Tuesday, January 17, 2012

Box with J2SE 5.0

Wondering what Boxing's got to do with Java? And I didn't mean Laila Ali, the first woman to win a World Boxing Council title, either! You wouldn't like to mess with her, would you?

So, what is Boxing in Java? Boxing refers to the automatic conversion from a primitive to its corresponding wrapper type: Boolean, Byte, Short, Character, Integer, Long, Float or Double. Since this happens automatically, it's also referred to as autoboxing. The reverse is also true, ie. J2SE 5.0 automatically converts wrapper types to primitives and is known as unboxing.

Before you can try out this simple example, you must install and set the environment variables 'path' and 'classpath' for J2SE 5.0.

The example is quite trivial and you could try compiling it with an earlier version of J2SE, to see the compilation errors flagged out.

public class BoxingUnBoxing
  public static void main(String[] args)
    // Boxing
    int var = 10;
    Integer wInt = var;
    int result = var * wInt;
    System.out.println("Value of result = " + result);

    // Unboxing
    int conv = wInt;
    if (conv < 100)

Boxing and Unboxing save us the bother of converting from a primitive to it's wrapper and vice-versa. This feature is definitely a time-saver :) :)

Monday, January 16, 2012

Cache-timing attacks on AES

AES  [via: Schneier on Security]
                Daniel J. Bernstein published a profound paper on AES Timing attack. There is very little new in the article from cryptology or cyptography point of view. The side-channel timing attacks of this nature are well known for decades. Moreover, the attacks are not against AES algorithm as such, but against a specific software implementation (OpenSSL on Pentium III).

However it's clear that it is applicable to any other modern CPU, and to any software implementation of any cryptographic algorithm which uses S-boxes. This and other things that I will point out later, led me to conclude that the article and its implications are truly profound. But first of all a quote from the article:

Was there some careless mistake in the OpenSSL implementation of AES? No. The problem lies in AES itself: it is extremely difficult to write constant-time high-speed AES software for common general-purpose CPUs. The underlying problem is that it is extremely difficult to load an array entry in time that does not depend on the entry's index. I chose to focus on OpenSSL because OpenSSL is one of today's most popular cryptographic toolkits. (Constant time low-speed AES software is fairly easy to write but is also unacceptable for many applications. Rijndael would obviously not have survived the fist round of AES competition if it had been implemented in this way.) Is AES the only cryptographic function vulnerable to this type of attack? No. The relevant feature of AES software, namely its heavy reliance upon S-boxes, is shared by cryptographic software for many other functions.

Emphasis is mine. If you don't know the particulars of clock-resolution performance of modern CPUs, just take his word for it. If you do, most likely you don't know half of it. Read the article for all the gory details. The bad news is that an attacker doesn't even need to understand any of the detils. He just need to know that time depends on index, and simply measure it.

Any software algorithm on any modern CPU which involves a table lookup, like S-boxes, for example, is subject to timing attacks. Since many algorithms, including AES, can be implemented without table lookups, it wouldn't be a terribly big deal, if it weren't for one fact: apparently cryptographers participating in AES standardization were completely unaware of the fact that table lookups are a vulnerability. Again quoting from the article: (note that [19] refers to "Report on the Development of the Advanced Encryption Standard (AES)" and [9] refers to "Resistance Against Implementation Attacks: A Comparative Study of the AES Proposals")

Installation of VLC in Ubuntu through Terminal.

The ubuntu installs all the necessary drivers, if you are having any video and sound problem , then there is problem in your movie player, you just need to install vlc movie player or mplayer or any other player. just type the following command in your terminal
sudo apt-get update
sudo apt-get install vlc
make sure you have active internet connection.

sleep function in c program !

hmm while working with the loops, that is so fast.. that just give us  the final output !! but if we want to put some delay in that so that
user can c that how the process is going , and that ll make ur code  looks different from the other regular codes. so try to use that(if u
want) in ur code.
for that just put :- sleep(1000)
thats it, now it will delay the process by 1sec. and start again !
Example :-
int main()
int i;
//print the number
printf(“%d \n”,i);
//delay for 1sec.
have a happy coding!

How To Listen the contents of the Text file(.txt) using the Java Speech Synthesizer.

 Now a days the need and the use of the speech synthesizer is increasing everyday and there are lots and lots of new innovations are going on in this field of synthesizer.
The synthesizer is the one which will convert your text input to the speech and for that we’ll be using the Speech Engine that will help us to fulfill our need.
To use the functionality of this you first require to use the Freetts which will provide the functionality of Text to Speech
FreeTTS is a speech synthesis engine written entirely in the Java programming language. FreeTTS was written by the Sun Microsystems Laboratories Speech Team and is based on CMU’s Flite engine. FreeTTS also includes a partial JSAPI 1.0You can download this with the single click here.
Once you have downloaded that .zip then all you need to do is to extract it and have a look inside the folder and move in side the lib. folder “\freetts-1.2.2-bin\freetts-1.2\lib” here you will see collection of .jar files and also the setup for the jsapi.jar file double click on that and that will generate the jsapi.jar file.
Once you have generated the jsapi.jar file now you need to set all this .jar files to the CLASSPATH so that you can import it without any kinda errors.
Else if you are using the Eclipse IDE for your Java Coding than it will be lot easier for you to add all the .jar files to you program by just following step:-
1:- Right click on the new/existing project.
2:-Go to the  properties and java Build path — Libraries — add external Jars–select and ok.
else download the .doc that i have used to display the actual way to import it. click here -> Example to import
3:- after importing write the Code
This following code that i have developed through which you can create your speech synthesizer in java.
import java.applet.*;
import java.awt.*;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import javax.speech.Central;
import javax.speech.EngineList;
import javax.speech.EngineCreate;
import javax.speech.synthesis.SynthesizerModeDesc;
import javax.speech.synthesis.Synthesizer;
import javax.speech.synthesis.Voice;
import com.sun.speech.freetts.jsapi.FreeTTSEngineCentral;
import java.util.Locale;
//import java.awt.Event;
public class voisedemo extends Applet implements ActionListener

 public Synthesizer synth;
 private static Voice kevinHQ;
 TextField t1;

 public void init()
 Button b1 = new Button(“press me”);
 t1 = new TextField(50);


 public void start()

 public void actionPerformed(ActionEvent e)
 // synthesizer.speakPlainText(“Hello, world!”, null);
  try {
    // create SynthesizerModeDesc that will match the FreeTTS Synthesizer
   // System.out.print( ”  Loading voice…” );

  setKevinHQ(new Voice(“Dipayan”,
  null ));

   System.setProperty(“freetts.voices”, “com.sun.speech.freetts.en.us.cmu_us_kal.KevinVoiceDirectory”);
   SynthesizerModeDesc modeDesc = new SynthesizerModeDesc(
  “general”, /* use “time” or “general” */
   //try{}catch(Exception e){}

  FreeTTSEngineCentral central = new FreeTTSEngineCentral();
  Synthesizer synthesizer = null;
  synthesizer = Central.createSynthesizer( modeDesc );
  // synthesizer.getSynthesizerProperties().setPitchRange(0.0f);
  EngineList list = central.createEngineList(modeDesc);
  if (list.size() > 0) {
  EngineCreate creator = (EngineCreate) list.get(0);
  synthesizer = (Synthesizer) creator.createEngine();

  if (synthesizer == null) {
  System.err.println(“Cannot create synthesizer”);
  //get ready to speak
  // say hello world
  String s1 = t1.getText();
  synthesizer.speakPlainText(s1, null);
  // synthesizer.speakPlainText(“Hello, world!”, null);
  // wait until speaking is done and clean up
  } catch (Exception eq) {
  * @param kevinHQ the kevinHQ to set
 public static void setKevinHQ(Voice kevinHQ) {
 voisedemo.kevinHQ = kevinHQ;
  * @return the kevinHQ
 public static Voice getKevinHQ() {
 return kevinHQ;
 public void paint(Graphics g)

 //g.drawString(“Hello world”,50,50);
<applet code=”voisedemo” width=1000 height=1000>