The Internet Key Exchange (IKE) protocol, described in RFC 2409, is a key management protocol standard which is used in conjunction with the IPsec standard. IPsec can be configured without IKE, but IKE enhances IPsec by providing additional features, flexibility, and ease of configuration for the IPsec standard.
For a college course -- CNIT 141: Cryptography for Computer Networks, at City College San Francisco
Based on "Serious Cryptography: A Practical Introduction to Modern Encryption", by Jean-Philippe Aumasson, No Starch Press (November 6, 2017), ISBN-10: 1593278268 ISBN-13: 978-1593278267
Instructor: Sam Bowne
More info: https://samsclass.info/141/141_S19.shtml
Scaling Ethereum using Zero-Knowledge ProofsHyojun Kim
Introduces the way how ZKPs can be used to scale Ethereum blockchains.
— What is Zero-Knowledge Proof?
— zk-SNARKs and Succinctness
— Layer-2 Scalability using zk-SNARKs
— Using SNARK on Ethereum
— Going Future: zk-STARKs
We're hiring! abr.ge/ueaerh
Overview of the SSH protocol.
SSH (Secure SHell) is a secure replacement for TELNET, rcp, rlogin, rsh (for login, remote execution of
commands, file transfer).
Security-wise SSH provides confidentiality (nobody can read the message content), integrity (guarantee that data is unaltered in transit) and authentication (of client and server). This provides protection against many of the possible attack vectors like IP spoofing, DNS spoofing, Password interception and eavesdropping.
SSH exists in 2 versions. SSH-2 fixes some of the shortcomings of SSH-1 so it should be used in place of SSH-1.
SSH also comes with features that in itself raise security concerns like tunneling and port forwarding.
2021. Chương 2 3. Cơ sở toán học của blockchainNhường Lê Đắc
Chương 2 3. Cơ sở toán học của blockchain; Chương 2
Cơ chế hoạt động và tính bảo mật của Blockchain
Blockchain Security; Công nghệ Blockchain. PGS.TS. Lê Đắc Nhường
Khoa Công nghệ thông tin – Đại học Hải Phòng
Nhuongld@dhhp.edu.vn
0987.394.900.
IPsec provides the capability to secure communications across a LAN, across private and public WANs, and across the Internet. Examples of its use include:
Secure branch office connectivity over the Internet
Secure remote access over the Internet
Establishing extranet and intranet connectivity with partners
Enhancing electronic commerce security
Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. This presentation is made as an assignment during our university course.
The Internet Key Exchange (IKE) protocol, described in RFC 2409, is a key management protocol standard which is used in conjunction with the IPsec standard. IPsec can be configured without IKE, but IKE enhances IPsec by providing additional features, flexibility, and ease of configuration for the IPsec standard.
For a college course -- CNIT 141: Cryptography for Computer Networks, at City College San Francisco
Based on "Serious Cryptography: A Practical Introduction to Modern Encryption", by Jean-Philippe Aumasson, No Starch Press (November 6, 2017), ISBN-10: 1593278268 ISBN-13: 978-1593278267
Instructor: Sam Bowne
More info: https://samsclass.info/141/141_S19.shtml
Scaling Ethereum using Zero-Knowledge ProofsHyojun Kim
Introduces the way how ZKPs can be used to scale Ethereum blockchains.
— What is Zero-Knowledge Proof?
— zk-SNARKs and Succinctness
— Layer-2 Scalability using zk-SNARKs
— Using SNARK on Ethereum
— Going Future: zk-STARKs
We're hiring! abr.ge/ueaerh
Overview of the SSH protocol.
SSH (Secure SHell) is a secure replacement for TELNET, rcp, rlogin, rsh (for login, remote execution of
commands, file transfer).
Security-wise SSH provides confidentiality (nobody can read the message content), integrity (guarantee that data is unaltered in transit) and authentication (of client and server). This provides protection against many of the possible attack vectors like IP spoofing, DNS spoofing, Password interception and eavesdropping.
SSH exists in 2 versions. SSH-2 fixes some of the shortcomings of SSH-1 so it should be used in place of SSH-1.
SSH also comes with features that in itself raise security concerns like tunneling and port forwarding.
2021. Chương 2 3. Cơ sở toán học của blockchainNhường Lê Đắc
Chương 2 3. Cơ sở toán học của blockchain; Chương 2
Cơ chế hoạt động và tính bảo mật của Blockchain
Blockchain Security; Công nghệ Blockchain. PGS.TS. Lê Đắc Nhường
Khoa Công nghệ thông tin – Đại học Hải Phòng
Nhuongld@dhhp.edu.vn
0987.394.900.
IPsec provides the capability to secure communications across a LAN, across private and public WANs, and across the Internet. Examples of its use include:
Secure branch office connectivity over the Internet
Secure remote access over the Internet
Establishing extranet and intranet connectivity with partners
Enhancing electronic commerce security
Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. This presentation is made as an assignment during our university course.
Cryptography for Absolute Beginners (May 2019)Svetlin Nakov
Cryptography for Absolute Beginners
Svetlin Nakov @ Sofia Science Festival, May 2019
Video (Bulgarian language): https://youtu.be/-QzFcUkM7_4
Blog: https://nakov.com/blog/2019/05/13/cryptography-for-absolute-beginners-nakov-at-sofia-science-festival-may-2019/
A Decompiler for Blackhain-Based Smart Contracts BytecodeShakacon
Ethereum is gaining a significant popularity in the blockchain community, mainly due to fact that it is design in a way that enables developers to write decentralized applications (Dapps) and smart-contract using blockchain technology.
Ethereum blockchain is a consensus-based globally executed virtual machine, also referred as Ethereum Virtual Machine (EVM) by implemented its own micro-kernel supporting a handful number of instructions, its own stack, memory and storage. This enables the radical new concept of distributed applications.
Contracts live on the blockchain in an Ethereum-specific binary format (EVM bytecode). However, contracts are typically written in some high-level language such as Solidity and then compiled into byte code to be uploaded on the blockchain. Solidity is a contract-oriented, high-level language whose syntax is similar to that of JavaScript.
This new paradigm of applications opens the door to many possibilities and opportunities. Blockchain is often referred as secure by design, but now that blockchains can embed applications this raise multiple questions regarding architecture, design, attack vectors and patch deployments.
As we, reverse engineers, know having access to source code is often a luxury. Hence, the need for an open-source tool like Porosity: decompiler for EVM bytecode into readable Solidity-syntax contracts – to enable static and dynamic analysis of compiled contracts but also vulnerability discovery.
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...Dace Barone
He will give an introduction talk about Blockchain technology technical aspects like cryptography, protocols, APIs and scripting with focus on explaining how Bitcoin and other blockchain works and what they consist of.
Yurijs is a Chief Technical Officer at Paybis, blogger at coinside.ru , blockchain enthusiast since 2011.
Everything I always wanted to know about crypto, but never thought I'd unders...Codemotion
For many years, I had entirely given up on ever understanding the anything about cryptography. However, I’ve since learned it’s not nearly as hard as I thought to understand many of the important concepts. In this talk, I’ll take you through some of the underlying principles of modern applications of cryptography. We’ll talk about our goals, the parts are involved, and how to prevent and understand common vulnerabilities. This’ll help you to make better choices when you implement crypto in your products, and will improve your understanding of how crypto is applied to things you already use.
Най-търсените направления в ИТ сферата за 2024Svetlin Nakov
Най-търсените направления в ИТ сферата?
д-р Светлин Наков, съосновател на СофтУни
София, май 2024 г.
Какво се случва на пазара на труда в ИТ сектора?
Какви са прогнозите за ИТ сектора за напред?
Защо има смисъл да учиш програмиране и ИТ през 2024?
Каква е ролята на AI в ИТ професиите?
Как да започна работа като junior?
Upskill програмите на СофтУни
BG-IT-Edu: отворено учебно съдържание за ИТ учителиSvetlin Nakov
Отворено учебно съдържание по програмиране и ИТ за учители
Безплатни учебни курсове и ресурси за ИТ учители
Разработени курсове към 03/2024 г. в BG-IT-Edu
https://github.com/BG-IT-Edu
Качествени учебни курсове (учебно съдържание) за ИТ учители: презентации + примери + упражнения + проекти + задачи за изпитване + judge система + насоки за учителите
Достъпни безплатно, под отворен лиценз CC-BY-NC-SA
Разработени от СофтУни Фондацията, по инициатива и под надзора на д-р Светлин Наков
Научете повече тук: https://nakov.com/blog/2024/03/27/bg-it-edu-open-education-content-for-it-teachers/
Светът на програмирането през 2024 г.
Продължава ли бумът на технологичните професии? Кои професии ще се търсят? Как да започна?
Прогнозата на д-р Светлин Наков за бъдещето на софтуерните професии в България
Има ли смисъл да учиш програмиране през 2024?
Какво се търси на пазара на труда?
Ще продължи ли търсенето на програмисти и през 2024?
Все още ли е най-търсената професия в технологиите?
Ролята на AI в сферата на софтуерните разработчици
Какво се случва на пазара на труда?
Има ли спад в търсенето на програмисти?
Как да започна с програмирането?
Видео от събитието сме качили във FB: https://fb.com/events/346653434644683
AI Tools for Business and Startups
Svetlin Nakov @ Innowave Summit 2023
Artificial Intelligence is already here!
AI Tools for Business: Where is AI Used?
ChatGPT and Bard in Daily Tasks
ChatGPT and Bard for Creativity
ChatGPT and Bard for Marketing
ChatGPT for Data Analysis
DALL-E for Image Generation
Learn more at: https://nakov.com/blog/2023/11/25/ai-for-business-and-startups-my-talk-at-innowave-summit-2023/
AI Tools for Scientists - Nakov (Oct 2023)Svetlin Nakov
Инструменти с изкуствен интелект в помощ на изследователите
Д-р Светлин Наков @ Anniversary Scientific Session dedicated to the 120th anniversary of the birth of John Atanasoff
Изкуствен интелект при стартиране и управление на бизнес
Семинар във FinanceAcademy.bg
Д-р Светлин Наков
Изкуственият интелект (ИИ) е вече тук!
Къде се ползва ИИ?
ChatGPT – демо
Bard – демо
Claude – демо
Bing Chat – демо
Perplexity – демо
Bing Image Create – демо
Bulgarian Tech Industry - Nakov at Dev.BG All in One Conference 2023Svetlin Nakov
IT industry in Bulgaria: key factors for success and the future. Deep tech, science, innovation, and education and how we can achieve more as an industry?
Dr. Svetlin Nakov
Innovation and Inspiration Manager @ SoftUni
Contents:
How big is the IT industry in Bulgaria?
Number of software professionals in Bulgaria: according to historical data from BASSCOM
Share of the software industry in GDP
Why does Bulgaria have such a successful IT industry?
Education for the tech industry: school education in software professions and profiles (2022/2023)
Education for the tech industry: Students in university in IT specialties (2022/2023)
Education for the IT industry: Learners at SoftUni (2022/2023)
Evolution of the Bulgarian software industry
How much can the industry grow?
Trends in the IT industry: AI progress, the IT market in Bulgaria, deep tech, science, and innovation
AI in the software industry
How to achieve more as an industry? education, deep tech, science, and innovation, entrepreneurship
Introduction
The IT industry in Bulgaria is one of the most successful in the country. It has grown rapidly in recent years and is now a major contributor to the economy. In this talk, Dr. Nakov explores the key factors behind the success of the Bulgarian IT industry, as well as its future prospects.
AI Tools for Business and Personal LifeSvetlin Nakov
A talk at LeaderClass.BG, Sofia, August 2023
by Svetlin Nakov, PhD
The artificial intelligence (AI) is here!
Where is AI used?
ChatGPT - demo
Bing Chat - demo
Bard - demo
Claude - demo
Bing Image Create - demo
Playground AI - demo
In this talk the speaker explains and demonstrates some AI tools for the business and personal life:
ChatGPT: a large language model that can generate text, translate languages, write different kinds of creative content, and answer your questions in an informative way.
Bing Chat: an Internet-connected AI chatbot that can search Internet and answer questions.
Bard: a large language model from Google AI, trained on a massive dataset of text and code, similar to ChatGPT.
Claude: A large AI chatbot, similar to ChatGPT, powerful in document analysis.
Bing Image Create: a tool that can generate images based on text descriptions.
Playground AI: image generator and image editor, based on generative AI.
Дипломна работа: учебно съдържание по ООП - Светлин НаковSvetlin Nakov
Дипломна работа на тема
"Учебно съдържание по обектно-ориентирано програмиране в профилираната подготовка по информатика"
Дипломант: д-р Светлин Наков
Специалност: Педагогика на обучението по информатика и информационни технологии в училище (ПОИИТУ)
Степен: магистър
Пловдивски университет "Паисий Хилендарски"
Факултет по математика и информатика (ФМИ)
Катедра “Компютърни технологии”
Настоящата дипломна работа има за цел да подпомогне българските ИТ учители от системата на средното образование в профилираните гимназии и паралелки, като им предостави безплатно добре разработени учебни програми и качествено учебно съдържание за преподаване в първия и най-важен модул от профил “Софтуерни и хардуерни науки”, а именно “Модул 1. Обектно-ориентирано проектиране и програмиране”.
Чрез изграждането на качествени учебни програми и ресурси за преподаване и пренасяне на добре изпитани образователни практики от автора на настоящата дипломна работа (д-р Светлин Наков) към българските ИТ учители целим значително да подпомогнем учителите в тяхната образователна кауза и да повишим качеството на обучението по програмиране в профилираните гимназии с профил “Софтуерни и хардуерни науки”.
Резултатите от настоящата дипломна работа са вече внедрени в практиката и разработените учебни ресурси се използват реално от стотици ИТ учители в България в ежедневната им работа. Това е една от основните цели и тя вече е изпълнена, още преди защитата на настоящата дипломна работа.
Прочетете повече в блога на д-р Наков: https://nakov.com/blog/2023/07/08/free-learning-content-oop-nakov/
Дипломна работа: учебно съдържание по ООПSvetlin Nakov
Презентация за защита на
Дипломна работа на тема
"Учебно съдържание по обектно-ориентирано програмиране в профилираната подготовка по информатика"
Дипломант: д-р Светлин Наков
Пловдивски университет "Паисий Хилендарски"
Факултет по математика и информатика (ФМИ)
Катедра “Компютърни технологии”
Защитена на: 8 юли 2023 г.
Научете повече в блога на д-р Наков: https://nakov.com/blog/2023/07/08/free-learning-content-oop-nakov
Свободно ИТ учебно съдържание за учители по програмиране и ИТSvetlin Nakov
В тази сесия разказвам за училищното образование по програмиране и ИТ, за професионалните и профилираните гимназии, свързани с програмиране и ИТ, за STEM кабинетите, за българските ИТ учители и тяхната подготовка, за проблемите, с които те се сблъскват, и как можем да им помогнем чрез проекта „Свободно учебно съдържание по програмиране и ИТ“: https://github.com/BG-IT-Edu.
Open Fest 2021, 14 август, София
В света се засилва тенденцията за установяване на STEAM образованието като двигател на научно-техническия прогрес чрез развитие на интердисциплинарни умения в сферата на природните науки, математиката, информационните технологии, инженерните науки и изкуствата в училищна възраст. С масовото изграждане на STEAM лаборатории в българските училища се изостря недостига на добре подготвени STEAM и ИТ учители.
Вярвайки в идеята, че българската ИТ общност може да помогне за решаването на проблема, през 2020 г. по инициатива на СофтУни Фондацията стартира проект за създаване на безплатно учебно съдържание по програмиране и ИТ за учители в подкрепа на училищното технологично образование. Проектът е със свободен лиценз в GitHub: https://github.com/BG-IT-Edu. Учителите получават безплатно богат комплект от съвременни учебни материали с високо качество: презентации, постъпкови ръководства, задачи за упражнения и практически проекти, окомплектовани с насоки, подсказки и решения, безплатна система за автоматизирано тестване на решенията и други учебни ресурси, на български и английски език.
Създадени са голяма част от учебните курсове за професиите "Приложен програмист", "Системен програмист" и "Програмист" в професионалните гимназии. Амбицията на проекта е да се създадат свободни учебни материали и за обученията в профил "Софтуерни и хардуерни науки" в профилираните гимназии.
Целта на проекта “Свободно ИТ учебно съдържание за учители” е да подпомогне българския ИТ учител с качествени учебни материали, така че да преподава на добро ниво и със съвременни технологии и инструменти, за да положи основите на подготовката на бъдещите ИТ специалисти и дигитални лидери на България.
В лекцията разказвам за училищното образование по програмиране и ИТ, за професионалните и профилираните гимназии, свързани с програмиране и ИТ, за STEM кабинетите, за българските ИТ учители и тяхната подготовка, за проблемите с които те се срещат, за липсата на учебници и учебни материали по програмиране, ИТ и по техническите дисциплини и как можем да помогнем на ИТ учителите.
A public talk "AI and the Professions of the Future", held on 29 April 2023 in Veliko Tarnovo by Svetlin Nakov. Main topics:
AI is here today --> take attention to it!
- ChatGPT: revolution in language AI
- Playground AI – AI for image generation
AI and the future professions
- AI-replaceable professions
- AI-resistant professions
AI in Education
Ethics in AI
In this seminar Dr. Svetlin Nakov talks about the programming languages, their popularity, available jobs and trends for 2022-2023.
Modern software development uses dozens of programming languages, along with hundreds of technology frameworks, libraries, and software tools.
This talk will review the most popular programming languages on the labor market: JavaScript, Java, C#, Python, PHP, C++, Go, Swift. It will be briefly stated what each of them is, what it is used for and what is its demand in the IT industry.
Agenda:
The Most Used Programming Languages in 2022:
- Python, Java, JavaScript, C#, C++, PHP
Jobs by Programming Languages in 2022:
- Jobs Worldwide by Programming Language
- Jobs in Bulgaria by Programming Language
Programming Languages Trends for 2023
- Language Popularity Rankings from Stack Overflow, GitHub, PYPL, IEEE, TIOBE, Etc.
Become a Software Developer: How To Start?
IT Professions and How to Become a DeveloperSvetlin Nakov
IT Professions and Their Future
The landscape of IT professions in the tech industry: software developer, front-end, back-end, AI, cloud, DevOps, QA, Java, JavaScript, Python, C#, C++, digital marketing, SEO, SEM, SMM, project manager, business analyst, CRM / ERP consultant, design / UI / UX expert, Web designer, motion designer, etc.
Industry 4.0 and the future of manufacturing, smart cities and digitalization of everything.
What are the most in-demand professions on LinkedIn? Why the best jobs in the world are related to software development and IT?
How to learn coding and start a tech job?
Why anyone can be a software developer?
Dr. Svetlin Nakov
December 2022
GitHub Actions (Nakov at RuseConf, Sept 2022)Svetlin Nakov
Building a CI/CD System with GitHub Actions
Dr. Svetlin Nakov
September 2022
Intro to Continuous Integration (CI), Continuous Delivery (CD), Continuous Deployment (CD), and CI/CD Pipelines
Intro to GitHub Actions
Building CI workflow
Building CD workflow
Live Demo: Build CI System for JS and .NET Apps
How to Become a QA Engineer and Start a JobSvetlin Nakov
How to Become a QA Engineer and Start a Job
Svetlin Nakov, PhD
Sofia, Nov, 2022
1) Why Become а QA Engineer?
2) How to Become a Software Quality Assurance Engineer (QA)?
Learn the Fundamental QA Skills:
Manual QA skills – 30%
Software engineering skills – 20%
QA automation skills – 50%
3) Anyone Can Be a QA Engineer!
4) The QA Program @ SoftUni
https://softuni.bg/qa
Призвание и цели: моята рецепта
д-р Светлин Наков
Как да открия своето призвание в живота и да го направя своя професия?
Съдържание:
1) Светлин Наков - моята история
2) Дигиталните професии
3) Как да намеря своята професия?
Поход на вдъхновителите | Аз мога тук и сега @ Петрич (19 ноември 2022 г.)
What Mongolian IT Industry Can Learn from Bulgaria?Svetlin Nakov
In this talk the speaker Dr. Svetlin Nakov explains the growth of the Bulgarian software industry for the latest 25 years and the key events in its growth.
He gives rich statistical data about Bulgaria, its GDP, and its software industry, which generates nearly 5% of the GDP (in 2022), about the open developer positions (5K in Oct 2022) and the number of software developers in Bulgaria (54K in Oct 2022).
The growth of the number of software developers in Bulgaria, software industry's revenues and their share in the national GDP are traced back from 2022 to 2005.
Similar research about the Mongolian software industry is conducted and available data is compared to Bulgaria and USA.
An interesting parallel is given between Bulgaria and Mongolia in terms of their software engineering talent and industry growth potential.
Finally, Dr. Nakov gives his recommendations about how local Mongolian software companies can reach the global tech market and suggests to use the "outstaffing" business model, targeting the European tech industry and the Asian region.
The talk is given at the "The Future of IT" forum in Ulaanbaatar, Mongolia (October 2022).
How to Become a Software Developer - Nakov in Mongolia (Oct 2022)Svetlin Nakov
In this talk the speaker Svetlin Nakov explains the IT professions and their extremely high demand in the latest years, and gives a recipe how to become a software engineer.
He recommends to spend 1-2 years in studying and practicing software engineering, following a learning curriculum like this:
Basic Coding Course – calculations, data, conditions, loops, IDE
Fundamentals of Programming – arrays, lists, maps, nested structures, text processing, error handling, basic language APIs, problem solving
Object-Oriented Programming – classes, objects, inheritance, …
Databases and ORM – relational DB, SQL, ORM frameworks, XML, JSON
Back-End Development – HTTP, MVC, Web apps, REST
Front-End Development – HTML, CSS, JS, DOM, AJAX, JS Frameworks
Projects – Git, software engineering, teamwork
Example: https://softuni.org/learn
The talk is from the "The Future of IT" forum in Ulaanbaatar, Mongolia (October 2022).
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisGlobus
JASMIN is the UK’s high-performance data analysis platform for environmental science, operated by STFC on behalf of the UK Natural Environment Research Council (NERC). In addition to its role in hosting the CEDA Archive (NERC’s long-term repository for climate, atmospheric science & Earth observation data in the UK), JASMIN provides a collaborative platform to a community of around 2,000 scientists in the UK and beyond, providing nearly 400 environmental science projects with working space, compute resources and tools to facilitate their work. High-performance data transfer into and out of JASMIN has always been a key feature, with many scientists bringing model outputs from supercomputers elsewhere in the UK, to analyse against observational or other model data in the CEDA Archive. A growing number of JASMIN users are now realising the benefits of using the Globus service to provide reliable and efficient data movement and other tasks in this and other contexts. Further use cases involve long-distance (intercontinental) transfers to and from JASMIN, and collecting results from a mobile atmospheric radar system, pushing data to JASMIN via a lightweight Globus deployment. We provide details of how Globus fits into our current infrastructure, our experience of the recent migration to GCSv5.4, and of our interest in developing use of the wider ecosystem of Globus services for the benefit of our user community.
In software engineering, the right architecture is essential for robust, scalable platforms. Wix has undergone a pivotal shift from event sourcing to a CRUD-based model for its microservices. This talk will chart the course of this pivotal journey.
Event sourcing, which records state changes as immutable events, provided robust auditing and "time travel" debugging for Wix Stores' microservices. Despite its benefits, the complexity it introduced in state management slowed development. Wix responded by adopting a simpler, unified CRUD model. This talk will explore the challenges of event sourcing and the advantages of Wix's new "CRUD on steroids" approach, which streamlines API integration and domain event management while preserving data integrity and system resilience.
Participants will gain valuable insights into Wix's strategies for ensuring atomicity in database updates and event production, as well as caching, materialization, and performance optimization techniques within a distributed system.
Join us to discover how Wix has mastered the art of balancing simplicity and extensibility, and learn how the re-adoption of the modest CRUD has turbocharged their development velocity, resilience, and scalability in a high-growth environment.
A Comprehensive Look at Generative AI in Retail App Testing.pdfkalichargn70th171
Traditional software testing methods are being challenged in retail, where customer expectations and technological advancements continually shape the landscape. Enter generative AI—a transformative subset of artificial intelligence technologies poised to revolutionize software testing.
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns
Unlocking Business Potential: Tailored Technology Solutions by Prosigns
Discover how Prosigns, a leading technology solutions provider, partners with businesses to drive innovation and success. Our presentation showcases our comprehensive range of services, including custom software development, web and mobile app development, AI & ML solutions, blockchain integration, DevOps services, and Microsoft Dynamics 365 support.
Custom Software Development: Prosigns specializes in creating bespoke software solutions that cater to your unique business needs. Our team of experts works closely with you to understand your requirements and deliver tailor-made software that enhances efficiency and drives growth.
Web and Mobile App Development: From responsive websites to intuitive mobile applications, Prosigns develops cutting-edge solutions that engage users and deliver seamless experiences across devices.
AI & ML Solutions: Harnessing the power of Artificial Intelligence and Machine Learning, Prosigns provides smart solutions that automate processes, provide valuable insights, and drive informed decision-making.
Blockchain Integration: Prosigns offers comprehensive blockchain solutions, including development, integration, and consulting services, enabling businesses to leverage blockchain technology for enhanced security, transparency, and efficiency.
DevOps Services: Prosigns' DevOps services streamline development and operations processes, ensuring faster and more reliable software delivery through automation and continuous integration.
Microsoft Dynamics 365 Support: Prosigns provides comprehensive support and maintenance services for Microsoft Dynamics 365, ensuring your system is always up-to-date, secure, and running smoothly.
Learn how our collaborative approach and dedication to excellence help businesses achieve their goals and stay ahead in today's digital landscape. From concept to deployment, Prosigns is your trusted partner for transforming ideas into reality and unlocking the full potential of your business.
Join us on a journey of innovation and growth. Let's partner for success with Prosigns.
How Recreation Management Software Can Streamline Your Operations.pptxwottaspaceseo
Recreation management software streamlines operations by automating key tasks such as scheduling, registration, and payment processing, reducing manual workload and errors. It provides centralized management of facilities, classes, and events, ensuring efficient resource allocation and facility usage. The software offers user-friendly online portals for easy access to bookings and program information, enhancing customer experience. Real-time reporting and data analytics deliver insights into attendance and preferences, aiding in strategic decision-making. Additionally, effective communication tools keep participants and staff informed with timely updates. Overall, recreation management software enhances efficiency, improves service delivery, and boosts customer satisfaction.
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Globus
Large Language Models (LLMs) are currently the center of attention in the tech world, particularly for their potential to advance research. In this presentation, we'll explore a straightforward and effective method for quickly initiating inference runs on supercomputers using the vLLM tool with Globus Compute, specifically on the Polaris system at ALCF. We'll begin by briefly discussing the popularity and applications of LLMs in various fields. Following this, we will introduce the vLLM tool, and explain how it integrates with Globus Compute to efficiently manage LLM operations on Polaris. Attendees will learn the practical aspects of setting up and remotely triggering LLMs from local machines, focusing on ease of use and efficiency. This talk is ideal for researchers and practitioners looking to leverage the power of LLMs in their work, offering a clear guide to harnessing supercomputing resources for quick and effective LLM inference.
Code reviews are vital for ensuring good code quality. They serve as one of our last lines of defense against bugs and subpar code reaching production.
Yet, they often turn into annoying tasks riddled with frustration, hostility, unclear feedback and lack of standards. How can we improve this crucial process?
In this session we will cover:
- The Art of Effective Code Reviews
- Streamlining the Review Process
- Elevating Reviews with Automated Tools
By the end of this presentation, you'll have the knowledge on how to organize and improve your code review proces
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus
As part of the DOE Integrated Research Infrastructure (IRI) program, NERSC at Lawrence Berkeley National Lab and ALCF at Argonne National Lab are working closely with General Atomics on accelerating the computing requirements of the DIII-D experiment. As part of the work the team is investigating ways to speedup the time to solution for many different parts of the DIII-D workflow including how they run jobs on HPC systems. One of these routes is looking at Globus Compute as a way to replace the current method for managing tasks and we describe a brief proof of concept showing how Globus Compute could help to schedule jobs and be a tool to connect compute at different facilities.
Strategies for Successful Data Migration Tools.pptxvarshanayak241
Data migration is a complex but essential task for organizations aiming to modernize their IT infrastructure and leverage new technologies. By understanding common challenges and implementing these strategies, businesses can achieve a successful migration with minimal disruption. Data Migration Tool like Ask On Data play a pivotal role in this journey, offering features that streamline the process, ensure data integrity, and maintain security. With the right approach and tools, organizations can turn the challenge of data migration into an opportunity for growth and innovation.
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar
The European Union Agency for Law Enforcement Cooperation (Europol) has suffered an alleged data breach after a notorious threat actor claimed to have exfiltrated data from its systems. Infamous data leaker IntelBroker posted on the even more infamous BreachForums hacking forum, saying that Europol suffered a data breach this month.
The alleged breach affected Europol agencies CCSE, EC3, Europol Platform for Experts, Law Enforcement Forum, and SIRIUS. Infiltration of these entities can disrupt ongoing investigations and compromise sensitive intelligence shared among international law enforcement agencies.
However, this is neither the first nor the last activity of IntekBroker. We have compiled for you what happened in the last few days. To track such hacker activities on dark web sources like hacker forums, private Telegram channels, and other hidden platforms where cyber threats often originate, you can check SOCRadar’s Dark Web News.
Stay Informed on Threat Actors’ Activity on the Dark Web with SOCRadar!
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...Hivelance Technology
Cryptocurrency trading bots are computer programs designed to automate buying, selling, and managing cryptocurrency transactions. These bots utilize advanced algorithms and machine learning techniques to analyze market data, identify trading opportunities, and execute trades on behalf of their users. By automating the decision-making process, crypto trading bots can react to market changes faster than human traders
Hivelance, a leading provider of cryptocurrency trading bot development services, stands out as the premier choice for crypto traders and developers. Hivelance boasts a team of seasoned cryptocurrency experts and software engineers who deeply understand the crypto market and the latest trends in automated trading, Hivelance leverages the latest technologies and tools in the industry, including advanced AI and machine learning algorithms, to create highly efficient and adaptable crypto trading bots
Large Language Models and the End of ProgrammingMatt Welsh
Talk by Matt Welsh at Craft Conference 2024 on the impact that Large Language Models will have on the future of software development. In this talk, I discuss the ways in which LLMs will impact the software industry, from replacing human software developers with AI, to replacing conventional software with models that perform reasoning, computation, and problem-solving.
How to Position Your Globus Data Portal for Success Ten Good PracticesGlobus
Science gateways allow science and engineering communities to access shared data, software, computing services, and instruments. Science gateways have gained a lot of traction in the last twenty years, as evidenced by projects such as the Science Gateways Community Institute (SGCI) and the Center of Excellence on Science Gateways (SGX3) in the US, The Australian Research Data Commons (ARDC) and its platforms in Australia, and the projects around Virtual Research Environments in Europe. A few mature frameworks have evolved with their different strengths and foci and have been taken up by a larger community such as the Globus Data Portal, Hubzero, Tapis, and Galaxy. However, even when gateways are built on successful frameworks, they continue to face the challenges of ongoing maintenance costs and how to meet the ever-expanding needs of the community they serve with enhanced features. It is not uncommon that gateways with compelling use cases are nonetheless unable to get past the prototype phase and become a full production service, or if they do, they don't survive more than a couple of years. While there is no guaranteed pathway to success, it seems likely that for any gateway there is a need for a strong community and/or solid funding streams to create and sustain its success. With over twenty years of examples to draw from, this presentation goes into detail for ten factors common to successful and enduring gateways that effectively serve as best practices for any new or developing gateway.
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...Juraj Vysvader
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I didn't get rich from it but it did have 63K downloads (powered possible tens of thousands of websites).
Cyaniclab : Software Development Agency Portfolio.pdfCyanic lab
CyanicLab, an offshore custom software development company based in Sweden,India, Finland, is your go-to partner for startup development and innovative web design solutions. Our expert team specializes in crafting cutting-edge software tailored to meet the unique needs of startups and established enterprises alike. From conceptualization to execution, we offer comprehensive services including web and mobile app development, UI/UX design, and ongoing software maintenance. Ready to elevate your business? Contact CyanicLab today and let us propel your vision to success with our top-notch IT solutions.
5. 5
Uses a pair of keys: public key + private key
Encrypt / sign by private key
Decrypt / verify by public key
Public Key Cryptography
6. 6
Well-known public-key crypto-systems
RSA – based on discrete logarithms
ECC – based on elliptic curves
ECC cryptography is considered more secure
3072-bit RSA key ≈≈ 256-bit ECC key
Most blockchains (like Bitcoin and Ethereum) use ECC
But be warned: ECC is not quantum-safe!
Public Key Crypto Systems
7. 7
Public / private key cryptography
based on the algebraic structure of
elliptic curves over finite fields
Requires smaller key-size than RSA
for the same security strength
Elliptic curves == set of points {x, y}
such that:
y2 = x3 + ax + b
Example – the Bitcoin elliptic curve:
y2 = x3 + 7 (a = 0; b = 7)
Elliptic Curve Cryptography (ECC)
8. 8
Elliptic curves cryptography (ECC)
Uses ecliptic curves over the finite
field Fp (p is prime, p > 3)
A set of integer coordinates
{x, y}, such that 0 ≤ x, y < p
Staying on the elliptic curve:
y2 ≡ x3 + ax + b (mod p)
Example of elliptic curve over F17:
y2 ≡ x3 + 7 (mod 17)
Elliptic Curves over a Finite Fields
y2 ≡ x3 + 7 (mod 17)
9. 9
A point G over the curve can be
multiplied by an integer k
P = k * G
The result is another point P
staying on the same curve
k == private key (integer)
P == public key (point {x, y})
Very fast to calculate P = k * G
Extremely slow (considered infeasible) to calculate k = P / G
Multiply a Point Over an Elliptic Curve
y2 ≡ x3 + 7 (mod 17)
G
P
10. 10
Elliptic Curves Multiplication in Python
from pycoin.ecdsa import Point
from pycoin.ecdsa import CurveFp
curve = CurveFp(17, 0, 7)
print("Curve = " + str(curve))
G = Point(curve, 15, 13)
print("G = " + str(G))
for k in range(0, 6) :
print(str(k) + " * G = " + str(k * G))
pip install pycoin
11. 11
The elliptic curves over Fp
Have at most 2 points per y
coordinate (odd x and even x)
A public key P(x, y) can be
compressed as C(x, odd/even)
At the curve y2 ≡ x3 + 7 (mod 17)
P(10, 15) == C(10, odd)
mod_sqrt(x3 + 7, 17) == y || 17 - y
Compressing the Public Key
y2 ≡ x3 + 7 (mod 17)
12. 12
ECC operates with a set of EC domain parameters:
T = (p, a, b, G, n, h)
Prime field (prime p), elliptic equation (a, b), base point G(xG, yG),
order of G (prime n), cofactor (h)
The secp256k1 standard (used in Bitcoin) defines 256-bit
elliptic-curves cryptosystem:
Prime field (p) = 2256 - 232 - 977; Equation: y2 = x3 + 7 (a = 0, b = 7)
G = 0x79BE667E …; n = 0xFFF…D0364141; h = 1
ECC Parameters and secp256k1
Learn more at: http://www.secg.org/sec2-v2.pdf, https://en.bitcoin.it/wiki/Secp256k1
13. 13
The private key in secp256k1 is 256-bit integer (32 bytes)
Example of Ethereum private key (encoded as 64 hex digits)
The respective public key is a EC point (2 * 256 bits == 64 bytes)
Can be compressed to 257 bits (Ethereum uses prefix 02 or 03)
Example of compressed public key (33 bytes / 66 hex digits):
Ethereum Addresses and secp256k1
97ddae0f3a25b92268175400149d65d6887b9cefaf28ea2c078e05cdc15a3c0a
027b83ad6afb1209f3c82ebeb08c0c5fa9bf6724548506f2fb4f991e2287a77090
7b83ad6afb1209f3c82ebeb08c0c5fa9bf6724548506f2fb4f991e2287a77090
177316ca82b0bdf70cd9dee145c3002c0da1d92626449875972a27807b73b42e
14. 14
The blockchain address in Ethereum is 20 bytes
Calculated as: last20bytes(keccak256(publicKeyFull))
Example of Ethereum address (encoded as 40 hex digits):
Note: some letters are capital to incorporate a checksum (EIP55)
Digital signatures in secp256k1 are 64 bytes (2 * 32 bytes)
A pair of two 256-bit numbers: [r, s]
Calculated by the well-known ECDSA formulas (see RFC6979)
ECDSA, secp256k1 and Ethereum (2)
0xa44f70834a711F0DF388ab016465f2eEb255dEd0
16. 16
Ethereum uses secp256k1-based ECDSA signatures
ECDSA generates deterministically a random point R (see RFC6979)
Ethereum signatures consists of 3 numbers: [v, r, s]
v – the compressed Y coordinate of the point R (1 byte: 00 or 01)
r – the X coordinate of the point R (256-bit integer, 32 bytes)
s – 256-bit integer (32 bytes), calculated from the signer's private key +
message hash (Ethereum uses keccak256)
Typically encoded as 130 hex digits (65 bytes), e.g. 0x…465c5cf4be401
Given an Ethereum signature [v, r, s], the public key can be recovered
from [R, s, msgHash] also the signer's Ethereum address
Verifying an Ethereum Signature
17. 17
Sign Message in Ethereum – Example
import eth_keys, binascii
privKey = eth_keys.keys.PrivateKey(binascii.unhexlify(
'97ddae0f3a25b92268175400149d65d6887b9cefaf28ea2c078e05cdc15a3c0a'))
print('Private key (64 hex digits):', privKey)
signature = privKey.sign_msg(b'Message for signing')
print('Signature: [v = {0}, r = {1}, s = {2}]'.format(
hex(signature.v), hex(signature.r), hex(signature.s)))
print('Signature (130 hex digits):', signature)
18. 18
Verify Message Signature in Etherscan
Verify message signature at https://etherscan.io/verifySig by:
signer address (40 hex digits)
signature (130 hex digits)
original message text
The result is: valid / invalid
21. 21
What is Cryptographic Hash Function?
Some text
Some text
Some text
Some text
Some text
Some text
Some text
20c9ad97c081d63397d
7b685a412227a40e23c
8bdc6688c6f37e97cfbc2
2d2b4d1db1510d8f61e
6a8866ad7f0e17c02b14
182d37ea7c3c8b9c2683
aeb6b733a1
Text Hashed text
Cryptographic
hash function
(almost no collisions)
23. 23
Old hash algorithms: MD5, SHA-0, SHA-1
Withdrawn due to cryptographic weaknesses (collisions found)
SHA-2
Family of functions: SHA-256 (256 bits hash), SHA-512 (512 bits), …
SHA-3
More secure, same hash length (256 bits), known as "Keccak"
RIPEMD-160
Secure hash function, widely used in cryptography, e.g. PGP, Bitcoin
Less secure variations: RIPEMD-128, RIPEMD-256, RIPEMD-320
Secure Hash Functions
24. 24
BLAKE / BLAKE2 / BLAKE2s / BLAKE2b
Fast, secure cryptographic hash function
256-bit (BLAKE-256, BLAKE2s) and 512-bit (BLAKE-512, BLAKE2b)
As of April 2018, no collisions are known for:
SHA256, SHA3-256, Keccak-256, BLAKE2s, RIPEMD160
Brute forcing to find a collision costs: 2128 for SHA256/SHA3-256
and 280 for RIPEMD160 (285 / 285 on quantum computer)
512-bit hashes (SHA-512 / SHA3-512) are Quantum-resistant
Secure Hash Algorithms (2)
26. HMAC and Key Derivation
MAC, HMAC, PBKDF2 and SCrypt
27. 27
HMAC = Hash-based Message Authentication Code
HMAC(key, msg, hash_func) hash
Message hash mixed with a secret shared key
Used for message integrity / authenticity / key derivation
Key derivation function (KDF) == function(password) key
Use HKDF (HMAC-based key derivation), PBKDF2 or SCrypt
PBKDF2, BCrypt and SCrypt are modern key-derivation functions
Use a lot of iterations + a lot of memory to make it slow
HMAC and Key Derivation
29. 29
SCrypt (RFC 7914) is a strong cryptographic key-derivation function
Memory intensive, designed to prevent ASIC and FPGA attacks
key = Scrypt(password, salt, N, r, p, derived-key-len)
N – iterations count (affects memory and CPU usage), e.g. 16384
r – block size (affects memory and CPU usage), e.g. 8
p – parallelism factor (threads to run in parallel), usually 1
Memory used = 128 * N * r * p bytes, e.g. 128 * 16384 * 8 = 16 MB
Parameters for interactive login: N=16384, r=8, p=1 (RAM=16MB)
Parameters for file encryption: N=1048576, r=8, p=1 (RAM=1GB)
Key Derivation Functions: Scrypt
32. 32
Public / Private Keys, Wallets & Blockchain
private key public key address
transaction
sign by private key
signed
transaction
valid / invalid
verify by address
wallet master
key (seed)
signed
transaction
transaction data
public key: (x, y)
signature: (v, r, s)
33. 33
In blockchain wallets keep private keys, highly encrypted
Simple wallet (keystore) keeps a single private key
Example: https://gist.github.com/nakov/53f869e01c9b573844c48e5966e33a3f
HD wallet (hierarchical wallet) keeps multiple private keys
Hierarchically derived by a master key (seed) by derivation path
The seed is encoded as mnemonic phrase (12 / 24 words)
Example: https://iancoleman.io/bip39/
HD Wallets, BIP39, BIP32 / BIP44
hill brave science fox crime quit owner chapter myth vocal chat custom
34. 34
The BIP-32 standard defines how a crypto-wallet can generate
multiple keys + addresses
The wallet is initialized by
a 512-bit master key (seed)
HMAC + ECC math used to
generate multiple accounts
Through a derivation path
E.g. m/44'/60'/1'/12
Each account holds private
key public key address
ECC and Wallets: BIP32
35. 35
Most modern crypto wallets start from a 512-bit securely
generated random seed (see the BIP-39 standard)
The seed (root key) can be represented by 12 or 24 words, e.g.
Each word comes from a wordlist of 2048 words
See https://github.com/bitcoin/bips/blob/master/bip-0039/english.txt
1 word == 11 bits of entropy
12 words == 132 bits == 128-bit entropy + checksum (in the last word)
24 words == 264 bits == 256-bit entropy + checksum (in the last word)
Internal Seed in Crypto Wallets
hill brave science fox crime quit owner chapter myth vocal chat custom
38. 38
A single secret key to
encrypt / decrypt
The secret key is usually
derived by a password
Both the sender and the
recipient should know
the secret key
Widely used symmetric
algorithms: AES-128,
AES-256, Twofish, IDEA
Symmetric Encryption
Wallets are typically encrypted using
symmetric ciphers like AES
39. 39
AES is a "block cipher" – encrypts block by block (e.g. 128 bits)
It has several modes of operation (CBC, ECB, CTR, …)
Some modes of operation require initial vector (IV)
Non-secret random salt used to get different result each time
Recommended modes: CBC (Cipher Block Chaining) or CTR (Counter)
It may use a padding algorithm (typically PKCS7) to split the input
data into blocks of fixed block-size (e.g. 128 bits)
It may use password to key derivation: key = SCrypt(pass, salt, …)
It may use MAC to check the password validity: HMAC(text, key)
AES Cipher Settings
43. License
This course (slides, examples, demos, videos, homework, etc.)
is licensed under the "Creative Commons Attribution-
NonCommercial-ShareAlike 4.0 International" license
43
44. Trainings @ Software University (SoftUni)
Software University – High-Quality Education,
Profession and Job for Software Developers
softuni.bg
Software University Foundation
http://softuni.foundation/
Software University @ Facebook
facebook.com/SoftwareUniversity
Software University Forums
forum.softuni.bg