Category Archives: News

News, Security

T-Square Security Holes

1 Comment

At Georgia Tech, the course system that is used by students is called T-Square (based on Sakai). It’s pretty nice system that supports forums, wikis, chats, blogs, and a bunch of other tools.

Sakai is open source; consequently, Georgia Tech can maintain the software and fix and bugs it finds.

Unfortunately, I found security holes with T-Square. These holes can allow a hacker to access another users’ identity. If that user is a teacher or TA, the hacker can easily take their identity and edit grades. In fact, due to the poorly organized structure of Georgia Tech’s backend, the hacker can not only access the user’s T-Square account, but also their Oscar account (which holds even more private information, such as social security numbers).

I would love to share how to exploit this security hole;  unfortunately, my moral compass forbids me to publish my video of an example T-Square attack… yet. I’ve contacted Georgia Tech and hopefully they will patch it up. After they do to my satisfaction… then maybe I’ll post it on YouTube.

Now I’m not making this post to brag. I’m making a point. A high-esteemed technical university such as Georgia Tech should be able to find these problems with their system. Web developers should be educated on the basics of computer security so that their student’s private records are not compromised.

Actionscript 3.0, Algorithms, featured, News, Other

Jacobi Algorithm in AS3

1 Comment

Recently, my “Calculus for Computer Science” teacher assigned the following problem.

So to complete this assignment, I decided to use Actionscript 3 and Flash. A friend of mine and I at Georgia Tech are developing a complex open source matrix library called as3matrix, and we were planning on implementing Jacobi to find eigenvectors of a MxM matrix anyway, so we decided to just apply it to our library.

The Jacobi algorithm is pretty straight forward. It’s impossible to use a formula to find the eigenvalues of a matrix larger than 5×5 because there is no equation solver for equations to that degree. So let’s say you have an 6×6 matrix. To find the eigenvectors, the Jacobi algorithm creates a smaller 2×2 matrix inside that matrix, diagonlizes that, then reapplies it to the matrix.

So what the program I turned in does, is generates a random 5×5 matrix. The program then begins to diagnolize the Matrix using the Jacobi algorithm. Then the program attempts to try diagnolizing the Matrix using the Jacobi method but this time ignoring sorting to solve the 2×2. Obviously, sorting is much faster since it ensures the 2×2 can be diagnolized (since the corner entries will be the largest absolute value of the matrix).

So anyway, here’s how the process works in our as3Matrix library. The jacobi() method computes one interation, while diagonalize() continues the jacobi method until the Off (the sum of the square of off-diagonal elements) is less than 1e-10.

First, take the matrix A. Find the i,j element in the matrix that have the largest absolute value. Create a 2×2 matrix from the i,j elements where a = i,i ; b = i,j ; c = j,i ; d = j,j . This step was probably the hardest part because I kept mixing up the i’s and j’s! Quite annoying when you accidently flip them…

Next, take that 2×2 matrix and diagonalize it. The formula for the eigenvalues that the library uses for 2×2 matrices is:

var L1:Number = ( (a+d)/2 ) + Math.sqrt( 4*b*c + ((a-d)*(a-d)))/2;
var L2:Number = ( (a+d)/2 ) – Math.sqrt( 4*b*c + ((a-d)*(a-d)))/2;

For the eigenvectors, I use a nice trick found by Harvard professor Oliver Knill. I then normalize (which is something Oliver’s page fails to mention) the eigenvectors. Combining the eigenvectors to {u1,u2}, I now have my matrix U.I take that matrix and embed it into the identity (of size of the original, original matrix).  I call that matrix G. Then D is Transpose(G)*A*G.

Then outside of the method I check if the Off(D) is < 1e-10. If so, then I consider the Matrix diagonalized!

Here are the results of Jacobi (with sorting) vs Theoretical Bound and Jacobi (without sorting) vs Theoretical Bound. Since AS3 doesn’t have an LN function, I just used the change of base formula (log(X)/log(2)). I hard coded log(2) to optimize the code.

A couple of random 5×5 matrix sample:

After running 100 random 5×5 symmetric matrics through the Jacobi algorithms, these were the average number of iterations for each:

Average Sorting = 25.11
Average no Sorting = 102.94

Sorting is clearly the best method.

Anyway, you can browse/download the as3matrix library here. Check out the TestJacobi.as in the trunk.

featured, News, OOP, Other

Object Oriented Programming without a Computer

1 Comment

Artists see the world as a canvas. They represent environments, objects, and abstractions with shapes, shades, and colors. Pride and honor can be shown in a sculpture, or love may be represented with red colors and heart shapes. Architects envision the world as a blueprint; objects have structure and forces acting upon them from other objects. Just as a bridge is supported with suspension chords and metal, a family is strengthened with care and unity. Profession influences perception, and while outlooks on space and matter may differ, none are right or wrong – only different. But these professions and perspectives are kept in mind when programming languages are developed. Today, one of the most common programming ideologies is object oriented programming (OO). Object oriented programmers don’t picture the world as a canvas or blueprint; alternatively, OO programmers envision a hierarchical world composed of hierarchical objects with polymorphic, encapsulated actions and properties. There are four fundamental principles of object oriented programming: composition, inheritance, polymorphism, and encapsulation. Each attribute can be explained without a computer in a non technical (Java based) perspective, and some visibility represented in an Adobe Flash environment.

Scooby Doo is a famous detective dog from children TV and books. The charismatic, friendly, cute dog detective helps his friends solve mysterious.

In Java (and other OO programming languages), Scooby could be represented as a class.

public class Scooby
{
}

In Flash, Scooby can be represented as a Movie Clip with a picture of Scooby inside of it.

In this picture, Scooby has a bright, blue collar around his neck. He also has a long tail and a big nose. The idea that Scooby has these three objects and more is the composition concept of object oriented programming. Modifying the class to fulfill this design ideology is very easy in Java.

public class Scooby  

{  

    public Collar myCollar;  

    public Tail myTail;  

    public Nose myNose;  

}  

ScoobyCollar, ScoobyTail, and ScoobyNose are all objects that belong to Scooby; therefore, they are stated inside the Scooby object. In Flash, a Movie Clip that is placed on the stage can have multiple Movie Clips inside of it. Consequently, a representation of Scooby in Flash could be a movie clip called Scooby with three movie clips called myCollar, myTail, myNose. Every object has its own properties and actions, and consequently Flash allows code and properties to be added to actual objects. Flash and Java are two environments that use the same idea of building blocks. The building blocks of Java are floating point numbers while the building blocks of the visual Flash environment (excluding Actionscript) are vectors, bitmaps, and video. This means that objects can be broken down to their compositions, and their compositions can likewise be broken down and eventually they will all break down into the building blocks of the language. For instance, a soccer ball has color (a hexadecimal number) with bounciness (a number), weight (number), or a logo which can be itself broken down to objects that have numerical representations. In Flash, a movie clip is composed of vectors, videos, bitmaps, or other movie clips.

Inheritance, another fundamental aspect of OO design, is the concept that every object inherits identity from another object. For example, Scooby is a dog, a dog is an animal, an animal is a living being, and a living being is… an object. Scooby is a dog because Scooby has all the properties and actions that every dog possesses. One could claim every dog barks, has four legs, and has a tail. One could also say that not all dogs have a collar, have a big nose, or a long tail like Scooby’s. Clearly, there can be an infinite amount of classes between animal and living being, but the idea is that everything (eventually) is a subset of an object. Objects have attributes from more general objects, but have specific attributes that only it and its children objects keep. In Java, this concept is represented with the extend keyword. “Scooby extends Dog” means that Scooby is a dog and inherits the methods and properties from Dog.

public class Scooby extends Dog  

{  

    public Collar myCollar;  

    // Notice how tail and nose was removed from here and added to Dog  

    public Scooby()  

    {  

        super();  

        super.myNose = new ScoobyNose(); // ScoobyNose extends Nose  

        super.myTail = new ScoobyTail(); // ScoobyTail extends Tail  

    }  

}  

  

public class Dog  

{  

    public Legs myLegs; // These properties are accessible in Scooby  

    public Tail myTail;  

    public Nose myNose;  

    public void Speak()  

    {  

        System.out.println(“Ruff!”);  

    }  

}  

Unfortunately, the concept of inheritance does not apply as easily with Movie Clips. Flash takes the approach that a Movie Clip is an object, and subclasses of Object are created as new movie clips and shapes are added to the original movie clip. For example, a vector drawing of a basic car is in a movie clip called Car. The developer in Flash can rename Car to BMW. According to the idea of inheritance, the car should be easily modified to create a BMW since a BMW inherits all the elements of a car (four tires, has an engine, etc..).

Polymorphism is the idea that two objects can have the same input but have a different output. A dog and a cat can both speak (which can be said to be an action of SpeakableAnimal which both a dog and a cat extend), but one says “Meow” while another says “Ruff”. In fact, Scooby says neither, he says “Scooby Dooby Doo!”

Therefore, the design needs to change in Java. The method Speak needs to be “overloaded”, which means the name of the action is duplicated but the implementation changes.

public class Scooby extends Dog  

{  

    public Collar myCollar;  

  

    // Notice how tail and nose was removed from here and added to Dog  

    public Scooby()  

    {  

        super();  

        myNose = new ScoobyNose(); // ScoobyNose extends Nose  

        myTail = new ScoobyTail(); // ScoobyTail extends Tail, therefore a ScoobyTail can be constructed even though myTail is of a Tail Type  

    }  

    // Overloaded action  

    public void Speak()  

    {  

        System.out.println(“Scooby Dooby Doo!”);  

    }  

}  

  

public class Dog extends SpeakableAnimal  

{  

    public Legs myLegs;  

    public Tail myTail;  

    public Nose myNose;  

    // Overloaded action  

    public void Speak()  

    {  

        System.out.println(“Ruff!”);  

    }  

}  

public class SpeakableAnimal extends Animal  

{  

    public void Speak()  

    {  

        // To be overloaded  

    }  

}  

public class Cat extends SpeakableAnimal  

{  

    public void Speak()  

    {  

        System.out.println(“Meow!”);  

    }  

}  

Movie Clips in Flash do not follow the exact same idea of polymorphism. Flash has an alternative viewpoint in objected oriented perspectives at this point. Movie Clips follow composition rather than inheritance and polymorphism. While MovieClips inherit actions from its parent Movie Clips, the parent is not ideologically the same as a super class in Java. A movie clip does not extend its parent; its parent composes of the movie clip. A Car movie clip will compose of an Engine which will have access to actionscript functions TurnOn()or Drive() defined in Car, but design-wise, Engine does not extend Car. Instead, Car has an Engine. This is where Flash’s attempt of visualizing object oriented programming starts to break down.

Flash also does not visually represent the concept of encapsulation. Encapsulation is the idea that the implementation of an action is not accessible. When a person is asked “What would be one word you would use to describe yourself” during a job interview, a thought process happens in the interviewee’s mind. What the process is the interviewer does not know; however, a one result is outputted to the interviewer by the interviewee. Since the interviewer cannot read minds, the thought process of the interviewee is considered encapsulated. In Java, classes, methods, and properties can be declared public or private. If the attribute is private, then it is used primarily for internal processes. An example could be finding the distance between two points on a two dimensional plane.

public void FindDistance(double x1, double y1, double x2, double y2)  

{  

    return Math.sqrt(Square(y1-y2)+Square(x1-x2));  

}  

private void Square(double n)  

{  

    return n*n;  

}  

FindDistance is a method that a user may use in their program, but the user does not know (or need to know) how that method works. The Square method is actually used by the FindDistance method, but since the user is not allowed and does not need to use the Square method, Square is declared as a private method.

Where OO programming loses its power is when describing abstract objects. For example, feelings and emotions cannot be developed easily. Love or Frustration can extend Feeling; however feelings are not necessarily objects because the concept of an object is arguably something tangible. Because Flash assumes all Movie Clips to be tangible, it is a much easier platform to develop on since positioning objects on the screen is much easier than in Java. In Java and in most programming languages, coordinates on a plane must be defined. In Flash, objects can simply be pasted on certain spots on the screen and the coordinates are automatically set into the objects.

Nevertheless, OO programming is overall a powerful language that allows programmers to design a system before actually coding a design. Especially in Flash, programmers can worry about designing a system rather than mulling over syntax. In Flash that system can be graphically represented, in Java that system can be programmatically represented, and in a designers mind that system can be ideologically represented.

featured, News, Technology

SmarterChild and ELIZA

1 Comment

This year, only three entries were submitted in the annual Loebner Prize Competition. The prestigious $100,000 dollar prize has yet to be won, and the competition is the only place where it has a chance to be awarded. If a team develops a chatterbot that can fool judges into thinking they are communicating with a human, that team will win the prize and the prestige. So why were only three entries submitted to this year’s 17-year-old event? Have developers given up? The answer is yes and no. While developers are still working to expand the intelligence of chatterbots, the focus is no longer on fooling humans. With the rapid advent in information technology, chatterbot developers are adjusting focus to keep up. The 1966 chatterbot ELIZA spawned this specific field of human-computer interaction; however, today’s chatterbots no longer have the same goals as ELIZA. For example, one of the latest chatterbots named SmarterChild has branched from ELIZA from the field of artificial intelligence to information technology. While ELIZA and the chatterbot SmarterChild are similar in that they mimic human behavior and response, they greatly differ in purpose and behavior.

ELIZA attempts to act as a Rogerian psychiatrist by continuously asking questions to its users. A user types in text as an input into the ELIZA program, and ELIZA returns a response that, ideally, is coherent and sensible to the user. The first testers of ELIZA sent messages via teletype to ELIZA not knowing that they were chatting with a robot instead of an actual psychiatrist. Shockingly enough, ELIZA was able to fool a great deal of its users into thinking they were communicating with an actual human psychiatrist. In fact, ELIZA was able to elicit deep, sensitive responses from its users. This artificial intelligence field has since lead to new, more sophisticated chatterbots with the same goal of fooling and gathering sincere human response.

Alan Turing had some assumptions about mankind. By now, he expected chatterbots to be able to fool most humans into thinking they were chatting with another human after a few minutes of conversation. Unfortunately, in terms of the Turing Test, we are not even close. Even the latest award winners of the Loebner competitions yield bizarre responses after one or two sentences. Does this mean chatterbots are lagging behind Turing’s vision?

Maybe bots have just taken a step sideways toward a different vision altogether. SmarterChild, a chatterbot developed within the last few years, is arguably one of the most sophisticated chatterbots available. Like ELIZA, SmarterChild can mimic human response. However, SmarterChild is highly developed in its responses in comparison to ELIZA. For example, a typical conversation opening with ELIZA may produce the following response.

You: How are you?
Eliza: Does that question interest you?

Compared to the more refined memory of SmarterChild:

You: How are you
SmarterChild: I’m doing great, how are you?
You: Ok
SmarterChild: OK? Glad to hear it!

Nevertheless, the reason SmarterChild is one of the most advanced chatterbots is not because it can impersonate human dialog extremely well. SmarterChild is advanced because it has a huge database of information resources, it remembers individual human response and bases it in future responses, and changes personality based on “peer pressure” with its audience. SmarterChild is able to return movie schedules, weather forecasts, news, opinion polls, random statistics, trivia, and tons of other types of information. The first pieces of information SmarterChild asks for from strangers are name, age range, and zip code. SmarterChild uses this data for local news information, weather, news, and more. Additionally, SmarterChild changes its own views and questions based on opinions inputted by its users. For example, if users tend to like Pizza, SmarterChild will change its favorite food.

In terms of credibility, SmarterChild does not offer an experience like ELIZA. Credibility implies believable emulation of a particular persona. The function of SmarterChild is to be a friendly encyclopedia rather than a credible, stereotypical personality. On the other hand, ELIZA is indeed a character. ELIZA is programmed to be someone and respond in a certain way to fulfill a specific character or stereotype to produce a believable experience. No matter what the user inputs, ELIZA will pose a question in the form of a Rogerian psychiatrist.

ELIZA creator Joseph Weizenbaum argues that no robot can ever replace humans because humans have the ability to comprehend or exhibit emotion. Yet, the implications of ELIZA have drifted away from emotion and feeling comprehension. Yes, users of Microsoft Office may possess negative feelings of hate toward the Paper Clip “help” agent; however, the Paper Clip is unable to respond to those emotions and can only react based on internal states and decisions made by the user. For example, the Paper Clip can be dragged around and silenced, but it will not sense that the user is upset when it repeatedly asks whether the user needs help writing a letter. ELIZA was built to challenge this idea of comprehending emotion, but it does it in a very superficial way.

You: I am sad.
Eliza: Do you think coming here will help you not to be sad?

Unlike ELIZA, SmarterChild is more of a tool than a character. Like a search engine, email client, or word processor, SmarterChild helps the user accomplish tasks. Yet, SmarterChild has a different approach to information technology than other Web 2.0 projects that attempt to do the same tasks. Contrast to websites, there are no “menus” to access information in a hypertext only environment. SmarterChild is a chatterbot. Because of this, SmarterChild can deliver information to its users faster than any website. The user types in the desired knowledge in the chat window as a sentence, and SmarterChild relies on its linguistic artificial intelligence to understand the context and what kind of response to deliver. Additionally, because SmarterChild is on an instant messaging medium, it can write hyperlinks to allow users to quickly access websites.

You: What movies are playing?
SmarterChild: Movies playing in or near Marietta, GA (30006) on Tuesday, October 23rd:

1 The Game Plan [PG]
2 30 Days of Night [R]
3 The Comebacks [PG13]
4 The Heartbreak Kid [R]
5 Michael Clayton [R]
6 We Own the Night [R]

Type more for the next set of results.

ELIZA has nothing to do with information technology; it was built to progress artificial intelligence and Alan Turing’s prophecy. But today, the goal is not to build a robot to fool a human. One key difference to SmarterChild and ELIZA is that SmarterChild is aware of its nonexistence.

You: Are you a robot?
Eliza: Would you prefer if I were not a robot?

Versus SmarterChild:

You: Are you a chatterbot?
SmarterChild: Yes indeed.
ScratchFromStart: Are you human?
SmarterChild: No I am not.

In this day and age of knowledge, the goal is to make a robot to deliver information in a relative, contextual manner.

The revolutionary affect of ELIZA was not the subsequent emergence of human computer interaction and innovations in chatterbots. The real influence came in information technology and discovering new ways to deliver information and knowledge to users in a friendly, humanistic style.

featured, Game Theory, News

The Virtual Space-Time Continuum

2 Comments

The word space has a multitude of meanings depending on context. Space can mean leg room on an airplane or the distance between two letters in this essay. Kids want to grow up to become astronauts and travel to outer-space. The movie Office Space, about corporate obedience, depicts software engineers confined in a small cubical. All of these examples of the term have one thing in common: tangibility; physical areas that can be occupied by other physical objects. Consequently, the concept of defining space in a digital medium within the parameters of space in a physical medium is a bit tricky. Herein requires the additional adjective to term the phrase “virtual reality.” A virtual world being defined as not physical or existing in a world in which we humans can not taste, touch, or see, introduces new problems in comparing artifacts which utilize computer generated environments . The concept of virtual reality implies the existence of a two or three dimensional visual representation of a space. But is the concept of virtual representation in a digital medium restricted to what can be seen in the physical world? If not, what exactly is virtual representation? Does a program need to show pixels on a screen in order for it to be classified as a virtual world – let alone an expressive digital medium? The text adventure computer games Zork and Book and Volume challenges the stereotype that objects must be graphically illustrated in order to become virtual representations and provides some interactivity and control of the environment with text descriptions. While both games conflict the traditional notion of virtual being visual, they each perceive space differently.

Virtual representation, a phrase tossed around in film, art, and interactive media, must be classified in order to understand space. Humans have difficulty comprehending the concept of space being anything but, as mentioned before, an actual physical medium containing other real, physical objects in a dimensional world. For example, a spaceship is a vehicle that travels through space. Thus, the definition of virtual reality or virtual space quickly becomes ambiguous in relation to dimensionless worlds. Authors try hard to immerse their readers in their works and trust their readers to come up with worlds in their mind. With the exception of children books, there are usually no illustrations, or visual representations, of the scenes in books, plays, or poems. Yet the story itself creates the environment via text descriptions, and the reader is compelled to render the graphics in their mind. The same idea applies in Interactive Fiction.

Zork illustrates space via text descriptions and obligates the player to conjure up visual representations of objects, setting, and the world with their imagination. Player moves in a bounded three dimensional grid. Each cell in the grid can contain a space or another grid.

Obviously, two or three-dimensional environments generate a much different experience than Zork‘s zero-dimensional reality because computer graphics and visuals are fed directly to the user. The user is not required to imagine the reality; instead, reality is brought to the user. Games such as Grand Theft Auto bestow images unto the player. This is how your character looks, this is how it looks when you drive this fast, or this is what the sky looks like.

It is a misconception that text adventure games allow the user to envision their characters’ hairstyles and world, as in fact it is the limitations of the descriptions of the world that require the player to visualize various objects in the game.

If there was an evolutionary scale in Interactive Fiction genre, Nick Montfort’s Interactive Fiction Book and Volume would be the next progressive step after Zork. A critical difference between Book and Volume and Zork is the dynamics of the spaces. The world in Zork is static; text output is the same wherever a player goes in its space and only alters based on character and environment state. Contrastingly, Zork utilizes space, time, and a little bit of randomness when producing descriptions. Albert Einstein said, “Space by itself, and time by itself, are doomed to fade away into mere shadows, and only a kind union of the two will preserve an independent reality.” Walking to Starbucks block (location), a player may not be able enter if the shop isn’t open (time), and the player may also notice an ambulance driving through the street (randomness) as his pager buzzes because he forgot to email his boss (state). The player is literally inside a narrative and creates a story based on the decisions made in space, state, and time rather than just space and state. This use of a multi-dimensional space is not visual; however, closer to the real physical world thanZork . Based on these two games, it’s clear that visuals are not required to generate a virtual space. In fact while visually Book and Fiction has no graphics, popular graphical multiple-dimensional games such as Grand Theft Auto are virtual representations of the virtual world in Book and Volume.

Unfortunately, Book and Volume, while still thought-provoking, fails to address a couple of key areas. Book and Volume attempts to be a piece of Interactive Fiction and an enjoyable game yet ends up being neither. Books are linear, and whether or not someone decides to take one day or one week to read the latest Harry Potter book, the reader will eventually read the last chapter. However, Book and Volume is very difficult to complete. There exists player obligation in feeding, resting, and generally taking care of the virtual player. Instructions are indistinct and vague, and despite the save feature, players find themselves restarting the game after losing repeatedly. The game attempts to deliver political messages, yet those messages are not shown to anyone who can’t reach it.

Space and time are one and the same. In order to convey a sense of space, time is needed, and vise versa. While Zork presents the fundamental idea that worlds do not necessarily need to be visually represented in adventure games to be successful, Book and Volume experiments by adding the time dimension to the free roaming structure that Zork originally introduced.

News, Security

Really Quick Tutorial on One Way Encryption

Leave a comment

It’s difficult for beginning programmers to grasp the idea of one way encryption. “How can I make an encryption that is impossible to reverse? Even if I know the algorithm to encrypt? And why would I ever want to do this?”

First let’s review a very basic two way encryption algorithm.

Take a string of text Danny.

A basic algorithm could be to push each of the letters to the right once.

Raw = Danny

Encrypt(“Dan”) = yDann

Obviously, this is a pretty poor encryption algorithm. A simple way of improving the encryption and making the output more scrambled is to encrypt the raw text twice.

Raw = Danny

Encrypt(Encrypt(“Dan”)) = nyDan

Still fairly poor, but it’ll suite for this example. Our Decrypt function would simply push the letters to the left.

Decrypt(“yDann) = Danny

or

Decrypt(Decrypt(“nyDan“)) = Danny

Before I now explain one way encryption, let me pose an example where one way encryption would be needed. Google.com has a database of millions of users. Each user has a username and a password stored in Google’s database. Any database administrator can view this data, including the passwords. So one way to protect user’s privacy is to encrypt the passwords before placing them into the database. Then, when a user logs into google.com with their username or password, the password is encrypted using the same algorithm and then checked to see if it matches the password in the database. Makes sense right? If my password to google was Danny, the database could store yDann instead. Then, when I log on to google.com and type in Danny in the password field, google.com encrypts the password using the same algorithm mentioned above and compares it to yDann in the database. Since they are equal I’m able to log in! Hurray!

But there’s a huge problem! What if the database administrator to google discovered the algorithm written above? The database admin could just copy the password to my account and then go home and decrypt it! Then the admin would be able to log into my account and access my information!

This is where hashing, a form of one way encryption, comes into play.

Let’s go back to my password: Danny

Let’s try another algorithm, let’s change each letter to the number that corresponds with the letter.

A = 1
B = 2
C = 3
D = 4
E = 5
F = 6
G = 7
H = 8
I = 9
J = 10
K = 11
L = 12
M = 13
N = 14
etc…

So, Encrypt(“ABC“) =  123 // 1,2,3

Seems simple right? But this algorithm, as unsecure as it may be, is an example of a one way encryption algorithm!

Encrypt(“LC“) = 123 // 12, 3

ABC and LC have the same output! Meaning that it’s impossible to know, given the encrypted/hashed string 123, what the text was before the hashing algorithm took place.

So in the database of google under my username’s password could be 4114

Encrypt(“Danny“) = 4114 // 4, 1, 14

But when the evil database administrator sees my password of 4114, he (or she) won’t know whether my password is Danny, Dan, or DKD! Even if the algorithm is known, there’s no way to know for sure the value of the pre-hashed text. With longer passwords there’s even more possible combinations for each text.

Many computer scientists have spent their careers working on improving hashing algorithms. MD5 and SHA-1 seem to be the most popular hashing algorithms on the web (md5 is built into PHP); however, you should be careful not to just use these algorithms due to reverse hash lookups around the web.