2012/08/16

DevEncoded and Basler Ace in Taurus

Sometime a go, I have received the request to control a new model of cameras The Basler Ace acA1300-30g{m,c}. Yes both types: monochrome and colour. The most common cameras to look at the beam are the Basler Scout scA1000-30gm and the scA1300-32gm (yes until now we have only supported monochrome cameras in the service of beam diagnostics by imaging.

To take the pictures of this Basler Scout we have used and contribute using the Soleil's device ImgGrabber, and to analyse those taken pictures we have used the ImgBeamAnalyzer (also originally from Solei).

How we look at the images? Long time a go we have start working with Qt and as a result we have used Qub widget from esrf. This widget has been integrated in tau that has been renamed to taurus.

As an example, I have saved hundreds of snapshots of the gui with beam. The latest publish here was to celebrate the first x-ray beam at alba, but I can share much more of those pictures:




But the software we used doesn't support the Ace cameras. There is a newer software that makes deprecated this software and many of the synchrotrons that are using tango are migrating to LImA (Library for Image Acquisition). This is a very powerful software specially focussed in detectors.

This ccds that I'm talking here are not usually "detectors" in a synchrotron sense. They are not the end of the beamline from where the data of the experiment is collected. The most often activity of this cameras is beam diagnostics previous to the experiment to make sure that everything is on the expected place and the shape of the beam have the desired characteristics. Then they are used very often as a live video image in the graphical user interface (gui) from which I have placed images before.

Another situation is during beam commissioning when this cameras are used much more like a detector during a scan using Sardana. On this situation is not that important the image availability during the measurement, the most important this is the beam study of each picture and the statistical characteristics from the beam.

Then we have two very different user cases. In the upgrade to LImA both must be implemented, and yes they already are.

In the LImA Basler device the Ace cameras are already supported and there are some attributes that allows the possibility to have a gui like we have. But what was the problem? This attribute are from the "new" tango data type DevEncoded. Our system didn't support yet this data type and this has been an august development (almost the best month to work, almost every one on holidays and no one is bothering your development).

What make this data type special? This data type can contain almost anything: basically is a list of an string together with a list of bytes, where the string says what and how the things are codified in the list of bytes.

In the case of the LImA's "video_last_image" attribute, the DevEncoded is given as a "VIDEO_IMAGE" format. An issue of this flexibility is the naming, we are starting putting names without a rule and in the future this will be very difficult to unify and harmonise. 

LImA is hosted in a git repository and in the file "applications/tango/LimaCCDs.py" there is a method 'read_video_last_image()' where this "VIDEO_IMAGE" is codified.

Recently this DevEncoded format has been integrated in taurus.

And as we want to see the images using guiqwt who is integrated in taurus using an extension of this software, we have integrated this DevEncoded as a interpretable data from taurus.

The result: we've been able to take and show images from a monochrome Basler ace camera:


Using a fake beam (a image of the beam printed in a paper and placed in front of a ccd) we can check how it behaves with different beam types:


Very glad and satisfied when you see this images. It doesn't look special, but knowing the effort behind that the view is different.

2012/08/13

The Andalusian labourers and the significant differences of sensitivity before the robbery

Following a similar idea than one of my previous posts I have read something on this matter:
"The Andalusian labourers and the significant differences of sensitivity before the robbery"

I like to share here and translate it:
No one like that some one else robs what is ours. The think is like this from immemorial time that the human beings we have occurred to rules and institutions to avoid it and to punish to that do it.
I understand, therefore, the anger of the owners of the supermarkets where a group of Andalusian laborers has removed food. Although the objective is noble, I have already said that to anybody it likes that someone else robbs what is own and I understand him, then, that they have reported to the authorities.
I even understand that these have been mobilized immediately and leaders of some parties have requested quickly that are punished to the guilty. Is what the spokesman of the Popular Party has done in the Congress, Rafael Hernando, who affirmed that he hopes that the deputy of United Left, Juan Manuel Sanchez Gordillo, is denounced by robbery because, according to there is saying, “the laws are had to fulfill and must have exemplary conducts. This form of protests seems to me lamentable and I hope that Justice intervenes in the affair”. 
I already say that it seems normal to me. But what, nevertheless, it does not seem so normal to me it is that these authorities and the politicians who have been scandalized so much by the theft of the laborers are so little sensible to other much more great robberies that happen to newspaper in our country. That is to say, that they have got upset as much by a theft of small account and they do not persecute the great robberies and swindles.
Let us see: 
Let us suppose that the labourers filled each one of the shopping cart with food by value of 300 euros each one (what he would mean, by the way, that the stolen total amount is very small for Carrefour and Mercadona, because between both company they obtained 845 million euros of benefits in 2011, and if we suppose that they gathered 25 cars of food is that with that benefit they would be possible to be filled to 2.8 million cars with food by value of 300 euros each one).
Now let us compare this theft with other three robberies of which they have taken place or they take place day to day in Spain: 
a) Robbery of the electrical companies.
The engineer Antonio Moreno has demonstrated that “every day that happens without the Government approves the official rule that he defines in what consists “the suitable renovation and update of the park of accountants”, the electrical companies receive the following amounts illegally (including the VAT):
- More than 600,000 euros by a service (“the suitable renovation and update of the park of accountants”) that do not given because the Government not yet has defined of what this service consists.
- Between 196,000 and 342,000 euros by the positive error that has 80% of the accountants because they have not been verified periodically because the Government not yet has published the corresponding norm”.
That is to say, that the company electrical (single to receive a service of renovation and update of accountants that does not render) robs every day to the Spaniards equivalent to 2,000 shopping cart with food by value of 300 euros each one, which represents about 730,000 shopping cart after the year.
As it can be seen in the Web of Brown Antonio (http://www.estafaluz.com) if the other concepts of the continuous swindle of these companies are added, it would be that the very many ones are robbing us equivalent to more shopping cart.
b) Robbery of the preferred participations.
As it is known, a good number of banks deceived thousands of Spanish savers placing “preferred participation to them” as if those products were deposits, without informing to them of which in fact those things are something like actions without right to vote and whose single cash could be recovered in very leonine clauses (a news tv report of Tele5 on this subject here).
As a result of that fraud of the banks around a million people there are lost the immense majority of its savings, calculating that those losses, a true robbery, can have a value of between 10,000 and 30,000 million euros.
If we accepted the lowest estimation (10,000 million), it is that the banks have robbed to a million Spanish citizens, and only by the concept of preferred participations, the equivalent to 33 million shopping carts loaded with food by value of 300 euros each one.
c) Fiscal fraud.
According to the technicians of the Ministry of Finance the 72% of the fiscal fraud (that is of about 89,000 million euro altogether), is made by the biggest fortunes and the greatest enterprises corporations, which means that these didn't pay to Finance's Ministry about 64,000 million euros to the year.
If we accepted that to evade the payment of taxes to which we are compelled it is a robbery to the society, it is that the great fortunes and corporations rob to all the Spaniards the equivalent one to 213 million shopping carts loaded with food by value of 300 euros each one.
To these robberies we could add others to great scale, like that the deceived families who contracted with banks credits with fraudulent clauses ground (information here and here), those that practice the pharmaceutical companies (information here), or and endless suffered daily of bad practices of the banks that cost thousands of million to all the Spanish citizens (adicae). Neither mention the global robbery of astronomical amounts of money that the financial crisis has supposed, the banking rescues, etc.
In conclusion: it could seem reasonable to me that it is wanted to persecute and to condemn the labourers who have stolen a few shopping carts of food by value of about 7,500 euros and not on its own benefit. But what I ask myself it is another thing:  how is possible that such judges, public prosecutors, police, authorities… that they are persecuting and that will finish jailing to the labourers responsible by the theft for a few shopping carts of food do not persecute with similar fervor to those who amounts are robbing us that are several million greater times?
I do not know that the readers think but, at sight of this so contradictory behavior and the poor effective persecution who have those multimillionaire robberies, with what I think they criminalize the labourers not because the robbery itself but by another thing worries to them: because to whistle-blower to show the worse and more revolting shame of our opulent world is seen: the hunger. A suffering, do not forget, that the result of the lack of resources is not an accident nor but, as said the previous Relator of the Nations United for the Problems of the Feeding, Jean Ziegler, “a organized crime  against the Humanity”. And he is for that reason, I create, who the criminals who commit it or who help to commit do not want it that he is spoken of it.
So do not be hypocritical: If the authorities that demands the respect to the order and the property were coherent and ended the true thieves who are robbing to the immense majority of the society there would not be more labourers taking eaten of the supermarkets. 

2012/08/10

When there are two laws

Now a days, specially during this crisis, it becomes much more evident that even before the double standard of the law. There is two ways of justice in Spain, and certainly every where else in this world but often they have more precautions, where today is too much evident.

It's not the same punishment for things that are morally equivalently wrong, and the worst is when the punishment depends on your social class. As rich as you are: more impunity you have.


This country is plenty of examples of this. Should be Felix Millet in jail due to a misappropriation of public founds? There are people in jail to have robbed much less, but he is not prisoner. The Catalan health system is also soiled by scandals. And the corruption of this both cases splash too many politician, when at the same time the mass media hides this informations. And even all this things the citizens have to pay an extra € per each medicine prescribed by your doctor of the public health care system. I know people who can not take the medicines because they are too expensive and to buy it they have to eat less.

Scandals of corruption jumps to the news very often in spite of the effort to cover and hide it. Where is the solidarity and equitable redistribution. Every where is the same shit.

And law doesn't act, is absolutely blind in this cases. But in the protests from the citizens in the country, we are criminalized. Even if it is a pacific protest in the street, the can accuse the citizens of resistance to the authority to make possible to punish it with jail in a similar form than if your protest is violent.

By criminalize the actions of the working class, that includes unemployed and retired, when fights for the rights and duties of this society, the problem is not solved at all: it makes it more complicated.

All of us have rights and duties, and I insist all of us. Politicians have also duties and not only their rights. Their actions won't be free of consequences. Often is said that the workers forgets our duties, but don't generalize because is not general. And why the consequences only falls down to the plebs? Many politicians and rich forgets their duty to obey the law.

But what they are doing is to change the law in order to have their own full permission to do what they like. That is not the way. Well is a way, but is not the way to live together peacefully.

2012/08/08

Refactoring

The software has its live cycle during which the development and bug fixing are link to several variables, some under control or the developer but many are out of this control. I'm not talking much about the time dedicated to the development during a project, but too. Those variables are out of control specially in the bug fixing time, when the speed and extreme programming are more present.

When some day, some how, some one decides that something is urgent, or more urgent than the other urgent things. At that time, the development will done because of an heroic effort and all bugs will be fixed fast (hopping that the bug fix will not produce any other side effect).

How old must be a code to consider refactoring? It could depend on the number of requirements coming from the heaven. I mean when the number of times that some one is very urgent to codify, the developer does it, but with a price. And this price is a quality loss, until it becomes untenable. When any bug fix requires longer and longer time due to the side effects of the modification.

But there is a moment, that triggers an alert for the project manager that says refactoring is mandatory: when the design have almost nothing in common with the code: when code smell.

Then I found a book that looks nice for this task: "Refactoring: Improving the Design of Existing Code" Fowler, Martin (1999). More than ten years old book, older than the code I want to refactor, live irony.

2012/08/06

Generalized Rijndael, schematics

Before to enter in deep on the questions remarked in the previous post about this series, I like to post some schemas that some day would be useful.

The Rijndael symmetric cryptosystem build by iteration using a network of permutations who follows the basic shannon's properties of "confusion and diffusion". The bits in the plain text are mixes and substituted by a group of operations do by an order. To decrypt, what have to be done is to do the same things but in the opposite way. For sure, there is a key to introduce here the secret to be able to undo the encrypt operation.
Diagram 1: Flow of the Rindael encrypt/decrypt

As in the diagram 1 shows, using only 4 operations (subBytes, shitfRows, mixcolumns, addRoundKey, and its inverses). But those operations are in a certain order to maintain a set of properties.

  • subBytes: word substitution, where each element in the state matrix is replaced by its inverse and an affine mapping. Operations in
  • shiftRows: cyclic left shift of the elements of the i'th row by i words.
  • mixColumns: column linear transformation of the state matrix, where each column is given as an element of a polynomial ring, where the coefficients of this polynomial are polynomials in .
    This polynomial ring is: 
  • addRoundKey: XORed transformation between the state matrix and the round key.

Is necessary to emphasize the use of a part of the key in the 'addRoundKey()' operation. This round key is much longer than the given key to encrypt/decrypt, and the process to generate this key expansion can be described in a iterative way:


Diagram 2: Iterator schema of the Rijndael key expansion
The first 4x4 matrix (the ) is the original key given with in a structure of a matrix of elements in the wordsize (8 bits, a byte in rijndael, AES). This example is using the 128 key option but the key matrix can have more columns: To build the key expansion its the same way, but remark that "#c" represents the number of columns for the message, not the key.

To build the following columns to have each round keys, an iterator is good to see how this is made. I have tried to get an schema from other webs sites, but the ones that I found haven't convinced to me. I hope this would help to someone who search on internet for a diagram of the rijndael key expansion.

2012/08/02

RFC 6637 and construct elliptic curves

A new request for comments is available for elliptic curve cryptography. With the number 6637 the past June 11th was announced as official. Very good news for the elliptic curves and its cryptographic implementations. 


From the first version of this standard when it was a candidate has passed a few months more than 4 years. Yes, more than 4 years to public discussion. Necessary for consensus in standard development, but much more necessary for cryptography.


The old project of the patch for GnuPG, who was already obsolete a long a go, have some relation with the final code in the GnuPG. I'm glad when I see it in the sources that I have contributed somehow.


But what about the supported curves? The mentioned standard restricts the use of only a very few of them. The supported curves are only 3, one per each supported size: from the fips 186-3 the p-256p-384 and p-521 (the biggest 3 of the 5 in the Appendix D.1.2 "Curves over Prime Fields). They are known as the NIST curves and they are from the NSA suite b.


Yes, the standard doesn't close completely the use of other curves. There is a field in the structure of the key to specify the curve, but is not set directly the curve. What is place in the field is the curve OID. Even if the number of curves that can be listed using this Object Identifiers can be very big, it will never be as big as the existing and cryptographically valid elliptic curves. But there is hope in this issue, it wasn't like that the full time of this pre-standard process, there is a octet, the first one, who have a reserved value (0xFF) for future extensions.


Why can be so important to use as many curves as the users want? Easy, one of the biggest features in elliptic curves is the possibility to change the cyclic group where the discrete logarithm is protecting your secrets, without changing the size is because using a different curve with in the same base finite field the hardness of move an attack from the cyclic group in one curve to another cyclic group in another will be almost equivalent to start from scratch the attack over the new cyclic group on the new curve over the same finite field.


But, how can be a new curve generated? Recently in arxiv I've seen a article about this matter: "Method for constructing elliptic curves using complex multiplication and its optimizations" (July 30, 2012).


I've been working in isogenies using volcanoes and stars of them to speed up the initial way to construct a new curve (pointed in the abstract of the cited article):


  1. , where and
  2. If it doesn't satisfy the conditions restart from 1
But this article proposes the other way around, start finding an order that satisfy the conditions and then build a curve of this order. It's a promising idea to have a nice way to have as many curves as necessary. 


With the isogenies, I didn't found how to speed this up enough to have a new (cryptographically good) curve during the key generation (a reasonable time to not desperate the user). And even more, having the possibility to reset your key by change and old curve by a new one with out needing to create a new key, but assuring the security by a public and auditable procedure.

What is the utility of this feature of the cryptosystem reset? One that I can imagine, and can be compatible with the current standard is to have a corporative elliptic curve in the smart cards and periodically renew the curve. Knowing the path in the isogeny star, all the smart cards would be able to "migrate", but for a cryptoanalyser will be a very enormous hard work to "port" any running attack, even if the public keys are available in both curves, from the origin to the current if the path is still secret.

The most important thing in cryptology is the trust on mathematics. Giving the user 3 curves, that looks good, but only 3, is not enough. Like the S-boxes in DES, that wakes up susceptibilities, specially at the beginning, to know how they had been build (why those and not any other). Even more, giving a list of hundreds of thousands curves is neither enough because the problem is still the same.

The unique solution I see on that issue, is to give this public and auditable algorithm that allows the community to validate (or break) it that make the user confortable with the provided security.

Generalized Rijndael, a review

After a too long period of time with out working on this project I like to recover it.

I did a python implementation, that will be publish as free software (GPL) who is able to change the usual parameters of the Rijndael to work in a very different way than the 3 options of the standard. As a review:

Rijndael variable parameters:

  • Number of rounds
  • Number of rows
  • Number of columns
  • Wordsize (in bits)
  • Number of columns in the key
The 3 standard sizes are: {10,4,4,8,4}, {12,4,4,8,6}, {14,4,4,8,8} and this means:

  • Block size always 4x4 elements of 8 bits 128 bits
  • Key size can have 4, 6 or 8 columns 128,192,256 bits
    • And depending on this key size the number of rounds varies from 10, 12 or 14.
But this can be changed easily by something like: {40,2,2,8,8} and this means a Rijndael of 32 bits block with keys of 128 bits (doing 40 rounds, but this was set like this in the experiment because other small block ciphers have values like this).

But what means internally to the algorithm this change?

  • A new irreducible polynomial is need for the mixColumn() transformation, because the polynomial ring have the same number of coefficients than the number of rows.

Are there other options in Rijndael to get this combination? Yes: this would be equivalent to {40,4,4,2,16} and what does this mean?

  • A new Rijndael SBox must be build: the original is made to apply a substitution of works of 8 bits.
Pending demonstrations:
  • Is the generalized Rijndael still a Pseudo-Random Permutation (PRP)
  • How to build secure SBoxes?
  • How to get irreducible polynomials to be able to change the number of rows?
    • Is the invertible circulant matrix also valid for polynomial rings over , with ?
  • How to calculate the number of rounds necessary? Not less than need to be insecure, but not more to do superfluous calculations.