Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 9 years ago.
Improve this question
What libraries exist for secure encryption in an embedded context. Not embedded linux, though. I'm talking about the simplest option, running on bare-metal with no operating system and no to get access to a filestream.
Think chips talking to each other on a printed circuit board, periodically sending like 10-byte messages.
rijndael? Is it worth the time to try to port it to something simpler?
A number of manufacturers provide examples of encryption algorithms for their processors. Here is one for the TI MSP430 processor family. I would recommend using with caution and a full investigation of the security impacts of your own implementation. Key management as always is a major problem, particularly how you keep this secure if the device is accessible by an attacker.
Other algorithms that are readily available are Twofish and Blowfish by Bruce Schneier.
You can also use a standard hash on a shared key plus some message varying data known to both ends (time or message count spring to mind) to produce a "random" array of bytes that can be XORed over the message data.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 8 years ago.
Improve this question
I need to design some data structures for something that's roughly a cross between a database and a file system. In fact there's a large overlap in the design of file systems and databases. I've done some work on both, not very in-depth, but still, I have some idea about the topics. However I need more information and I am wondering if there's a good overview of design concepts out there. Things like overviews of algorithms, data structures and the like. The advantages of different types of trees or hash tables for key lookup. Perhaps some information about data ordering an alignment. In short, the experiences of other people in implementing filesystems and databases that would help the next person avoid the same mistakes.
Gray wrote a book titled "Transaction Processing: Concepts and Techniques" - http://www.amazon.com/Transaction-Processing-Concepts-Techniques-Management/dp/1558601902 - which covers a great deal of what you would need to build your own database.
One starting point for file systems would be http://www.amazon.com/The-Design-UNIX-Operating-System/dp/0132017997 - but I suspect you would have to chase down individual papers or Linux source code to keep up with the variety of different file systems created since then.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 9 years ago.
Improve this question
I have looked around for good SSL/TLS libraries that support TLS 1.2
I also want to use this library on an embedded platform so it should be small, easy, secure and free. It should be a c/c++ library.
So far i have come across Cyassl, Polarssl Matrixssl a lot so i think that one of these should be a good choice (Openssl is way too big).
Now i would like to know why people use one over the other.
Thanks
Ok.. Just for starters they all do the same. All three can run on embedded platforms. The difference is where their focus is.
From my personal experience:
PolarSSL has loads of documentation, an understandable API, examples, and gives you the ability to actually delve into the code and understand what is happening. In my experience this is a great plus in case you need to debug a specific issue. They only provide Makefile / CMake / MSVC project files, so the task to include it in your embedded environment is yours.
Cyassl's code is harder to understand and tweak. But they have more pre-made Makefiles for specific development platforms. Depending on your environment this might weigh in (for me it rarely does). In a number of comparisons I did as a subcontractor, they are pricier than PolarSSL though.
Pick MatrixSSL if you don't have budget constraints ;) Definitely the priciest of all and I found no specific reasons to actually use it though in comparison to the alternatives..
With the whole NSA / PRISM thing around: If you want something specifically built in the US, then Cyassl is the best choice. If you want something non-US, PolarSSL is the only sane choice.
So if by free you mean: I'm going to use it in an Open Source project, then price does not matter. The verdict from the community: PolarSSL has good adoption in OpenVPN, Cyassl in MySQL.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 8 years ago.
Improve this question
I know it's not exactly the right place for such a question, but I've seen similar questions to this here, and I don't know any other place where I could ask this, so sorry in advance.
Do you know where I could find a public 3270 server ? I'm working on a telnet emulator and I need one of these servers to test it.
Thanks for your help !
The biggest issue you will face, is not the TELNET/TN3270 part itself, but rather interpreting the 3270 data stream. Anyway, here are some options for you:
efglobe.com provides a public access z/OS system for personal use only. Ask them
on their forum about the kind of testing you intend to perform, to see whether they are
okay with it.
With MVS Turnkey, you can install MVS 3.8J (for which IBM apparently does not
claim copyright) under Hercules emulation. This dates to 1981, so likely lacks newer
protocol innovations since then, but could help you get the basics of the 3270 protocol
right. (MVS 3.8J lacks a TCP/IP stack, so it doesn't directly support TN3270, but
Hercules accepts TN3270 connections and makes them appear as a physical 3270 to MVS.)
IBM will sell you a mainframe emulator running latest IBM mainframe operating
systems on x86 hardware. It will cost you several thousand dollars a year though.
Many institutions used to offer public TN3270 access to library catalogues, but as most libraries have moved off the mainframe, most or all of those seem to have disappeared. In any case, using someone else's system for testing without their knowledge/permission could be ethically and/or legally questionable. You'll still find various organizations have non-public 3270 systems exposed to the Internet, but you won't get past the login screen, and the same comment about legality/ethics applies.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 8 years ago.
Improve this question
I'm looking for a good permissive-licensed (BSD/MIT or PD) DES implementation in C, with minimal runtime memory usage (i.e. minimal amount of read-write memory, and preferably small code/table size too). Speed is not an issue; in fact, in some ways slower is better because it provides some natural defense against brute-force login attempts.
All of the traditional implementations I've seen do lazy/runtime initialization of huge tables, which is what I'm trying to avoid. I'd be happy to have the tables in static const data in the binary, and in fact this is what I've partly hacked onto an implementation I've got right now, but I'm wondering if there are any existing implementations that do a better job of minimizing the size of tables at the expense of performance so that the binary isn't so big (~50kb of tables).
Note: Yes, DES sucks. The intended usage case is for implementing the crypt function for handling traditional password logins.
An example with MIT license and the version from libtomcrypt is completely free for all purposes.
The first version seems to do lazy initialization of the tables, too, whereas they are static consts in libtomcrypt. But libtomcrypt seems to give you a compilation flag for speed vs. size, there's a #ifndef LTC_SMALL_CODE in front of the larger tables, maybe that can solve your problem?
The source code section from Applied Cryptography has links to a large number of DES implementations - I haven't looked at them all but there's a good chance that at least one of them meets your needs.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 9 years ago.
Improve this question
I am interested in learning how to write extremely efficient network server software and I don't mind getting my hands dirty with pointers, sockets and threading. I'm talking a server being able to handle thousands of concurrent connections. There is not much processing for each client, but a little.
Do you know of any code examples for really efficient network servers?
Optionally points for small, well documented code that is cross-platform as well.
You'll find a lot of good references and discussion about building highly scalable network servers on Dan Kegel's The C10K problem page.
Have a look at nginx, lighttpd and varnish for some popular high performance http servers.
BTW, I am currently working on combining edge-triggered epoll with multithreading (plus user-level swapcontext-style threads/fibers) - see http://svn.cmeerw.net/src/nginetd/trunk/ for some work-in-progress code (although this one is written in C++).
This may not be exactly what you are looking for, but I briefly recall looking at Space Tyrant a few years back and thinking it sounded cool.
http://librenix.com/?inode=6240
Hope it helps!
Read this
http://www.evanmiller.org/lxr/http/source/
an ldap-server handles lots of transactions per second
http://de.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol
ACE is a wise choice.