星期五, 6月 30, 2006

inventions that transform the world
  • Google
  • Skype
  • FON
inventions that transformed the world and were taken for granted
  • PC
  • Linux
  • WWW
inventions that

星期三, 6月 28, 2006

Lab Virtual Private Networking (VPN)

1. Download Hamachi from http://www.hamachi.cc/
2. Create your own network and enter a password for your members to join in the future.
3. Open the protocol analyzer Ethereal.
4. Exchange packets with your members.
5. Analyze these packets with Ethereal.

星期二, 6月 27, 2006

暑假中可以學些什麼

對大二或大三的同學, 我會建議先學好數學與程式設計.

技術一直在變, 但是數學歷久彌新, 掌握多變的未來最好的方法就是打好基礎, 數學與程式設計就是這個基礎.

星期四, 6月 22, 2006

部落格特別推薦

新竹觀光好好玩 (講評: 導覽式的口吻 在地的玩法 切中部落格的媒體特性)
My Spiritual World(講評: 感性的內容 豐富的創作)
重型機車的大本營(人氣旺盛 展現部落格集眾效果)
羽球天地(豐富比賽記事)

星期五, 6月 16, 2006

期末報告 成果繳交日期: 6/18/2006

前往 期末報告

Lab PGP, Part II

1. Sign a file. Send this file to Friend A & Friend B. Verify that both of them can read your signature.

2. Sign a file and encrypt this file and signature using A's public key. Email it to A and B. What will happen?

Lab PGP

1. Download PGP Desktop 9.0
2. Install PGP using

In the process of installation assistant, generate your key pairs and allow your public key to go public at keyserver.pgp.com so that your friends can use it.

3 Check your email. Record your public key and the finger print at the Comment below this blog posting. What's the key length PGP generates?

4. Use your Friend A's public key to encrypt a file, using PGP zip. Email this encrypted file to your Friend A and Friend B. Verify that A can decrypt the file while B cannot.

You are invited to do Part II of Lab PGP.

FAQ: What's PGP?

星期五, 6月 09, 2006

Lab Packet Sniffer

1. Install Protocol Analyzer Ethereal at http://www.ethereal.com
2. Capture the packets at your Ethernet interface card.
3. Enter a login required website that you often go to, such as web mail.
4. Try to catch the packet that contains the password.

SSL

SSL (Secure Socket Layer)
* Using Digital Certificate, Digital Signature, Public Key Encryption, Hash (Message Digest)
* Instead of encrypting the sender's original text, only the session key generated by the sender is encrypted by the receiver's public key.
* The session key is valid throughout a session and not any longer.
* SSL is proposed by Netscape, Inc.
* https is actually http enhanced by SSL. https uses port 443 while http uses port 80.

Lab SSL

1. Try Yam membership enrollment
for using SSL encrypted Internet communications.
2. Note the lock at the lower right corner is secured when SSL is enabled.
3. Click the lock icon and a message window should pop up.
4. What kind of encryption is used in this SSL? How many bits are there in the encryption key?
5. Who issued the certificate you are seeing? (Who is the certificate authority, CA, for this website?)
6. Until when is the certificate valid?
7. What kind(s) of hash is/are used in the CA's digital signature?
8. How many bits are there in the hash(es)?

Lab Hash


1. Install SlavaSoft HashCalc
2. Open the file readme.txt of this software
3. Calculate the cash.
4. Open another copy of HashCalc
5. Open the file readme.txt and delete the first space fo the file.
6. Calculate the hash of the modified file.
7. Compare the hashes of two files.

Lecture on network secutiry and the theory of public key

Lecture on network secutiry and the theory of public key
(Chapter 3 of Textbook)

Secrect Key

*a key for encryption is also for decryption
*fast encryption and decryption
*problem with key distribution
*problem with keeping many keys

Public Key

*private key and public key
*public usually posted on an open directory
*private key must be kept in absolute private to oneself
*good for encryption and signature

Hash function
*fixed length of 128 or 256 bits
*fingerprint


Digital Signature
* privated key encrypted fingerprint of a plain text
*transmitted along with the plain text for verification

Man-in-the-middle attack

Digital Certificate
* Public Key signed with Certificate Authority