I’ve been trying for a couple of weeks to put together a couple of interesting posts on the cryptographic modes of operation for confidentiality and integrity, and I just can’t do it. I’m finding it boring to write about, and if it bores me to write it, I know there’s no way that it’s going to be engaging to readers!
So, I’m going to move on. I’ve explained the basic idea of the message authentication code as an integrity check, and I’ve described one simple way of integrating it into a common mode of operation. If you’re really interested in learning more, I recommend Bruce Schnier’s book on cryptography, which has ton of material on modes of operation and protocols, how they work, and how they can fail.
Meanwhile, I’m going to move on to something that doesn’t bore me to write about, and therefore hopefully won’t bore you to read about: asymmetric cryptography, also commonly referred to (although not entirely accurately) as public key cryptography.
Hawkwind, “Masters of the Universe”: Great bit from the early days of psychadelic/progressive rock. I’ve got recordings of both the live and the studio versions, and I vastly prefer the studio.
Peter Gabriel, “The Family and the Fishing Net”: This is
just a magnificent piece of music. I love pretty much everything
that Gabriel has written, from his days in Genesis, to his solo work like this, to his movie soundtracks. But the “Security” album is
something special even for Gabriel, and this is one of the best tracks
on the album.
Michael McGoldrick, “The Fisherman in the Wardrobe”:
Ick. This is crap. Michael McGoldrick is an amazing Irish flute
player; he was one of the original flutists in Lunasa. But he did this album, which consists of vastly overproduced and overly up-tempo Irish music played against an electronic drumbeat. It’s just awful, and it’s a shame because if you could get rid of the electronics and the ridiculously overdone reverb, there’s some nice playing hidden in there. Still, I’ve never bought another of his albums after this.
Peter Schickele, “Listen Here, Tyrannosaurus Rex”: a silly little song which Schickele actually takes credit for in his own name. Probably because it’s not quite awful enough to be credited to PDQ Bach.
Micho Russell, “Children’s Song”: this is a great example of what traditional Irish can be. My tinwhistle/flute teacher travelled to Ireland, and spend time with a wonderful Irish whistler. The resulting recording is just Micho Russell, with no accompaniment, playing a
two dollar tin-whistle. No fancy arrangements; he plays it slowly – a reel at only about 70 beats per minute; very sparse tasteful ornamentation – and when you listen to it, you’ll understand why these tunes have lasted so long.
Kansas, “Byzantium”: Quite a contrast from the last one. This is recent work by Kansas. It’s beautiful; things like this make me glad that they got back together. It uses very middle-eastern chords and melodies, and if I’m not mistaken, some middle-eastern instrumentation. It’s really quite lovely.
Jethro Tull, “Black Satin Dancer”: Mediocre Tull tune. Nothing special. The rest of the album is great, but this isn’t a particular good song.
The Tangent, “The Winning Game”: This is seriously amazing. It’s a collaboration between Roine Stolt and Andy Tillson, along with various members of their respective bands. It’s really stunning music,
beautifully written, and performed with incredible virtuosity by all involved.
Igor Stravinsky, “Three Pieces”: Stravinsky is one of the greatest composers of the 20th century, and probably of all time. This is a very delicate, intricate chamber piece.
Stuart Duncan, “Miles to Go”: Wonderful acoustic bluegrass
fiddling. I was fortunate enough to see Steward Duncan performing live once with Edgar Meyer, Sam Bush, and Joshua Bell. Joshua Bell (one of the worlds great classical violin soloists) actually talked about what he learned about rhythmic bowing from Stuart. As is typical of the greats, he doesn’t feel any great need to constantly show off his
chops; and some of his most compelling playing is on leisurely tracks like this.
As long time readers of this blog know, one of the things that drive me crazy – in fact, one of the things that led me to start this blog – is the rampant innumeracy of our society. The vast majority of
Americans have no real knowledge or comprehension of numbers or mathematics, and what makes that even worse is that most really, truly, fundamentally don’t care.
A vivid example of that is demonstrated in a recent Supreme Court ruling in a case dealing with the use of sonar in submarine training
by the US navy in waters inhabited by whales.
It’s always amusing to wander over to the Discovery Institute’s blogs, and see what kind of nonsense they’re spouting today. So, today, as I’m feeling like steamed crap, I took a wander over. And what did I find? High grade, low-content rubbish from my old buddy, Casey Luskin. Luskin is, supposedly, a lawyer. He’s not a scientist or a mathematician by any stretch of the imagination. There’s nothing wrong with that in the abstract; the amount of time we have to learn during our lives is finite, and no one can possible know everything. For example, I don’t know diddly-crap about law, American or otherwise; my knowledge of western history is mediocre at best; I don’t really speak any language other than english. I know some physics, but my understanding of anything beyond the basics is very limited. Even when it comes to the topic of this blog, math, I’m at best an enthusiastic amateur.
The problem with Casey, and people like him, is that they’re ignorant of a topic where they believe that they’re experts. Growing up, I was taught to call that kind of behavior not just
ignorant, but pig-ignorant. It’s a foolish kind of arrogance, where you believe that you know as much as people who’ve spent years studying something, even though you’ve never even read an elementary textbook. It’s like the dozens of people who’ve emailed my “disproofs” of Cantor’s theorem, when they don’t actually know what “cardinality” actually means.
In this instance, Casey is annoyed because a group of people at NASA used evolutionary algorithms to create a better antenna.
(Note: I’ve changed the transliteration of the name of the dish since the original version of the post. I think it’s now the correct pinyin transliteration. Please correct me in the comments if you know, and it’s still wrong.)
Today you get the recipe for one of my very favorite dishes. Since I
married a Chinese woman 14 years ago, I’ve learned a lot of chinese
cooking, and of all of the things I’ve learned to make, this is probably
my favorite. It’s called Shanghai Xu Chao Mien. It’s a variant of
what’s called Lo Mein in the US, except that it’s actually authentic.
And as is typical of authentic dishes, it’s much better that
the crap you get at a typical chinese takeout in the US. (Chow mien is a
traditional chinese dish, but it’s got nothing to do with what we call
Chow Mien in the US; “Chao” means “stir fried”, and “mien” is noodles –
chow mien is stir-fried noodles.)
This is the shanghai variant of the dish. It uses a different kind
of noodle, and a very different sauce. You’ll have to go to a chinese grocery store for the two key ingredients. Finding them can
be a bit of a problem, because they’re typically not well-labelled in english, but they’re well worth the trouble.
First, you need a kind of shrimp paste which is the base of the sauce. It’s called sha-cha, and it’s made from a mixture of chilis,
garlic, fermented brill-shrimp, and oil. It’s usually sold in small glass jars, labelled “barbeque sauce” in english. It’s a dark paste, which has red chili oil floating on top of it. Thanks to a commentor, a picture of a jar of the brand I use appears to the right.
The other is the noodles. The typical lo-mein noodle is a sort-of square-profile yellow egg noodle. Shanghai Shu Chow Mien uses a plain flour noodle, which is thicker and wider – the noodles are between 1/4 and 1/2 an inch wide, and they’re a sort of pale-tan white. They’re sold fresh in the refrigerator case, not dried. They’re usually labelled “shanghai noodles”. Thanks to Google, you can see a picture of the kind of noodles I use to the right.
Sorry about the abrupt end to the liveblogging last night; Firefox crashed, and CoverItLive wouldn’t let me log back in as the moderator.
Anyway, it’s a good day to be a liberal. As you all know by now, it was Obama in an absolute landslide. He won by a huge margin in the electoral vote, and by a good margin in the popular vote.
The Democrats also kicked Elizabeth Dole and John Sununu out of the senate, which is wonderful. But they didn’t take enough seats to get
past a filibuster in the Senate. This means that we can expect to see a really dramatic level of obstructionism from the remaining Republicans in the senate. And based on various comments that he made, I think we can count on Holy Joe Lieberman to join in with the right-wingers in blocking the Senate from getting anything done.
There are a few interesting things that I wanted to comment on.
I’m going to be liveblogging the elections here starting at 7pm. I’ll be doing my best to track the results as they come in, and what they mean. Feel free to come join in.
Once again, please don’t forget about our DonorsChoose drive! Please click in the panel to you left, and go make a donation to help schools get the supplies they need to be able to teach math!
Most people must have heard by now that about a week ago, T-mobile
released the first Android based phone, with software by Google. I’ve been using an Android as a tester for about 6 weeks, and I’m now allowed to talk about it, so I thought I’d post a review from the viewpoint of an extreme geek. Please excuse the low quality of the images; I took the pictures using my iPhone.
Obviously, there’s a bit of a conflict of interest here. Google is very proud of the Android software, and I’m very happy and proud to be a software engineer at Google. I think that my review of the phone is fair
and unbiased, but take that with a grain of salt, given my connections.
So, as I said, I’ve had the phone for about six weeks now. For a little over a year before I got my Android, I was using one of the original iPhones (not the 3g). So in a lot of things, I’m
going to compare my experiences with the Android to my experiences with the iPhone.
Overall, I love the Android. It’s not without its flaws, and some of them are fairly significant. I’ll go into details below, but the short summary of my opinion is that the software is excellent, the hardware less so.
To be honest, I think the software is really late-beta quality. It’s lacking polish, and there are a few awkward points. But overall, it’s
extremely well done. Details below the fold.
Before I get to the meat of the post, I want to remind you that our
DonorsChoose drive is ending in just a couple of days! A small number of readers have made extremely generous contributions, which
is very gratifying. (One person has even taken me up on my offer
of letting donors choose topics.) But the number of contributions has been very small. Please, follow the link in my sidebar, go to DonorsChoose, and make a donation. Even a few dollars can make a
big difference. And remember – if you donate one hundred dollars or more, email me a math topic that you’d like me to write about, and I’ll
write you a blog article on that topic.
This post repeats a bunch of stuff that I mentioned in one of my basics posts last year on the margin of error. But given some of the awful rubbish I’ve heard in coverage of the coming election, I thought it was worth discussing a bit.
As the election nears, it seems like every other minute, we
hear predictions of the outcome of the election, based on polling. The
thing is, pretty much every one of those reports is
utter rubbish.
In my last cryptography post, I wrote about using message authentication codes
(MACs) as a way of guaranteeing message integrity. To review briefly, most ciphers
are designed to provide message confidentiality – which means that no one but the
sender and the intended receiver can see the plain-text of the message. But
ciphers that provide confidentiality don’t necessarily make any guarantees that
the message received is exactly the message that was sent. There are a good number
of cryptographic attacks that work by altering the message in transit, and
depending on the cipher, that can result in a variety of undesirable
results.
For example, if you use DES encryption with the ECB mode of operation,
you can insert new blocks anywhere in a message that you want. By using
a replay attack (where you take encrypted blocks from other messages using
the same encryption, and resend them), an attacker can alter your messages, and
you won’t be able to detect it.
So in addition to just confidentiality, we need to provide integrity. What does integrity really mean? Basically, it expands the definition of the
decryption function. Written as a function signature, confidential message
decryption is a function decrypt : ciphertext × key → plaintext. With message integrity, we add the
option that decrypt can return a result saying that the message is invalid: decryptinteg : ciphertext × key → (plaintext | REJECT).
