Zero-knowledge proofs are effective cryptographic primitives which may provide additional properties and guarantees to security systems and communication protocols. However, they are still being underused in modern world. Unfortunately, even with today’s strong cryptography solutions and increased user security awareness information leaks still happen. As the data on the Web becomes more valuable, attackers develop more sophisticated attacks often involving more than just technical assets, but also other techniques like social engineering. The talk presents possible ways of using zero-knowledge proofs to improve authentication and phishing prevention on the Web taking novel implementation of well known technique (socialist millionaires’ protocol) as an example.
A decoder is a logic circuit that takes a binary input and activates only one output corresponding to the input number. It has N input lines to handle N-bit codes and 2^N output lines. A decoder uses AND gates as the basic decoding element, producing a HIGH output only when all inputs are HIGH. For example, a 4-bit BCD-to-7-segment decoder takes a 4-bit BCD coded input and outputs the correct 7-bit code to light the appropriate segments on a 7-segment display to display the corresponding decimal number.
This document provides an overview of Verilog, including:
- Verilog is a hardware description language used to describe digital systems at different levels including switch, gate, and register transfer levels.
- It discusses the basics of Verilog, common simulation tools, design methodology, modules, ports, data types, assignments, primitives, test benches, and provides a tutorial for using Active-HDL for simulation.
6 2 magnitudecomparator ibit and 2 bit convertedsubisugadevan
A magnitude comparator is a digital circuit that compares the values of two binary numbers and outputs whether the first number is greater than, less than, or equal to the second number. It has three output terminals for these comparisons. A 1-bit magnitude comparator uses AND gates to compare single bits and produce a truth table with the three possible outputs. A 2-bit magnitude comparator extends this to compare 2-bit binary numbers, using the outputs of multiple 1-bit comparators and additional logic gates to determine the relationship between the two numbers.
This document discusses sequential logic circuits and various types of flip flops. It defines sequential logic circuits as circuits whose outputs depend not only on present inputs but also past inputs. Several types of flip flops are described including SR, Clocked SR, JK, T, and D flip flops. The document provides details on the logic symbol, truth table, and logic circuit for SR and JK flip flops. It also discusses clock signals and provides examples of determining the output for various flip flop types given input waveforms.
DESIGN AND IMPLEMENTATION OF 64-BIT ARITHMETIC LOGIC UNIT ON FPGA USING VHDLsateeshkourav
The functions of fixed-point arithmetic were verified by
simulations with the single instruction test as the first
point. And then implemented fixed-point arithmetic with
FPGA. To handle more challenges nowadays and The
demand for complex tasks is increasing day by day to
increase the efficiency of a processor resulting in more
number of components manufactured on a single chip
according to Moore's law.
The document describes decoders and encoders. It begins by explaining what a decoder is, providing examples of 2-to-4 and 3-to-8 decoders. It then discusses how decoders can be used to implement general logic and combinational circuits using decoders and OR gates. The document proceeds to describe specific decoder chips like the 74x139 and 74x138 decoders. It also discusses using 3-state buffers with decoders and building decoders from smaller decoders. The document then shifts to discussing encoders, 7-segment decoders, truth tables, and K-maps in the design of decoders and encoders. It concludes by discussing priority encoders and the 74x148 priority encoder chip.
This presentation introduces digital logic gates and their applications. It discusses different types of logic gates like AND, OR, NOT, NAND, NOR gates. It explains how individual logic gates can be connected to form more complex circuits. The presentation also covers topics like different logic gate families (TTL, CMOS), their input/output voltage levels, integrated circuit classification based on transistor count (SSI, MSI, LSI, VLSI etc.) and sources of noise in digital circuits.
This document discusses Verilog programming and FPGA based system design. It provides examples of half adder, full adder, and 4-bit full adder modules written in Verilog. It also discusses module instantiation and design hierarchy. Lexical conventions in Verilog such as comments, operators, numbers, identifiers, and data types are described. Data types covered include wires, registers, vectors, and integer, real, and time register types.
A decoder is a logic circuit that takes a binary input and activates only one output corresponding to the input number. It has N input lines to handle N-bit codes and 2^N output lines. A decoder uses AND gates as the basic decoding element, producing a HIGH output only when all inputs are HIGH. For example, a 4-bit BCD-to-7-segment decoder takes a 4-bit BCD coded input and outputs the correct 7-bit code to light the appropriate segments on a 7-segment display to display the corresponding decimal number.
This document provides an overview of Verilog, including:
- Verilog is a hardware description language used to describe digital systems at different levels including switch, gate, and register transfer levels.
- It discusses the basics of Verilog, common simulation tools, design methodology, modules, ports, data types, assignments, primitives, test benches, and provides a tutorial for using Active-HDL for simulation.
6 2 magnitudecomparator ibit and 2 bit convertedsubisugadevan
A magnitude comparator is a digital circuit that compares the values of two binary numbers and outputs whether the first number is greater than, less than, or equal to the second number. It has three output terminals for these comparisons. A 1-bit magnitude comparator uses AND gates to compare single bits and produce a truth table with the three possible outputs. A 2-bit magnitude comparator extends this to compare 2-bit binary numbers, using the outputs of multiple 1-bit comparators and additional logic gates to determine the relationship between the two numbers.
This document discusses sequential logic circuits and various types of flip flops. It defines sequential logic circuits as circuits whose outputs depend not only on present inputs but also past inputs. Several types of flip flops are described including SR, Clocked SR, JK, T, and D flip flops. The document provides details on the logic symbol, truth table, and logic circuit for SR and JK flip flops. It also discusses clock signals and provides examples of determining the output for various flip flop types given input waveforms.
DESIGN AND IMPLEMENTATION OF 64-BIT ARITHMETIC LOGIC UNIT ON FPGA USING VHDLsateeshkourav
The functions of fixed-point arithmetic were verified by
simulations with the single instruction test as the first
point. And then implemented fixed-point arithmetic with
FPGA. To handle more challenges nowadays and The
demand for complex tasks is increasing day by day to
increase the efficiency of a processor resulting in more
number of components manufactured on a single chip
according to Moore's law.
The document describes decoders and encoders. It begins by explaining what a decoder is, providing examples of 2-to-4 and 3-to-8 decoders. It then discusses how decoders can be used to implement general logic and combinational circuits using decoders and OR gates. The document proceeds to describe specific decoder chips like the 74x139 and 74x138 decoders. It also discusses using 3-state buffers with decoders and building decoders from smaller decoders. The document then shifts to discussing encoders, 7-segment decoders, truth tables, and K-maps in the design of decoders and encoders. It concludes by discussing priority encoders and the 74x148 priority encoder chip.
This presentation introduces digital logic gates and their applications. It discusses different types of logic gates like AND, OR, NOT, NAND, NOR gates. It explains how individual logic gates can be connected to form more complex circuits. The presentation also covers topics like different logic gate families (TTL, CMOS), their input/output voltage levels, integrated circuit classification based on transistor count (SSI, MSI, LSI, VLSI etc.) and sources of noise in digital circuits.
This document discusses Verilog programming and FPGA based system design. It provides examples of half adder, full adder, and 4-bit full adder modules written in Verilog. It also discusses module instantiation and design hierarchy. Lexical conventions in Verilog such as comments, operators, numbers, identifiers, and data types are described. Data types covered include wires, registers, vectors, and integer, real, and time register types.
Implementation of quantum gates using verilogShashank Kumar
Implementing the XOR, AND, OR gate in the quantum circuits and with the help of IBM Quantum Composer which is a graphical programming tool. Also utilizing the Quantum circuit as well as HDL i.e., Verilog by Xilinx ISE Design Suite version 14.7 for visualizing the simulation graph with implementing the XOR, AND, OR and NAND gates also actually NAND gate is not found the universal gate in quantum, so trying to build the NAND gate which can also perform the reversible nature with simulating using the Verilog code for the desired result i.e. NAND output.
The document discusses digital logic gates and their usage in computers. It describes that logic gates combine electrical pulses following logical rules and are the basic components used to move data and instructions through a computer. The three basic logic gates are AND, OR, and NOT. These gates can be combined to perform more complex logic functions and operations like addition. Adders are constructed using networks of half adders and full adders to add binary numbers.
The document discusses UART (Universal Asynchronous Receiver/Transmitter) which is a type of asynchronous receiver/transmitter hardware that translates data between parallel and serial forms. It describes UART components, protocols, and how to initialize and use UART methods for communication and debugging purposes using RS232 and MAX232 standards.
This document discusses Verilog HDL as a solution for designing digital circuits. It provides an overview of traditional design approaches like gate-level and schematic design and their limitations for large, complex designs. Verilog HDL was developed in the 1980s to provide a simple, intuitive way to describe digital circuits for modeling, simulation, and analysis. It allows a top-down design approach with modules that have well-defined interfaces and behaviors. The document covers various coding styles in Verilog like structural, dataflow, and behavioral, as well as concepts like ports, parameters, nets, registers, delays, and test benches. It provides examples of memory operations and emphasizes thinking concurrently when writing Verilog code.
This document discusses combinational logic circuits. It begins with an outline of topics including Boolean algebra, decoders, encoders, and multiplexers. It then provides details on each of these topics. For decoders, it explains their function to decode an input value and provide an output. It provides truth tables for 2-to-4 and 3-to-8 decoders and shows how they can be constructed from logic gates. For encoders, it describes their inverse function of encoding inputs. Priority encoders and their truth tables are also covered. Finally, multiplexers are defined as using address bits to select a single input data line to output. Methods for constructing larger multiplexers from smaller ones are presented.
How to configure port security in cisco switchIT Tech
This document provides instructions for configuring several security and management features on a Cisco switch, including:
1) Configuring the IP address, subnet mask, and default gateway to enable remote access via telnet or SSH.
2) Enabling telnet and setting login passwords to restrict access.
3) Enabling port security to restrict which devices can connect to a port and shut down ports with unauthorized MAC addresses.
4) Configuring EtherChannel to combine switch ports to increase bandwidth while preventing loops.
This document provides an overview of digital logic circuits and sequential circuits. It discusses various logic gates like OR, AND, NOT, NAND, NOR and XOR gates. It explains their truth tables and symbols. It also covers Boolean algebra, map simplification using K-maps, combinational circuits like multiplexers, demultiplexers, encoders and decoders. Finally, it describes different types of flip-flops like SR, D, JK and T flip-flops which are used to build sequential circuits that have memory and can store past states.
Este documento describe una práctica de laboratorio para configurar routing entre VLAN basado en enlaces troncales 802.1Q. La práctica involucra configurar dos switches y un router para proporcionar conectividad entre dos VLAN. La parte 1 instruye sobre la configuración básica de los dispositivos de red. La parte 2 explica cómo configurar las VLAN y los enlaces troncales en los switches. La parte 3 detalla la configuración del routing entre VLAN en el router mediante subinterfaces.
The document describes the I2C (Inter-Integrated Circuit) bus interface. I2C is a digital communication protocol used to connect integrated circuits on the same circuit board. It uses just two bidirectional open-drain lines - serial data (SDA) and serial clock (SCL). Devices on the I2C bus can operate as either a master or slave. The master device initiates and controls data transfers. Slave devices respond to the master's commands. The document outlines the electrical considerations, addressing schemes, data transfer protocols, and how to implement I2C on a PIC18F25K22 microcontroller.
An Arithmetic Logic Unit (ALU) is a functional block of any
processor. It is used to perform arithmetical and logical
operations. ALU’s are designed to perform integer based
operations. In this module, we have designed an ALU which
performs certain specific operations on 32 bit numbers.
The arithmetic operations performed are: Addition, subtraction
and multiplication. The logical operations performed are: AND,
OR, XNOR, left shift and right shift.
The behavioral Verilog code and testbench were simulated using
MODELSIM to verify the functionality.
The individual gates (INVERTER, NAND2, NOR2, XOR2, OAI3222,
AOI22, MUX2:1) which constituted to the cell library were laid out
in CADENCE. The DRC and LVS run were successfully completed
to ensure usage. These individual layouts were combined and the
combined DRC was run without any errors.
The D flip flop (DFF) was laid out and the static timing analysis
were done using Waveform viewer and it’s functionality was
verified and the D flip flop times were calculated.
By putting together these cells which were designed, the ALU was
developed and the outputs were obtained.
Verilog Tutorial - Verilog HDL Tutorial with ExamplesE2MATRIX
E2MATRIX Research Lab
Opp Phagwara Bus Stand, Backside Axis Bank,
Parmar Complex, Phagwara Punjab (India).
Contact : +91 9041262727
web: www.e2matrix.com -- email: support@e2matrix.com
Simulation tools typically accept full set of Verilog language constructs
Some language constructs and their use in a Verilog description make simulation efficient and are ignored by synthesis tools
Synthesis tools typically accept only a subset of the full Verilog language constructs
In this presentation, Verilog language constructs not supported in Synopsys FPGA Express are in red italics
There are other restrictions not detailed here, see [2].
The Module Concept
Basic design unit
Modules are:
Declared
Instantiated
Modules declarations cannot be nested
Arduino is an open-source hardware platform for building interactive electronic projects. It consists of a simple open hardware design with an Atmel processor and input/output support. The hardware is less expensive than other prototyping devices. It is accompanied by a software side written in Java and based on Processing. Arduino began in Italy to control student-built interaction design projects and is descended from the open-source Wiring platform. It has a large community and potential for growth supporting its future success.
Richard Rixham introduces Arduino, an open source hardware and software platform that allows users to build physical computing devices ranging from flashing lights to robots. Arduino uses an inexpensive microcontroller board and IDE to make programming in C/C++ accessible. It has digital and analog pins that can interact with sensors and actuators. Common Arduino models include the Uno, Mini, and Mega. Shield add-on boards provide extra functions like wireless connectivity. Example projects and resources for learning more are provided.
This document provides an overview of sequences in UVM. It discusses sequence items, sequencers, and how sequences are used to drive items to a driver. Sequences are derived from sequence items and contain a body method. They utilize a sequencer handle to send items to a driver. The document outlines how to create, configure, and start a sequence as well as the typical flow of a sequence item being sent from the sequencer to a driver.
SystemVerilog Assertions verification with SVAUnit - DVCon US 2016 TutorialAmiq Consulting
This document provides an overview of SystemVerilog Assertions (SVAs) and the SVAUnit framework for verifying SVAs. It begins with an introduction to SVAs, including types of assertions and properties. It then discusses planning SVA development, such as identifying design characteristics and coding guidelines. The document outlines implementing SVAs and using the SVAUnit framework, which allows decoupling SVA definition from validation code. It provides an example demonstrating generating stimuli to validate an AMBA APB protocol SVA using SVAUnit. Finally, it summarizes SVAUnit's test API and features for error reporting and test coverage.
This document discusses static routing concepts and configuration. It covers implementing static and default routes for IPv4 and IPv6, as well as summarization, floating static routes, and troubleshooting. The objectives are to explain static routing advantages/disadvantages, configure different static route types, implement CIDR and VLSM, and troubleshoot common issues. Configuration examples are provided for various static route scenarios.
This presentation introduces logic gates. It defines a logic gate as a building block of digital circuits that takes two or more inputs and outputs one value based on Boolean algebra. Common logic gates are then described, including AND, OR, and NOT gates. NAND and NOR gates are universal gates that can be used to represent all other logic functions. Exclusive gates like XOR and XNOR are also discussed. Finally, compound gates are defined as combinations of basic logic gates to form more complex functions.
This document discusses various logic gates and their truth tables. It begins by explaining the AND, OR, and NOT gates and providing their respective logic symbols, descriptions, and truth tables. It then covers the NAND, NOR, XOR, and XNOR gates. The document also provides an example of converting a logic circuit diagram into a truth table and a Boolean expression. Finally, it discusses implementations of logic gates using integrated circuits and the use of Karnaugh maps to minimize logic expressions.
The document describes a 4-bit comparator circuit that compares two 4-bit binary numbers and outputs whether they are equal, if the first number is less than the second, or if the first is greater. It provides examples of the circuit comparing different 4-bit inputs and correctly outputting the relationship between the numbers. The comparator circuit has applications in electronic locks and security devices to compare binary passwords.
This document describes a paper battery, which is made by combining carbon nanotubes with conventional paper. It functions as both a battery and supercapacitor, providing both steady and burst energy. The paper battery is flexible, lightweight, non-toxic and fully recyclable. It works by using carbon nanotubes as electrodes and an ionic liquid electrolyte soaked into the paper. Research is ongoing to replace the electrolyte with body fluids and explore applications in medical devices, electronics and vehicles. However, production of carbon nanotubes is currently expensive and scales poorly.
Thunderbolt is a hardware interface developed by Intel that allows high-speed connection of external devices to computers. It uses the Mini DisplayPort connector and provides 10Gbps of bandwidth per channel, with two channels supported. Originally intended to use optical cabling, it was found copper could provide the necessary bandwidth at lower cost. Thunderbolt supports daisy-chaining of up to six devices and can transmit both data and video over a single cable using PCIe and DisplayPort protocols. It has advantages over USB 3.0 such as higher speed and lower latency. Future versions of Thunderbolt are planned to provide even higher speeds.
Implementation of quantum gates using verilogShashank Kumar
Implementing the XOR, AND, OR gate in the quantum circuits and with the help of IBM Quantum Composer which is a graphical programming tool. Also utilizing the Quantum circuit as well as HDL i.e., Verilog by Xilinx ISE Design Suite version 14.7 for visualizing the simulation graph with implementing the XOR, AND, OR and NAND gates also actually NAND gate is not found the universal gate in quantum, so trying to build the NAND gate which can also perform the reversible nature with simulating using the Verilog code for the desired result i.e. NAND output.
The document discusses digital logic gates and their usage in computers. It describes that logic gates combine electrical pulses following logical rules and are the basic components used to move data and instructions through a computer. The three basic logic gates are AND, OR, and NOT. These gates can be combined to perform more complex logic functions and operations like addition. Adders are constructed using networks of half adders and full adders to add binary numbers.
The document discusses UART (Universal Asynchronous Receiver/Transmitter) which is a type of asynchronous receiver/transmitter hardware that translates data between parallel and serial forms. It describes UART components, protocols, and how to initialize and use UART methods for communication and debugging purposes using RS232 and MAX232 standards.
This document discusses Verilog HDL as a solution for designing digital circuits. It provides an overview of traditional design approaches like gate-level and schematic design and their limitations for large, complex designs. Verilog HDL was developed in the 1980s to provide a simple, intuitive way to describe digital circuits for modeling, simulation, and analysis. It allows a top-down design approach with modules that have well-defined interfaces and behaviors. The document covers various coding styles in Verilog like structural, dataflow, and behavioral, as well as concepts like ports, parameters, nets, registers, delays, and test benches. It provides examples of memory operations and emphasizes thinking concurrently when writing Verilog code.
This document discusses combinational logic circuits. It begins with an outline of topics including Boolean algebra, decoders, encoders, and multiplexers. It then provides details on each of these topics. For decoders, it explains their function to decode an input value and provide an output. It provides truth tables for 2-to-4 and 3-to-8 decoders and shows how they can be constructed from logic gates. For encoders, it describes their inverse function of encoding inputs. Priority encoders and their truth tables are also covered. Finally, multiplexers are defined as using address bits to select a single input data line to output. Methods for constructing larger multiplexers from smaller ones are presented.
How to configure port security in cisco switchIT Tech
This document provides instructions for configuring several security and management features on a Cisco switch, including:
1) Configuring the IP address, subnet mask, and default gateway to enable remote access via telnet or SSH.
2) Enabling telnet and setting login passwords to restrict access.
3) Enabling port security to restrict which devices can connect to a port and shut down ports with unauthorized MAC addresses.
4) Configuring EtherChannel to combine switch ports to increase bandwidth while preventing loops.
This document provides an overview of digital logic circuits and sequential circuits. It discusses various logic gates like OR, AND, NOT, NAND, NOR and XOR gates. It explains their truth tables and symbols. It also covers Boolean algebra, map simplification using K-maps, combinational circuits like multiplexers, demultiplexers, encoders and decoders. Finally, it describes different types of flip-flops like SR, D, JK and T flip-flops which are used to build sequential circuits that have memory and can store past states.
Este documento describe una práctica de laboratorio para configurar routing entre VLAN basado en enlaces troncales 802.1Q. La práctica involucra configurar dos switches y un router para proporcionar conectividad entre dos VLAN. La parte 1 instruye sobre la configuración básica de los dispositivos de red. La parte 2 explica cómo configurar las VLAN y los enlaces troncales en los switches. La parte 3 detalla la configuración del routing entre VLAN en el router mediante subinterfaces.
The document describes the I2C (Inter-Integrated Circuit) bus interface. I2C is a digital communication protocol used to connect integrated circuits on the same circuit board. It uses just two bidirectional open-drain lines - serial data (SDA) and serial clock (SCL). Devices on the I2C bus can operate as either a master or slave. The master device initiates and controls data transfers. Slave devices respond to the master's commands. The document outlines the electrical considerations, addressing schemes, data transfer protocols, and how to implement I2C on a PIC18F25K22 microcontroller.
An Arithmetic Logic Unit (ALU) is a functional block of any
processor. It is used to perform arithmetical and logical
operations. ALU’s are designed to perform integer based
operations. In this module, we have designed an ALU which
performs certain specific operations on 32 bit numbers.
The arithmetic operations performed are: Addition, subtraction
and multiplication. The logical operations performed are: AND,
OR, XNOR, left shift and right shift.
The behavioral Verilog code and testbench were simulated using
MODELSIM to verify the functionality.
The individual gates (INVERTER, NAND2, NOR2, XOR2, OAI3222,
AOI22, MUX2:1) which constituted to the cell library were laid out
in CADENCE. The DRC and LVS run were successfully completed
to ensure usage. These individual layouts were combined and the
combined DRC was run without any errors.
The D flip flop (DFF) was laid out and the static timing analysis
were done using Waveform viewer and it’s functionality was
verified and the D flip flop times were calculated.
By putting together these cells which were designed, the ALU was
developed and the outputs were obtained.
Verilog Tutorial - Verilog HDL Tutorial with ExamplesE2MATRIX
E2MATRIX Research Lab
Opp Phagwara Bus Stand, Backside Axis Bank,
Parmar Complex, Phagwara Punjab (India).
Contact : +91 9041262727
web: www.e2matrix.com -- email: support@e2matrix.com
Simulation tools typically accept full set of Verilog language constructs
Some language constructs and their use in a Verilog description make simulation efficient and are ignored by synthesis tools
Synthesis tools typically accept only a subset of the full Verilog language constructs
In this presentation, Verilog language constructs not supported in Synopsys FPGA Express are in red italics
There are other restrictions not detailed here, see [2].
The Module Concept
Basic design unit
Modules are:
Declared
Instantiated
Modules declarations cannot be nested
Arduino is an open-source hardware platform for building interactive electronic projects. It consists of a simple open hardware design with an Atmel processor and input/output support. The hardware is less expensive than other prototyping devices. It is accompanied by a software side written in Java and based on Processing. Arduino began in Italy to control student-built interaction design projects and is descended from the open-source Wiring platform. It has a large community and potential for growth supporting its future success.
Richard Rixham introduces Arduino, an open source hardware and software platform that allows users to build physical computing devices ranging from flashing lights to robots. Arduino uses an inexpensive microcontroller board and IDE to make programming in C/C++ accessible. It has digital and analog pins that can interact with sensors and actuators. Common Arduino models include the Uno, Mini, and Mega. Shield add-on boards provide extra functions like wireless connectivity. Example projects and resources for learning more are provided.
This document provides an overview of sequences in UVM. It discusses sequence items, sequencers, and how sequences are used to drive items to a driver. Sequences are derived from sequence items and contain a body method. They utilize a sequencer handle to send items to a driver. The document outlines how to create, configure, and start a sequence as well as the typical flow of a sequence item being sent from the sequencer to a driver.
SystemVerilog Assertions verification with SVAUnit - DVCon US 2016 TutorialAmiq Consulting
This document provides an overview of SystemVerilog Assertions (SVAs) and the SVAUnit framework for verifying SVAs. It begins with an introduction to SVAs, including types of assertions and properties. It then discusses planning SVA development, such as identifying design characteristics and coding guidelines. The document outlines implementing SVAs and using the SVAUnit framework, which allows decoupling SVA definition from validation code. It provides an example demonstrating generating stimuli to validate an AMBA APB protocol SVA using SVAUnit. Finally, it summarizes SVAUnit's test API and features for error reporting and test coverage.
This document discusses static routing concepts and configuration. It covers implementing static and default routes for IPv4 and IPv6, as well as summarization, floating static routes, and troubleshooting. The objectives are to explain static routing advantages/disadvantages, configure different static route types, implement CIDR and VLSM, and troubleshoot common issues. Configuration examples are provided for various static route scenarios.
This presentation introduces logic gates. It defines a logic gate as a building block of digital circuits that takes two or more inputs and outputs one value based on Boolean algebra. Common logic gates are then described, including AND, OR, and NOT gates. NAND and NOR gates are universal gates that can be used to represent all other logic functions. Exclusive gates like XOR and XNOR are also discussed. Finally, compound gates are defined as combinations of basic logic gates to form more complex functions.
This document discusses various logic gates and their truth tables. It begins by explaining the AND, OR, and NOT gates and providing their respective logic symbols, descriptions, and truth tables. It then covers the NAND, NOR, XOR, and XNOR gates. The document also provides an example of converting a logic circuit diagram into a truth table and a Boolean expression. Finally, it discusses implementations of logic gates using integrated circuits and the use of Karnaugh maps to minimize logic expressions.
The document describes a 4-bit comparator circuit that compares two 4-bit binary numbers and outputs whether they are equal, if the first number is less than the second, or if the first is greater. It provides examples of the circuit comparing different 4-bit inputs and correctly outputting the relationship between the numbers. The comparator circuit has applications in electronic locks and security devices to compare binary passwords.
This document describes a paper battery, which is made by combining carbon nanotubes with conventional paper. It functions as both a battery and supercapacitor, providing both steady and burst energy. The paper battery is flexible, lightweight, non-toxic and fully recyclable. It works by using carbon nanotubes as electrodes and an ionic liquid electrolyte soaked into the paper. Research is ongoing to replace the electrolyte with body fluids and explore applications in medical devices, electronics and vehicles. However, production of carbon nanotubes is currently expensive and scales poorly.
Thunderbolt is a hardware interface developed by Intel that allows high-speed connection of external devices to computers. It uses the Mini DisplayPort connector and provides 10Gbps of bandwidth per channel, with two channels supported. Originally intended to use optical cabling, it was found copper could provide the necessary bandwidth at lower cost. Thunderbolt supports daisy-chaining of up to six devices and can transmit both data and video over a single cable using PCIe and DisplayPort protocols. It has advantages over USB 3.0 such as higher speed and lower latency. Future versions of Thunderbolt are planned to provide even higher speeds.
Thunderbolt is a new high-speed optical cable technology developed by Intel to connect devices using a single port. It uses fiber optics and can transfer data at 10 Gbps with potential for 100 Gbps. Thunderbolt allows multiple protocols to run simultaneously over a single cable, providing higher bandwidth and fewer connectors than existing standards. The technology consists of a controller chip and optical module for converting signals between electrical and optical. Intel plans to supply the controller chip and work with manufacturers to deliver Thunderbolt components for use starting in 2010.
The document describes a paper battery created using carbon nanotubes and cellulose paper. It discusses how carbon nanotubes are deposited onto paper using an ink and heating process. The paper battery works through an electrochemical reaction between an electrolyte and the carbon nanotubes. It has advantages like being thin, flexible, and lightweight while providing long-term power in a small package. Applications mentioned include powering smart cards, e-cards, and medical devices. While promising, challenges include the high cost of carbon nanotubes and scaling up the technology for widespread commercial use.
Thunderbolt technology is a transformational I/O innovation that provides a leap
in performance over current I/O technologies with 10 Gbps of full-duplex bandwidth
per channel. It significantly simplifies the end-user experience by concurrently supporting
data (PCI Express) and display (DisplayPort) connections over a single cable.
Thunderbolt products may be connected using electrical or optical cables. Thunderbolt
technology enables flexible and innovative system designs by allowing multiple, highperformance,
PCI Express and DisplayPort devices to attach to a computer through a
single physical connector.
Intel introduced Light Peak in 2009, an optical cable interface that could transfer data at 10Gbps. In 2011, they launched "Copper Peak" which used copper cables instead of fiber optics. Also in 2011, Apple updated the MacBook Pro with Thunderbolt, a strictly copper-based port that could transfer data at 10Gbps and replaced USB and other ports.
Each grain must hold a charge
When their volume becomes too little, they will no longer be stable & will be influenced by ambient thermal energy
With current technology, this will happen around 130 Gb/in2
The document describes a new sky bus transit technology that could provide eco-friendly public transportation for crowded cities. The sky bus travels along roads elevated on columns, avoiding issues like derailment that affect current metro rail systems. It uses a concrete box structure held above the road on columns to guide powered bogies carrying suspended passenger coaches. This sky bus technology claims to offer safer, less expensive public transit that could be implemented more quickly compared to traditional rail. It is currently being considered for implementation in several major Indian cities.
Peer-to-Peer (P2P) has become a buzzword and file-sharing applications like Kazaa are very popular and account for a lot of Internet traffic nowadays. The emphasis of my talk will be on the evolution of P2P file-sharing and the technology behind the scenes. I also try to give examples how P2P can be used for other applications like Skype.
From the Un-Distinguished Lecture Series (http://ws.cs.ubc.ca/~udls/). The talk was given Feb. 16, 2007.
Skinput is a technology developed by Microsoft Research that allows a user's skin to act as an input surface. It uses arrays of highly tuned vibration sensors incorporated into an armband to detect acoustic waves generated by taps on the skin. The sensors are able to classify different inputs and locations of taps on the arm. While the prototype demonstrates the potential of the technology, its commercial viability will depend on Microsoft's commitment to further developing it.
Skinput technology turns the human body into a touchscreen input interface by using sensors to detect vibrations on the skin caused by taps and turns. It consists of an armband with sensors, a Bluetooth connection, and a small projector. When the user taps their skin, sensors detect the acoustic waves and can identify different locations tapped. The projector then displays a virtual keyboard or buttons onto the arm. The system works well but accuracy decreases for obese users or many input locations. Future applications could include texting by tapping on projected keyboards or controlling devices while walking.
The document discusses different types of circuit breakers, including air blast, vacuum, oil, and SF6 circuit breakers. It explains that a circuit breaker can make, carry, and break currents under normal and abnormal circuit conditions. The operating mechanism involves using stored energy to move a moving contact to open or close the circuit. When contacts separate during a fault, an arc is formed that must be quickly quenched for circuit interruption. Each breaker type uses a different medium, such as air, vacuum, oil or SF6 gas, to rapidly cool and extinguish the arc. Modern systems commonly use vacuum or SF6 breakers for their fast, reliable performance.
Overview and evolution of password-based authentication schemesIgnat Korchagin
Password is the oldest and the most widely used pillar of authentication, and is still being the core of approximately 80% of authentication events in the 21st century Internet. As the data on the Web becomes more valuable, more sophisticated attacks on authentication are being developed. The good thing is that crypto community tries to keep up with the continuously increasing threat surface and provides more advanced authentication techniques with higher security guarantees. However, password is still a solid building block in each of them: the first part of most two-factor authentication schemes is a password challenge, to generate one-time token, you enter a password, to use a hardware device - you enter a password in the device. But is verifying passwords secure? By communicating a password to a verifying party you leak at least some of the password information. Given the long history of password-based authentication schemes we can clearly see that it is rather challenging even to properly implement password verification. The presentation gives an overview of the evolution of password-based authentication schemes and provides comparison between two of the latest ones: socialist millionaires’ protocol and SPAKE2.
Demystifying Zero Knowledge Proofs [FINAL].pptxRedWhite12
This document provides an overview of zero-knowledge proofs (ZKPs) and their applications. It discusses:
- The history and types of ZKPs including SNARKs, STARKs, and Bulletproofs.
- Projects using different types of ZKPs like Zcash using zk-SNARKs and decentralized exchanges using zk-STARKs.
- The theory behind how ZKPs work by proving computations without revealing inputs, using examples like Diffie-Hellman key exchange and RSA signatures.
- Background math concepts relevant to ZKPs like modular arithmetic, elliptic curves, and finite fields.
The document describes various combinational logic circuits including half adders, full adders, binary adders, subtractors, multiplexers, decoders, encoders, comparators and binary operations circuits. It provides details on their design procedure, truth tables, boolean expressions and examples. Combinational circuits have outputs dependent only on present inputs and no memory elements. Circuits described include half adder, full adder, binary adder, decoder, encoder, and a seven segment display decoder example.
This document summarizes a lecture on logic circuit design experiments. It covers topics including analog and digital signals, binary systems, Boolean algebra, logic gates, combinational logic circuits, half and full adders/subtractors, and addition and subtraction operations. The professor in charge is Jeon Jaewook and teaching assistants are Seok Minsik and Song Jiho.
- Ethereum is a blockchain platform that allows for the building of decentralized applications and smart contracts. It has its own cryptocurrency called Ether.
- Ethereum transactions are grouped into blocks that are mined approximately every 15 seconds using a proof-of-work consensus algorithm. The Ethereum Virtual Machine runs on every node and can execute smart contracts written in languages like Solidity.
- Ether is used to pay transaction fees, called gas, to incentivize miners to process transactions and smart contracts. The amount of gas used depends on the computational complexity and resources required to execute the transaction or smart contract.
This document provides an overview of cryptography concepts including:
- Homework 1 is due on 1/18 and project 1 is due the next day
- It reviews classical ciphers, modern symmetric ciphers like DES, and basic cryptography terminology
- It describes the Feistel cipher structure used in DES, the DES algorithm details like key scheduling and rounds, and strengths and weaknesses of DES versus alternatives like AES and triple DES
Lecture 4: Frequent Itemests, Association Rules. Evaluation. Beyond Apriori (ppt, pdf)
Chapter 6 from the book “Introduction to Data Mining” by Tan, Steinbach, Kumar.
Chapter 6 from the book Mining Massive Datasets by Anand Rajaraman and Jeff Ullman.
Secure multi-party computation allows multiple parties to jointly compute a function over their private inputs while preserving privacy. This is achieved through techniques like secret sharing, garbled circuits, and secure multi-party protocols. Recent improvements have increased performance, enabling practical applications in domains like genome analytics, smart cities, and blockchain where privacy-sensitive data from different entities must be analyzed without being shared in the clear.
The document discusses identity-based encryption (IBE) and the Weil pairing. It describes the key algorithms in IBE - Setup, Extract, Encrypt, Decrypt. It explains how the Weil pairing is used to compute a bilinear map between points on an elliptic curve in a efficient manner using Miller's algorithm. Applications of IBE discussed include key revocation and delegation. Escrow ElGamal encryption is also summarized which uses a master public key to allow decryption by a third party.
Thwarting The Surveillance in Online Communication by Adhokshaj MishraOWASP Delhi
This document discusses techniques for countering online surveillance and protecting private communications. It begins by outlining common surveillance methods used by governments and companies, such as wiretapping and exploiting software vulnerabilities. It then discusses using cryptography to counter surveillance and keep data safe, such as encrypting files and filling volumes with cryptographically secure random data. Secure authentication techniques are presented that allow verifying credentials without revealing passwords. Finally, the document details a method for encrypting and authenticating private messages between two parties using Diffie-Hellman key exchange and digital signatures to provide encryption, authentication, deniability and perfect forward secrecy.
Elliptic Curve Cryptography for those who are afraid of mathsMartijn Grooten
A low level introduction into elliptic curve cryptography, as presented at BSides San Francisco 2016.
NB don't be put off by the 100 slides; every transition is on its own slide.
Lecture on 18 December 2018
Role of Cryptography in Blockchain
RSA and SHA
Blockchain for Beginners
Elective course from the Faculty of Information Technology, Thai - Nichi Institute of Technology, Bangkok for undergraduate students.
#BlockchainTNI2018
This is the 3rd of an 8 lecture series that I presented at University of Strathclyde in 2011/2012 as part of the final year AI course.
This lecture moves beyond the Game Theoretic definition of a game, and demonstrates how algorithms can be used not only to find a single good choice, but a sequence of choices that will eventually reach a winning state.
This document provides definitions and explanations of key concepts in information security and cryptography. It discusses symmetric and asymmetric cryptographic techniques such as stream ciphers, block ciphers, digital signatures, hash functions, and the use of random numbers for security applications. It also covers concepts like confidentiality, integrity, availability, cryptanalysis, plain text, cipher text, and the differences between symmetric and public key cryptography.
What are Hash function and why is it used is security.
How to store passwords.
What are symmetric and asymmetric encryption function.
What is PGP program and how to use to encrypt and sign documents.
Encrypting with entanglement matthias christandlwtyru1989
The document discusses quantum entanglement and its implications. It introduces key concepts like qubits, entanglement, and Bell's inequality. Experiments have violated Bell's inequality, showing the world is probabilistic rather than deterministic. This allows for secure quantum cryptography, where entangled particles can generate a random secret key known only to communicating parties. However, noise in experiments challenges detecting entanglement. The document proposes a test for entanglement based on monogamy - if a particle is strongly entangled with one party, it cannot be equally entangled with multiple others. This test could determine if noise prevents key generation from an entangled state.
apidays LIVE Australia 2020 - WT* is JWT? by Maciej Trederapidays
The document discusses JSON Web Tokens (JWT). It begins by explaining that JWT is often confused with JSON Web Signature (JWS) which is one way to implement JWT by digitally signing a JSON object. It then discusses some common JWT concepts like the header, payload, signature and registered/custom claims. It also covers best practices like key management with JSON Web Key Sets (JWKS) and common vulnerabilities if certain precautions are not taken with JWT implementation and validation.
apidays LIVE Paris - WT* is JWT? by Maciej Trederapidays
apidays LIVE Paris - Responding to the New Normal with APIs for Business, People and Society
December 8, 9 & 10, 2020
WT* is JWT?
Maciej Treder, Senior Software Development Engineer at Akami Technologies
Similar to Enforcing Web security and privacy with zero-knowledge protocols (20)
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...APNIC
Adli Wahid, Senior Internet Security Specialist at APNIC, delivered a presentation titled 'Honeypots Unveiled: Proactive Defense Tactics for Cyber Security' at the Phoenix Summit held in Dhaka, Bangladesh from 23 to 24 May 2024.
Discover the benefits of outsourcing SEO to Indiadavidjhones387
"Discover the benefits of outsourcing SEO to India! From cost-effective services and expert professionals to round-the-clock work advantages, learn how your business can achieve digital success with Indian SEO solutions.
HijackLoader Evolution: Interactive Process HollowingDonato Onofri
CrowdStrike researchers have identified a HijackLoader (aka IDAT Loader) sample that employs sophisticated evasion techniques to enhance the complexity of the threat. HijackLoader, an increasingly popular tool among adversaries for deploying additional payloads and tooling, continues to evolve as its developers experiment and enhance its capabilities.
In their analysis of a recent HijackLoader sample, CrowdStrike researchers discovered new techniques designed to increase the defense evasion capabilities of the loader. The malware developer used a standard process hollowing technique coupled with an additional trigger that was activated by the parent process writing to a pipe. This new approach, called "Interactive Process Hollowing", has the potential to make defense evasion stealthier.
Securing BGP: Operational Strategies and Best Practices for Network Defenders...APNIC
Md. Zobair Khan,
Network Analyst and Technical Trainer at APNIC, presented 'Securing BGP: Operational Strategies and Best Practices for Network Defenders' at the Phoenix Summit held in Dhaka, Bangladesh from 23 to 24 May 2024.
2. Why?
• You provide your personally identifiable information (PII)
most of the time
3. Why?
• You provide your personally identifiable information (PII)
most of the time
• Service provider promises to take all “relevant measures”
to store such information “securely”
4. Why?
• You provide your personally identifiable information (PII)
most of the time
• Service provider promises to take all “relevant measures”
to store such information “securely”
• Service provider aims to make your experience secure
6. Reality
• Databases leak
• UK medical records
• Turkish citizenship database
• PII leaks
• no clear definition of “relevant measures” and “securely”
• mostly organizational measures, no encryption
7. Reality
• Databases leak
• UK medical records
• Turkish citizenship database
• PII leaks
• no clear definition of “relevant measures” and “securely”
• mostly organizational measures, no encryption
• Service provider (or their partner) takes advantage of PII
• credit reference agencies
8. Reality
• Databases leak
• UK medical records
• Turkish citizenship database
• PII leaks
• no clear definition of “relevant measures” and “securely”
• mostly organizational measures, no encryption
• Service provider (or their partner) takes advantage of PII
• credit reference agencies
• User passwords get stolen
• using obsolete crypto
• fake login prompts
• no SSL/TLS
9. ZKP more formally
• Zero-knowledge proof is a method by which one party (the prover) can
prove to another party (the verifier) that a given statement is true, without
conveying any information apart from the fact that the statement is indeed
true.
• Properties:
• Completeness: if the statement is true, the honest verifier (that is, one following the
protocol properly) will be convinced of this fact by an honest prover
• Soundness: if the statement is false, no cheating prover can convince the honest
verifier that it is true, except with some small probability
• Zero-knowledge: if the statement is true, no cheating verifier (or others) learns anything
other than this fact. This is formalized by showing that every cheating verifier has some
simulator that, given only the statement to be proved (and no access to the prover), can
produce a transcript that "looks like" an interaction between the honest prover and the
cheating verifier
11. A cave with a magic door
1
Peggy randomly
enters A or B
12. A cave with a magic door
1 2
Peggy randomly
enters A or B
Victor randomly
shouts A or B
13. A cave with a magic door
1 2
3
Peggy randomly
enters A or B
Victor randomly
shouts A or B
Peggy reliably
appears on
requested side
14. 50% cheat probability. Really?
• One round of protocol has 0.5 cheat probability
• if Peggy chooses to enter the same side which Victor will shout later, she can
convince Victor even without knowing the magic word
15. 50% cheat probability. Really?
• One round of protocol has 0.5 cheat probability
• if Peggy chooses to enter the same side which Victor will shout later, she can
convince Victor even without knowing the magic word
• To address above we just need to repeat the protocol N
times
• each round outcome is independent
• cheat probability: P = 0.5 * 0.5 * 0.5 * … * 0.5 = (0.5)N = 2-N
16. 50% cheat probability. Really?
• One round of protocol has 0.5 cheat probability
• if Peggy chooses to enter the same side which Victor will shout later, she can
convince Victor even without knowing the magic word
• To address above we just need to repeat the protocol N
times
• each round outcome is independent
• cheat probability: P = 0.5 * 0.5 * 0.5 * … * 0.5 = (0.5)N = 2-N
• If we repeat the protocol ~128 times, we can make it as
secure as AES
18. Socialist millionaires
• EC curve: G - base point, n - order of G
• Alice and Bob have x and y respectively. Both want to know whether x==y.
19. Socialist millionaires
• EC curve: G - base point, n - order of G
• Alice and Bob have x and y respectively. Both want to know whether x==y.
Generate a2, a3,
s
G2a = a2*G
G3a = a3*G
Generate b2, b3,
r
G2b = b2*G
G3b = b3*GG2a, G3a, G2b, G3b
20. Socialist millionaires
• EC curve: G - base point, n - order of G
• Alice and Bob have x and y respectively. Both want to know whether x==y.
Generate a2, a3,
s
G2a = a2*G
G3a = a3*G
Generate b2, b3,
r
G2b = b2*G
G3b = b3*G
G2 = a2*G2b
G3 = a3*G3b
Pa = s*G3
Qa = s*G + x*G2
G2 = b2*G2a
G3 = b3*G3a
Pb = r*G3
Qb = r*G + y*G2
G2a, G3a, G2b, G3b
Pa, Qa, Pb, Qb
21. Socialist millionaires
• EC curve: G - base point, n - order of G
• Alice and Bob have x and y respectively. Both want to know whether x==y.
Generate a2, a3,
s
G2a = a2*G
G3a = a3*G
Generate b2, b3,
r
G2b = b2*G
G3b = b3*G
G2 = a2*G2b
G3 = a3*G3b
Pa = s*G3
Qa = s*G + x*G2
G2 = b2*G2a
G3 = b3*G3a
Pb = r*G3
Qb = r*G + y*G2
Ra = a3*(Qa-Qb) Rb = b3*(Qa-Qb)
G2a, G3a, G2b, G3b
Pa, Qa, Pb, Qb
Ra, Rb
22. Socialist millionaires
• EC curve: G - base point, n - order of G
• Alice and Bob have x and y respectively. Both want to know whether x==y.
Generate a2, a3,
s
G2a = a2*G
G3a = a3*G
Generate b2, b3,
r
G2b = b2*G
G3b = b3*G
G2 = a2*G2b
G3 = a3*G3b
Pa = s*G3
Qa = s*G + x*G2
G2 = b2*G2a
G3 = b3*G3a
Pb = r*G3
Qb = r*G + y*G2
Ra = a3*(Qa-Qb) Rb = b3*(Qa-Qb)
a3*Rb == Pa-Pb b3*Ra == Pa-Pb
G2a, G3a, G2b, G3b
Pa, Qa, Pb, Qb
Ra, Rb
23. Socialist millionaires
• EC curve: G - base point, n - order of G
• Alice and Bob have x and y respectively. Both want to know whether x==y.
Generate a2, a3,
s
G2a = a2*G
G3a = a3*G
Generate b2, b3,
r
G2b = b2*G
G3b = b3*G
G2 = a2*G2b
G3 = a3*G3b
Pa = s*G3
Qa = s*G + x*G2
G2 = b2*G2a
G3 = b3*G3a
Pb = r*G3
Qb = r*G + y*G2
Ra = a3*(Qa-Qb) Rb = b3*(Qa-Qb)
a3*Rb == Pa-Pb b3*Ra == Pa-Pb
G2a, G3a, G2b, G3b
Pa, Qa, Pb, Qb
Ra, Rb
a3 * Rb = b3 * Ra = (Pa - Pb) + (a3 * b3 * (x - y)) *
G2
24. Socialist millionaires
• EC curve: G - base point, n - order of G
• Alice and Bob have x and y respectively. Both want to know whether x==y.
Generate a2, a3,
s
G2a = a2*G
G3a = a3*G
Generate b2, b3,
r
G2b = b2*G
G3b = b3*G
G2 = a2*G2b
G3 = a3*G3b
Pa = s*G3
Qa = s*G + x*G2
G2 = b2*G2a
G3 = b3*G3a
Pb = r*G3
Qb = r*G + y*G2
Ra = a3*(Qa-Qb) Rb = b3*(Qa-Qb)
a3*Rb == Pa-Pb b3*Ra == Pa-Pb
G2a, G3a, G2b, G3b
Pa, Qa, Pb, Qb
Ra, Rb
a3 * Rb = b3 * Ra = (Pa - Pb) + (a3 * b3 * (x - y)) *
G2
25. Socialist millionaires
• Socialist millionaire problem is a way for two
millionaires to check whether their wealth is equal
• can be used to verify whether two parties posses the same secret
• a passive attacker learns nothing about the protocol and its outcome
• MiTM can do no better than passive attacker except disrupting the
communication channel
• even if one of the parties is dishonest, he learns nothing more that the
protocol outcome
• unlike most other zero-knowledge proofs requires O(1) protocol iterations
• is adopted and has good history
28. OTR SMP
• Uses 1536-bit group calculations
• BUT: LogJam!
• 512-bit broken
• 1024-bit probably
• 1536-bit is very close!
29. Themis SMP vs OTR SMP
• Improving SMP
• moved all cryptographic operations in ECC domain
• modern (boring) cryptography (ed25519)
• timing attacks protection
• fast and performant
• reduced memory footprint
• support for many high-level languages
• simple API
• GitHub: https://github.com/cossacklabs/themis
36. Possible use-cases
• Credit reference agency knows your are at least client of both banks even if
you were not on file before (able to trace you later)
Hash(UniqueID) = AnotherUniqueID
37. Possible use-cases
• Credit reference agency does not get anything if your were not on their file
previously
Hash(UniqueID) = AnotherUniqueID
38. SMP vs PAKE
• PAKE - password-authenticated key agreement
39. SMP vs PAKE
• PAKE - password-authenticated key agreement
• basic PAKE requires only 1 roundtrip
• simple, requires small number of asymmetric cryptographic operations
• easy to implement
• provides a negotiated secret key as a protocol outcome
40. SMP vs PAKE
• PAKE - password-authenticated key agreement
• basic PAKE requires only 1 roundtrip
• simple, requires small number of asymmetric cryptographic operations
• easy to implement
• provides a negotiated secret key as a protocol outcome
• Example: SPAKE2 (https://tools.ietf.org/html/draft-irtf-
cfrg-spake2-03)
41. SPAKE2
• EC curve: G - base point, n - order of G, M,N - known fixed points on the curve
• Alice and Bob know w.
Generate x
X = x*G
T = w*M + X
Generate y
Y = y*G
S = w*N + Y
K = x*(S - w*N) K = y*(T - w*M)
T, S
42. Myth 1: PAKE is MUCH faster
• PAKE is better because it is simpler
• requires much less computations
• only 1-RTT compared to 3-RTT SMP
43. SPAKE2
• EC curve: G - base point, n - order of G, M,N - known fixed points on the curve
• Alice and Bob know w.
Generate x
X = x*G
T = w*M + X
Generate y
Y = y*G
S = w*N + Y
K = x*(S - w*N) K = y*(T - w*M)
T, S
44. SPAKE2
• EC curve: G - base point, n - order of G, M,N - known fixed points on the curve
• Alice and Bob know w.
Generate x
X = x*G
T = w*M + X
Generate y
Y = y*G
S = w*N + Y
K = x*(S - w*N) K = y*(T - w*M)
T, S
Key confirmation?
45. Myth 1: PAKE is MUCH faster
• SPAKE2 requires additional roundtrip for authentication
scenario
46. Myth 1: PAKE is MUCH faster
• SPAKE2 requires additional roundtrip for authentication
scenario
• Pure C: SMP is only ~20 times slower
• small price for zero-knowledge guarantee
47. Myth 1: PAKE is MUCH faster
• SPAKE2 requires additional roundtrip for authentication
scenario
• Pure C: SMP is only ~20 times slower
• small price for zero-knowledge guarantee
• High-level languages: SMP is only ~3 times slower
• more probable real-world use-case
• more time is spent on network communication and language runtime
48. Myth 2: SMP doesn’t negotiate a key
• PAKE is better because it negotiates a key out-of-the box
and SMP does not
49. Socialist millionaires
• EC curve: G - base point, n - order of G
• Alice and Bob have x and y respectively. Both want to know whether x==y.
Generate a2, a3,
s
G2a = a2*G
G3a = a3*G
Generate b2, b3,
r
G2b = b2*G
G3b = b3*G
G2 = a2*G2b
G3 = a3*G3b
Pa = s*G3
Qa = s*G + x*G2
G2 = b2*G2a
G3 = b3*G3a
Pb = r*G3
Qb = r*G + y*G2
Ra = a3*(Qa-Qb) Rb = b3*(Qa-Qb)
a3*Rb == Pa-Pb b3*Ra == Pa-Pb
G2a, G3a, G2b, G3b
Pa, Qa, Pb, Qb
Ra, Rb
50. Socialist millionaires
• EC curve: G - base point, n - order of G
• Alice and Bob have x and y respectively. Both want to know whether x==y.
Generate a2, a3,
s
G2a = a2*G
G3a = a3*G
Generate b2, b3,
r
G2b = b2*G
G3b = b3*G
G2 = a2*G2b
G3 = a3*G3b
Pa = s*G3
Qa = s*G + x*G2
G2 = b2*G2a
G3 = b3*G3a
Pb = r*G3
Qb = r*G + y*G2
Ra = a3*(Qa-Qb) Rb = b3*(Qa-Qb)
a3*Rb == Pa-Pb b3*Ra == Pa-Pb
G2a, G3a, G2b, G3b
Pa, Qa, Pb, Qb
Ra, Rb
51. Socialist millionaires
• EC curve: G - base point, n - order of G
• Alice and Bob have x and y respectively. Both want to know whether x==y.
Generate a2, a3,
s
G2a = a2*G
G3a = a3*G
Generate b2, b3,
r
G2b = b2*G
G3b = b3*G
G2 = a2*G2b
G3 = a3*G3b
Pa = s*G3
Qa = s*G + x*G2
G2 = b2*G2a
G3 = b3*G3a
Pb = r*G3
Qb = r*G + y*G2
Ra = a3*(Qa-Qb) Rb = b3*(Qa-Qb)
a3*Rb == Pa-Pb b3*Ra == Pa-Pb
G2a, G3a, G2b, G3b
Pa, Qa, Pb, Qb
Ra, Rb
SMP actually negotiates 2 keys!
54. Possible use-cases
SMP (or PAKE with confirm)
Encrypted communication (K1)
• Automatic key rotation for long-lived encrypted connections
55. Possible use-cases
SMP (or PAKE with confirm)
Encrypted communication (K1)
• Automatic key rotation for long-lived encrypted connections
save negotiated key
56. Possible use-cases
SMP (or PAKE with confirm)
Encrypted communication (K1)
Encrypted communication (K2)
• Automatic key rotation for long-lived encrypted connections
save negotiated key
57. Myth 3: using PAKE for authentication
• PAKE has many other reasons to be better for
authentication
58. Myth 3: using PAKE for authentication
• PAKE is a KEY AGREEMENT
59. Myth 3: using PAKE for authentication
• PAKE is a KEY AGREEMENT
• the goal of the protocol is to negotiate a shared secret, not authenticate a
peer
• PAKE protocol outcome does not provide the proof that your peer knows the
secret
60. SPAKE2
• EC curve: G - base point, n - order of G, M,N - known fixed points on the curve
• Alice and Bob know w.
Generate x
X = x*G
T = w*M + X
Generate y
Y = y*G
S = w*N + Y
K = x*(S - w*N) K = y*(T - w*M)
T, S
61. SPAKE2
• EC curve: G - base point, n - order of G, M,N - known fixed points on the curve
• Alice and Bob know w.
Generate x
X = x*G
T = w*M + X
Generate y
Y = y*G
S = w*N + Y
K = x*(S - w*N) K = y*(T - w*M)
T, S
62. SPAKE2
• EC curve: G - base point, n - order of G, M,N - known fixed points on the curve
• Alice and Bob know w.
Generate x
X = x*G
T = w*M + X
Generate y
Y = y*G
S = w*N + Y
K = x*(S - w*N) K = y*(T - w*M)
T, S
To successfully complete the protocol:
• the peer may not even know w (the real secret
information)
• but only w*M and w*N (its public derivatives)
64. SPAKE2
SPAKE2 by itself does not provide the basic proof of secret
knowledge
• can be enforced on implementation level
• made as a constraint in the target system
• treat public counterparts as secret themselves
• etc
65. SPAKE2
SPAKE2 by itself does not provide the basic proof of secret
knowledge
• can be enforced on implementation level
• made as a constraint in the target system
• treat public counterparts as secret themselves
• etc
But anyway: it has to be considered somehow and protocol
users have to be aware of this
66. Socialist millionaires
• EC curve: G - base point, n - order of G
• Alice and Bob have x and y respectively. Both want to know whether x==y.
Generate a2, a3,
s
G2a = a2*G
G3a = a3*G
Generate b2, b3,
r
G2b = b2*G
G3b = b3*G
G2 = a2*G2b
G3 = a3*G3b
Pa = s*G3
Qa = s*G + x*G2
G2 = b2*G2a
G3 = b3*G3a
Pb = r*G3
Qb = r*G + y*G2
Ra = a3*(Qa-Qb) Rb = b3*(Qa-Qb)
a3*Rb == Pa-Pb b3*Ra == Pa-Pb
G2a, G3a, G2b, G3b
Pa, Qa, Pb, Qb
Ra, Rb
67. Socialist millionaires
• EC curve: G - base point, n - order of G
• Alice and Bob have x and y respectively. Both want to know whether x==y.
Generate a2, a3,
s
G2a = a2*G
G3a = a3*G
Generate b2, b3,
r
G2b = b2*G
G3b = b3*G
G2 = a2*G2b
G3 = a3*G3b
Pa = s*G3
Qa = s*G + x*G2
G2 = b2*G2a
G3 = b3*G3a
Pb = r*G3
Qb = r*G + y*G2
Ra = a3*(Qa-Qb) Rb = b3*(Qa-Qb)
a3*Rb == Pa-Pb b3*Ra == Pa-Pb
G2a, G3a, G2b, G3b
Pa, Qa, Pb, Qb
Ra, Rb
Secrets are combined with random shared values
with contributions from both peers
69. Conclusions
• Zero-knowledge protocols are useful building blocks for
enhanced security and privacy preserving protocols
• They can be useful in a scenario where one of the protocol participants may
be malicious
70. Conclusions
• Zero-knowledge protocols are useful building blocks for
enhanced security and privacy preserving protocols
• They can be useful in a scenario where one of the protocol participants may
be malicious
• You may use PAKE for many real world tasks, but you
have to be aware of the caveats
71. Conclusions
• Zero-knowledge protocols are useful building blocks for
enhanced security and privacy preserving protocols
• They can be useful in a scenario where one of the protocol participants may
be malicious
• You may use PAKE for many real world tasks, but you
have to be aware of the caveats
• Socialist millionaire protocol provides more security
guarantees, although with some performance penalty