Tensor Product

Tensor product is an outer product of two vectors. Here are some examples:

For two qubits:

For three qubits:

In "general",

Develop a static website on AWS

1. Have your webfiles ready. Such as index.html 

2. Sign in to the AWS Console 

3. Add a bucket under S3, eg. cs590.bucket 

3.1 unckeck "block all public access" so people can access your website. 

4. Click the "cs590.bucket" and copy the ARN 

5. Under "Objects", upload the webfiles. Note that the index.html file should be in the root folder. 

6. Go to the "Properties", edit the "Static website hosting" 

6.1 enable static website hosting 

6.2 choose "host a static website" 

6.3 type index.html as the index document. 

6.4 type error.html in error document. (Don't worry for now if you don't have this file.) 6.5 save changes.

7. Go to the "Permissions" tab, add a "bucket policy" 

7.1 click "Edit" button

7.2 click the "policy generator" button and then select "S3 bucket policy" 

7.3 type "*" in the Principal 

7.4 select "all actions" checkbox 

7.5 paste the ARN you copied in step 4. Something like this "arn:aws:s3:::cosc590.bucket". 

7.6 click "add statement" 

7.7 Click "Generate Policy" button 

7.8 Copy the JAON policy document. Something like this: 

{
  "Id": "Policy1605400973864",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt1605400930003",
      "Action": "s3:*",
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::cosc590.bucket",
      "Principal": "*"
    }
  ]
}

7.9 add "\*" at the end of the resource line. So the policy should like this:

{
  "Id": "Policy1605400973864",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt1605400930003",
      "Action": "s3:*",
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::cosc590.bucket\*",
      "Principal": "*"
    }
  ]
}

7.10 paste the policy to the "bucket policy" (step 7.1)

8. Go back to the "Properties" tab

9. Scroll down to the bottom 

10. Click the link to launch your website. The URL is something like this:

http://cosc590.bucket.s3-website-us-east-1.amazonaws.com

-------------------

Optional:

a. Add logs.cs590.bucket to store logs and enable under "properties". 

b. Add www.cs590.bucket and to redirect to cs590.bucket. 

Q: Why adding a policy (step 7)?

A: For security reason, the bucket access is disabled by default. This follows the "least privilege" security policy. 

CNOT Gate

 Controlled NOT gate: 

⏐x, y⟩ → ⏐x, x ⨂ y⟩

Matrix:  

The CNOT maps 

⏐0 0⟩ → ⏐0 0⟩

⏐0 1⟩ → ⏐0 1⟩ 

⏐1 0⟩ → ⏐1 1⟩

⏐1 1⟩ → ⏐1 0⟩

Proof:

⏐00⟩ = [1 0 0 0], ⏐01⟩ = [0 1 0 0], ⏐10⟩ = [0 0 1 0], ⏐11⟩ = [0 0 0 1], all vectors transposed for easy typing. 

Here ⏐0⟩ == [1 0] and ⏐1⟩ == [0 1] and ⏐ab⟩ = ⏐a⟩ ⨂ ⏐b⟩

Apply matrix multiplications: 

CNOT × ⏐00⟩ → ⏐00⟩

CNOT × ⏐01⟩ → ⏐01⟩

CNOT × ⏐10⟩ → ⏐11⟩

CNOT × ⏐11⟩ → ⏐10⟩

#

In math, left Kronecker product ⨂ is

For example: 

Qubit Operation (2)

CNOT gate: to flip iff  (if and only if) the control quit is |1>, otherwise it does nothing. 

Entanglement:

⏐+⟩ == [1/sqrt (2) * (|0> + |1>) == 0.707 |0> + 0.707 |1>

⏐-⟩ == [1/sqrt (2)] * (|0> - |1>)

X (a, b) = (b, a), NOT gate

|a, b> == |b, a>, see below qubit swap:

[a |0> + b |1>] |0> == a|00> + b|10>

|𝝍> == a |0> + b |1>

|𝝍>|𝝍> == a^2|00> + ab|01> + ab|10> + b^2|11>

Bell state (entanglement):

Linear Algebra - Qubit Operations

Vectors are commonly written in column format. Sometimes, we also use shorthand format such as (3, 4).

In quantum computing, the state |0> corresponds to vector (1, 0), and |1> corresponds to vector (0, 1). 

Commonly used quantum gates, quantum circuit symbols, and math representations: 

The Bloch sphere representation of X (NOT), H (Hadamard), and Z, S, T (phase) gates. 

We can see that 

• X gate rotates along X axis 180 degree (or less depending on the initial angle to Z axis). (NOT) 
• H gate rotates along Y  axis 90 degree (or less). 
• Z, S, T gates rotate along Z axis at certain degree. (phase)

PGP Encryption

Developed by Phil Zimmerman in 1991. It combines symmetric, asymmetric (public key) encryption, hash, and digital signature all together providing confidentiality, integrity, and authentication. Good for email. The algorithm:

At the sender (Alice) side: 

1. Alice: Message M is hashed
2. Sign (encrypt) the hash value with her private key (EP)
3. Compress (zip) the message + signed hash value
4. Use a session key Ks to encrypt zipped output (ES)
5. Use Bob's public key to encrypt session key (EP)
6. Send encrypted message and encrypted session key 

At the recipient (Bob) side:

1. Use Bob's private key to decrypt session key (DP)
2. Use session key Ks to decrypt the zipped message
3. unzip, got message and signed hash value
4. Use Alice's public key to decrypt the hash value 
5. Computing hash value for the message received
6. Compare with hash value Alice computed.

Below are the PGP diagram:

Mathematically:

Note:

Image copyright: Author of this post. Free to use but reference is required. 

Quantum Circuit

 A quantum circuit is a computational routine consisting of coherent quantum operations on quantum data, such as qubits, and concurrent real-time classical computation. It is an ordered sequence of quantum gates, measurements, and resets, which may be conditioned on and use data from the real-time classical computation. A set of quantum gates is said to be universal if any unitary transformation of the quantum data can be efficiently approximated arbitrarily well as a sequence of gates in the set. Any quantum program can be represented by a sequence of quantum circuits and non-concurrent classical computation.

A quantum gate is a reversible (unitary) operation applied to one or more qubits.

Electronic computer: program --> instructions (operand and data) - binary bits
Quantum computer: program --> quantum circuits (quantum gate and quantum data) - qubits

Hashcat - Password Cracking

The labs shows how to crack hashed passwords using dictionary and brute-force methods on Kali Linux. 

Download hashcat-exercise-files.zip

sudo mkdir hashcat-exercise

unzip hashcat-exercise-files.zip

./view-sample-password.sh

echo -n salt [password] | md5sum

man crypt

man mkpasswd

A: Dictionary attack

Create text file test-dictionary with three words hello, wtaddtsbtk, dog in three lines. 

hashcat -m 500 -a 0 crack-these-please-md5 test-dictionary --force (cracked with 3 passwords)
hashcat -m 1800 -a 0 crack-these-please-sha512 test-dictionary (cracked with 3 passwords)

hashcat -m 500   -a 0 crack-these-please-md5     500_passwords.txt (cracked with 7 different)
hashcat -m 1800 -a 0 crack-these-please-sha512 500_passwords.txt (cracked with 7 different)

B: Brute force attack

openssl speed md5
openssl speed sha512

This shows md5 processes more data than sha512 in the same amount of time. 

hashcat -m 500 -a 3 crack-these-please-md5 ?l?l (mask ?l means one lowercase letter) return: w, ww
hashcat  -m  500  -a  3  crack-these-please-md5  ?a?a (?a all 95 characters on keyboards instead of 26)

Core attack modes

• Dictionary attack - trying all words in a list; also called “straight” mode (attack mode 0, -a 0)
• Combinator attack - concatenating words from multiple wordlists (mode 1)
• Brute-force attack and Mask attack - trying all characters from given charsets, per position (mode 3)
• Hybrid attack - combining wordlists+masks (mode 6) and masks+wordlists (mode 7); can also be done with rules

http://www-scf.usc.edu/~csci530l/instructions/lab-authentication-instructions-hashcat.htm

The Rise and Fall of BlackBerry (phones)

Blackberry with its iconic on device full keyboard was a symbol of c-suite executives and other business professionals, the list also include the US Presidents. The reason for the wide adoption (some 10 years ago) was not only the beautiful design but also its security. 

Blackberry uses an end-to-end encryption called PGP. The servers are managed by a company (or a third party). When Alice sends a message, the message is firstly compressed. PGP then creates a (one time) random session key to encrypt the compressed message. The session key is then encrypted using Bob's public key and send to Bob. Bob uses his private key to decrypt the session key and uses it to decrypt the message. 

It is important to note that the encryption and decryption are done on Blackberry devices, we call end-to-end. Since PGP is strong encryption, men in the middle cannot decipher and read the message. Due to the strong security feature, Blackberry quickly gained the market popularity. 

Because PGP is too strong to break up, it prevents some countries or regimes to spy on their citizens. As a result, many countries banned to bring Blackberry to those countries. As a result, this beautiful device was quickly faded away. 

Some scientists believe the fall of Blackberry was not because its business malpractice. It was because the strong security and no back door. Technology may not always win. 

Final comments: 

1. The good news is PGP technology is still here and people can choose to use.  

2. Random number generation (RNG) is very important for the security of encryption key. Quantum RNG (QRNG) can guarantee the truly randomness. 

3. Compression is a form of encryption, usually symmetric, due to its fast speed. 

4. Learn more about PGP, visit Philip Zimmermann's website. 

Quantum Cryptography

Quantum cryptography is to address issues in crypto key distribution by using a principle guaranteed by the fundamental laws of physics. Once a recipient receives the temper-proof key, She can then use conventional crypto method to encrypt/decrypt the message. So quantum cryptography is the hybrid approach of modern cryptography but the keys are exchanged via the quantum channel commonly called quantum key distribution (QKD). 

Fig. Quantum Cryptography

According to physics, a quantum state is unobservant. If an eavesdropper observes a quantum sate, it changes so as to cause errors at the destination. So the sending and receiving parties know the communication was compromised. Only validated keys are secure and used for further encryption/decryption. 

Image copyright: Author of this post. Free to use but reference is required. 

Quantum-safe Cryptography

The current public key encryption is mostly based on prime numbers. With the advancement of computer especial quantum computers, the threat to the existing crypto algorithms is becoming imminent. 

The need to increase the key length keeps growing. A new type of post-quantum or quantum resistant algorithms is under-development. 

Why should people worry about the existing encryption algorithms?

In WWII, German mathematicians claimed that the Enigma machine, based on simple substitution method, would require 100 years to solve. Alan Turing used less than 6 months built a Bombe at Bletchley Park. Bombe was able to crack 3,000 German encrypted message a day initially and later amounted to 2.5 million encrypted messages. 

Fig. Alan Turing's Bombe 

Today, those messages can be deciphered in a fraction of microseconds running a small program using the statistical analysis method. (The author has programmed one in Python.)

In 1977, RSA issued a challenge in an article "A new kind of cipher that would take millions of years to break". The so-called 40 quadrillion years problem (428 bit key) was solved in 1994 after a 6 months of work. 

RSA algorithm with key length 1024 bit to 4096 bit is considered strong and "unbreakable" today. Peter Shor @MIT proposed an algorithm that can solve such "unsolvable" programs on quantum computers. 

Imagine people store the encrypted data now and wait 10 years or so to decrypt when the powerful quantum computers are ready. Should you worry?

Crypto Keys and Key Exchange

In Crypto, encryption and decryption keys need to be well guided. In classical cryptography, A secret key is used. Key distribution is difficult.

British GCHQ (now NCSC) introduced the public key cryptography concept. A third party (CA) is responsible for key creation and distribution. This makes key exchange convenient. 

Fig. Public Key Cryptography

RSA public key encryption is based on two large prime numbers. Factor the product of those numbers seems simple but requires tremendous amount of time, or in many cases important. 

Since public key algorithms such as RSA require complex computations, it is slow. As a result, people usually do not use it directly for encrypting message (a large amount of data). Instead, use it to exchange short session keys for secret key algorithms (aka symmetric algorithms) such as AES. 

Note:

Image copyright: Author of this post. Free to use but reference is required. 

Cryptography Basics

Cryptography is to hide information before sending and reveal it at recipient. Figure 1 is an illustration of encryption and decryption process.  

Fig. Crypto Basics

Alice uses an encryption key to encryption the plaintext. The encrypted text (ciphertext) is then sent to Bob. Bob decrypts the ciphertext with a key to reveal the plaintext Alice sent to him. 

Here the encryption key and decryption key (could be one) are important. They need to be strong and convenient. 

Common secret key (one key) encryption algorithm: DES (1976, 56 bits key length, vulnerabilities exist), AES (256-bit key length, current).

Common public key (two keys) encryption algorithm: RSA (current).

Ideally, keys should keep changing to make them impossible to guess or deduce. Random numbers are used to generate keys but only truly random number are considered ideal. 

Quantum Random Number Generators (RNG) use the randomness of photons, it is impossible for observing or predicting the outcome.   

Note:

Image copyright: Author of this post. Free to use but reference is required. 

SET Tutorial on Kali Linux

Social Engineering Toolkit has many features to harvest user information.

This tutorial shows one feature - harvest user data.

Step 1: Start  ~setoolkit , Choose SE attacks

Step 2: Choose website attack vectors

Step 3: Credential Harvester Attack Method

Step 4: Web templates

Step 5: Confirm IP address for the post back in Harvester [default your ip address]

Step 6: For phising templates, choose Google/Twitter

Step 7: Harvester is running on port 80 (by default) ...

----------------------------

Hunting Victims

Open a browser and put in the harvester IP address (same as above)

key in email/username and password, and then click sign in

-------------------------

On the Harvester terminal, it displays the login process and the username and password.

#

Note:
Suggest to put the SET terminal and Browser side-by-side

NSF Award Notice for Award - Quantum Crypto and Algorithms - May 6, 2020

This project promotes the progress of science in quantum computing algorithms and cryptologic techniques in order to improve security of encrypted information, which will have national security and defense applications.

Currently, the commonly used encryption algorithms such as RSA are considered “unbreakable” by modern digital computers due to the complexity of computation that would be required. However, this may change in the next decade or so in light of advances in quantum science.  Quantum mechanics has led to the discovery that considerable numbers of states can be manipulated at the same time thus significantly reduce the amount of time in processing. New quantum computers have shown the baseline of “quantum supremacy” in solving problems that classical digital computers practically cannot.

Efficient quantum algorithms are key to enable computer scientists to take full advantage of the next generation of practical quantum computers to efficiently solve today’s unsolvable problems. Advances in quantum science in both breaking and securing the encryptions are paramount for national security and preventing adversaries from taking advantage of critical areas of national defense.

This project seeks to discover efficient quantum cryptologic methods (i.e. the art of revealing the secret) and secure quantum cryptographic techniques (i.e. the science of making the secret more secure). This project not only exhibits the excellence in scientific research, but also supports diversity and inclusion goals for the benefit of society.