晨读ZZ

发表于2009年7月16日miuc

最近几天起的越来越早.. 早上与实验室外面的门纠结了大半个小时,- - 

ZZ昨晚看见的一小段关于 C\C++ 输出中文的评价

还是我来给你们上一课吧。

首先按照c99支持unicode字符集,这里指内存中的字符编码,c++当然应该支持,这是毫无疑问的。

 

但是unicode的外部表示如utf7,utf8,utf8n,utf16le,utf16be等等外部存储格式,c++委员会显然没有理由理会这些东西,作为世界上最帅的 stl库sgi-stl3.3外带的IO流库认为自己没有义务实现各种各样的字符编码的转换。

 

事实上这样做会导致stl-io库对操作系统的严格区分,结果必然是舍了一群孩子才套了一只狼。所以,sgi-stl声明除了标准的“C”别的一概不予理会。

 

结果是如果我们使用sgi-stl而又不提供新的诸如 c_local_stub_win32.cxx这样的基于windows的c-locale底层接口的实现,像goodname那样用什么locale都不管用。

 

说到这里,如果你在使用stl-port,stl-port4.6比sgi-stl的野心大多了,孩子肯定是舍了,狼大约也没套多。

 

我并没有做过 stl-port4.6使用其他locale的例子,但我想,他的表现大约会像微软的p.j.先生的stl一样帅吧。

bcb6,cbx部署的stl库恰好就是stl-port的某个版本,如果按照goodname的办法不能成功,那么很不幸stlport又少套了一只狼。

如果你在使用ms的 p.j.先生的stl,那么你很幸运,因为你想要什么,微软都会给你的。

 

大体上goodname的代码应该行的通。

 

不过正如微软的座右铭:给你需要的,但请不要看明白我是怎么做的。

 

虽然微软公开stl源代码,但我宁愿自己从没有看过那个东西。

 

本人甚至都在怀疑微软使用过什么给这些代码加上1024位的密。使用微软的产品就像生活在Newyork一样:即在地狱又在天堂。

说到这里还没有说到重点,实际上stl-io流在处理内部字符流和外部数据流间的互转换时,使用自带的locale中指定的codecvt*对象,其中的do_in,和do_out实现转换,按照sgi-stl的实现,“c”完成内部的wchar_t和外部的char转换时不会考虑10646更不会考虑其他任何形式的mbcs,事实上c++标准根本就不认识这些东西。

 

所以当你想要输出汉字时,每个汉字的高位都被丢弃,很不爽吧,解决的办法就是继承一个codecvt重写do_in,do_out在里面用psdk的功能完成 unicode到mbcs的转换,使用那个代码页管用,你就自己试试吧

 

早上发的囧了,修改一下..

发表在 未分类 | 留下评论

JavaScript 日历制作

发表于2009年7月15日miuc

小结 :

    有点体会到弱语言,就好像在摆弄羊驼 (- -) ,

    不过还算好,写的时候对语法考虑的比较少。

 

昨晚写了一部分,今天早上弄好..[破天荒的在7点起。囧]

调用函数:

Date.getDate()       当前月第几天 1~31

Date.getMonth()    当前年第几月  0~11

Date.getFullyear()  四位年2009

Date.getDay           当前星期,星期几 0~6 0=星期天

gif

框架问题: 因为想使用表格frame属性,复合嵌套了一下表格。

输出问题: 

              找到表格第一天,do(日期– and 星期–) while ( 日期小于等于1 and 星期等于1)

              打了一个表记录每月天数(考虑闰年),这样当前月天数,上个月天数就不难实现。

              接下来就剩下 循环(日期++)填入天数  (以及特殊情况考虑,比如上月或者下月的日期显示)

显示问题:实现灰色和今天特殊标记,用CSS定义

代码问题:计算部分实现倒是不难,生成html的部分调试了会。

代码在主页…写的有点随意,不拿出来了。

过几天拿下来。。

发表在 未分类 | 留下评论

Linux下C的补码反码以及无符号

发表于2009年7月14日miuc

中午把之前《深入OOXX》继续翻了几页,觉得这样东看看西看看不是个办法,先静下心来弄最喜欢的一个吧。

书上有一页谈到, “我们必须把Tmin_32写为-2147483647-1,而不是-2147483648,编译器在处理一个形为-X的表达式的方法是先读表达式X,然后对它取反,但是2147483648太大了,不能表示为一个32位的,二进制补码数。”

看到这里我琢磨了一会,因为  -2147483648     [这里的换算先不仔细说明,下面有一个程序跑出的结果与这里相同]

 相当于 0x80 00 00 00  而 -2147483647 为 0x 80 00 00 01

                          继续有        2147483647 为 0x 7F FF FF FF

                          取反有                                 0x 80 00 00 00

                          这里是因该加1吧?

                          如果是的话书上的话可能有误区。

 “编译器在处理一个形为-X的表达式的方法是先读表达式X,然后对它取反,[然后加1?]

    或者,作者言下的取反有+1运算

 顺便测试了下-max-1 溢出的情况  -2147483648 为 0x80 00 00 00

                                                  -1后得                 0x7F FF FF FF

          猜想是 对1(0x00 00 00 01)取反    0xFF FF FF FE

                                                   加到   0x80 00 00 00

                                                 得     0x 1

7F FF FF FE

                                   测试时的结果为

0x 7F FF FF FF  同样也存在加1的问题。

                          顺便说一点,测试时我直接试了

-2147483648   显示正确,编译器聪明了 ^^?

#include <stdio.h>

#include <stdlib.h>

int outit(unsigned char * ptr,int n)

{

    int i;

    for(i=0;i<n;i++)

    {

        printf("%.2X ",*(ptr+i));

    }

    printf("\n");

    return 0;

}

int main()

{

    int test;

    int op=0;

    do

    {

    printf(" Input :\n");

    scanf("%d",&test);

    scanf("%d",&op);

    if (op)  test–;

    outit((unsigned char *)&test,sizeof(test));

    printf("%uU and %d\n",test,test);

    } while (1);

}

发表在 未分类 | 留下评论

Visual Studio ? Visual Studio !

发表于2009年7月12日miuc

  下午闲着闷的慌,把深入浅出MFC来来回回翻着玩- – 。

   瞄到了三张图,上面意思大概明白一些..,不过这样半吊子显然不能解释清楚给大家,而且MFC出来混这么久,我也没弄清楚他究竟的怎么样了。。。

   不说了,结合点自己的体会,自己学着那三张图依次画个山寨版 [—..—]吧。

1

2

3

发表在 未分类 | 留下评论

Elliptic curve cryptography

发表于2009年7月11日miuc

原文来自wiki

翻译参照Bing在线翻译

- - 部分翻译

Elliptic curve cryptography

From Wikipedia, the free encyclopedia

Jump to: navigation, search

Elliptic curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. The use of elliptic curves in cryptography was suggested independently by Neal Koblitz[ 1] and Victor S. Miller[ 2] in 1985.

Elliptic curves are also used in several integer factorization algorithms that have applications in cryptography, such as Lenstra elliptic curve factorization.

椭圆曲线加密技术 (ECC) 是一种基于椭圆曲线的代数在有限域上的公共密钥加密技术。
基于因数分解问题的因数分解密码系统,典型代表为RSA;

基于离散对数问题的离散对数密码系统,典型代表为DSA;

基于椭圆曲线离散对数问题的椭圆曲线密码系统(ECC);

{以上非原创。}

Contents

[hide ]

[edit] Introduction   介绍

Public-key cryptography is based on the intractability of certain mathematical problems. Early public-key systems, such as the RSA algorithm , are secure assuming that it is difficult to factor an integer with two large prime factors. For elliptic-curve-based protocols, it is assumed that finding the discrete logarithm of an elliptic curve element is infeasible. The size of the elliptic curve determines the difficulty of the problem. It is believed that a smaller group can be used to obtain the same level of security as RSA-based systems. Using a small group reduces storage and transmission requirements.

An elliptic curve is a plane curve which consists of the points satisfying the equation

y 2 = x 3 + a x + b ,

along with a distinguished point at infinity, denoted \infty . This set forms an Abelian group, with the point at infinity as identity element. If the coordinates x and y are chosen from a finite field, the solutions form a finite abelian group.

As for other popular public key cryptosystems, no mathematical proof of difficulty has been published for ECC as of 2009. However, the U.S. National Security Agency has endorsed ECC technology by including it in its Suite B set of recommended algorithms and allows their use for protecting information classified up to top secret with 384-bit keys.[ 3] Although the RSA patent has expired, there are patents in force covering certain aspects of ECC implementation, though some argue that a practical ECC key exchange system can be implemented without infringing them.[ 4]

公共密钥加密技术基于某些极端的数学问题。

基于椭圆曲线的协议中假定无法发现椭圆曲线元素的离散对数。

特征值P=2时,有  y 2 + xy = x 3 + a x 2 + b

                      或  y 2 + ay = x 3 + b x  + c

特征值P=3时,有 y 2 = x 3 + b(1) x +b(2)x + b(3)

特征值P!=2,3时,有   y 2  = x 3 + a x  +b

{同样非原创} 

[edit] Cryptographic schemes    加密方案

Several RSA-based protocols have been adapted to elliptic curves, replacing the group \mathbb{Z}_{pq} with an elliptic curve:

  • the Elliptic Curve Diffie-Hellman key agreement scheme is based on the Diffie-Hellman scheme,
  • the Elliptic Curve Digital Signature Algorithm is based on the Digital Signature Algorithm,
  • the ECMQV key agreement scheme is based on the MQV key agreement scheme.

At the RSA Conference 2005, the National Security Agency (NSA) announced Suite B which exclusively uses ECC for digital signature generation and key exchange. The suite is intended to protect both classified and unclassified national security systems and information.[ 5]

Recently, a large number of cryptographic primitives based on bilinear mappings on various elliptic curve groups, such as the Weil and Tate pairings, have been introduced. Schemes based on these primitives provide efficient identity-based encryption as well as pairing-based signatures, signcryption, key agreement , and proxy re-encryption [1] .

[edit] Implementation considerations   实施注意事要

Although the details of each particular elliptic curve scheme are described in the article referenced above some common implementation considerations are discussed here.

[edit] Domain parameters   域参数

To use ECC all parties must agree on all the elements defining the elliptic curve, that is, the domain parameters of the scheme. The field is defined by p in the prime case and the pair of m and f in the binary case. The elliptic curve is defined by the constants a and b used in its defining equation. Finally, the cyclic subgroup is defined by its generator (aka. base point ) G . For cryptographic application the order of G , that is the smallest non-negative number n such that n G = O , must be prime. Since n is the size of a subgroup of E(\mathbb{F}_p) it follows from the Lagrange’s theorem that the number h = \frac{|E|}{n} is an integer. In cryptographic applications this number h , called the cofactor , at least must be small (h \le 4 ) and, preferably, h = 1 . Let us summarize: in the prime case the domain parameters are (p ,a ,b ,G ,n ,h ) and in the binary case they are (m ,f ,a ,b ,G ,n ,h ) .

Unless there is an assurance that domain parameters were generated by a party trusted with respect to their use, the domain parameters must be validated before use.

The generation of domain parameters is not usually done by each participant since this involves counting the number of points on a curve which is time-consuming and troublesome to implement. As a result several standard bodies published domain parameters of elliptic curves for several common field sizes:

  • NIST, Recommended Elliptic Curves for Government Use
  • SECG, SEC 2: Recommended Elliptic Curve Domain Parameters

Test vectors are also available [2] .

If one (despite the said above) wants to build his own domain parameters he should select the underlying field and then use one of the following strategies to find a curve with appropriate (i.e., near prime) number of points using one of the following methods:

  • select a random curve and use a general point-counting algorithm, for example, Schoof’s algorithm or Schoof-Elkies-Atkin algorithm ,
  • select a random curve from a family which allows easy calculation of the number of points (e.g., Koblitz curves), or
  • select the number of points and generate a curve with this number of points using complex multiplication technique.[ 6]

Several classes of curves are weak and shall be avoided:

  • curves over \mathbb{F}_{2^m} with non-prime m are vulnerable to Weil descent attacks.[ 7] [ 8]
  • curves such that n divides p B − 1 (where p is the characteristic of the field – q for a prime field, or 2 for a binary field) for sufficiently small B are vulnerable to MOV attack[ 9] [ 10] which applies usual DLP in a small degree extension field of \mathbb{F}_p to solve ECDLP. The bound B should be chosen so that discrete logarithms in the field \mathbb{F}_{p^B} are at least as difficult to compute as discrete logs on the elliptic curve E(\mathbb{F}_q) .[ 11]
  • curves such that |E(\mathbb{F}_q)| = q are vulnerable to the attack that maps the points on the curve to the additive group of \mathbb{F}_q [ 12] [ 13] [ 14]

       SECI 及 IEEE P1363 工作草案中 定义椭圆曲线域参数由一个六元偶  T= P ,a ,b ,G ,n ,h ) 组成。

       其中我们使用 P 表示 有限域 Eq , 或者 m 表示 F2m

       二元素 a,b属于Fq

       由此可以确定一条椭圆曲线,g表示一个基点,n为其对应的阶。 h=#E(Fq)/n, 为一个小整数。

[edit] Key sizes   密钥大小

Since all the fastest known algorithms that allow to solve the ECDLP (baby-step giant-step, Pollard’s rho, etc.), need O(\sqrt{n}) steps, it follows that the size of the underlying field shall be roughly twice the security parameter. For example, for 128-bit security one needs a curve over \mathbb{F}_q , where q \approx 2^{256} . This can be contrasted with finite-field cryptography (e.g., DSA) which requires[ 15] 3072-bit public keys and 256-bit private keys, and integer factorization cryptography (e.g., RSA ) which requires 3072-bit public and private keys. The hardest ECC scheme (publicly) broken to date had a 109-bit key (that is about 55 bits of security). For the prime field case, it was broken near the beginning of 2003 using over 10,000 Pentium class PCs running continuously for over 540 days (see [3] ). For the binary field case, it was broken in April 2004 using 2600 computers for 17 months (see [4] ).

一般的,我们可以认为,当Q的长度为160bit时,其安全性相当于RSA使用1024bit长的密码。

[edit] Projective coordinates  投影坐标

A close examination of the addition rules shows that in order to add two points one needs not only several additions and multiplications in \mathbb{F}_q but also an inversion operation. The inversion (for given x \in \mathbb{F}_q find y \in \mathbb{F}_q such that x y = 1 ) is one to two orders of magnitude slower[ 16] than multiplication. Fortunately, points on a curve can be represented in different coordinate systems which do not require an inversion operation to add two points. Several such systems were proposed: in the projective system each point is represented by three coordinates (X ,Y ,Z ) using the following relation: x = \frac{X}{Z} , y = \frac{Y}{Z} ; in the Jacobian system a point is also represented with three coordinates (X ,Y ,Z ) , but a different relation is used: x = \frac{X}{Z^2} , y = \frac{Y}{Z^3} ; in the López-Dahab system the relation is x = \frac{X}{Z} , y = \frac{Y}{Z^2} ; in the modified Jacobian system the same relations are used but four coordinates are stored and used for calculations (X ,Y ,Z ,a Z 4 ) ; and in the Chudnovsky Jacobian system five coordinates are used (X ,Y ,Z ,Z 2 ,Z 3 ) . Note that there may be different naming conventions, for example, IEEE P1363-2000 standard uses “projective coordinates” to refer to what is commonly called Jacobian coordinates. An additional speed-up is possible if mixed coordinates are used.[ 17]

[edit] Fast reduction (NIST curves)  快速缩小 - - 还是叫 Fast reduction吧..

Reduction modulo p (which is needed for addition and multiplication) can be executed much faster if the prime p is a pseudo-Mersenne prime that is p \approx 2^d , for example, p = 2521 − 1 or p = 2256 − 232 − 29 − 28 − 27 − 26 − 24 − 1 . Compared to Barrett reduction there can be an order of magnitude speed-up.[ 18] The curves over \mathbb{F}_p with pseudo-Mersenne p are recommended by NIST. Yet another advantage of the NIST curves is the fact that they use a = − 3 which improves addition in Jacobian coordinates.

The speedup here is a practical rather than theoretical one, and derives from the fact that the moduli of numbers against numbers near powers of two can be performed efficiently by computers operating on binary numbers with bitwise operations.

[edit] NIST-recommended elliptic curves  NIST 推荐椭圆曲线方法

NIST recommends fifteen elliptic curves. Specifically, FIPS 186-2 has ten recommended finite fields. There are five prime fields \mathbb{F}_p for p 192 , p 224 , p 256 , p 384 and p 521 . For each of the prime fields one elliptic curve is recommended. There are five binary fields \mathbb{F}_{2^m} for 2163 , 2233 , 2283 , 2409 , and 2571 . For each of the binary fields one elliptic curve and one Koblitz curve was selected. Thus five prime curves and ten binary curves. The curves were chosen for optimal security and implementation efficiency.[ 19]

  推荐了几种椭圆曲线。

[edit] Side-channel attacks  侧信道攻击

Unlike DLP systems (where it is possible to use the same procedure for squaring and multiplication) the EC addition is significantly different for doubling (P = Q ) and general addition (P \ne Q ) depending on the coordinate system used. Consequently, it is important to counteract side channel attacks (e.g., timing or simple/differential power analysis attacks) using, for example, fixed pattern window (aka. comb) methods[ 20] (note that this does not increase the computation time). Another concern for ECC-systems is the danger of fault attacks, especially when running on smart cards, see for example Biehl et. al[ 21] .

Certicom ECC 以及 因子分解竞赛

[edit] Patents  ….

Main article: ECC patents

At least one ECC scheme (ECMQV ) and some implementation techniques are covered by patents. Uncertainty about the availability of unencumbered ECC has limited the acceptance of ECC.

发表在 未分类 | 留下评论

武汉的夏天..

发表于2009年7月10日miuc

 linux截图

确实热.. - - 怎么还有点囧…..

另: ubuntu在时钟首选项处位置页可以添加自己的位置,支持显示天气功能。{地址可以直接输入中文  如."武汉"}

发表在 未分类 | 留下评论

JavaScript 下的cookie基本操作

发表于2009年7月9日miuc

<html>

<head>

<script type="text/javascript">

function getCookie(c_name)   //   提取 cookies中 c_name=OOXX 中的OOXX 无则返回""

{

   if (document.cookie.length>0)

    {

      c_start=document.cookie.indexOf(c_name + "=")        //indexOf 相当于 strchr

      if (c_start!=-1)                                            

        {

        c_start=c_start + c_name.length+1

        c_end=document.cookie.indexOf(";",c_start)

        if (c_end==-1) c_end=document.cookie.length

            return unescape(document.cookie.substring(c_start,c_end))

        }

    }

    return ""

}

function setCookie(c_name,value,expiredays)        //   c_name=escape(value);GMT时间

{

var exdate=new Date()

 exdate.setDate(exdate.getDate()+expiredays)       //  escape 是为了能方便存入流的特殊符号转换函数

    document.cookie=

    c_name+ "="+escape(value)

   +((expiredays==null) ? "" : "; expires="+exdate.toGMTString())      

}

function checkCookie()                            // 检查

{

    username=getCookie(‘username’)

    if (username!=null && username!="")

      {

          alert(‘Welcome again ‘+username+’!’)}

    else

        {

         username=prompt(‘Please enter your name:’,"")

          if (username!=null && username!="")

          {

             setCookie(‘username’,username,365)

          }

        }

}

function clearCookie()    //自己加的清除cookies 试了直接 document.cookie="" 无效…有更好的方法么?

{

  try{

     document.cookie="username="

     }

  catch(err)

 {

    txt = "error\n\n"

        confirm(txt)

 }

 

}

</script>

</head>

<body onLoad="checkCookie()">

<input type="button" onclick="clearCookie()" value="清除Cookie" />

</body>

</html>

发表在 未分类 | 留下评论

补码反码以及无符号小结

发表于2009年7月8日miuc

   中午看了点《深入OOXX》, 继续之前看的很糊涂的二进制码关于补码反码的问题。

   现在有点头绪,写点。

#include <stdio.h>

#include <stdlib.h>

int outit(unsigned char * ptr,int n)

{

    int i;

    for(i=0;i<n;i++)

    {

        printf("%.2X ",*(ptr+i));

    }

    printf("\n");

    return 0;

}

int main()

{

    int test;

    do

    {

    printf(" Input :\n");

    scanf("%d",&test);

    outit((unsigned char *)&test,sizeof(test));

    } while (1);

}

 测试2进制码的程序。

 跟着书上写的想下去,会出现一点思维上的迷糊,因为我们平时记住的补码=反码+1;

 因该把这个归于捷径而不是我们思维的方法,补码的真正意义是在于将最高位(比如8421的8)看作负(即-8)

 然后于其他各个位的权值相加。

 如 1011 计算思路 -8+2+1 = 5

 然而编译器处理你输入的数是有一定的方法。下次继续写。

发表在 未分类 | 留下评论

继续记录OPENSSL

发表于2009年7月8日miuc

#define ABORT do { \

    fflush(stdout); \

    fprintf(stderr, "%s:%d: ABORT\n", __FILE__, __LINE__); \

    ERR_print_errors_fp(stderr); \

    EXIT(1); \

} while (0)

简单使用

  if (!ctx) ABORT;

发表在 未分类 | 留下评论

OPENSSL 很强大

发表于2009年7月6日miuc

   对一个结构体的部分特殊free,写了一个函数处理,复杂,NB。

   如此境界….  

发表在 未分类 | 留下评论