Nyhetsflöde

When will this page be updated? Is it possible to get the deadlines far in advance so we can start planning early? I suspect a lot of us have a lot to do, and would prefer doing things early instead of the day before it's due.

It was asked during the last lecture and the answer was that the deadlines are not set yet, and won't be for a while. As for a rough estimate it was mentioned that the first homework probably won't be out for at least a few more weeks since we need to cover more of the course.

Even though the deadline isn't set and there's more to cover in the lectures, it would be nice if the actual homework could released.

It gives us a better idea of the workload to expect and allows people with tighter schedules to start early and maybe read ahead (since all the lecture slides are already out).

In case someone was not present during last Friday's (2017-02-24) lecture, a deadline was set for the preliminary part of the group project. By Monday 2017-03-06 23:59 CET, each group should send via e-mail to the course responsible of short paper (4/5 pages) studying and comparing the characteristics of an handful of authentication methodologies. The e-mail subject must be 'DD2448 GROUP PROJECT' and the document should contain names and e-mail addresses of the group members. Moreover, the use of LaTeX for the compilation of said document was strongly suggested.

Hello,

My group and I had a couple questions concerning the project (unfortunately none of us could attend last friday's lecture). Are the authentication methodologies techniques such as biometric authentication/two factor? Or must we present low level implementation such as sha256, etc..?

Best regards,

Christophe

@Christophe

What he said in class was to not go into too much detail and instead focus on "flow of information". Examples of things you could research were Swedish BankID or the Estonian ID-card. So from that information I understand it as more "high level" stuff, I even think someone briefly mentioned biometrics in class and he seemed to agree that it was a good thing to research. 

But the fact that today is Tuesday(less than a week until the deadline) and we still don't have clear instructions posted online is ridiculous. Instead we are relying on second hand information from other students who were present at the lectures. I also think we could have gotta bit more of a heads up of when the deadline would approximately be, so that we could have more time to form groups(mine still has a vacant spot hmu if you want to join). Nothing to specific, but a little note of "you should find groups now" the week before would have been nice. 

I think we should push on moving the deadline forward as it was a very short notice especially in the end of the period where some of us have tests very soon ( I for example have one the same Monday the HW is due)  and when all the final projects and HWs are due .

What do you think?

@Mati I don't want to speak for Douglas but I don't think he will agree to that. He said he wanted to put some pressure on us and he also discussed the deadline with the people at the lecture. Which means he did not decide on it all by himself. There is always someone who has something else at the same time so I think it will be impossible for him to please everyone.

And I believe he is away on vacation/something this week so who knows if he will see these comments in time.

Even though I attended last weeks lecture, I still feel like there is a huge information gap between the students and the teacher. We were told to do a research regarding securtiy implementations and to write 4-5ish pages. No info on what scope to use or further instructions were given. Douglas also said that the next lesson will be cancelled and that he would post this info asap. I wonder how many people will show up on friday just because of the lack of information from Douglas' side.

What is going on?

"Wanting to put some pressure on us" is kind of a bullshit reason to give us a one-week assignment on a quarter-speed course, right before exam season. Surely any other time would have been better? Not to mention the imprecise instructions and still having no official announcement beyond mentioning it on a lecture that any number of people could have missed. It's not even posted on the deadlines page yet, and it's supposed to be due in less than a week? What's going on here?

I think you are a bit off target here.

1. It has been clearly stated that you are responsible for keeping track of what goes on at lectures, and also how we agree on deadlines. Homepage is for informational purposes and I try to keep it updated.
2. The deadline was discussed and agreed on during the lecture. There was ample opportunity to change it, but we need to do this sometime during the course.
3. The lack of information is intentional. A written description would not contain more than what was stated during the lecture. I am fully aware in what way this is hard. Why is it important with open-ended problems?
   • It is fun for students that wants to learn and gives them choice.
   • It forces you to think about what is important and use your own judgement.
4. There is something for everybody in the course. There will be no lack of information in the homeworks and there is both theory and implementation problems.

While I understand that we're responsible for keeping up with any lectures we miss, I hope you understand that this becomes hard when very important information like this (the existence of a deliverable) is _only_ mentioned on the lecture. 

When you say that we're responsible for keeping track of what goes on at lectures, does that mean that we're responsible for never missing a lecture? If Matteo hadn't informed us, we never would have known.

To be clear, I think for most people here the problem is not the small amount of information or the deadline, but rather the lack of _official_ information. If you had updated this page with the deadline and one sentence about it such as "Write 4-5 pages on the characteristics of a handful of authentication methodologies such as Swedish BankID", I think there would have been less confusion about this. 

Finally, since this is "group project part I", what part is this for? Looking at the slides from the first lecture, there's 4 parts (worth 20p each). The first part there is "Describe and provide a security analysis of a way to authenticate a voter in an Internet voting system". Does this mean that we should focus our research around authentication methodologies for internet voting systems?

Thanks for responding and updating the page.

I feel the need to respond to one of your statements here though.

> It has been clearly stated that you are responsible for keeping track of what goes on at lectures, and also how we agree on deadlines.

Sometimes, people miss lectures. Every lecture will have some people missing. Most or all people will miss some lectures. It would be very inefficient to after every lecture have someone ask "What did I miss today? Was something extremely important announced today?" Students here are very familiar with the fact that you need to "catch up" in private study whenever you do miss a lecture. But deadlines need to be announced in a somewhat timely manner, in a centralised location, and with at least as much instruction as is necessary to complete the task. (The retellings in this thread are sufficient, since you say the open-endedness is intentional.) Because some people will have missed the lecture, and not everyone has some friend or study partner in the course (or else their friend might have missed the same lecture).

Imagine if Matteo had not felt the need to post this initial message, and you only announced this now. People would have had less than 3 work days to complete this assignment. That is, in my opinion, woefully insufficient. I understand and wholeheartedly agree that people need to keep up with the lectures if they miss them, but that only goes so far. It's not reasonable to expect everyone to know about a deadline that's been announced only once, on a lecture, on such short notice. The only way you could reasonably expect this is if you assign people - presumably TAs - to spread the word on important deadlines, and at that point you still have to reliably deliver the information to those parties so it's no more work than putting it directly on the website.

Please, if nothing else, at least consider asking those present at the lecture to get word out on Social as soon as possible, and follow up with official instructions at your earliest convenience. Second-hand information often misses important details and can be completely inaccurate.

We can discuss this in class.

Just to be sure, tomorrow there is no lecture ,right?

So with class you mean the 24th? Almost three weeks after the deadline?

People only want a short description of what we are supposed to do in text written by you so that we don't do the wrong thing. The text can be very open but people want it in text.

I agree with deadlines being only announced in is sub-optimal but honestly he has said that he expect us to keep track of what happens in class so that isn't the problem here. You don't have to agree with it but keep focus on what's actually important.

Also, "only four workdays", if you are a group of four people writing 4-5 pages should take at most a day.

Correct. No lecture Tomorrow/Today Friday March 3.

We can discuss next lecture.

Where can Homework I be found? said it would be out 2 days ago, yet I cannot find it.

The homework should appear under 'Handouts', but it's not uploaded yet.

That's what I suspected.

If this is the case, I would argue for a renegotiation of the deadline in proportion to this delay.

We still have more than two weeks left, even those who have exams during easter should still be fine since they were give the weekend after.

However, should it not be released today or early tomorrow I agree that it should be changed.

Could someone (Douglas?) please elaborate a little bit regarding the requirements for part II of the group project? I remember it being said that the report is expected to contain math, but it's pretty unclear to what extent and how formal it needs to be. How many pages (roughly) are expected?

@petercap We are to have a mathematical rather than programmatic viewpoint when writing. That is, any formal proofs or similar arguments should be expressed in math or propositional logic, and if you find yourself writing source code or pseudocode in the report you're probably doing it wrong.

https://kth.kattis.com/problems/oldkattis.aes

Is it possible to read the input properly on windows? I write in C++. I tried using scanf as unsigned character and fgets as string but both do not work properly.

What is the right way to input and output for this problem?

@Chun

Can't help you with Windows, but the program should be exactly the same, you should only need to change how you run it. I tried a few different ways, the biggest problem is reading until EOF.

I ended up doing:
cont = static_cast<bool>(cin.get(c))

cin is std::cin and the static cast is there is needed to store the return value in a bool variable. It will be false if you reach EOF.

I think others found cleaner solutions though.

@Robert

Thank you for your help. I'm using Ubuntu now and your input function works there. Now I'm stuck with the output. I store each output byte as an integer. The values are correct in the hex format, but even I tried casting the values as char or unsigned char and using printf("%c"), it produces some weird output. How can I output properly?

The AES assignment uses binary input and output. To correctly handle IO, if you use a POSIX compliant OS (i.e. Linux) I suggest you to take a look at the read and write syscalls (the standard file descriptors for stdin and stdout are 0 and 1 respectively), if you want to be more general you can check out fread and fwrite (global IO file pointers are defined in stdio.h).

@Matteo

It seems I have fixed the IO issues. Thank you.

Anyone else getting Memory Limit Exceeded on one of the later test cases, using Java? I/O seems to be working fine, considering I pass the first four test cases. 

I don't have any idea what could be causing this since nothing should be retained between the blocks. I'm doing most of the calculations in-place and each block is 16 bytes, so the space should be around the same for each block.

The last case is MUCH larger than any of the other ones so you are probably simply leaking memory. It might either be because of you storing references to old value in a data structure (directly or indirectly) or you are recursing and allocate a matrix for every recursion.

I'm getting the MLE on the fifth test case. If I add a System.gc() call between each block, I get all the way to the 7th test case until I get a TLE (probably due to the massive amounts of gc calls.

I don't have any recursion, I've spent hours looking for a old references being kept around. Since I don't have any global/static/instance variables, and it's all local, as soon as I exit out of an AES-call for a block, the previous references should be gone.

Java will only put the references on the stack, the referenced objects are allocated on the heap. So even if a method exits, it's referenced objects will remain in the heap until cleared by the garbage collector. The garbage collector probably doesn't bother running by itself often enough or even at all. Consider reusing the same block buffer for every encryption.

Was the deadline for Homework I moved? It says Monday April 19, but monday is on the 17th. I have a vague memory if it being moved but now I'm uncertain.

It was moved from Monday April 17th to Wednesday April 19th. He just forgot to edit the name of the day.

Note that the CSC service desk closes and locks the door at 16:00, so handing in the homework in the krypto17 compartment is not possible after that time.

> The printed sheets of paper must not be stapled together, collected with a paper clip or similar. Instead they must be collected into a transparent folder with easy access.

Are transparent folders available in the reception for easy turn in? Such folders can easily become expensive quickly unless you get them from the right place, and I don't believe requiring students to purchase accessories to be able to hand in mandatory homework is entirely along the lines of school policy.

Alternatively, do you know of a good place easily accessible from campus where transparent folders are sold cheaply or in bulk? I could pick up a pack for my personal use, take enough for the rest of the course for myself, and volunteer the rest at the service desk a few hours before the deadline, for the benefit of those who can't afford or don't want to spend the energy buying it themselves.

Though I agree that having to buy accessories in order to submit mandatory homework is not 100% correct, I got 2 plastic covers at Nymble's stationery shop for 6:- . I'm pretty sure anyone can afford that.

Is it ok to email the homework since the deadline is 23:59?

No, the instructions clearly say "No other way to submit solutions is allowed".

Then why have a deadline at 23:59 ?

Good question, it was probably just an oversight by the professor. Or, it is a way to test the ability of the students in picking locks / tampering smart-cards.

I went to the CSC student office to submit the homework but there was no "kripto17" folder, just a generic folder labelled "DD2448" full of assignment submissions from last year. The ladies at the help desk could not give me any explanation, so I put my papers in there anyway hoping they won't get lost. Does anyone have a bit more info about that?

Hi! I won't be able to make it to class today. To both Douglas and classmates, please try to keep notes and post what decisions and important clarifications are made verbally.

For the deadline question, please keep in mind that we've just had a hard push for the latest homework. If we schedule project 3 and 4 so soon that we need to spend more than a quarter-speed class should have time for... well, just please don't. Leave a little room in there for us to have pushes for other courses.

Thanks in advance

Sean

@sean

I doubt that will be very possible. We will need at least two weeks for HW2 and there are only 4 weeks of school left. If the deadline is set very late it will need to overlap with the Homework. So regardless you will need to finish it quite soon.

That's a fair point. I'd argue that if we're forced to spend overtime on a given course over an extended amount of time, something has gone seriously wrong with the planning and/or execution of that course, but that's to bring up with the teacher or student council after the fact, not in this forum and format.

Still interested to hear what was actually said at the lecture, since group project part 3 and 4 were going to be discussed yesterday. Were any important deadlines set or clarifications made?

@Sean

AFAIK no real deadline was set since Douglas sort of forgot about it until everyone was just about to leave, so it was only talked about very swiftly. The way I understood it was that the deadline for project part 3+4 isn't going to be very soon. I'm guessing it will be discussed during the next lecture. But in my opinion, slowly starting to work on the project right away is proably the safest bet.

And about the planning stuff, the course is suppose to be 3 HP in period 3 and 4,5 HP in period 4. But let's be real here, we only had a few lectures and project part 1 in period 3 and we have lectures + 2 homeworks + 3 group project parts in period 4. I don't know if that equates to a 3/4,5 HP split

Keep in mind that you are supposed to be studying on your own throughout the course. If you started studying the theory when the homework was assigned you only have yourself to blame.

Thanks Nedo for the information.

I'm still quite frustrated though that Douglas keeps ignoring our emails and the comments here on social as well, especially close to a deadline. I know that he has a lot to do with the course but this really makes it hard for us students to know what to do. I still don't know if the first project parts was sufficient since no grades has been reported and the emails regarding this has been ignored and at last lecture we basically got told the he had been getting so much emails he couldn't respond to them. 

There is also that the day of the turn in of the report with the theory questions there was a bunch of questions regarding for example how to solve the problem with the CSC closing at 16:00 when deadline was at 23:59 which was no where stated more than from comments from other students.

Not to mention the lack of planning mentioned above with putting all the work basically in period 4 and putting a 2 week deadline over an re-exam period + Easter. 

I know I'm a bit late to the party with this comment but I was naive and thought this would get fixed as the course continued but instead became worse. 

Hope this gave some food for thought and if nothing else inspire Douglas to make the course better for next years students.

Kind regards
Mattias Larsson

@Robert How would you prepare when topics such as elliptic curve were only covered on the last lecture, which was AFTER the submitted homework 1? Were you expecting these assignment to be on the homework when we haven't touched the area during the lectures ? I thought the point of postponing the release of the homework was that we needed to cover everything in class before.

@Mattias it was a 3 week deadline, I asked to have it extended to cover the re-exam period since a lot of people didn't have exams then. Also, most questions asked was either answered by the other students or was about people needing help to debug their code. Regarding the reception the solution was to hand it in earlier, a few hours won't matter for a 3 week deadline. Douglas did respond to the important kattis-GMP problem and the correction for 6c.

@Marcus, I read the lecture slides and I read a large part of the book. I also skimmed through all major topics on youtube and similar. Of course you don't end up knowing everything, but there is a hell of a difference between filling the holes and starting from scratch. I also looked at last years homework to get an idea of what kind of questions might appear. Sure, I might agree that the elliptic curve question should have been put in HW2, I was mostly talking about other questions in general.

Also, keep in mind, you need something like 20 out of 76 to be on a passing grade for HW1.

Are there any news on the deadline for parts III and IV of the project?

So how will the hand in be done for part III and IV ? Will it be via mail or physical (is the office even open on sundays?). Also what should be included in the hand in? report + feedback + code?

Does HW2 have to be handed in physically at the CSC office like last time? If yes, can we please have the deadline extended by 12 hours so the deadline actually occurs when CSC is open?

It was discussed last time in class and we agreed that the deadline should be moved to Monday May 29th. However, the page was not edited.

What time was decided? 23:59?

@Anton Probably 16:00 since that's when the csc office closes.

@Douglas Can we get some information on the missing points issue? I feel like if questions are going to be added, we need them asap.

Not to mention that we still haven't gotten any results from hw1, kind of hard to know how much you will have to commit to this homework without those results and if the solutions was sufficient in the last one or if one has to be more details and etc.

Hi, what happened to the deadline in the end. Was it moved to Monday or do I have to hand in my written solution today? (Is the student office even open today?)

@Andre Josefsson

The student office is closed today for holiday reasons. The deadline to hand in HW2 is until Monday. 

@Christophe Valahu

Thank you!

Do you know what time the deadline is monday, and also if the implementation problems have monday or sunday as deadline?

I seriously hope it was officially moved to Monday. I tried handing in my solutions, but the CSC office has been closed both yesterday and today and will be also closed for sure in the weekend.

The deadline time is 16:00, since that's when the student office closes. I'm also guessing that the implementation problems have the same deadline on monday. 

I would not assume that the deadline for the implementation part is also extended. I think Douglas said something about this in class but I cannot remember what he said.

Douglas, can you confirm what the deadlines are (both date and time) for both the theory and implementation tasks?

I missed the part of the lecture where you discussed this, so all I have to go by now is ambiguous second-hand information.

I've read through all the comments, but am extremely confused, there's a lot of contradiction. Does HW2 have to be handed in physically and by email, or is just an email sufficient?

Hi,

Are there any reading guidelines?

There will be no reading guidelines. One of the course goals is that students practice to find relevant literature on their own.

Furthermore, depending on the interests of the class we may focus more, or less, on different topics throughout the course.

However, Stinsons's book is the main source and the lecture slides from last year that is available on the Handouts page gives a decent idea of what is covered. Those slides will be updated throughout the course to better reflect the actual content this year. Some material is probably covered in Katz and Lindells book. See Resources.Feel free to skip lectures, but it is your responsibility to know what goes on during the lectures, and I do some things on the blackboard that do not appear on slides!

Would it be possible to upload the slides as handouts? (1 slide per page)

I guess this does the trick: \documentclass[handout]{beamer}

Just to clarify, is the link under "Slides From Lectures" all lectures combined together, or is it just the first one? It's 442 pages long, which seems too long to be just one lecture.

Davis, I am not sure what you want to accomplish. Please be more specific.

Erik, yes those are all the slides in one file from last year. Some will not be used this year and slides may be added.

Now the presentation is very long and it partially depends that some of the slides have duplicate information. Take the slide "Cipher (Symmetric Cryptosystem)", it has 6 slides to view the same information. 

For presentation purposes it is great, but when viewing it on the computer or if I would like to print some slides it would be nice if you could merge those.

If you compile your beamer with the "handout" parameter it should do it. If it does not work then it is ok.

Now I see what you mean. I have added such a version.

Is there any way for you to note in the slides which topics (or more specifically which slides) were discussed during what specific lecture? 

Meaning, if I'd like to read up on the material before a lecture, I should know roughly how many slides I have to go through and where to start. 

This also helps if someone missed a lecture and wants to catch up on what was discussed during that lecture. 

bump

Hej!
Dyker Homework 1 upp snart?

Task 10 in homework 1 says "Use a big integer library for multiplication, e.g., GMP in C/C++". However, submissions to modexp on Kattis are not linked with GMP, resulting in compile error if we try to use it. See my test submission: https://kth.kattis.com/submissions/1767959. In order to enable GMP support, the flags "-lgmp" and "-lgmpxx" need to be added to the g++ command.

Now this is possible to do on Kattis, as GMP works for the problem factoring, from the Advanced Algorithms course. It just does not seem to have been enabled in this case.

Could you look into this?

Thank you for the feedback. I will ask them to add this ASAP.

How would you like us to hand in the assignments where we have to write actual code? Is there maybe some sort of package for Latex that you recommend which improves readability, or should we just copy-paste the code?

For implementation assignments of actual code:

1. Make sure you are registered for the course on Kattis. To specify:
on https://kth.kattis.com/courses - when you're logged in, under Current Courses, the entry "Kryptografins grunder – DD2448" should read "krypto17  (registered)", with a green background. If it does not, click the krypto17 link and click the text link for "I am a student taking this course and I want to register for it on Kattis".

2. Submit the file to Kattis on the problem page relevant to the problem. Again, make sure you are logged in. The kattis page for each problem is given in the exam, including a hotlink for compatible PDF readers.

Should javas BigInteger be used for all implementation assignments?

Hello!

For the implementation questions, it works on my computer, but when I run it on Kattis it gives me a Run Time Error related to input/output understanding. My Java code is reading from System.in and creating output with System.out.println(). How are we meant to read in input and print output?

Thanks!

@Rebecca

If it sais how large the input numbers are you should be able to figure out if you need it or not.

If it doesn't say it's usually safe to assume that it will fit in a int_64

@Natalie

There are some test assignments to understand I/O in kattis like

https://kth.kattis.com/problems/hello

and some simple ones like:

https://open.kattis.com/problems/modulo

This might be a very stupid question, but what exactly does "All integers are positive and given in decimal." mean?

That you won't find negative numbers or numbers written in hexadecimal or binary ...

But I will find doubles in the input data? I get a NumberFormatException when trying to convert the input to a long or int, but not when I'm interpreting it as a double. Am I correct?

If the above is true, I think that it is very confusing to state that: "All integers are positive..."

Any help?

I'm not sure about doubles in the input but worth noticing is that numbers to large to fit inside an integer or a long will throw a NumberFormatException when parsed.

@alexander

@natalie

When asking for help it's a lot easier if you state what problem you are having problems with.

@alexander
https://en.wikipedia.org/wiki/Integer

aka a whole number, not integer as in the data-type. Why double works is because you probably have an overflow as Erik stated.

In problem 6c it is stated that S is a random variable over {0, 1}^128 and RO: {0, 1}^256 -> {0, 1}^256. Then S is not in the domain of RO and I am not sure how to interpret RO(S).

Is there a typo in one of the sets?

For the AES implementation, I have a working python solution but am very confused by the reading of the input in kattis. Since it's a binary input, it doesn't seem like we can use the "for line in sys.stdin:
ab = line.split()" method that is described in the Help tab. This is pretty frustrating because the main task of the problem is to figure out the AES algorithm, not how to deal with Kattis input. Does anyone know how we can get the input from Kattis?

Hi,

I am trying to complete the factorization of RSA modulus (problem 12). My program works locally on the provided samples. However, I get Wrong Answer in Kattis, even on the first test, which is supposed to be, I believe, the sample one.

Any idea what could cause that? Cheers!

@natalie

You will have to read until EOF. Yes the input is not in as nice of a structure as one might wish and I've already talked to Douglas about this but it won't change for this round.

I might as well tell you now that your python solution will be too slow (unless you know magic) for the simple reason that no one has ever submitted a solution that was fast enough (look in the stats section). There might be (and there is) 10⁶ blocks that you have to encrypt.

@aurelien

Have you tried using the diff tool when comparing the answers? Kattis treats all differences as an error, even if it is just simple things like new-lines and white space. Also, have you remembered to sort the values?

Hi,

Yes, I used the diff tool and it returned nothing (i.e., my output is similar to sample.ans). I also sort the values.

The first test case on Kattis is not always the same as the example. I know that multiple people have passed so there has to be something wrong with your algorithm.

You can try to simply print the answer for the test case to verify if it's the same as the example or not.

As a help for anyone trying to debug their AES implementation, here is what mine spits out after each step (converted to hex for readability): https://pastebin.com/yXMJz6d3

Hi,

Did the person that took a photo on the blackboard when Douglas went through assignment 19 of the homework ever share that photo?

Would appreciate if the picture was shared.

Best regards!

@Johan

For AES the official standard document has test vectors (aka all values at every step):

http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf

There are also good youtube videos showing the same things.

I have two questions about question 18 in HW1.

1. Are all values but x known?
2. Is the value y given as it is, or is it given mod q or mod p?

Have the problem with Task 10, Kattis not compiling the GMP library been solved. I still get compile error there on Kattis with the GMP.

For the implementation part of the homework, is it enough to submit the code on Kattis, or do we have to describe our solutions in a document?

Are we supposed to hand in two reports, one individual for the Implementations and one for the group's theoretical answers?

The professor said that he will retrieve implementation submissions directly from Kattis, hence a single report for the theoretical part should be enough.

When will the scores of group project part II appear in rapp? It has been quite a while now.

@Alexander For our group it is up now!

Same four our group but still not any results on Group project 1 though for our group.

Will the passing grade limit be lowered since the course description states: "Each homework satisfies I + T ≥ 100", while HW2 only has 50T + 29I?

Will we get our grade for HW1 before the deadline of HW2? It would be nice to know how many points we received on the first homework so we know what to aim for in HW2.

I encountered a problem when trying to solve the SHA 256 implementation exercise for HW2. The example inputs/outputs that are given on Kattis never correspond to the output given by any other SHA256 hash generator. For example, the first example on Kattis is 'e5', and its output is 'ab61ba11a38b007ff98baa3ab20e2a584e15269fd428db3c857e2a2d568b5725'. However when using any other SHA-256 hashing tool, we get '43700797e2f9d4ad38ccf1355df3233453396bfcc8db8e424486e37bae42a9ec'. Am I missing something here?

Maybe those encrypt the string "e5" rather than the bytes?

For the SHA256 exercise you have to interpret the input as bytes in hexadecimal encoding (it is stated in the input specification). So, for example, the string 'e5' represents a single byte with the value 229. Hashing tools usually read input as characters.

Is it possible to get a latex solution template for HW2

Are there going to be more homework problems so that HW2 satisfies T+I >= 100? If so, it would be good if they appeared soon.

Solution template if anyone still hasn't made their own

https://cseweb.ucsd.edu/~mihir/papers/gb.pdf 

This is a great complement to the slides.

It seems like the homework hasn't been updated to satisfy the predetermined condition T+I >= 100. Is it now safe to assume that the passing grade limits for I and T points will be lowered? If this is the case, it would be nice to announce the new limits. It would also be nice receive the scoring for the first homework, which we handed in over a month ago.

I doesn't seem like there is much of a need to lower the limit for a passing grade since there is more or less enough points in HW2 to pass the entire course without even getting points from HW1. There more interesting question is how the higher grade levels are weighted.

@Robert What are you talking about? Douglas stated clearly in the course description that the condition would be met. He also said during his last lecture that he would either add points to HW2 or lower the limits. There was also enough T points in HW1 to get a passing grade, but what does it matter? Just because you can solve all the problems easily doesn't mean that others can as well. We are lacking at least 21 possible T points, and the teacher promised that he would fix it. 

Why make promises or state it in the course plan if it's not going to be fulfilled? That's just stupid. 

Forgive me but I don't understand your reasoning at all. "It doesn't seem like there is much of a need to lower the limit" might be the case for you but not for everyone. 

The problems are more or less equally hard so there being fewer points available shouldn't be a problem since there still more points than you need. The limiting factor for solving problems is usually time so if there would have been more problems most people wouldn't have been able to solve more problems. If you are on the verge of not passing then you will have solved less than 1/3 of the problems so the amount of problems isn't really a problem.

For higher grades it's more important since there is a hell of a getting 90% of the points and getting 99% (which is practically impossible).

After working a lot as a teacher assistant I'm also worried about people passing without having learned the course material an not only about people not passing.

I would rather fail a course for not understanding the material than passing without deserving it.

Also, don't get me wrong. I'm arguing in regards to what I think is fair from a "neutral" perspective. I don't give a single shit about my own grade, I simply want to learn the material.

I think you are a potato.

@Robert I don't care if there are enough points in HW2 to pass the whole course. A course description is a guideline and the teacher should stick to it. Of course some adjustments can be made throughout the course, and I'm more than sure that everyone would be okay with it if there wasn't a complete lack of communication from the teacher. 

This course has been a structural disaster since day one and that's why people are pissed. I'm sure that I'm not the only one taking multiple courses simultaneously, which makes it impossible to learn everything from every course in the amount of time we have (and with homeworks being uploaded on such short notice). Since you have spent 9 years at KTH, you should obviously know this (or not). Different people have different priorities, and that's why we have a grading system. If you want to learn everything then go ahead and get an A or get a PhD in cryptography or whatever. You have to understand that there are people that are different compared to you, people that actually want to learn the foundations of cryptography and not become experts in the area. 

Take a look at this feed. Question after question is being asked without nearly a single response from the teacher. During lectures, we get promises that KTH social will be updated with information shortly, but this almost never happens. We always have to ask and ask and ask for basic information, which is usually not posted at all or posted incompletely after a long amount of time. Assignments that are handed in over a month ago are still not graded. The quiz got cancelled with one weeks notice. How can you not agree that there is something wrong here?

You are not arguing from a neutral perspective, you are arguing from your and Douglas perspective. Saying "The problems are more or less equally hard so there being fewer points available shouldn't be a problem since there still more points than you need." is not a neutral opinion, some people are more skilled in other theoretical areas than the ones in the homework. 

What Douglas posted yesterday (the points being multiplied by 71/50) was a good thing. What was wrong was that he posted it one and a half week too late. Do you notice the pattern?

With that said, this is my last post here. I hope that everyone passes so we don't have to spend another semester taking this shit-show of a course. 

Have a nice day.

I was trying to play the devils advocate, but I guess it went "so so".

I'm not saying that there hasn't done a lot of problems with the course. I was trying to discuss the question on it's own merit.

But I didn't read the situation correctly and people were angrier than expected and some people seem to have been offended.

So, I'm sorry.

Also, I'm a potato.

Alexander and others, I suggest that we sit down and discuss it and it would be great if more people joined. Let us find a date, you can propose 1-2 times/dates. Then I will make a doodle and book a big enough room for those that want to join. I know that they did this in another course and it was fruitful.

There are many considerations that goes into planning a course and you obviously experience it from a different perspective than I do.

Your feedback is most welcome.

Concerning kth.krypto.feldman: https://kth.kattis.com/problems/kth.krypto.feldman

> You are given s′1,…,s′k with k>d such that for at least d+1 distinct ii we have s'i=si. You job is to recover a0.

Do you mean that all s'1..s'k are proper solutions, or if k>(d+1), may some be false? If the former, are they given in order (so that the input subsection is k, f(1), f(2)..f(k))? Or do we only know that they are solutions? The text is rather unclear on this.

Thanks in advance

Sean

For at least d+1of the given s' values it is true that s'i == si.

So some of them may be "wrong".

The text is not ambiguous but it is not presented in the easiest to understand way.

Has anyone got any additional testcases for the feldman implementation excersise? My python implementation gets the first case correct and then I get 'wrong answer'. All testcases I can come up with it gets right..

Hi,
In 10a, PRG' is given as a pseudo random function but it has the mathematical definition of a pseudo random generator i.e no mention of a key. The part of the question 'and prove that it is a pseudo-random generator' is a bit ambiguous as they are different(the pseudo-random function has two parameters). 

It's just a typo. Exercise 10a asks to prove the output extension for a pseudo-random generator.

Considering that we covered SHA-1 in the lecture last week, I thought it might be interesting for you to know that the first publicly known SHA-1 collision was announced today!

https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html

I can't find Krypto17 at Kattis only Krypto10-16.

It should appear shortly, I have informed the person responsible for Kattis. I can not register the course myself.

There is no rush with this. I need this to see your solutions after the first homework to be able to grade them and enter the results in Rapp.

The course does not yet appear for me in Rapp. 

I guess you're not a ... rapper.