15:10:11 Welcome back to our continuing series.
15:10:16 On the needs of database.
15:10:21 This time I want to talk about Security?
15:10:28 And encryption. Is a follow up to that.
15:10:35 There's obviously. Many different kinds of security. Not just levels.
15:10:49 You know, there's who has rights to access the information.
15:10:58 Some information can be Publish. To policy about public access to
15:11:08 Information.
15:11:11 And you can have a level of security.
15:11:16 Different levels of security. And a database.
15:11:23 Is usually parked. Oh, the larger system.
15:11:34 That has security and sometimes it's the least secure part. But as a general rule.
15:11:47 There are 3 goals of security.
15:11:52 Integrity.
15:11:55 Is make sure no one.
15:12:00 Changes the data.
15:12:03 Without permission.
15:12:11 Availability.
15:12:15 Is the information is. Available to use.
15:12:26 That's what a denial of service attack. Is about you can tie up a system even if you don't break into the data.
15:12:48 And confidentiality keeps private information secure. So. Even if they can't change your data, if they can read it, that's a violation of confidentiality.
15:13:00 If I can't use my data, that's a problem. You know, so those are, you know, some major.
15:13:06 Goals. Now most
15:13:12 Database management systems. Have security.
15:13:25 Some system some security is mandatory. That everybody has to do it.
15:13:34 And some is discretionary, like. You can do it. You can grant access. So.
15:13:44 A lot of these things are covered in other classes, obviously, but. Worth talking about.
15:13:53 Access control a lot of the times access control. Is done with passwords and accounts. And accounts often come in groups.
15:14:09 It is very helpful for security.
15:14:16 That even many, many decades ago.
15:14:21 Bye found it was helpful security if you can track. To see who accesses something we were able to actually identify.
15:14:30 What account logged on what terminal? Was accessing the information that wasn't supposed to be accessed.
15:14:38 So that's a really good thing.
15:14:45 Sometimes you have to worry about inference control.
15:14:52 Even if your individual data is private.
15:14:58 Sometimes these statistical information allows you to Make
15:15:07 Information available that they don't want to be available. The current example of this is there's some information that the Vermont State University administration was using for its optimization process.
15:15:27 And they were very reluctant to allow faculty to. Look at that information. For security purposes.
15:15:37 They finally compromised and allowed the Under certain protections. Faculty members could. Look at the security, but they restricted physical access.
15:15:52 Now another aspect.
15:16:03 Is you want to be able to restrict people's Good build again for information about individuals. For example, the Chronicle of Higher Education.
15:16:18 Had a database on faculty salaries and you could query it with all kinds of questions. What is the average salary in computer science, etc?
15:16:28 Well. But if you're allowed to say.
15:16:34 What is the average? Salary, is it the computer science professor? At this institution and there's only one commuter science professor there.
15:16:45 Then you're giving up their salary. So if you allowed to be broken down by institution, by rank, by department, and all that.
15:16:57 Pretty soon you're at a state where you can figure out someone's individual salary. Now, I think faculty salaries in Vermont state are a matter of public record.
15:17:05 And I'm sure the union contract is a matter of public record. But you need to.
15:17:14 Watch for them. For that if you are trying to keep information. From going.
15:17:27 You want to be able to control. Who gets to information and in what way?
15:17:41 You certainly don't want to have.
15:17:45 Covert channels to sneak in and get the information, often called back doors.
15:17:55 And sometimes even if you're not intending to put a covert channel in.
15:18:01 It's there anyway. Now I'll Discuss this later.
15:18:12 But there's a difference between HTTP and HTTPS.
15:18:19 And the HTTPS has more security in it. And I'm pretty sure you've all heard about firewalls.
15:18:27 I'm not really going to.
15:18:30 Talk a lot. More about that, but in.
15:18:36 Also, the reason why encryption is important, I'm gonna discuss it separately, because if you have it encrypted, even getting access to the data doesn't help you.
15:18:48 Okay, now. Every database. Generally has. Data base.
15:19:00 Administrator.
15:19:04 Who is? We'll call them a super user even though they don't wear a cape or have an S.
15:19:11 In Blaze and usually, but the super user, you know, has
15:19:18 All authority to grant privileges. To revoke.
15:19:26 Privileges.
15:19:32 Assign levels of security, you know. Stuff like that.
15:19:46 That super user.
15:19:52 The count is obviously going to be a target. We're hackers, what a surprise.
15:20:01 There are some places that Okay, good. The super users account can only be used. On campus and not remotely.
15:20:14 But then if you have an emergency situation, that means you need to run into campus.
15:20:20 So there are always trade-offs.
15:20:25 Now. I'm sure you.
15:20:34 Know all about accounts and passwords.
15:20:41 And a lot of systems have stopped using guest.
15:20:48 As an allowable name because it was just too easy to get onto the system.
15:20:57 Normally you want to track logs ends of the system. With a system log which can be a database.
15:21:05 That can be separate from the actual database you're concerned with. But.
15:21:17 In case there is a security violation, it sometimes helps to have a database audit trail and You want to have that.
15:21:25 Anyway, because of the information we discussed last time. Do you know when we're trying to?
15:21:36 Be able to recover and back up and things like that.
15:21:43 But one thing that adds a lot of security that is becoming more common.
15:21:52 Is 2 factor authentication.
15:22:00 For example, I have to have my cell phone with me whenever I log on to the Canvas page, which Frankly, if I You, but I must admit, it increases security.
15:22:15 I don't mind it so much when I'm on Financial accounts because I don't want anybody to break into my bank account.
15:22:24 Okay, so you know
15:22:29 Probably one of the most common. 2 factor authentications is send a text to your phone.
15:22:37 You can send an email to the email.
15:22:43 You can do biometric tests.
15:22:49 There's a lot of different ways. To do it and I remember, Mike. First experience with biometrics was actually the high school cafeteria that my sons were in and They replaced the student IDs with biometrics and I'm not really sure.
15:23:12 You needed that much security, but.
15:23:16 Hey, it's helped us learn. Now there's different levels.
15:23:22 Of
15:23:31 Of data.
15:23:35 Now, something that's top secret information, obviously you want to keep secure. The contents of the daily newspaper is probably not as important.
15:23:47 To keep secure.
15:23:54 There's some things that are by their nature, but inheritably sensitive. A lot of information, personal information.
15:24:07 Or information can be from a sensitive source.
15:24:14 The national security. Yeah, reports from a spy are, you know, just automatically sensitive.
15:24:23 Some things are sensitive simply because someone declared them sensitive.
15:24:33 Or something could have a sensitive attribute like for example salary. Would be a sensitive attribute.
15:24:44 Sensitive record like your grades would be sensitive record.
15:24:59 Or it could be sensitive in relation to previous data. Because it uses sensitive information. It might automatically become.
15:25:09 Sensitive.
15:25:19 You might remember. A few years ago. There was. A question about Hillary Clinton, Clinton, and.
15:25:32 Sensitivity she was. Secretary of State. At the time. There was a government.
15:25:50 Emails system that was available. Okay. She had a
15:26:02 Private email.
15:26:11 This is an example of inheritly sensitive. Any email. From the secretary.
15:26:21 Of state. Is by government action.
15:26:33 Is inherently sensitive.
15:26:39 Therefore, even if what she was doing was discussing recipes.
15:26:48 From Discussing recipes with the wife of a foreign leader.
15:26:58 By nature it would be sensitive. I take no opinion on whether or not Hillary's violations were actually a problem.
15:27:14 Trump.
15:27:19 Took information that was. Declared sensitive.
15:27:28 And.
15:27:45 Put it in areas where
15:27:49 People including Ambassador from Russia, for example.
15:27:56 Could actually reach the data. So that would be, you know, cause it's declared sensitive. And the people access that would be a.
15:28:07 Problem Biden.
15:28:12 Most of it was.
15:28:23 Left sensitive data in a government office and oops he forgot to return it.
15:28:32 None of them were. Revolved in the database, but that's to kind of give you an idea.
15:28:40 About sensitive data. So.
15:28:47 If you're dealing with information.
15:29:03 Is the data available? So like.
15:29:14 If you have a concurrent system.
15:29:22 The information should probably not be available during an update. For reasons discussed. Previously
15:29:45 Accessibility. Is this an allowed use of the data?
15:29:55 Authenticity.
15:30:01 One question you might ask is, are we doing this during work? Oh, I admit that some people in the government work late, but if someone is accessing sensitive information.
15:30:14 At 3 am in the morning, it's more suspicious.
15:30:23 If someone is accessing something from on campus, it's more. Suspicious than not.
15:30:44 Does it combine with other information? To reveal private information.
15:31:01 Now, also there's
15:31:06 Security versus precision. You know. A lot of times you want to make everything safe from corruption.
15:31:20 And control the access. But also a lot of times.
15:31:30 You want to make. As much information.
15:31:44 Available as possible. The Freedom of Information Act.
15:31:50 Despite the fact that we have top secret information. We still have a bias. We should make as much information.
15:31:58 Available as possible.
15:32:11 So there's always going to be. A protection, a trade off of accessibility. Versus protection.
15:32:28 So we gotta worry about granting and. Revoking. Which sometimes is done, you know, by just having an accounts.
15:32:40 In the database world. A relation or a table. Might be individually declared. Accessible or not accessible.
15:33:00 In a database, you can create. Accounts that have limited views. That is, they're not allowed, they're only allowed to get summary information on certain tables.
15:33:10 They're not allowed to look at certain tables at all.
15:33:17 Okay, fairly straightforward.
15:33:21 SQL command to create a new view.
15:33:25 And that's one of the ways you can. Okay, so you can also restrict restrict.
15:33:38 Selection and retrieval of data.
15:33:46 Yeah, definitely you should.
15:33:51 Restrict the ability to modify and change data. To only those people who are able to do it. And.
15:34:04 Like if you can have a link to the data. That's just as good as having the data.
15:34:09 So. Oh, you have.
15:34:17 Creating a table. Is something that might be limited. There are some circumstances when you can allow insertion and deletion without renting other rights.
15:34:28 For example,
15:34:32 I had one circumstance in a school setting. Where students were allowed to create files. But they were, that is by submitting their homework.
15:34:43 But they were not able to delete or modify a file once created.
15:35:01 They're different.
15:35:06 Kinds of propagation.
15:35:17 Courseontal propagation is when you give access to others. That you already have.
15:35:33 Vertical propagation is how many. Levels deep. Can you go? That's assuming you have.
15:35:45 Love of security.
15:36:00 Like in the federal government there's
15:36:05 Cop secret. Secret.
15:36:10 Confidential. Sensitive.
15:36:17 And unclassified, you know, as.
15:36:21 And there's. Besides the fact that things are top secrecy for confidential since to run classified.
15:36:29 In the government. They have this concept called need to know. Where just because It's not classified top secret doesn't mean you can have access to it.
15:36:42 You've gotta be granted.
15:36:53 Some.
15:36:57 Questions to think about.
15:37:12 And T attributes be classified.
15:37:16 One thing that's constantly under discussion. Even though it's old hat by now. The Social Security number.
15:37:25 Is a number that is pretty much going to be. Unique for every man, woman and child in the United States.
15:37:35 But for privacy issues, a lot of people don't like their Social Security number to be revealed. So can you access a database?
15:37:45 If the attribute you need to access it is Kept secret.
15:37:54 So.
15:38:02 If you have a different view of the table.
15:38:10 And you don't want. To have the actual key. Your view would have an apparent key.
15:38:22 That is the key that works for the table. Even if it's a randomly assigned integer.
15:38:35 So. Sometimes people are just.
15:38:41 So excited about having Social Security numbers that they use them all the time.
15:38:47 My first example is that. This is probably my. When my one of my sons was 3 months old, this was a number of years ago, obviously.
15:39:01 I took him to dentist and I said this is a cash visit. And they said.
15:39:09 I'm sorry. He can't see the dentist unless I have a social security number.
15:39:16 Well, the time, I didn't have a social security number yet. And A number 2.
15:39:24 I didn't think that this needed the social security number. We ended up compromising. I get the social security number.
15:39:32 It's 123-45-6789. So But.
15:39:44 Your
15:39:48 At different.
15:39:51 Security levels.
15:39:54 You might see actual. Different tables. There's a fancy word, poly instantiation for that. You might even see different keys.
15:40:12 Okay.
15:40:25 And what information might you need to do your duty?
15:40:39 Some roles might be mutually exclusive. Yeah, as a faculty member. Well, I can look up grades.
15:40:48 For sure in my classes. In a lot of institutions for any of my advisees in some institutions I can look up grade for any student in the campus.
15:41:01 In fact, I think I have looked up transcripts for students who are not officially my advisees.
15:41:07 But if you're taking a class.
15:41:10 If you're a student in a class, you only have access. To your information and you usually don't have access to the information of your grades until the semester is over.
15:41:20 So if you're a professor,'s all, so you're taking a class. You know, there might be a little conflict there.
15:41:31 And so people say, yeah.
15:41:35 Okay, but we wanna be.
15:41:40 We want to be discretionary. We want to be flexible.
15:41:46 Discretionary flexible.
15:41:55 Our synonyms for vulnerable.
15:42:08 You can have label based. Security.
15:42:18 Where you label each.
15:42:23 Yeah. Or row. Or table.
15:42:37 As a certain level of. Sensitivity. But.
15:42:57 But there's an overhead involved.
15:43:01 In having lots. Of tracking. Now.
15:43:16 Publicly accessible data says.
15:43:26 Are always They challenge the security. A library has a database.
15:43:39 But even on a library database.
15:43:48 So some information can be private.
15:43:57 There are attempts to
15:44:03 Fake databases.
15:44:06 There are actually
15:44:13 Reputable businesses.
15:44:26 Businesses that sell web security certificates. That is before you can get a web security certificate, you have to register.
15:44:38 And by the way, HTTPS is tied in with that. And I made discuss that some more.
15:44:48 Now when we talk about encryption But.
15:44:58 In e-commerce.
15:45:03 You have public data.
15:45:07 Which you want your customers to look at your catalog, you know, and what's there.
15:45:13 And. You have individual people's credit cards. Information.
15:45:23 So. That's a real. Challenge 2 security.
15:45:33 No. I want to specifically mention in the database.
15:45:43 And if anybody wants to look at some sample code. Danger, well Robinson danger.
15:45:52 Okay. And. One of the examples. By used.
15:46:00 Like I said. In square brackets, user or faculty member. To get the value. For a query.
15:46:17 That's cool, but. That's actually. A vulnerability.
15:46:28 Remember.
15:46:34 In that case.
15:46:44 Whatever they type. Is in in your SQL query.
15:47:07 So just to try to give you. A real
15:47:13 Simple injection. Thing instead of Just type in the username.
15:47:26 We could select x per user name. Equal Jake and Pastor Nicole Jess password or x equal x.
15:47:38 Just simply having a string.
15:47:43 With other database commands in it. That are executed.
15:47:49 Can be used to violate security.
15:47:57 There are some, I've got a file. I might depend it to this file with some. Sample code that works with it, but If you're Not careful about security your database is obviously
15:48:16 Not secure.
15:48:21 Now,
15:48:28 I think, actually. Let me.
15:48:36 Right at this point. There are a number of
15:48:46 Aspect of security.
15:48:55 That
15:49:05 Here's a couple of webpage links. This, this, this is elements of security that's from, visit a web page.
15:49:14 Source. There's HTML code to not show passwords.
15:49:20 And there's If you want to put passages in the database, anybody needs the code. But you can have a field call student password.
15:49:33 And you could require the students to type their password. And in conjunction with the code to not show passwords, the students can protect their information.
15:49:51 The
15:50:00 Some references if you're interested on.
15:50:06 Form validation. Is You can do that now. These server sends the submitted form data to the page.
15:50:20 But that means like the user.
15:50:24 Ken reference that variable.
15:50:28 And
15:50:32 So there's some actual.
15:50:39 Special functions.
15:50:44 Like there's an HTML special characters function that converts special characters. Like it converts HTML.
15:50:52 Characters like the less than sign with the ampersand LT Some, which looks the same. And if you accept someone's
15:51:04 Information and run HTML special characters on it. It removes the special characters which does a lot towards protecting.
15:51:16 There's so you can strip unnecessary characters and remove backslashes.
15:51:27 And that requiring you to do any of this stuff.
15:51:35 For your projects necessarily. And then.
15:51:43 You can actually write a function or got some sample code for a function that will.
15:51:52 Check input to make sure it's it's a couple of pages long Anybody expect there's an interest I can
15:52:01 Put it down, but. There are fairly decent
15:52:10 Approaches.
15:52:17 That can be used.
15:52:26 So.
15:52:29 I'll talk a little bit more.
15:52:32 About encryption in
15:55:46 Okay, now we're going to continue. No, share. I wanna share.
15:55:58 Okay. Okay. Let's describe distractions on your screen, hopefully.
15:56:08 You can think of encryption as a separate.
15:56:13 Category, although obviously it ties in well with security
15:56:27 Blaine text is something that is read a ball.
15:56:37 Cypher text is where you Substitute one. Character for another.
15:56:48 And I've mentioned in a couple of classes, maybe you've heard.
15:56:54 I checked at the grocery stores. Cheerio, Captain Crunch cereal. Is still going on at one time they had a Captain Crunch decoder ring.
15:57:04 Which basically was a circle with the alphabet. Another circle inside it with the alphabet and if you rotated it where A was next to D and then B was next to E and so on.
15:57:18 You could substitute. That's what. A cipher is. It's pretty easy to code a cipher.
15:57:28 Yes, especially at the computer, but it's also.
15:57:33 Pretty easy to break a cipher. Particularly if Every letter always becomes the same thing. If you look for a crypto quote.
15:57:55 Okay.
15:58:04 Those are relatively easy to break. If you have If you're still foolish as to not.
15:58:13 Encode spaces, then you Look at the most common letter is usually going to be an E.
15:58:19 And by itself is often going to be an I or an A. And there you've got 3 vowels.
15:58:27 If you have 3 letter word ending with E, that's probably going to be the, you know, and so on.
15:58:33 Okay, well that's okay, but it's not
15:58:38 Really a strong call. Code.
15:58:46 Encryption. Take something that's readable.
15:58:57 Encoded and decryption.
15:59:03 Take something. The then coded. And makes it readable. Yeah, there's a number of different codes.
15:59:13 One of my favorite is the XOR code. If you take. A series of bits. And X or.
15:59:29 With
15:59:33 Plain text.
15:59:39 You get encrypted text. Hard to read.
15:59:49 But if you repeat. The process.
15:59:59 It's repeat again, repeated, it's readable again.
16:00:07 In computer organization, sometimes I. Talk about or do that so like if you have a 4 character password Just every fourth character is exclusive award with a different letter in the password.
16:00:27 It's a bit harder to encode partly to decode. Partly because if you don't know how many characters it is
16:00:38 You don't know how often the pattern repeats.
16:00:43 Now there's also a number of.
16:00:52 The metric what are called symmetric
16:00:56 Key encryption, the exclusive or one is one of them.
16:01:08 You code and decode. Using the same algorithm. So obviously
16:01:19 You must keep the.
16:01:23 T secret.
16:01:26 Now if you, if you have a small key and you have enough samples of the data.
16:01:34 Your computer can often crack it. Read up sometime on Alan Turing in the World War 2 code breaking.
16:01:44 They got enough samples of the Nazi code. And a few hints as to what it might mean.
16:01:51 That they were able to crack the code. And it also means if you're communicating with someone or a remote place, You need to be able to get the secret.
16:02:04 Code to them. One of the most secure
16:02:11 Ways to submit information is called the one time only code pad
16:02:27 Use a really long sequence that does not repeat. One classic example that is the Digits of pie.
16:02:36 If you take the first letter. And move it up by one. Letter and the second character move it up by 4 spots And the third character by one in the fourth character by 5, 3.1 4 1 5.
16:02:50 And so on.
16:02:53 The really isn't a pattern.
16:03:00 But must. Get the. Code pad. To your correspondence.
16:03:15 Right? And in fact, I believe that a one time pad is part of what is used for the nuclear submarines.
16:03:26 That is when a submarine launches on its mission, they have a series of one-time code pads that they
16:03:34 Brought with them. But it's hard to replace. You know, give them a new co-pad one or a submarine.
16:03:46 So there's lots of different methods. Okay.
16:03:58 There's. A series. Of codes. That are called asymmetric.
16:04:08 Key. Encryption.
16:04:13 You do not use. The same key. To code and decode. And most of these are based on what is called a mathematical.
16:04:30 Trap door function.
16:04:35 That is. The fact that I can.
16:04:42 Square a number does not always mean I can find the square root
16:04:49 In fact, the fact that I can multiply 2 numbers together does not always mean I can factor. 2 numbers.
16:04:56 The most famous
16:05:01 Depends on it being. Hard to factor.
16:05:09 A 100 digit. Number into 2. 50 digit. Prime numbers.
16:05:30 That algorithm is called the RSA.
16:05:40 Encryption algorithm and that is the other part. The one single use codes. And the nuclear subs.
16:05:52 I think also we're using the RSA encryption algorithms. Now, This code is incredibly hard to break.
16:06:01 If the numbers are large.
16:06:06 If you stop and think about how many 100 digit numbers there are and how many less than 100 digit numbers could be a factor of it.
16:06:16 It would be pretty time consuming.
16:06:21 Factoring is.
16:06:35 Is exponential compared to the number of digits. So, like, if you take. 200.
16:06:44 As far as we know.
16:07:24 There's a mathematical prize. I'll be talking about some next semester in the.
16:07:33 Special topic class I'm teaching, but there might be a million dollar prize if you can prove or disprove.
16:07:39 If you can either find a faster algorithm.
16:07:45 For factoring or you can prove that there is no factor algorithm for you could win a million dollars.
16:07:58 Now. The way the asymmetric goes basically the encoder
16:08:08 Knows.
16:08:11 P and Q.
16:08:15 And the decoder. Only needs. To know.
16:08:24 The product of P and Q. Because of the mathematics of it, which I'm not going to get into today.
16:08:35 If you encrypt something.
16:08:44 It or no, it's excuse me.
16:08:51 I got it reversed.
16:08:58 The decoder has to know both PNQ. The encoder.
16:09:11 Does not need to know as much.
16:09:17 Which means
16:09:22 A number of cool things.
16:09:37 If the encoder
16:09:41 Actually.
16:09:49 How can I say it?
16:09:54 You can encode something going PNQ. But if you If you Do the decode algorithm. On plain text.
16:10:18 Then. Someone who and codes.
16:10:26 Yeah. Seize the plain text.
16:10:40 This is how. You can prove.
16:10:47 Your identity. In some circumstances.
16:11:01 Including the HTTPS certificates.
16:11:07 They use a trap door function. Okay, so.
16:11:17 That's. Worth exploring more on but
16:11:25 Be aware of encryption needs now the government
16:11:31 And by government I mean the United States government.
16:11:38 Established a data encryption standard.
16:11:49 With a 56 bit key.
16:11:54 The reason they like it.
16:12:06 Is because the government knows that they can crack it. I'll take is a pretty powerful computer.
16:12:18 Not everyone like that idea.
16:12:25 Some people use triple DES run 3 successive encryption.
16:12:32 And now there's advanced. Encryption systems with 1 28 or 192 or 200 and 56 bite keys.
16:12:49 In order to decrypt it, you either need to
16:12:53 Try 2 to the 250 sixth. Different combinations. Or know the key. Or have a really powerful super computer.
16:13:15 Many businesses develop their. Oh, which is relatively easy to do. Once I developed a scheme where the valid password.
16:13:28 Changed every 10 min.
16:13:34 And it was fairly easy.
16:13:37 To use once I wrote the program. Now there was a time when the
16:13:50 Government asked Apple.
16:13:55 To help crack.
16:13:59 The code and Apple declined.
16:14:05 Because
16:14:08 Apple didn't really want the publicity of saying, hey, if the government wants to break your security, we will help them.
16:14:17 They ended up now. Ironically enough. That was a phone being used by someone who really was a bad guy, a criminal who did some awful things.
16:14:31 But ironically, the phone was a corporate phone. So if the government had waited, The corporate, it would have automatically backed up.
16:14:42 To the corporation.
16:14:45 And then the government could have hit the corporation that owned the phone. With the subpoena.
16:14:55 Eventually what happened is the US government hired a hacker.
16:15:03 Now, kind of related.
16:15:08 Who encryption is hashing, which I often discuss when I teach data structures. And originally hashing was used.
16:15:24 We're making symbol tables in compilers and things like that. Passion is designed to give, give a fast.
16:15:35 Storage and retrieval.
16:15:42 Without meetings.
16:15:46 Any particular order like alphabetical order.
16:15:55 Now, look for comparison sake. Binary search.
16:16:03 Is Big O. Of log base 2.
16:16:15 Of N. So if you have a list of size 1,000.
16:16:29 It requires. 10 searches.
16:16:37 Can we do better than that? Well, actually we can. If you take anything. That takes.
16:16:47 A value and kind of scrambles it. Let's say.
16:16:56 Interpret your first name. As a base. 36 number.
16:17:12 Then take the result.
16:17:20 Modulus. That's the percent sign. Say, 2,000.
16:17:32 Store. 1,000 names.
16:17:39 In a table. Using that hash.
16:17:45 Too good the spot.
16:17:53 Most of those names
16:17:56 Can be found. With one look.
16:18:05 After. You have the hash.
16:18:11 A good hash algorithm. Therefore, can be proportional to one operation instead of proportional to log base and a lot of hash functions are trapped or functions.
16:18:25 Another one is square number and take the middle bits.
16:18:35 Okay. But that, that hashing is techniques sometimes show up.
16:18:45 In encryption. Now, encryption.
16:18:50 This, encryption and especially the trap door functions.
16:18:59 Are you in digital signatures?
16:19:07 And digital.
16:19:11 Sirificates.
16:19:21 But also you should be aware.
16:19:35 Encryption is not enough by itself.
16:19:41 To give the security. Some people have. Fake web pages.
16:19:53 They send you emails that sound like they're from. But company you have dealings with and if you're Cap to sleep. You might click on the link and suddenly go there.
16:20:15 I would wager. In at least half of the staff desks. On this campus. There's a written password in one of the drawers or something like that.
16:20:33 Okay, so if you pay if you were watching the or if you read the IT emails for Kacking Week, you will hear a lot about those.
16:20:47 So at this point, what I want you to do is be aware of encryption. And security issues.
16:20:58 You will want to have enough security. Depending on what you're doing. I think.
16:21:11 That's enough. You probably wanted to take a break by now. Before too long I will be recording about.
16:21:25 Storage and back up and if Efficiency related issues. For the stories. Look forward to seeing you in class.