I use the following simple formula to distinguish among symmetric/asymmetric encryption and hashing.
C = Enc (P, K1)
P = Dec (C, K2)
Where
C is cypher text,
P is plain text,
Enc is an encryption algorithm,
Dec is an decryption algorithm,
K1 is a key for encryption.
K2 is a key for decryption.
If K1 == K2, then Enc and Dec are symmetric encryption (e.g., AES).
If K1 != K2, then Enc and Dec are asymmetric encryption (e.g., RSA).
If Enc is an one-way function (there is not a Dec to recover C to P), we can call it hashing (e.g., SHA).
Sunday, December 20, 2015
Use MacBook to Install Ubuntu in Gen8 via iLO
I don't have a monitor, a keyboard, and an ODD attached to my Gen8. I only have a SDD. How do I install Ubuntu in it? Fortunately I have MacBook to help it.
1. Connect network cables in Gen8.
Connect a network cable to the iLO connector and another one to the NIC 2 connector in the Gen8. (It is possible to use only one network cable to connect NIC 1 that is shared with iLO.)
2. Put SDD in the Gen8.
I use SDD to be a bootable disk. Because the hard drive tray is not suitable for my 2.5" SDD, I pull out the tray and connect SDD to the SATA port in the room. (The alternative way is connect SDD to the external USB port.)
3. Turn on the Gen8.
4. Check the IP address of the iLO in Gen8.
I open my router's web page to list all IP addresses of connected devices. I find one device is connected by a wire. I suppose it is for iLO.
5. Use Mozilla browser to connect the IP address and download Java plug-in.
Because Safari and Chrome browsers cannot verify the certificate of the iLO, some features are not workable. Therefore I download Mozilla browser to avoid the problem. The Remote Console of iLO must be run by Java in Mac OS. There is not Java in Mozilla in default. I need to download Java from Oracle web site.
6. Get a free license of iLO.
Because HP was separated into two companies, HP and HPE. It is difficult for me to find the free license of iLO. I need it to use Remote Console of iLO.
7. Activate Intelligent Provisioning.
Run Remote Console to display the Java applet.
It displays that the OOD doesn't exist.
Select "Activate" in the step.
8. Create a virtual ODD with a Ubuntu's installation image.
Run iLO Remote Console and click Virtual Drivers to create a virtual ODD from a image of Ubuntu. My image file name is ubuntu-14.04.3-desktop-amd64.iso, that is Ubuntu desktop for 64-bit. I select desktop rather than server because it has GUI in default.
9. Click Power Switch to restart Gen8 to install Ubuntu.
10. Run Ubuntu in iLO Remote Console.
1. Connect network cables in Gen8.
Connect a network cable to the iLO connector and another one to the NIC 2 connector in the Gen8. (It is possible to use only one network cable to connect NIC 1 that is shared with iLO.)
2. Put SDD in the Gen8.
I use SDD to be a bootable disk. Because the hard drive tray is not suitable for my 2.5" SDD, I pull out the tray and connect SDD to the SATA port in the room. (The alternative way is connect SDD to the external USB port.)
3. Turn on the Gen8.
4. Check the IP address of the iLO in Gen8.
I open my router's web page to list all IP addresses of connected devices. I find one device is connected by a wire. I suppose it is for iLO.
5. Use Mozilla browser to connect the IP address and download Java plug-in.
Because Safari and Chrome browsers cannot verify the certificate of the iLO, some features are not workable. Therefore I download Mozilla browser to avoid the problem. The Remote Console of iLO must be run by Java in Mac OS. There is not Java in Mozilla in default. I need to download Java from Oracle web site.
6. Get a free license of iLO.
Because HP was separated into two companies, HP and HPE. It is difficult for me to find the free license of iLO. I need it to use Remote Console of iLO.
7. Activate Intelligent Provisioning.
Run Remote Console to display the Java applet.
It displays that the OOD doesn't exist.
Select "Activate" in the step.
8. Create a virtual ODD with a Ubuntu's installation image.
Run iLO Remote Console and click Virtual Drivers to create a virtual ODD from a image of Ubuntu. My image file name is ubuntu-14.04.3-desktop-amd64.iso, that is Ubuntu desktop for 64-bit. I select desktop rather than server because it has GUI in default.
9. Click Power Switch to restart Gen8 to install Ubuntu.
10. Run Ubuntu in iLO Remote Console.
Saturday, November 28, 2015
What happens when changing iPhone's passcode?
The iOS's passcode is one of the factors to encrypt files. We expected that it spends much time when we change our passcode because files need to be decrypted by old passcode and encrypted a new one. However changing passcode is prompt. Why?
The below picture comes from the document, iOS Security which I refer to answer the question even though the document doesn't have a direct answer.
The iOS uses the hierarchy keys to encrypt files. Class Key, that is used to encrypt and decrypt File Metadata, is encrypted by Hardware Key and Passcode Key. Hardware Key and File System Key are unique and constant. File Contents is encrypted and decrypted by a unique File Key that is in File Metadata that is encrypted and decrypted by File System Key and Class Key. Only Passcode Key can be changed by a user via the below steps.
The below picture comes from the document, iOS Security which I refer to answer the question even though the document doesn't have a direct answer.
The iOS uses the hierarchy keys to encrypt files. Class Key, that is used to encrypt and decrypt File Metadata, is encrypted by Hardware Key and Passcode Key. Hardware Key and File System Key are unique and constant. File Contents is encrypted and decrypted by a unique File Key that is in File Metadata that is encrypted and decrypted by File System Key and Class Key. Only Passcode Key can be changed by a user via the below steps.
- iOS uses Hardware Key and Passcode Key to decrypt the encrypted Class Key.
- The Passcode is update to new one.
- iOS uses Hardware Key and new one to encrypt the Class Key.
Because Class Key and File System Key are constant, changing of Passcode doesn't impact the encrypted file contents. This is the answer.
-Count
Cannot Boot Ubuntu
The error, system is running in low-graphics mode, happens when booting Ubuntu. One reason for the error is that disk space is exhausted. We can boot Ubuntu in recovery mode and use the df command to check it.
df -h
if the disk is full, please use the command to find the largest directory.
du -sh -BM * | sort -g
Please use the command to remove the directory. For example,
rm -rf YOUR-DIR
Sometimes we cannot remove the directory because the file system is read-only. Please remount it by the command. For example,
sudo mount -o remount,rw /dev/YOUR-DISK
-Count
df -h
if the disk is full, please use the command to find the largest directory.
du -sh -BM * | sort -g
Please use the command to remove the directory. For example,
rm -rf YOUR-DIR
Sometimes we cannot remove the directory because the file system is read-only. Please remount it by the command. For example,
sudo mount -o remount,rw /dev/YOUR-DISK
-Count
Wednesday, November 11, 2015
Why iPhone's passcode cannot be replaced with Touch ID
We are requested for inputing passcode rather than Touch ID when we restarting iPhone. Why? After I read iOS Security, I think I found one of the reasons.
The passcode in system memory (why?), which is disappear after we turn off iPhone, is charge of encrypting/decrypting files. However Touch ID cannot do the same thing. Why?
I explain the reason as follows.
The passcode in system memory (why?), which is disappear after we turn off iPhone, is charge of encrypting/decrypting files. However Touch ID cannot do the same thing. Why?
I explain the reason as follows.
- For security concern, the plaintext passcode cannot be stored in flash storage because it is easily leaked.
- The plaintext passcode in system memory disappears after turning off iPhone. Therefore there is no risk of leaking. Apps cannot read it at run-time because the memory's are is not readable and is encrypted by hardware (secure element.)
- A ciphertext passcode in flash is encrypted by a one-way algorithm (eg., SHA-1) from the plaintext one.
- The iOS encrypts and decrypts files by the plaintext passcode.
- Why cannot we use Touch ID to encrypt files? Because the biometric data of our pressed fingers are different each time.
Monday, September 14, 2015
Evernote Synchronization is Failed
If you cannot solve the failure of Evernote synchronization in Windows environment after you try many ways, you can try to reset the IE.
Please refer it.
How to reset Internet Explorer settings.
-Count
Please refer it.
How to reset Internet Explorer settings.
-Count
Tuesday, September 1, 2015
Simply Introduce SSL
We can easily learn SSL from this page because it reduces some detail process of SSL. We can only focus on the kernel ideas. Therefore the below picture is very simple.
Client want to find a efficient way to encrypt the request to Server. RSA is secure but no efficient. AES is efficient but no secure. The idea is to combine the strength of RSA with security and AES with efficient. The following steps simplify the SSL process.
Client want to find a efficient way to encrypt the request to Server. RSA is secure but no efficient. AES is efficient but no secure. The idea is to combine the strength of RSA with security and AES with efficient. The following steps simplify the SSL process.
- Client randomly generates an AES key, K.
- Client want to send K in a secure way. It uses RSA to encrypt it with the public key, PubS, of Server.
- Server uses RSA to decrypt the cipher with the private key, PrvS, of Server to get the key, K. We can make sure that the transformation of K is secure because it is encrypted.
- Now Client and Server have the same K. They can use K to encrypt request, M1 and response, M2 for communication in a secure way.
Subscribe to:
Posts (Atom)