in log-polar space. The fact that the shape context is a rich and discriminative descriptor can be seen in the figure below, in which the shape contexts of two different versions of the letter "A" are shown. (a) and (b) are the sampled edge points of the two shapes. (c) is the diagram of the log-polar bins used to compute the shape context. (d) is the shape context for the point marked with a circle in (a), (e) is that for the point marked as a diamond in (b), and (f) is that for the triangle. As can be seen, since (d) and (e) are the shape contexts for two closely related points, they are quite similar, while the shape context in (f) is very different. For a feature descriptor to be useful, it needs to have certain invariances. In particular it needs to be invariant to translation, scaling, small perturbations, and, depending on the application, rotation. Translational invariance comes naturally to shape context. Scale invariance is obtained by normalizing all radial distances by the mean distance α {\displaystyle \alpha } between all the point pairs in the shape although the median distance can also be used. Shape contexts are empirically demonstrated to be robust to deformations, noise, and outliers using synthetic point set matching experiments. One can provide complete rotational invariance in shape contexts. One way is to measure angles at each point relative to the direction of the tangent at that point (since the points are chosen on edges). This results in a completely rotationally invariant descriptor. But of course this is not always desired since some local features lose their discriminative power if not measured relative to the same frame. Many applications in fact forbid rotational invariance e.g. distinguishing a "6" from a "9". == Use in shape matching == A complete system that uses shape contexts for shape matching consists of the following steps (which will be covered in more detail in the Details of Implementation section): Randomly select a set of points that lie on the edges of a known shape and another set of points on an unknown shape. Compute the shape context of each point found in step 1. Match each point from the known shape to a point on an unknown shape. To minimize the cost of matching, first choose a transformation (e.g. affine, thin plate spline, etc.) that warps the edges of the known shape to the unknown (essentially aligning the two shapes). Then select the point on the unknown shape that most closely corresponds to each warped point on the known shape. Calculate the "shape distance" between each pair of points on the two shapes. Use a weighted sum of the shape context distance, the image appearance distance, and the bending energy (a measure of how much transformation is required to bring the two shapes into alignment). To identify the unknown shape, use a nearest-neighbor classifier to compare its shape distance to shape distances of known objects. == Details of implementation == === Step 1: Finding a list of points on shape edges === The approach assumes that the shape of an object is essentially captured by a finite subset of the points on the internal or external contours on the object. These can be simply obtained using the Canny edge detector and picking a random set of points from the edges. Note that these points need not and in general do not correspond to key-points such as maxima of curvature or inflection points. It is preferable to sample the shape with roughly uniform spacing, though it is not critical. === Step 2: Computing the shape context === This step is described in detail in the Theory section. === Step 3: Computing the cost matrix === Consider two points p and q that have normalized K-bin histograms (i.e. shape contexts) g(k) and h(k). As shape contexts are distributions represented as histograms, it is natural to use the χ2 test statistic as the "shape context cost" of matching the two points: C S = 1 2 ∑ k = 1 K [ g ( k ) − h ( k ) ] 2 g ( k ) + h ( k ) {\displaystyle C_{S}={\frac {1}{2}}\sum _{k=1}^{K}{\frac {[g(k)-h(k)]^{2}}{g(k)+h(k)}}} The values of this range from 0 to 1. In addition to the shape context cost, an extra cost based on the appearance can be added. For instance, it could be a measure of tangent angle dissimilarity (particularly useful in digit recognition): C A = 1 2 ‖ ( cos ⁡ ( θ 1 ) sin ⁡ ( θ 1 ) ) − ( cos ⁡ ( θ 2 ) sin ⁡ ( θ 2 ) ) ‖ {\displaystyle C_{A}={\frac {1}{2}}{\begin{Vmatrix}{\dbinom {\cos(\theta _{1})}{\sin(\theta _{1})}}-{\dbinom {\cos(\theta _{2})}{\sin(\theta _{2})}}\end{Vmatrix}}} This is half the length of the chord in unit circle between the unit vectors with angles θ 1 {\displaystyle \theta _{1}} and θ 2 {\displaystyle \theta _{2}} . Its values also range from 0 to 1. Now the total cost of matching the two points could be a weighted-sum of the two costs: C = ( 1 − β ) C S + β C A {\displaystyle C=(1-\beta )C_{S}+\beta C_{A}\!\,} Now for each point pi on the first shape and a point qj on the second shape, calculate the cost as described and call it Ci,j. This is the cost matrix. === Step 4: Finding the matching that minimizes total cost === Now, a one-to-one matching π ( i ) {\displaystyle \pi (i)} that matches each point pi on shape 1 and qj on shape 2 that minimizes the total cost of matching, H ( π ) = ∑ i C ( p i , q π ( i ) ) {\displaystyle H(\pi )=\sum _{i}C\left(p_{i},q_{\pi (i)}\right)} is needed. This can be done in O ( N 3 ) {\displaystyle O(N^{3})} time using the Hungarian method, although there are more efficient algorithms. To have robust handling of outliers, one can add "dummy" nodes that have a constant but reasonably large cost of matching to the cost matrix. This would cause the matching algorithm to match outliers to a "dummy" if there is no real match. === Step 5: Modeling transformation === Given the set of correspondences between a finite set of points on the two shapes, a transformation T : R 2 → R 2 {\displaystyle T:\mathbb {R} ^{2}\to \mathbb {R} ^{2}} can be estimated to map any point from one shape to the other. There are several choices for this transformation, described below. ==== Affine ==== The affine model is a standard choice: T ( p ) = A p + o {\displaystyle T(p)=Ap+o\!} . The least squares solution for the matrix A {\displaystyle A} and the translational offset vector o is obtained by: o = 1 n ∑ i = 1 n ( p i − q π ( i ) ) , A = ( Q + P ) t {\displaystyle o={\frac {1}{n}}\sum _{i=1}^{n}\left(p_{i}-q_{\pi (i)}\right),A=(Q^{+}P)^{t}} Where P = ( 1 p 11 p 12 ⋮ ⋮ ⋮ 1 p n 1 p n 2 ) {\displaystyle P={\begin{pmatrix}1&p_{11}&p_{12}\\\vdots &\vdots &\vdots \\1&p_{n1}&p_{n2}\end{pmatrix}}} with a similar expression for Q {\displaystyle Q\!} . Q + {\displaystyle Q^{+}\!} is the pseudoinverse of Q {\displaystyle Q\!} . ==== Thin plate spline ==== The thin plate spline (TPS) model is the most widely used model for transformations when working with shape contexts. A 2D transformation can be separated into two TPS function to model a coordinate transform: T ( x , y ) = ( f x ( x , y ) , f y ( x , y ) ) {\displaystyle T(x,y)=\left(f_{x}(x,y),f_{y}(x,y)\right)} where each of the ƒx and ƒy have the form: f ( x , y ) = a 1 + a x x + a y y + ∑ i = 1 n ω i U ( ‖ ( x i , y i ) − ( x , y ) ‖ ) , {\displaystyle f(x,y)=a_{1}+a_{x}x+a_{y}y+\sum _{i=1}^{n}\omega _{i}U\left({\begin{Vmatrix}(x_{i},y_{i})-(x,y)\end{Vmatrix}}\right),} and the kernel function U ( r ) {\displaystyle U(r)\!} is defined by U ( r ) = r 2 log ⁡ r 2 {\displaystyle U(r)=r^{2}\log r^{2}\!} . The exact details of how to solve for the parameters can be found elsewhere but it essentially involves solving a linear system of equations. The bending energy (a measure of how much transformation is needed to align the points) will also be easily obtained. ==== Regularized TPS ==== The TPS formulation above has exact matching requirement for the pairs of points on the two shapes. For noisy data, it is best to
Read more →
SPKAC

SPKAC (Signed Public Key and Challenge, also known as Netscape SPKI) is a format for sending a certificate signing request (CSR): it encodes a public key, that can be manipulated using OpenSSL. It is created using the little documented HTML keygen element inside a number of Netscape compatible browsers. == Standardisation == There exists an ongoing effort to standardise SPKAC through an Internet Draft in the Internet Engineering Task Force (IETF). The purpose of this work has been to formally define what has existed prior as a de facto standard, and to address security deficiencies, particular with respect to historic insecure use of MD5 that has since been declared unsafe for use with digital signatures. == Implementations == HTML5 originally specified the element to support SPKAC in the browser to make it easier to create client side certificates through a web service for protocols such as WebID; however, subsequent work for HTML 5.1 placed the keygen element "at-risk", and the first public working draft of HTML 5.2 removes the keygen element entirely. The removal of the keygen element is due to non-interoperability and non-conformity from a standards perspective in addition to security concerns. The World Wide Web Consortium (W3C) Web Authentication Working Group developed the WebAuthn (Web Authentication) API to replace the keygen element. Bouncy Castle provides a Java class. An implementation for Erlang/OTP exists too. An implementation for Python is named pyspkac. PHP OpenSSL extension as of version 5.6.0. Node.js implementation. === Deficiencies === The user interface needs to be improved in browsers, to make it more obvious to users when a server is asking for the client certificate.
Read more →
Social network hosting service

A social network hosting service is a web hosting service that specifically hosts the user creation of web-based social networking services, alongside related applications. Such services are also known as vertical social networks due to the creation of SNSes which cater to specific user interests and niches; like larger, interest-agnostic SNSes, such niche networking services may also possess the ability to create increasingly niche groups of users. == List of social network hosting services == Federated Media Publishing's BigTent BroadVision Clearvale Ning Wall.fm
Read more →
Cryptovirology

Cryptovirology refers to the study of cryptography use in malware, such as ransomware and asymmetric backdoors. Traditionally, cryptography and its applications are defensive in nature, and provide privacy, authentication, and security to users. Cryptovirology employs a twist on cryptography, showing that it can also be used offensively. It can be used to mount extortion based attacks that cause loss of access to information, loss of confidentiality, and information leakage, tasks which cryptography typically prevents. The field was born with the observation that public-key cryptography can be used to break the symmetry between what an antivirus analyst sees regarding malware and what the attacker sees. The antivirus analyst sees a public key contained in the malware, whereas the attacker sees the public key contained in the malware as well as the corresponding private key (outside the malware) since the attacker created the key pair for the attack. The public key allows the malware to perform trapdoor one-way operations on the victim's computer that only the attacker can undo. == Overview == The field encompasses covert malware attacks in which the attacker securely steals private information such as symmetric keys, private keys, PRNG state, and the victim's data. Examples of such covert attacks are asymmetric backdoors. An asymmetric backdoor is a backdoor (e.g., in a cryptosystem) that can be used only by the attacker, even after it is found. This contrasts with the traditional backdoor that is symmetric, i.e., anyone that finds it can use it. Kleptography, a subfield of cryptovirology, is the study of asymmetric backdoors in key generation algorithms, digital signature algorithms, key exchanges, pseudorandom number generators, encryption algorithms, and other cryptographic algorithms. The NIST Dual EC DRBG random bit generator has an asymmetric backdoor in it. The EC-DRBG algorithm utilizes the discrete-log kleptogram from kleptography, which by definition makes the EC-DRBG a cryptotrojan. Like ransomware, the EC-DRBG cryptotrojan contains and uses the attacker's public key to attack the host system. The cryptographer Ari Juels indicated that NSA effectively orchestrated a kleptographic attack on users of the Dual EC DRBG pseudorandom number generation algorithm and that, although security professionals and developers have been testing and implementing kleptographic attacks since 1996, "you would be hard-pressed to find one in actual use until now." Due to public outcry about this cryptovirology attack, NIST rescinded the EC-DRBG algorithm from the NIST SP 800-90 standard. Covert information leakage attacks carried out by cryptoviruses, cryptotrojans, and cryptoworms that, by definition, contain and use the public key of the attacker is a major theme in cryptovirology. In "deniable password snatching," a cryptovirus installs a cryptotrojan that asymmetrically encrypts host data and covertly broadcasts it. This makes it available to everyone, noticeable by no one (except the attacker), and only decipherable by the attacker. An attacker caught installing the cryptotrojan claims to be a virus victim. An attacker observed receiving the covert asymmetric broadcast is one of the thousands, if not millions of receivers, and exhibits no identifying information whatsoever. The cryptovirology attack achieves "end-to-end deniability." It is a covert asymmetric broadcast of the victim's data. Cryptovirology also encompasses the use of private information retrieval (PIR) to allow cryptoviruses to search for and steal host data without revealing the data searched for even when the cryptotrojan is under constant surveillance. By definition, such a cryptovirus carries within its own coding sequence the query of the attacker and the necessary PIR logic to apply the query to host systems. == History == The first cryptovirology attack and discussion of the concept was by Adam L. Young and Moti Yung, at the time called "cryptoviral extortion" and it was presented at the 1996 IEEE Security & Privacy conference. In this attack, a cryptovirus, cryptoworm, or cryptotrojan contains the public key of the attacker and hybrid encrypts the victim's files. The malware prompts the user to send the asymmetric ciphertext to the attacker who will decipher it and return the symmetric decryption key it contains for a fee. The victim needs the symmetric key to decrypt the encrypted files if there is no way to recover the original files (e.g., from backups). The 1996 IEEE paper predicted that cryptoviral extortion attackers would one day demand e-money, long before Bitcoin even existed. Many years later, the media relabeled cryptoviral extortion as ransomware. In 2016, cryptovirology attacks on healthcare providers reached epidemic levels, prompting the U.S. Department of Health and Human Services to issue a Fact Sheet on Ransomware and HIPAA. The fact sheet states that when electronic protected health information is encrypted by ransomware, a breach has occurred, and the attack therefore constitutes a disclosure that is not permitted under HIPAA, the rationale being that an adversary has taken control of the information. Sensitive data might never leave the victim organization, but the break-in may have allowed data to be sent out undetected. California enacted a law that defines the introduction of ransomware into a computer system with the intent of extortion as being against the law. == Examples == === Tremor virus === While viruses in the wild have used cryptography in the past, the only purpose of such usage of cryptography was to avoid detection by antivirus software. For example, the tremor virus used polymorphism as a defensive technique in an attempt to avoid detection by anti-virus software. Though cryptography does assist in such cases to enhance the longevity of a virus, the capabilities of cryptography are not used in the payload. The One-half virus was amongst the first viruses known to have encrypted affected files. === Tro_Ransom.A virus === An example of a virus that informs the owner of the infected machine to pay a ransom is the virus nicknamed Tro_Ransom.A. This virus asks the owner of the infected machine to send $10.99 to a given account through Western Union. Virus.Win32.Gpcode.ag is a classic cryptovirus. This virus partially uses a version of 660-bit RSA and encrypts files with many different extensions. It instructs the owner of the machine to email a given mail ID if the owner desires the decryptor. If contacted by email, the user will be asked to pay a certain amount as ransom in return for the decryptor. === CAPI === It has been demonstrated that using just 8 different calls to Microsoft's Cryptographic API (CAPI), a cryptovirus can satisfy all its encryption needs. == Other uses of cryptography-enabled malware == Apart from cryptoviral extortion, there are other potential uses of cryptoviruses, such as deniable password snatching, cryptocounters, private information retrieval, and in secure communication between different instances of a distributed cryptovirus.
Read more →
BiP (software)

BiP is a freeware instant messaging application developed by Lifecell Ventures Cooperatief U.A., a subsidiary of Turkcell incorporated in the Netherlands. It allows users to send text messages, voice messages and video calling, and it can be downloaded from the App Store, Google Play, and Huawei AppGallery. BiP has over 53 million users worldwide, and was first released in 2013. == Functions == BiP is a secure, and free communication platform. BiP allows making video and audio calls, allows sharing images, videos and location. BiP includes instant translations to 106 languages and exchange rates. President Erdoğan's Communications Office opposed WhatsApp's enforcement of its updated privacy policy and announced that Erdoğan left WhatsApp and opened an account in Telegram and BiP. The Turkish Ministry of National Defense has announced that it will move information groups to BiP for the same reason. == Others == Banglalink announced a BiP messenger partnership in Bangladesh The Communications Office of President Erdoğan opposed WhatsApp's enforcement of its updated privacy policy and announced that Erdoğan left WhatsApp and opened an account in Telegram and BiP. The Turkish Ministry of National Defense has announced that it will move information groups to BiP for the same reason. The CEO of BiP is Burak Akinci. The number of downloads of the app is 80 million globally.
Read more →
Cipher

In cryptography, a cipher (or cypher) is an algorithm for performing encryption or decryption—a series of well-defined steps that can be followed as a procedure. An alternative, less common term is encipherment. To encipher or encode is to convert information into cipher or code. In common parlance, "cipher" is synonymous with "code", as they are both a set of steps that encrypt a message; however, the concepts are distinct in cryptography, especially classical cryptography. Codes generally substitute different length strings of characters in the output, while ciphers generally substitute the same number of characters as are input. A code maps one meaning with another. Words and phrases can be coded as letters or numbers. Codes typically have direct meaning from input to key. Codes primarily function to save time. Ciphers are algorithmic. The given input must follow the cipher's process to be solved. Ciphers are commonly used to encrypt written information. Codes operated by substituting according to a large codebook which linked a random string of characters or numbers to a word or phrase. For example, "UQJHSE" could be the code for "Proceed to the following coordinates.". When using a cipher the original information is known as plaintext, and the encrypted form as ciphertext. The ciphertext message contains all the information of the plaintext message, but is not in a format readable by a human or computer without the proper mechanism to decrypt it. The operation of a cipher usually depends on a piece of auxiliary information, called a key (or, in traditional NSA parlance, a cryptovariable). The encrypting procedure is varied depending on the key, which changes the detailed operation of the algorithm. A key must be selected before using a cipher to encrypt a message, with some exceptions such as ROT13 and Atbash. Most modern ciphers can be categorized in several ways: By whether they work on blocks of symbols usually of a fixed size (block ciphers), or on a continuous stream of symbols (stream ciphers). By whether the same key is used for both encryption and decryption (symmetric key algorithms), or if a different key is used for each (asymmetric key algorithms). If the algorithm is symmetric, the key must be known to the recipient and sender and to no one else. If the algorithm is an asymmetric one, the enciphering key is different from, but closely related to, the deciphering key. If one key cannot be deduced from the other, the asymmetric key algorithm has the public/private key property and one of the keys may be made public without loss of confidentiality. == Etymology == Originating from the Sanskrit word for zero शून्य (śuṇya), via the Arabic word صفر (ṣifr), the word "cipher" spread to Europe as part of the Arabic numeral system during the Middle Ages. The Roman numeral system lacked the concept of zero, and this limited advances in mathematics. In this transition, the word was adopted into Medieval Latin as cifra, and then into Middle French as cifre. This eventually led to the English word cipher (also spelt cypher). One theory for how the term came to refer to encoding is that the concept of zero was confusing to Europeans, and so the term came to refer to a message or communication that was not easily understood. The term cipher was later also used to refer to any Arabic digit, or to calculation using them, so encoding text in the form of Arabic numerals is literally converting the text to "ciphers". == Versus codes == In casual contexts, "code" and "cipher" can typically be used interchangeably; however, the technical usages of the words refer to different concepts. Codes contain meaning; words and phrases are assigned to numbers or symbols, creating a shorter message. An example of this is the commercial telegraph code which was used to shorten long telegraph messages which resulted from entering into commercial contracts using exchanges of telegrams. Another example is given by whole word ciphers, which allow the user to replace an entire word with a symbol or character, much like the way written Japanese utilizes Kanji (meaning Chinese characters in Japanese) characters to supplement the native Japanese characters representing syllables. An example using English language with Kanji could be to replace "The quick brown fox jumps over the lazy dog" by "The quick brown 狐 jumps 上 the lazy 犬". Stenographers sometimes use specific symbols to abbreviate whole words. Ciphers, on the other hand, work at a lower level: the level of individual letters, small groups of letters, or, in modern schemes, individual bits and blocks of bits. Some systems used both codes and ciphers in one system, using superencipherment to increase the security. In some cases the terms codes and ciphers are used synonymously with substitution and transposition, respectively. Historically, cryptography was split into a dichotomy of codes and ciphers, while coding had its own terminology analogous to that of ciphers: "encoding, codetext, decoding" and so on. However, codes have a variety of drawbacks, including susceptibility to cryptanalysis and the difficulty of managing a cumbersome codebook. Because of this, codes have fallen into disuse in modern cryptography, and ciphers are the dominant technique. == Types == There are a variety of different types of encryption. Algorithms used earlier in the history of cryptography are substantially different from modern methods, and modern ciphers can be classified according to how they operate and whether they use one or two keys. === Historical === The Caesar Cipher is one of the earliest known cryptographic systems. Julius Caesar used a cipher that shifts the letters in the alphabet in place by three and wrapping the remaining letters to the front to write to Marcus Tullius Cicero in approximately 50 BC. Historical pen and paper ciphers used in the past are sometimes known as classical ciphers. They include simple substitution ciphers (such as ROT13) and transposition ciphers (such as a Rail Fence Cipher). For example, "GOOD DOG" can be encrypted as "PLLX XLP" where "L" substitutes for "O", "P" for "G", and "X" for "D" in the message. Transposition of the letters "GOOD DOG" can result in "DGOGDOO". These simple ciphers and examples are easy to crack, even without plaintext-ciphertext pairs. In the 1640s, the Parliamentarian commander, Edward Montagu, 2nd Earl of Manchester, developed ciphers to send coded messages to his allies during the English Civil War. The English theologian John Wilkins published a book in 1641 titled "Mercury, or The Secret and Swift Messenger" and described a musical cipher wherein letters of the alphabet were substituted for music notes. This species of melodic cipher was depicted in greater detail by author Abraham Rees in his book Cyclopædia (1778). Simple ciphers were replaced by polyalphabetic substitution ciphers (such as the Vigenère) which changed the substitution alphabet for every letter. For example, "GOOD DOG" can be encrypted as "PLSX TWF" where "L", "S", and "W" substitute for "O". With even a small amount of known or estimated plaintext, simple polyalphabetic substitution ciphers and letter transposition ciphers designed for pen and paper encryption are easy to crack. It is possible to create a secure pen and paper cipher based on a one-time pad, but these have other disadvantages. During the early twentieth century, electro-mechanical machines were invented to do encryption and decryption using transposition, polyalphabetic substitution, and a kind of "additive" substitution. In rotor machines, several rotor disks provided polyalphabetic substitution, while plug boards provided another substitution. Keys were easily changed by changing the rotor disks and the plugboard wires. Although these encryption methods were more complex than previous schemes and required machines to encrypt and decrypt, other machines such as the British Bombe were invented to crack these encryption methods. === Modern === Modern encryption methods can be divided by two criteria: by type of key used, and by type of input data. By type of key used ciphers are divided into: symmetric key algorithms (Private-key cryptography), where one same key is used for encryption and decryption, and asymmetric key algorithms (Public-key cryptography), where two different keys are used for encryption and decryption. In a symmetric key algorithm (e.g., DES and AES), the sender and receiver must have a shared key set up in advance and kept secret from all other parties; the sender uses this key for encryption, and the receiver uses the same key for decryption. The design of AES (Advanced Encryption System) was beneficial because it aimed to overcome the flaws in the design of the DES (Data encryption standard). AES's designer's claim that the common means of modern cipher cryptanalytic attacks are ineffective against AES due to its design structure. Ciphers can be distinguished into two types by the type o
Read more →
Omni-Path

Omni-Path Architecture (OPA) is a high-performance communication architecture developed by Intel. It aims for low communication latency, low power consumption and a high throughput. It directly competes with InfiniBand. Intel planned to develop technology based on this architecture for exascale computing. The current owner of Omni-Path is Cornelis Networks. == History == Production of Omni-Path products started in 2015 and delivery of these products started in the first quarter of 2016. In November 2015, adapters based on the 2-port "Wolf River" ASIC were announced, using QSFP28 connectors with channel speeds up to 100 Gbit/s. Simultaneously, switches based on the 48-port "Prairie River" ASIC were announced. First models of that series were available starting in 2015. In April 2016, implementation of the InfiniBand "verbs" interface for the Omni-Path fabric was discussed. In October 2016, IBM, Hewlett Packard Enterprise, Dell, Lenovo, Samsung, Seagate Technology, Micron Technology, Western Digital and SK Hynix announced a joint consortium called Gen-Z to develop an open specification and architecture for non-volatile storage and memory products—including Intel's 3D Xpoint technology—which might in part compete against Omni-Path. Intel offered their Omni-Path products and components via other (hardware) vendors. For example, Dell EMC offered Intel Omni-Path as Dell Networking H-series, following the naming-standard of Dell Networking in 2017. In July 2019, Intel announced it would not continue development of Omni-Path networks and canceled OPA 200 series (200-Gbps variant of Omni-Path). In September 2020, Intel announced that the Omni-Path network products and technology would be spun out into a new venture with Cornelis Networks. Intel would continue to maintain support for legacy Omni-Path products, while Cornelis Networks continues the product line, leveraging existing Intel intellectual property related to Omni-Path architecture. In 2021, Cornelis announced Omni-Path Express, which replaces PSM2-based drivers and middleware, which trace back to PathScale's PSM created in 2003, for the existing Omni-Path hardware, with a native libfabric provider.
Read more →