Simulating Public-Private Key Pairs and SCSI Disks

by Berk Öcal and Tobias Boelter

Abstract

Many scholars would agree that, had it not been for the partition table, the visualization of journaling file systems might never have occurred. In this work, we confirm the typical unification of Internet QoS and red-black trees, which embodies the typical principles of hardware and architecture. This at first glance seems counterintuitive but is buffetted by prior work in the field. In order to address this issue, we validate that although erasure coding and reinforcement learning are always incompatible, vacuum tubes and 802.11b are mostly incompatible. Continue reading

Security and Privacy of University Grades - Part 2: Security [Updated]

After I have talked about Privacy of University Grades, I now want to talk a bit about the security of university grades and present a vulnerability in a frequently used software.

Security of University Grades

Many of my Professors in the Mathematical Institute and also many Professors in other Universities use OKUSON to publish, manage, and grade homework assignment. OKUSON is an open source software written in python which provides a complete web server and was made at RWTH Aachen. Back in mid 2013 I screened the source code and was not amused in the first place because the coding style was what I would consider *not so good* (the software mainly consists of one file containing ~4000 lines of code with rare comments). However, my amusement raised after a while when I found the first vulnerability.

Have a quick look at the relevant code: Continue reading

Security and Privacy of University Grades - Part 1: Privacy

I wanted to write this article since half a year or so but I never found the time to do it properly. However, here is a quick and dirty sketch of what I've been able to do within 2 days or so back in mid 2013.

The topic is split up into two blog posts: Part 1: Privacy (this one) and Part 2: Security.

Privacy of University Grades

Almost every professor publishes the exam grades on his or her website together with the unique student id totally open to the public. Furthermore at the beginning of the course they publish the tutorial groups together with the attending students' ids.

The student id provides some anonymity because it can not be directly linked to a human but it provides a unique identifier for a student throughout his or her study.

I have downloaded the exam results as well as the tutorial group listings from the last 4-8 years or so. Of course this data is not complete as some course websites were already offline or professors did not publish the grades. Furthermore the data is not fully reliable as grades may change if students discover flaws in the marking. But for the moment I am going to ignore that.

With this data one can already do some interesting social network analysis as well as generating detailed statistics on each student's performance. By assigning each student a score which describes his or her aptitude one can also evaluate, how difficult specific exams were and also answer questions like "In which course/With which professor I'll most likely get the best grade?" or "In which tutorial group are the brightest students?"

To summarize the above: With the given data, one can do interesting analysis but the students' privacy is not highly threatened. However, it turns out that linking the student ids to human is not that difficult as it should be. When a student submits a homework assignment or signs up for an exam, he or she usually has to provides his or her full name and student id. Thus the tutors, who conduct the tutorial groups and are themselves ordinary students, usually have access to datasets containing the student id, full name, e-mail address, subject of study, and semester. Sometimes professors also print out these data sets and pin them on the wall, e.g. to organize the seating arrangements at the exam. In summary, it is not difficult to deannonymize ~85% of the students or so and get a detailed view of their courses, their grades, their friends, etc.

Jacobi Triple Product Identity

Today I gave my talk in the Proseminar on Partitions (Number Theory) offered by Prof. Kathrin Bringmann (University of Cologne). In my talk I gave a proof of the Jacobi Triple Product Identity and also proved some beautiful corollaries, e.g. Euler's Pentagonal Number Theorem.

Using the following definition of the Pochhammer Symbol

(a;q)_n := \prod_{j=0}^{n-1}(1-aq^j)

the Jacobi Triple Product Identity becomes

\sum_{n\in \mathbb{Z}}z^nq^{n^2}=(q^2,q^2)_{\infty}(-zq,q^2)_{\infty}(-z^{-1}q,q^2)_{\infty} for z\neq 0

Using this equation, the Pentagonal Number Theorem

(q;q)_{\infty}=\sum_{n\in \mathbb{Z}}(-1)^nq^{n(3n-1)/2}

can be obtained by replacing q by q^{3/2}.

The TOEFL

Yesterday, I got my results from the TOEFL iBT, but first things first. TOEFL stands for Test of English as a Foreign Language and is administered by the Educational Testing Service. iBT stands for Internet based Test: answers are submitted to ETS via the Internet and are not evaluated at the test center.

I had to take the quite expensive ($240) test that wants to measure my academic English language skills, because it is mandatory for my applications to US PhD programs. The test consists of three parts: Reading, Listening, Speaking and Writing. In my opinion, the test is well created and fairly well suited to evaluate one's English skills within the limitations that a computer-based test has. One can earn up to 30 points in each section and thus the total score (the sum) is on a 0-120 scale. Continue reading

Intersection of 3 Matroids

Inspired by Jack Edmonds and my Professor Dr. Rainer Schrader I decided to start doing research on intersections of 3 matroids. Matroids are really cool. Motivations come from Linear Algebra but if you want to keep it simple, you could just define it as follows:

Definition: A Matroid is a pair (E,F) where E is a finite set, F\subseteq 2^E and the following constraints hold:

  1. F is not empty
  2. X\in F, Y\subseteq X \Rightarrow Y\in F
  3. For X,Y \in F with |X|<|Y| there is a y \in Y\setminus X such that X\cup \lbrace y\rbrace \in F

Sets in F are called independent.

If we have got weights on the Elements and if the weight of a subset of E is defined as the sum of the weights of all its elements, we can use the greedy algorithm to find an optimum independent set in polynomial time. Of course we would therefor need a method which allows us to check whether a set is independent or not in polynomial time.

So what is the intersection of matroids?

Continue reading

Example for Reduction of the Shortest Path Problem to the Assignment Problem

Two days ago I published my blog entry My Solution to a Question from Jack Edmonds: Reduction of the Shortest Path Problem to the Assignment Problem. Here I will give an example to illustrate how the reduction works.

So let's start with the graph shown in figure 1.

graph1

Figure 1

We will construct the bipartite graph shown in figure 2. On the left is the set X, containing copies of all inner nodes and the node t. On the right is the set Y, containing a second copy of all inner nodes and the node s. For each edge (a,b) in the initial graph we add an edge from the node that corresponds to a on the right side to the node that corresponds to b on the left side. In addition to that, we link all pairs, which are the blue horizontal lines. Continue reading

My Solution to a Question from Jack Edmonds: Reduction of the Shortest Path Problem to the Assignment Problem

Image_37-m

Jack Edmonds

I am very happy that I had the chance today to attend a lecture held by Jack Edmonds, who is regarded as one of the most important contributors to the field of combinatorial optimization.

During his talk, Jack asked us to think about how to reduce the shortest path problem on directed graphs with rational costs on the edges to the assignment problem. I thought a bit about it and want to present my solution here.

First of all, let's recap what the shortest path problem and the assignment problem is. Continue reading