Thursday, May 21, 2009

Simulate SCP using SSH

An interesting question
How to simulate scp using ssh ...
Using the same way you sud be able to run a script in your machine on the remote machine.

I assume that the reader is aware of what SCP and SSH is.

Lets try this...


deepak@deepak-laptop:~$ cat abcd.txt | ssh deepak@jeeves ' cat > abcd.txt;chmod 0777 abcd.txt;./abcd.txt;'

deepak@jeeves's password:
abcd.txt
Desktop
Thu May 21 14:40:58 IST 2009
/home/deepak
jeeves

deepak@deepak-laptop:~$ cat abcd.txt
ls
date
pwd
hostname


deepak@deepak-laptop:~$




So how does this work...
The cat wud obviously get the contents of the file and pipe it to the STDIN of the remote system. At the remote system the cat would redirect the contents of STDIN into the file (thereby creating the file) and then changing its permissions and then executing it.
Simple enough but not easy to find at once.

Other recommended scripts would be

cat abcd.txt | ssh deepak@jeeves ' cat -|bash' # remote exec of command
cat abcd.txt | ssh deepak@jeeves ' cat > filename' # scp

Thanking you
Layman

Wednesday, May 20, 2009

Learn to morph

People look at morphing as a satanic act. To me , I feel there is nothing like that. I've loved morphing ever since I learned to do it. I have done many morphs which finally had some quality in it. I've loved outputs...results have always been my passion. So I guess thats one of the many reasons why I learned it. Later I gave up the act for a loved one. So here Iam to teach you how to morph...

You would either be on windows or linux . On windows I'm guess you would be using photoshop, and for all those linux users I would recommend using GIMP. I'm using GIMP to demonstrate this to you.


Get the 2 pics and open them in gimp



Use the scissor tool to cut out the face of the person



Select the face




Cut the face and paste it on a new transparent background page


Remove the unwanted areas of the image


Cut a small portion from the image (of arnie)


Paste it over the face of the image







Go to the layers window and select overlay. This will help you to match the color of the 2 images





Copy and paste the new image onto arnie

Scale the image suitably to match the head size of arnie

Use the smudge, blur and sharpen tools suitably to give the image a good look


The final image is ready






This doesnt look really good , I know, but I couldn't spend more time on this. If you would like to know more about morphing pls comment with your gtalk usernames.

I would have loved to show you how good I'm at this but I'm sorry blogger doesn't allow explicit images :p ;) . So please bear with me.

Thanking you
Layman

Tuesday, May 19, 2009

Enhanced public key cryptography

I'm sure all of us would have heard about public key cryptography. Here I would like to propose a new idea which I suppose would enhance public key cryptography. This paper is no mumbo-jumbo. Its very simple and surprising. Please have a look and let me know...

AI'm sure all of us would have heard about public key cryptography. Here I would like to propose a new idea which I suppose would enhance public key cryptography. This paper is no mumbo-jumbo. Its very simple and surprising. Please have a look and let me know...

Definitions
Cipher - a cryptographic algorithm used to encrypt and decrypt files
and messages.
Ciphertext - the disguised (or encrypted) file or message.
Code - the usage of characters or words to represent words,
sentences, or ideas. Morse code is a common example, where
combinations of dots and dashes represent letters and numbers.
Cryptanalysis - the art of breaking cryptosystems. The process of
looking for errors or weaknesses in the implementation of an
algorithm or of the algorithm itself.
Cryptography - the art of creating and using cryptosystems.
Cryptology - the study of both cryptography and cryptanalysis.
Cryptosystem - the entire process of using cryptography. This
includes the actions of encrypting and decrypting a file or message, or
authenticating the sender of an e-mail message.
Key - a collection of bits,usually stored in a file, which is used to encrypt or decrypt a message.
Plaintext - the original message or file. After a file or message has been encrypted and then decrypted you should end up with the original file or message.Private Key - the secret key of a public-private key cryptography system. This key is used to "sign" outgoing messages, and is used to decrypt incoming messages.
Public Key - the public key of a public-private key cryptography system. This key is used to confirm "signatures" on incoming messages or to encrypt a file or message so that only the holder of the private key can decrypt the file or message.
Public-private Key Cryptography System - a cryptography system that uses two different keys to lock and unlock (encrypt and decrypt) messages and files. The two keys are mathematically linked together. An individual's public key is distributed to other users and is used to encrypt messages to the individual. The individual keeps the private key secret and uses it to decrypt messages sent with the public key.

Enhanced public key cryptography : A proposition
We have seen that even a public key system with n users would need 2*n number of keys to be stored. It may not seem very large for small systems. But as the value of n increases the size of the database also grows. This in fact slows down the system. Efficiency of the system decreases. As we have already discussed our concern is to further reduce the size of the data base. The basic idea is that we don't need to store the private key into the database. We would rather express the private key as a function of the public key. Private key = f (Public key) The first time a user registers to the system , the user is asked to enter his desired user name. Once he enters a user name (that doesn't exist already) , the system supplies him with a password. This password cannot be changed by the user in future. The password or rather the private key is calculate as a function of the public key. The function maybe to
simply add the ASCII values of characters used in the public key and then give the result of computation as the private key or password. So each time a user wants to login,he is required to enter his user name and password. The system calculates the original password for the user name as f(user name). Then the system checks whether f(user name),and the entered password matches. If they match the user can connect to the system. Otherwise he is not allowed to connect. So the basic idea is to calculate the real password from the user name applying the function and then match it with the password entered by the user. The advantage here is that for n users we need to store only n entries of use names. No password is stored.
However there is one serious disadvantage for this system. If a cryptanalyst gets a number of combinations of the user names and passwords he may succeed in finding the transformation performed by the function 'f(user name)'. If that happens he will be able to get the passwords for each and every user. Then the system fails completely. To avoid such a failure what we do is that we use a number of
functions rather than a single function. So the cryptanalyst can't find any similarity in the way the passwords are generated . The function used to calculate the password for a user depends on the position of the user name in the database. We shall consider an example. Suppose there are n users already registered in the database and there are m distinct functions available in the system to calculate the
value of the password from the user name. A new user wants to register to the system. The desired user name is 'abcn1'. Then the system writes his user name at the end of the database. So position of the new user will be n+1. We then calculate the (n+1)th number in the Fibonacci series. Say the number is p. We perform p%m ( where m is the number of functions the system uses to calculate the passwords
from the user name). We know that 0 <= p%m <>
EPKC vs PCK

PCK uses the inefficient linear search for retrieving the username and password(ie the public and private keys of a user). Linear search efficieny is O(n). So this is considered inefficient. Sometimes its possible to use binary search to improve the search times. But then, sorting must be done during insertion. This is a tedious process. This will lead to greater insertion times. Thus still inefficient.
Now lets see about the proposed EPCK. Here search (or rather calculation )is done via a hashing. Once the key pairs are entered by the user to login, the system can use a hashing process to retrieve the function to calculate the private key. Then this function can map the public key to the private key in a unique way. It's well known that hashing process has a search time of O(1). There are some additional processes done before and after hashing. Considering all these processes we can sum up that EPCK search times is by all means comparable to PCK. In terms of space efficiency PCK is far behind EPCK. PCK is 50%(nearly) more space efficient. This is because in EPCK we don't store the private key of the users. And in terms of security domain. In PCK we would need to secure the database using strong firewalls. This means additional cost. Still it's not possible to be sure of 100% security. In the age of systems like the bruteforce we cant rely on any security providers. EPCK since they
don't need to store any private key don't need any protection to the database. Maybe a small amount of write protection can be done. Thus EPCK is more space efficient than PCK. Also its less expensive than PCK.


This is a picture of an EPCK database.



The proposed system requires lesser memory space(half the memory space) compared to public key systems without compromising the security of the system. Thus the efficiency of the communication system will improve tremendously,without sacrificing the security of the system.


Thanking you
Layman


Language interpreter

Its been some time since I was struck with this idea of an mini-language interpreter.
I started imagining it in the lines of an interpreter that could possibly understand scripts similar to the those written it the traditional bash shell scripts.
The work took some time. I choose perl to build the interpreter. The reason is obvious . The first reason was that I'd learned perl , and I wanted to use it somewhere. Second reason was that it was easier to do pattern matching in perl. So I started with what I call now the "Language Interpreter developed in perl". I'd initially scanned the web for tutorials that could help me on the project. I couldn't find any. I failed to find any documents on the web in a similar line. So after doing a fair amount of work and obtaining reasonable amount of results I thought I should post this on the web. So here it is...


#!/usr/bin/perl -w

while(<>)
{
chomp($_);
if($_) {match1($_);}
}

sub match1
{
$_=$_[0];

if(/^while\(([^\)]*)\){(.*)}$/)
{
#print "\nstat1 :",$1," ",$2,"\n";
$_=$1;
my $statements=$2;
if(/^([a-zA-Z][a-zA-Z0-9]*)([<>=!]*)([a-zA-Z0-9]+)$/)
{
my $lhs=symtabretrieve($1);
my $op=match($2);
my $rhs=match($3);
my $idl=$1;
my $idr=$3;
if($rhs==8) {$rhs=symtabretrieve($3);}
elsif($rhs==1) {$rhs=$3;}
if($op==2)
{
while($lhs<$rhs)
{
if($statements) {match1($statements);}
$lhs=symtabretrieve($idl);
$rhs=match($idr);
if($rhs==8) {$rhs=symtabretrieve($idr);}
elsif($rhs==1) {$rhs=$idr;}
}
}
elsif($op==3)
{
while($lhs>$rhs)
{
if($statements) {match1($statements);}
$lhs=symtabretrieve($idl);
$rhs=match($idr);
if($rhs==8) {$rhs=symtabretrieve($idr);}
elsif($rhs==1) {$rhs=$idr;}
}
}
elsif($op==4)
{
while($lhs>=$rhs)
{
if($statements) {match1($statements);}
$lhs=symtabretrieve($idl);
$rhs=match($idr);
if($rhs==8) {$rhs=symtabretrieve($idr);}
elsif($rhs==1) {$rhs=$idr;}
}
}
elsif($op==5)
{
while($lhs<=$rhs)
{
if($statements) {match1($statements);}
$lhs=symtabretrieve($idl);
$rhs=match($idr);
if($rhs==8) {$rhs=symtabretrieve($idr);}
elsif($rhs==1) {$rhs=$idr;}
}
}
elsif($op==6)
{
while($lhs==$rhs)
{
if($statements) {match1($statements);}
$lhs=symtabretrieve($idl);
$rhs=match($idr);
if($rhs==8) {$rhs=symtabretrieve($idr);}
elsif($rhs==1) {$rhs=$idr;}
}
}
elsif($op==7)
{
while($lhs!=$rhs)
{
if($statements) {match1($statements);}
$lhs=symtabretrieve($idl);
$rhs=match($idr);
if($rhs==8) {$rhs=symtabretrieve($idr);}
elsif($rhs==1) {$rhs=$idr;}
}
}

}

return;

}


elsif(/^if\(([^\)]*)\){(.*)}$/)
{
#print "\nstat2 :",$1," ",$2,"\n";
$_=$1;
my $statements=$2;
if(/^([a-zA-Z][a-zA-Z0-9]*)([<>=!]*)([a-zA-Z0-9]+)$/)
{
my $lhs=symtabretrieve($1);
my $op=match($2);
my $rhs=match($3);
my $idl=$1;
my $idr=$3;
if($rhs==8) {$rhs=symtabretrieve($3);}
elsif($rhs==1) {$rhs=$3;}
if($op==2)
{
if($lhs<$rhs)
{
if($statements) {match1($statements);}
$lhs=symtabretrieve($idl);
$rhs=match($idr);
if($rhs==8) {$rhs=symtabretrieve($idr);}
elsif($rhs==1) {$rhs=$idr;}
}
}
elsif($op==3)
{
if($lhs>$rhs)
{
if($statements) {match1($statements);}
$lhs=symtabretrieve($idl);
$rhs=match($idr);
if($rhs==8) {$rhs=symtabretrieve($idr);}
elsif($rhs==1) {$rhs=$idr;}
}
}
elsif($op==4)
{
if($lhs>=$rhs)
{
if($statements) {match1($statements);}
$lhs=symtabretrieve($idl);
$rhs=match($idr);
if($rhs==8) {$rhs=symtabretrieve($idr);}
elsif($rhs==1) {$rhs=$idr;}
}
}
elsif($op==5)
{
if($lhs<=$rhs)
{
if($statements) {match1($statements);}
$lhs=symtabretrieve($idl);
$rhs=match($idr);
if($rhs==8) {$rhs=symtabretrieve($idr);}
elsif($rhs==1) {$rhs=$idr;}
}
}
elsif($op==6)
{
if($lhs==$rhs)
{
if($statements) {match1($statements);}
$lhs=symtabretrieve($idl);
$rhs=match($idr);
if($rhs==8) {$rhs=symtabretrieve($idr);}
elsif($rhs==1) {$rhs=$idr;}
}
}
elsif($op==7)
{
if($lhs!=$rhs)
{
if($statements) {match1($statements);}
$lhs=symtabretrieve($idl);
$rhs=match($idr);
if($rhs==8) {$rhs=symtabretrieve($idr);}
elsif($rhs==1) {$rhs=$idr;}
}
}

}

return;
}


elsif(/^([a-zA-Z][a-zA-Z0-9]*)=([a-zA-Z0-9]+)$/)
{
#print "\nstat3 :",$1," ",$2,"\n";
syminsert($1,$2);
return;
}

elsif(/^([a-zA-Z][a-zA-Z0-9]*\[[0-9][0-9]*\])=([a-zA-Z0-9]+)$/)
{
#print "\nstat4 :",$1," ",$2,"\n";
syminsert($1,$2);
return;
}

elsif(/^([a-zA-Z][a-zA-Z0-9]*)=([a-zA-Z0-9]+)([p\+\-\*\/\%])([a-zA-Z0-9]+)$/)
{
#print "\nstat5 :",$1," ",$2,"\n";
if(match($2)==1) {$frstopd=$2;}
else {$frstopd=symtabretrieve($2);}
if(match($4)==1) {$scndop=$4;}
else {$scndop=symtabretrieve($4);}
$op=match($3);
if($op==9)
{
$val=$frstopd+$scndop;
syminsert($1,$val);
}
if($op==10)
{
$val=$frstopd-$scndop;
syminsert($1,$val);
}
if($op==11)
{
$val=$frstopd*$scndop;
syminsert($1,$val);
}
if($op==12)
{
$val=$frstopd/$scndop;
syminsert($1,$val);
}
if($op==13)
{
$val=$frstopd+$scndop;
syminsert($1,$val);
}
return;
}

elsif(/^echo \$([a-zA-Z0-9]+)\[\$?([a-zA-Z0-9][a-zA-Z0-9]*)\]$/)
{
#print "\nstat6 :",$1," ",$2,"\n";
$index=symtabretrieve($2);
if($index==undef)
{
$index=$1."[".$2."]";
print symtabretrieve($index);
}
else
{
$pr=$1."[".$index."]";
print symtabretrieve($pr);
}
print "\n";
return;
}

elsif(/^echo \$([a-zA-Z0-9]+)$/)
{
#print "\nstat7 :",$1,"\n";
print symtabretrieve($1);
print "\n";
return;
}

elsif(/^echo ([^;]*)$/)
{
#print "\nstat8 :",$1,"\n";
print $1;
print "\n";
return;
}

elsif(/^if/ || /^while/)
{
if(/^(.*});(.*)/)
{
my @temp=split(//,$1);
my $c=$2;
my $a="";
my $b="";
my $char='';
my $count=1;
while(@temp)
{
$char=shift(@temp);
$a.=$char;
if($char eq '{')
{
while($count)
{
$char=shift(@temp);
$a.=$char;
if($char eq '{') {$count++;}
elsif($char eq '}') {$count--;}
}
}
if(!$count) {$b=join('',@temp); @temp=();}
}
#print "\nstat9 :A:",$a," B:",$b," C:",$c,"\n";
if($a) {match1($a);}
if($b) {match1($b);}
if($c) {match1($c);}
}

return;
}

elsif(/^(.*?);(.*)$/)
{
#print "\nstat10 :A",$1," B:",$2,"\n";
my $a=$1; my $b=$2;
if($a) {match1($a);}
if($b) {match1($b);}
return;
}

}

sub match
{
$_=$_[0];
if(/^[0-9]+$/) {return 1;}
elsif(/^<$/) {return 2;}
elsif(/^>$/) {return 3;}
elsif(/^>=$/) {return 4;}
elsif(/^<=$/) {return 5;}
elsif(/^==$/) {return 6;}
elsif(/^!=$/) {return 7;}
elsif(/^[a-zA-Z0-9]+/) {return 8;}
elsif(/^\+/) {return 9;}
elsif(/^\-/) {return 10;}
elsif(/^\*/) {return 11;}
elsif(/^\//) {return 12;}
elsif(/^\%/) {return 13;}
else {return 0;}
}

sub syminsert
{
$symtab{$_[0]}=$_[1];
}

sub symtabretrieve
{
return $symtab{$_[0]};
}


The results I should say is only a miniature version of the project. And the code isn't fully shown. Your comments would be greatly appreciated.

Thanking you,
Layman