Publications

Documentations, papers or other kinds of works written by me (mostly during my studies) will be filed under this category.

Bachelor Kolloquium

This time, for once, a post in german.

Geschafft! Am 26.10.2010 gab ich nun letztendlich mein Kolloquium (Präsentation meiner Bachelorarbeit) im Rahmen der Vorlesung Aktuelle Themen der IT-Sicherheit. Mein Vortrag war sehr gut besucht mit ungefähr 80 Studenten aus dem 1., 3. und 6. Semester Informatik, sowie von ein paar Studenten des Elektronik-Masters wie ich am Tag darauf beim Kendo Training erfahren hab (Stichwort: Die Welt ist klein).

Die Präsentation hab ich an meiner Hochschule, der HTW Aalen, auf deutsch gehalten und dem unmittelbaren Feedback mancher Teilnehmer, die auf mich zukamen nach der Präsentation, zu schließen kam Sie auch ganz gut an. :)

Im Folgenden die Präsentation, jeweils im PPTX und PDF Format:

, , , , , ,

An Android App for One-Time Password Generation & Management

The full title of my bachelor thesis is “Development of an Android App for One-Time Password Generation & Management“, which was shortened for the title. I developed an Android app that allows the user to carry and manage any number of OTP lists, specifically OTP lists created by the OTPW Package written by Markus Kuhn. The thesis consist of the app itself as well as a theoretical document covering One-Time Passwords in general, Random Number Generation, the Android platform, app development for Android and, last but not least, the actual app development itself.

The app utilizes the GNU Crypto library. Alas, the Android Development Tools (ADT in short) could not convert the JAR library file provided by the GNU Crypto website into an Android-compatible JAR file, so I had to include the source of the GNU Crypto project itself. To limit the impact on the size of the app, I only included what was needed by my app (the hashing facility) and left out the rest of the GNU Crypto project.

Though primarily written to manage and generate lists of the OTPW package right now, the app architecture was designed with extensibility in mind. It should not be too hard to add support for another OTP-System. The basic components are well encapsulated and the generation facility was written in a way that allows new classes to be added to handle other OTP systems. Only the generation GUI needs to be extended to accommodate for other possible OTP-Systems.

Future development

For the time being I won’t continue working on this app. Also, I did not distribute it in the Android Market as you need a credit card to do so and – though some might not believe it – I don’t have one. If you are interested in continuing the development of this app, feel free to contact me so we can talk about it. I’m sure we will be able to come to an agreement.

Downloads

Disclaimer

It was written to the best of my knowledge, though I can’t guarantee it’s perfectly free of errors. Furthermore, the disclaimer of this blog applies.

, , , , ,

Project work on genetic algorithms, the TSP and parallelism

Over the course of the last semester I did a project work with the title ‘Approximation of the Traveling Salesman Problem utilising a genetic algorithm in a parallel system‘. As this is a very complex title by itself, I will explain what this work was about in a few sentences. For further details please take a look at the documentation.

The main goal of this project was to develop an algorithm to approximate an optimal tour for the traveling salesman problem, which is in short as follows: A salesman wants to visit X cities under the following conditions:

  • every city must be visited exactly once
  • the tour has to be a round trip

This is a NP-complete problem, meaning there is no efficient algorithm known to solve it in a worthwhile timeframe. Since nobody wants to wait for several years to get an optimal tour, there are some approximation algorithms which are rather good. As multi-core processors are becoming more and more common, programming applications that utilize multiple cores has become an important trait.

This is where genetic algorithms come into play: Offering intrinstic parallelism they’re well suited for parallelization. Also, they are very general in nature: All that’s necessary is to encode the problem in a way the genetic alorithm can handle it. The algorithm does not need any problem-specific information, although it could be used to enhance the results.

The TSPLib was used for sample data, which is pretty nice as there are best known solutions to it.

Build Environment

The program was developed in Linux using eclipse CDT 5.0.1 and CMake 2.6, so this is the recommended environment to build and run it. It also utilizes OpenMP and TR1 for shared pointers, so make sure your compiler supports it. For further details, see How to build.

Building under Windows

By default the build environment is set to linux to compile. If you want to compile it under windows, you have to set the appropriate define in the config.h file:

//#define LINUX
#define WIN_32

Also note that this is a console application, so make sure you’ve set your IDE to the correct system.

Downloads

Disclaimer

It was written to the best of my knowledge, though I can’t guarantee it’s perfectly free of errors. Furthermore, the disclaimer of this blog applies.

, , , , ,

Security mechanisms in Linux

In my 4th Semester, I have written an introduction on Linux security mechanisms on application level. This introduction covers topics like Access Control techniques, hardening the linux kernel, the LSM Framework, SELinux and AppArmor, as well as Ruleset Based Access Control.

I want to emphasize that this work is only an introduction on the topic and therefore does not contain manuals or step-by-step tutorials on how to set those features up, rather explaining how they work as well as elaborating their advantages and disadvantages.

Disclaimer

This document was completely written in german. There is no english version available. It was written to the best of my knowledge, though I can’t guarantee it’s perfectly free of errors.

Download
,