Monday, 29 July 2019

Chaos in the Forest - A Midsummers Night Dream

Well, in the space of a couple of days I have gone from one of Shakespeare's earlier plays to one of his more complex, and detailed plays. I guess that is what happens when you have a company that will perform multiple plays over a short space of time. Then again, this is how I believe the Globe in London sets its program, namely with there being three or four plays being staged at once. Mind you, whenever I've been in London I've only had the chance to see one of those plays, particularly since the plays at The Globe get booked up pretty quickly. In a way, I was actually quite fortunate to even get to see The Tragical History of Dr Faust at a moment's notice, even if I ended up getting the times confused and turning up late. Actually, come to think of it, the only plays that I have seen at the Globe (the other being Macbeth) were tragedies, so I am not all that sure of how their comedies turn out. Then again, I do have a collection of plays on DVD that I bought when I was in London, so I can always watch one of them, hoping that one of them does happen to be a comedy.

So, here we have what is basically one of my favourite plays, though one interesting thing about this play is that I remember seeing a Royal Shakespeare Company production of it when they made an appearance in Adelaide. Actually, I believe that is the only time they have actually toured Australia, which is a shame, since if I want to see one of their performances, at least a live performance, I would have to travel to London, or even to Stratford Upon Avon, where they happen to be based. Then again, if I do make the trek one day, maybe I'll be lucky and actually get to see a performance with Patrick Stewart and David Tennant (both of whom I believe are based with the company). However, this post isn't about a play that I saw many years ago, but rather one that I have seen more recently, in fact the previous night, if going by when I am actually writing this post (5 December 2018), as opposed to when I get around to publishing the post.


I could start by giving a rundown of the play, but the problem is that, like many of Shakespeare's other advanced plays, this one is actually pretty complex. In fact we have three sets of characters who I'll refer to as the nobles, the mechanicals, and the fairies. Now, of the nobles we have Theseus (of the minotaur fame) and Hypolita, a former amazon and Theseus' new wife. The mechanicals are basically a group of peasants who have decided to put on a play to celebrate the wedding. I won't go too much into the plot with regards to the faeries, namely because of some peculiarities with this particular production.

However, going back to the nobles, we have Demetrius and Lysander, and Helena and Hermia. Now, Helena loves Demetrius, but Demetrius, who used to love Helena, is now in love with Hermia. However the problem is that Hermia and Lysander love each other, so for a part of the play we have Helena chasing Demetrius who is not returning her affections. To make matters even more complicated, Hermia's father doesn't want her to marry Lysander, but to marry Demetrius, and if she refuses then she has either the choice of execution, or becoming a nun. Since she will have none of this, they run off into the forest. They are then followed by Demetrius and Helena, while the mechanicals decide that they need to practice their play, and also head off into the forest.

City and the Country

One of the interesting things I have seen in these performances is that the roles of Theseus and Hyppolita, and Oberon and Titania are generally played by the same person. This, in a way, creates a reflection on how in Athens it is Theseus and Hypolita who are the rulers, however disappearing into the forest does not mean that they are able to escape authority, since in the forest they are now under the authority of the faeries. One interesting thing is that the play is bookended by scenes set in the city, so the main characters flee the city for the forest, and then return at the end for the plays completion.

 

The forest seems to always be this wild and chaotic place in the plays of Shakespeare. Well, considering As You Like It, the forest there is nowhere near as dangerous as the forest in this particular play. I have already written extensively on the concept of the forest in As You Like It, so I'll refer you to those posts for reference. However, in A Midsummer Night's Dream, the forest is a wild, dangerous, and chaotic place. The characters flee Athens believing that the forest will offer them safety, however that cannot be further from the truth. Instead they suddenly all find themselves enchanted, and thus under the control of the faeries.

One of the interesting aspects of this performance was that the faeries were styled as Maori's, which shouldn't be all that surprising considering that this is a New Zealand production. However, it seemed as if they went as far as to translate the play into one of the Maori langauges, or at least the parts where the faeries were communicating with each other. This did create a bit of a problem, namely because we completely missed the plot regarding Titania and the changeling. Could the play survive without that plot? Well, it seems as if it was able to, though in one sense it was an incredibly risky move to make.

However, we were still able to watch how the faeries were able to manipulate and control the characters. For instance, we have the scene where Bottom's head is transformed into that of a donkey, and then we have Titania falling madly in love with the donkey. Then we have Oberon attempting to rectify the discord between the lovers, namely because it hurts to see Helena repeatedly being rebuffed. Well, that didn't turn out all that well considering that both Demetrius and Lysander end up falling in love with Helena.


The catch is that since Helena had been rebuffed by both for so long, when they suddenly fall madly in love with her, she finds it to be quite suspicious - as if they are having her on. In a way it sort of reminded me of games that would be played when I was in primary school. However the term madly is probably appropriate here because this isn't a play about romantic (of chivalric) love, but rather a play where the characters are enchanted. As such the whole scene should be completely ramped up with its insanity.

Dreaming of Love

Well, that is another rather interesting concept because not only is the play bookended by the city, but the suggestion is that all of the events that occurred in the forest occurred as if it were in a dream. Characters fall asleep quite regularly in this play, and when they fall asleep things inevitably change. For instance, Lysander falls asleep being in love with Hermia, and wakes up in love with Helena. In the same way Puck falls asleep with the head of an ass, and awakes with the head of a human.

I'm not inclined to suggest that the city represents civilisation, and the forest represents the wilds of nature, but in a sense they do. Theseus rules the city while the faeries rule nature. However, the city is also representative of the waking world while the forest is representative of the dreams. This is an interesting way to look at things, particularly since dreams tend to be quite chaotic and wild, and at times can trick us into believing that what we are experiencing is real. Yet it seems that in the world of dreams we get dragged along, as if we are passengers in a movie.


However, is it not also the case that in the waking world the same things are true. In many situations we are simply being dragged through life. Sure we have choice, or the illusion of choice, but many aspects of the world are completely out of our control. Yet in another sense, the waking world in many cases is very dull and drab, with us going to work and going home, on packed trains or jammed roads. In a sense the waking world is very dull and dreary, where as the world of the dreams can have an almost magical quality.

Yet is it not also the case that many of us, on the weekend, seek to escape to the wilderness, or at least those of us who aren't forced to work on the weekends. In a way it feels as if the weekend is like that dream world, that world where we aren't under the chains of our employers, aren't forced to work to make sure that there is food on our table or a roof over our head. Yet every Monday we find ourselves back at our desk, once again wandering why the weekend went so fast, and looking at another five days of doing the same thing over and over again. In a way, like the city and the forest, the weekend is the dream, the time we spend out in the forest, while the week is the reality that we must slog through.

Yet one of the darker aspects of the play, and there are certainly some rather dark aspects, is that the faeries not only inhabit the realm of the dreams, but are also masters over it. Sure, they make mistakes, such as enchanting the wrong person, so that we suddenly have the woman who has recently been scorned now being chased all over the forest by two men who are madly in love with her. Yet, the woman who was being pursued now finds herself being left behind.

Let us quickly make mention of this idea of love. These are nobles that we are talking about here, so marriage didn't occur because they were in love, marriages occurred due to agreements made by their parents. We can actually see the conflict here because Hermia and Lysander are in love, but the wish of Hermia's father is that she marry Demetrius. At first, Demetrius was in love with Helena, but changed his mind and decided that he would be happy to marry Hermia. As we know, they decide to run away, namely because they didn't want to follow the rules of the society in which they lived, but to follow their heart's desire. As we have already discussed, their desire to flee from one authority has them find themselves subject to another.


Notice also the setting of the play - Athens. Theseus was a mythical king of Athens, though Plutarch was rather convinced that he actually existed (as did numerous other ancients). In a sense, this story has been set not just in the distant past, but in the mythical past. This goes beyond the plays set in Italy, or even in Rome, but rather in a time that is shrouded in mystery. In a way this dream world is being thrust further back to an ancient time, further distancing the events from the every day life of the audience.

The Ridiculous Play

One thing that I noticed was that sometimes we don't need to worry about the language to be able to enjoy the play. In a sense, much of the play was visual, something that is generally not conveyed through the written word. This is probably why no two Shakespearian plays are necessarily the same. This is somewhat different from the plays of the likes of Oscar Wilde and Bernard Shaw. Here the details such as costumes and stage directions are very specific. However, take the language out of the play and sometimes it can be very, very confusing. This was not so much the case with this play, particularly since the players went out of their way to make it appear quite farcical.

Basically we were watching slapstick humour, and as long as we know what is going on, who is who, and who loves who, then the language doesn't matter, This is probably one of the beauties of Shakespeare, and that is that you can enjoy the play even if you struggle with the language. Mind you, it is English, and as I have said in the past, and will say again, plays are meant to be performed, not read, though I notice that getting into a group that will read Shakespeare is still a very popular past time.


Interestingly, there is always that story about how students struggle with the language of Shakespeare, yet even today he is not only still being performed, but the audiences are still flocking to see his plays performed. Of course, we have groups experimenting with the plays, and changing them, but they are still very popular, even in their purest form. In a way, costumes may be adjusted, if only to help us understand what is going on. For instance, in this play Lysander and Hermia were dressed in green, and Demitrius and Helana were dressed in red. As for the mechanicals, they wore hi-vis vests, simply to demonstrate that they are members of the working class.

So, let us finish off with the mechanicals' play - Pirimus and Thisbee. The performance is supposed to be bad, really really bad. Then again, these guys are working class, and in a sense Shakespeare didn't seem to think much of them, particularly since they are the butt of many of his jokes. They are rude, crude, and completely incompetent. In many cases they are only in the plays to provide some comic relief. In fact it is interesting that the fools, or the jesters, are never the ones who are considered to be the comic relief, but the ones who will confront the main character and challenge him. This is not the case with the lower classes.


One thing you will notice though is that during the performance the audience are jeering and making jokes. Remember, this is a private performance for Theseus, his wife, and the guests at the wedding. It actually makes me wander whether this is what Shakespeare would have experienced when he performed for the monarch (particularly King James). Then again, half of the reason is that this play is bad, and the performance is bad, however a part of me feels that this may not have been the case with the Kings Men, since you only landed up there if you were particularly good.

Creative Commons License

Chaos in the Forest - A Midsummers Night Dream by David Alfred Sarkies is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. This license only applies to the text and any image that is within the public domain. Any images or videos that are the subject of copyright are not covered by this license. Use of these images are for illustrative purposes only are are not intended to assert ownership. If you wish to use this work commercially please feel free to contact me

Saturday, 20 July 2019

Encoding Signals

Well, now that we have looked at how we turn sound into numbers, or computer data, lets see the methods that we can use to actually transfer this data from one point to another. Well, when it comes to sound you can shout, but the thing is that there is only a certain distance that the sound can reach before it becomes almost impossible to hear.

Let us use the example of a message. Say we write a message down on a sheet of paper. Now, there are a number of ways we can send that message. Obviously you could hold it up, but that wouldn't be all that good since you will need to be pretty close to be able to read it. Secondly you could throw it, but if you have ever attempted to throw a piece of paper, you probably know how futile a task that is. Well, you could screw it up and throw it, but that would increase the distance only slightly. The next option is to turn it into a paper aeroplane. Well, that might actually increase the distance, depending on a lot of factors such as wind, and whether it is raining. The final method would be folding it up, placing it in a envelope, and putting it in a letter box. From there it gets placed on a motorcycle, and depending on the destination, even on a plane. Well, it looks as if we can now send our message a considerable distance.

You might be wandering why I went through that example, and honestly, I am sort of wandering about it myself, though I do tend to have this ability of rabbiting on about nothing in particular, except that there is a method to my madness. As you can see, a message in its basic form can't really travel all that far, however if we attach it to something else, such as a motor bike, or a plane, then suddenly this message can travel, comprehensively, a lot faster. This is the same when it comes to data. One of the terms used when it comes to attaching data to a signal is modulation, another term is encoding. Actually, encoding is a term used more for digital data, since it is a way of mapping the digital data, that is made up of 0s and 1s, onto a signal, and there are a number of ways to do this.

Actually, encoding will output a digital signal, while modulation will output an analog signal. This usually occurs where the medium that is transporting the signal can only handle analog signals - wires are an example of this. We also have a couple of other things I should mention:

Unipolar: This is where the signal exists in a single state, either positive or negative.

Polar: This is somewhat different, in that the signal changes state based upon the logic value of the data. So, a 1 might be positive, and a 0 might be negative.

Differential Encoding: This occurs where the data bits are represented by changes between the elements as opposed to elements themselves. An example would be where a 1 represents a -ve to a +ve change, which a 0 represents a +ve to a -ve change.

Ratio: This refers to the number of data elements that are carried by a single signal element. The table below should be helpful in this regard.


Digital Data, Digital Signals

Now, this is where the fun begins. There are a number of ways to transmit digital data, and we will be looking at a few of them, as well as including a number of diagrams. I think that a list might be better here:

  • Return to Zero: There are three voltage levels, +ve, -ve, and zero. The signal returns to zero in the middle of the pulse, and is either high to zero, or low to zero.
  • Non-return to Zero: The signal doesn't return to zero in the middle of the pulse, though there are a few ways that it can be done:
  • Non-return to Zero Level (NRZ-L): here we have 0 as the high level, a 1 as the low level.
  • Non-Return to Zero - Invert on Ones (NRZ-I): Here if the signal is a 0, there will be no change, but if the signal is a 1, then it will invert. This occurs at the beginning of the signal.

With the Non-Return to Zero, both are easy to implement, but the problem is that there is no synchronisation, and there is no error correction. Further, there is a lot of needless changing.

Biphase Encoding
The difference here is that each of the segments has a transition in the middle, which is a means of self clocking and synchronising. The transitions at the period boundary do not mean anything, there are only there to place the signal into the correct state.
  •  Manchester: This is a mix of return to zero and NRZ-L. For a zero it transitions from high to low in the middle of the segment, and the opposite for a one.
  • Differential-Manchester: This combines the RZ and the NRZ-I. Basically at the beginning of the segment there is no transition for a 0, and a transition for a 1.
The benefits is that they have only two voltages, +ve and -ve, they allow for self clocking. The problems is that once again there is no error checking, there is no functionality for DC (direct current), and the multiple changes require a wider bandwidth.

Bipolar Encoding
Here we have three voltage levels, +ve, -ve, and 0 to represent our bits. There are two forms: Bipolar Alternate Mark Inversion and and Psuedoterenary.
  • Bipolar AMI: 0 represents no line, or a zero voltage, while 1 is either a +ve or a -ve. The voltage alternates for successive ones.
  • Pseudoterenary: Well, this is basically the opposite to the above.

Analog Data, Digital Signals

This is the process of turning analog data into a digital signal, otherwise known as digitisation. The benefits for this are numerous, including that there being no need for an amplifier, but rather a repeater. Amplifiers are problematic since while they can amplify the signal, they also have this habit of amplifying any noise that is with the signal. In fact it allows more efficient use of digital switching techniques, as well as being able to use Time Division Multiplexing as opposed to frequency division (more on that later).

Analog signals are digitised using a system called pulse amplitude modulation, and pulse code modulation is the most common. Samples are taken at around 8000 samples per second, and are usually recorded with an 8 bit depth. This will result in a digital rate of 64000 bps (namely 8 * 8000). For standard voice grade circuits, this is usually done at 3300 samples per second.

Instead of going through all the details, this image probably says it all:


Digital Data, Analog Signal

Well, even in our digital age, it is still necessary for us to be able to transmit digital data along analog lines - such as the telephone lines. In fact the NBN requires a digital to analog conversion, since fibre optic only allows analog signals. So, to do this you need to modulate the digital data onto the analog signal, normally by combining the signal m(t) onto the carrier frequency fc, to produce the signal s(t). The bandwidth is usually centered on the carriers frequency.

So, how is this done? Well, there are a couple of ways:

Amplitude Shift Keying
Here, the binary values are represented by two different amplitudes of the carrier frequency. A 0 will be, well, 0, but a 1 might be the actually sine wave - s(t) = Asin(2πft).
It might be better to have a look at it as a diagram:

Frequency Shift Keying
This is another way of doing it, so that while the amplitude stays the same, the frequency changes:
0 = Asin(2πf1t)
1= Asin(2πf2t)




Phase Shift Keying

This is where the phase of the signal is shifted to represent 0s and 1s. Differential phase shift keying shifts the phase relative to the previous transmission as opposed to some reference signal.

0 = Asin(2πft).
1 = Asin(2πft+θ).


Analog Data, Analog Signal

Okay, this is the final one, and it is probably still around, if Alan Jones' antics are anything to go by (he is a radio announcer in Sydney, well known for his rather controversial statements that tend to get blown all out of proportion by the media).

There are two types: Amplitude Modulation and Frequency modulation. Basically the data is mapped onto the carrier signal in a way that either leaves the frequency the same and changes the amplitude (AM) or leaves the amplitude alone and changes the frequency.

Once again, pictures probably say a lot more than words.

So, this is amplitude modulation:


And finally, frequency modulation:



Creative Commons License

Encoding Signals by David Alfred Sarkies is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. This license only applies to the text and any image that is within the public domain. Any images or videos that are the subject of copyright are not covered by this license. Use of these images are for illustrative purposes only are are not intended to assert ownership. If you wish to use this work commercially please feel free to contact me

Wednesday, 17 July 2019

Security Protocols & Authentication

Well, it seems that this word protocol has once again raised its ugly head. Well, that may be a bit too harsh to refer to protocol as having an ugly head, but the thing is that this seems to be coming back again and again as we move through these topics. However, in this instance the word security comes before the word protocol, so I guess what we are looking at is that when we access something, such as Facebook, we can prove to Facebook that we are who say we are, and just as importantly, Facebook can prove to us that it is who it says it is.

As we go through this we may realise that these protocols occur when we log into a website. For instance, when we log into Google, we enter our user name, it sends the user name to the server, and then requests our password. Others might simply request both our username and password at the same time. However, a lot of this also goes on behind the scenes when we first access the site. Sometimes it seems as if it is taking quite a long time for the site to load, however it isn't just the site loading, but the security protocols going back and forth. For instance your browser might be confirming that the site that you are trying to access is who it says it is. In fact, occasionally the browser might even refuse access due to a problem with the digital certificate - that is a security protocol at work.

So, we have two concepts here - Authentication and Authorisation. Basically authentication comes down to you proving who you say you are, and authorisation comes after authentication, and that namely comes down to determining what you are allowed to do. For instance are you a guest, a vendor, or even a systems operator. In many cases sites will take a layered approach, namely if one layer fails to prevent an attack, then another layer is there to attempt to foil the said attack. However, intrusion detection is something that we will cover in the next post. Yet, this image probably says a lot:


Authentication can be based on something that you know, such as a password, something you have, such as a key card, or even something that you are, such as your fingerprint, or even your retina pattern. The thing is that each of these have benefits and flaws. For instance, passwords have the strength in that they can be changed if they are compromised, or forgotten, however they are actually one of the weakest forms of protocol.

The thing is, many people are really, really bad when it comes to passwords. If the only symbols used in passwords are letters, and the password is 8 characters long, then that is 268, or 208,827,064,576 possible combinations. Say we use a mix of upper and lower case letters, then that is doubled to 5.35×10¹³ possible combinations. Throw in numbers, and then you get 1.92×10¹⁴ possible combinations. However, if you have a brute force attack which basically tries every single combination of the password, and it is able to attempt 100 passwords a second, then it will take 60 thousand years to crack that password.

Well, that seems like it will take a pretty long time to be able to go through all those different combinations of passwords, except that things aren't as simple as that. Say, for instance, we have a password file which contains 210 passwords, and the attacker has a dictionary that contains 220 passwords, then there is a 1 in 4 chance that one of the passwords will be in the dictionary. This is the problem with passwords, because people aren't always smart when it comes to selecting a password. A brute force attack might take quite a long time, but if the head on your IT department is lazy, and has simply used 'password' for his (or her) password, then that is going to be cracked pretty quickly (and you can be assured that that is probably the first password that any attacker is going to try).

The other form of attack is a social engineering attack - for instance, how visible is your Facebook profile, and how much information is on your Facebook profile. Do you get a bazillion birthday wishes from friends everytime it is your birthday, and you are almost forced to respond with the standard 'thankyou for your birthday wishes, I had a wonderful day?". Hah, it looks as if a potential attacker has got a key part of your identity. Are you friend's with your Mum, Dad, brother, sister? Well, there is another one. How about all those pictures of your dog, or cat, and those pictures where you are cuddling your partner, and both of you have been tagged in the photo. Well, it seems as if a potential attacker probably has everything they need. Oh, I also forgot, you might even have your place of birth listed, or even have photos of your primary school. There you go - that is enough information that an attacker needs to be able to engineer a way into your accounts.

Well, we can also have what are known as items that we need, such as your Visa Card. Sure, you need to be in possession of that card to access your account, but the thing is banks these days are making it easier to access your account without it - all you need is a mobile phone. How about that access card for your office. Well, the problem with these is that they can be lost. In fact, I suspect people still do not treat mobile phones as the serious security risks that they actually are. Does a random person come up to you, give you a sob story and asks if they can use your phone to make a call? Will you let them use it. Me, I'd point them to the nearest phone box, and maybe give them 50c to make the call.

So, the final thing we have is biometric protocols, that is something physical about who you are. The most common one happens to be finger prints. Okay, there are a lot of others as well, such as facial recognition, retina scanning, or even hand prints, but let us have a look at how fingerprinting works:


A lot of these systems work similarly. Basically an image is taken of the fingerprint, it is then enhanced, and certain parts of the finger print are then recorded. Once this is done, the sections are then stored on file. So, when you then place your fingerprint on the scanner, it will match your fingerprint with that which is stored on file. The problem is that finger prints aren't necessarily all that different, and can change, especially if you suffer an injury. This is the same with facial recognition because your face in one sense changes as you grow older, but in other cases it stays the same, or at least the bone structure, which is what is recorded, stays the same. As for the iris, well that is incredibly chaotic, no two are the same, and they do not change throughout a lifetime. Well, apparently it is possible to fake an iris, but that seems to be in the realm of science fiction.

Protocols on the Computer

Well, we all have protocols, such as asking a question in class - we raise our hand and wait for the teacher to point to us. There are networking protocols, such as FTP and HTTP, as well security protocols such as SSL, IPSec, and Kerebos. However there are flaws, and some of these flaws can be particularly subtle. For instance, there may be implementation flaws, or simply flaws in the actual way the protocol works. However, a security protocol needs to be efficient, robust, easy to use and flexible. For instance, it needs to require minimal computational requirement and use minimal bandwidth, yet needs to be able to resist an attacker, or still work when the environment changes. Basically, trying to balance these factors out is the key.

So, we have Moss, who is attempting to access the Benhom industries server, and there are a number of ways that the protocol can operate. Now, Moss needs to prove to Benhom that he is Moss, but since Moss isn't stupid, he should also require Benhom to prove to him that it is actually Benhom. In order to do this a session key needs to be established. However, there are other keys as well, such as public/private keys, hash functions, and symmetric keys. Yet sometimes there is also a requirement for anonymity and plausible deniability, such as when you, well, want to visit that website.


Now, authentication on a stand alone computer is relatively simple, namely you just need a password. However, authentication over a network does get somewhat more complicated. Sure, attacks on authentication software, such as keyboard logging, are an issue with standalone computers, but honestly, the only way somebody is going to be able to access your desktop is to break into your house (though laptops are a completely different story). With a network this is vastly different since attackers can passively listen, and also use what are known as replay attacks.

So, we have the following simple protocol:


This is okay for your laptop, or your desktop, but not so much for accessing a site like Facebook. For instance, Bob needs to know Alice's password, and Trudy (who is the attacker) could be sitting there passively listening to what is going on. For instance, Alice has a keyboard logger on her computer, so when Alice enters her password, Trudy captures it, and can then use her password to access Bob.

Well, this can be prevented by having Alice enter her username and password as soon as she requests access. Yeah, that might work, except remember, Alice has a keylogger on her computer, so Trudy is basically listening into what is going on, and can then use Alice's details to access her account.

You could Hash Alice's password, so that neither Trudy, nor Bob, actually know the password, except the problem is that it is still subject to a replay attack. Further, If Alice has a key logger on her computer, then Trudy can easily hash the password, or she can simply send the hashed password directly to Bob to allow access. So, there is a problem.

So, what we have is the challenge-response scenario. Basically when Alice requests access, Bob replies with what is known as a Nounce, or number used only once. So, when Alice replies with her password, the password is hashed, with the nounce. This will actually defeat the replay attack since the hash will pretty much change every time that Alice requests access. However, there is still the problem with the keyboard logger, namely because if Trudy knows Alice's password, then it doesn't matter what the nounce is, Trudy can always gain access (unless Alice removes the keyboard logger and changes the password). The other thing is that Bob must know Alice's password to be able to reply.

However, there is a better way than a hashed password, and that works with encryption. The thing with a hashed password is that if Trudy intercepts the password, then she can use the hash to gain access to Bob on behalf of Alice. What needs to be done is that the password is hashed once it reaches Bob so that Trudy does not actually know what the hash is. This is done through generating a key, whether symmetric or asymmetric. Basically the password is encrypted, and then sent to Bob, who then decrypts the password and then hashes it.

Yet there is still a problem. Sure, Bob is able to Authenticate Alice, but what if Alice wants to authenticate Bob. Surely Alice needs to know that she is actually sending her password to where she actually wants to send it as opposed to some imposter that has basically copied the bank's homepage and created a replica?

So, we have here Alice requesting a reply from Bob, Bob replying with an encrypted reply, and a key, and then Alice responding. Well, that seems to work, but the thing is that Bob isn't actually authenticating Alice. Sure, Alice knows that Bob is Bob, but the problem is that Bob doesn't know whether Alice is who she says she is - she could be Trudy.

While we have a secure one way authentication protocol, we don't have them authenticating each other. So, could the solution be to have a two way authentication protocol where both parties are authenticating each other?


So, Alice requests authentication from Bob. Bob responds with an encrypted authentication reply, with a key, and a request for authentication from Alice. Alice then sends the authenticated reply back to Bob. Well, that looks like it could work, except there is one major flaw - Trudy could open two sessions.

Basically, Trudy sends an authentication request and receives the encrypted reply, with Bob's authentication request. Now, remember, these keys are symmetric, meaning that they are the same on both sides. Now, Trudy has Bob's authentication request, so in a second session, Trudy sends the same request to Bob, who responds with an encrypted reply. Suddenly, Trudy now has the encrypted reply (she doesn't know the key), and she can then send it back to Bob, and thus gain access.


So, while our one way authentication may be secure, it isn't secure when we are using it for mutual authentication. This is the problem with protocols - they can be incredibly subtle, and while they may work in one scenario, they won't necessarily work in another. The other thing is that attackers are very, very resourceful. In fact they may even have the resources of entire governments behind them, so we need to be wary. Another problem is when environments change - what may work on a desktop in an office does not necessarily work when you are logging onto the office network from a remote location.

However, what about this:


Well, we have now included the identity within the nounce. So, Bob replies with his identity, and Alice responds with hers. This seems like it will defeat the above attack, since Trudy should not be able to replicate Alice's identity.

Another way is to use the public/private key encryption. Basically everybody knows Alice's public key, but only Alice knows her private key. We can also use digital signatures as well. That this for example (where M is the passphrase):

[{M}Alice]Alice

here, Alice encrypts the password {} and the signs it. Or:

{[M]Alice}Alice

Here, instead, Alice signs the password, and then encrypts it.

While this looks okay, once again we are back to the problem of mutual authentication. Basically, Bob is authenticating Alice, but not vice versa. In this situation Trudy can basically get Alice to decrypt anything.

In this situation, Trudy has previously intercepted a message signed with Alice's public key. As such, she can then use the public key to get Alice to decrypt something and then send it back to her. This is another flaw with the public/private key algorithm - you should never use the same public/private key pairs for both encryption and signing.

The same is the case where Bob requests Alice to sign something, Trudy can basically get Alice to sign anything. What we want is mutual authentication - if Alice is unable to authenticate Bob, then the problem arises that Trudy could impersonate Bob and then get Alice to basically provide anything that she wants off of Alice.

One way to do this is to use a session key, namely a symmetric key that is only active for that particular session. Basically there is authentication, and once that authentication is complete, then a session key is shared. Without the session key, Trudy does not have access.

Well, this looks secure, where Alice sends a Nounce to Bob, Bob replies with an encrypted key using Alice's public key, and Alice responds with a with Bob's public key. Yet there is a problem - Alice's nounce R does nothing to authenticate Bob. Sure, Alice is using Bob's public key, but there is no response from Bob - the nounce is in fact useless.

Well, Bob could instead respond by signing the reply, expect there is a further problem - the signature does not actually encrypt the session key, so it is exposed for an attacker to be able to see it. So, let us try this:

Well, it looks like we have solved it here, except that this is subject to a Man in the Middle attack:


In this situation, Trudy can get [R,K] from Bob, while Alice believes that she is actually communicating with Bob. However, what if instead on signing and encrypting, we encrypt and sign? Such as this

[{R,K}Bob]Alice

Well, the problem here is that anybody can see {R,K}Bob so unfortunately that isn't going to work all that well.

We can solve that by using a time stamp, which also works as a nounce. They can prevent replay attacks, and reduce the number of messages being sent back and forth. However, the problem arises in that not all times are synchronised. Thus we need to take into account what is called 'clock skew' yet by taking that into account we can suddenly open ourselves up to replay attacks.

As mentioned, they can be subtle, for instance signing and encrypting with a nounce is insecure, but encrypting and signing with a nounce is secure. However, if we use a time stamp, suddenly the opposite becomes true - protocols can be very subtle, and it really does depend on what we are using.

What we need is perfect forward security, namely a situation where if a message is intercepted, it cannot be used later - basically the attacker needs to act within a certain time, or else the information is useless. In many cases it really depends on the situation - access to an office desktop is going to require different protocols than, say, accessing Facebook. Also, the complexity really needs to depend on the type of data that is being stored - access to your bank is probably going to require different protocols than, say, access to a news site, or Netflix. It really does depend on the situation.


Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. This license only applies to the text and any image that is within the public domain. Any images or videos that are the subject of copyright are not covered by this license. Use of these images are for illustrative purposes only are are not intended to assert ownership. If you wish to use this work commercially please feel free to contact me

Sunday, 7 July 2019

Power Vacuum - King Lear's Resignation


Well, it seems as if Sir Ian McKellan is in the position where he can simply do what ever he wants, well when it comes to the theatre at least. Apparently the Chichester theatre approached him and asked him if he would like to do a play, and then proceeded to ask him what play he would like to do, considering he is one of those actors that has probably played every role out there. Anyway, he said that he wanted to give King Lear another shot, and fortunately for me, this particular production appeared on the National Theatre Live listing. The thing with King Lear is that a few years back I saw this awesome National Theatre production but unfortunately is just is not available beyond the fact that I saw it in a cinema. That was back before I actually started writing this blog. Further, I do have a version of King Lear staring McKellan on DVD, but honestly, it actually isn't all that good (though I will probably be burnt at the stake for making that comment).

So, it was with a little reservation that I decided to go and see this production. Look, don't get me wrong, I love Ian McKellan, not that I have seen in him all that much beyond the X-men, Lord of the Rings, and a National Theatre Live production where he and Patrick Stewart performed a Harold Pinter play. I guess it happens to be one of those things, like a Midsummers Night Dream, where I saw a production years ago by the Royal Shakespeare Company, and thought that it was so well done that I simply could not go and see another version of it. Well, I didn't, not for a long time, and I even avoided watching the more recent film version as well. Okay, I have since seen it again, and will probably be seeing another version of it shortly, but with King Lear, despite it being one of my favourite plays, the fact that the version I saw was so good, that I wasn't sure that even the venerable Ian McKellan could out do that.



Well, it turns out that I was quite wrong. This version of King Lear was nothing short of awesome, and McKellan was outstanding, but then again I am not really all that surprised. Okay, the play was performed using modern costumes, but that seems to be pretty much the done thing these days, though that doesn't actually seem to be the case when it comes to The Globe. Then again the Globe is The Globe, and as far as I can tell, authenticity is what they are on about there.

The Play

Look, I could go on about the play itself, but I feel that I have already done that elsewhere. The thing is that we probably already know the story quite well, you know, about how a king wants to retire, decides to divide his kingdom into three, but since his favourite daughter does not pander to his feelings, he kicks her out of the country and instead gives the country to his two remaining daughters. The rest of the play is basically his, and his country's, descent into madness. The play basically ends with literally half the cast dead, and the country once again without a ruler.


So, where did the story come from? Well, it appears that the story can be traced back to the History of the Kings of Britain, though this isn't the story that has come down to us in Shakespeare. Well, I doubt that Shakespeare built the play out of that rather short account, but rather was inspired by numerous other renditions that had been produced over the period. The subplot including Edgar and Edumund, which a part of me feels isn't actually a subplot because the entire play is a coherent whole, is the story that was added later to produce the form that we currently have.


The thing is that Shakespeare is hardly original. Sure, there are all these arguments about Shakespeare not actually being Shakespeare, but I'm not sure if people really understand what is going on. What he is doing is taking stories that had been around for quite a while and then adding his own flare. You know how we all hate remakes in Hollywood? Well, it turns out that Shakespeare was the grandfather of all remakes, it is just that his plays survived where was many of his sources disappeared into the mists of history.

Speaking of Hollywood, I do wander whether they could really produce a film like King Lear, and if they did whether they would alter it to make it more appealing. Honestly, this is a very unappealing story, but the reality is that it is always a very moving story - I always cry at the end, whether it be because Cordelia dies (and the first time I saw that scene I was struck dumb), and then when Lear dies because basically he has lost everything. Then there is the French invasion where they attempt to remove the tyrants from the throne of England. Well, they lose, but then again, they do happen to be the French, and surely Shakespeare couldn't have a play where the French actually won, even if they were lead by the good guys, and they were attempting to overthrow the bad guys.

A Country without a King

While we might suggest that it was a bit silly of Lear to actually divide up the country between his daughters, the reality is that this wasn't all that uncommon. The whole first born inheriting the entire country is a relatively new phenomenon. In fact, during the middle ages, or at least during the time of Charlemagne, it was quite common for the kingdoms to be divided between all of the children. This obviously doesn't result in a particularly stable system of passing on the title to the country, since the lands will get smaller and smaller as time, and generations, progress. Yet, at the time, or at least at the time the play is supposed to be set, this wasn't necessarily an absurd idea.


However, there is also this idea of the females inheriting the throne. Once again, this isn't necessarily an absurd idea, particularly since England was ruled by a queen (in fact there had been two queens in recent memory). Yet it is a little unclear as to where the power actually lay. Did it lie with Regan and Goneril, or did it lie with their husbands. Honestly, Albany and Cornwell simply aren't a couple of guys that happen to be playing second fiddle to the daughters - they have a role and a function of their own. Cornwell is a pretty brutal character, particularly since he is the one who gouges out the eyes of Glouscester. As for Albany, well, it actually seems to be the more honourable one, though he is completely dominated by his wife right up until the end.


Yet let us consider the idea of this power vacuum. From the point where Lear sets down his crown, it appears that there is a throne waiting to be claimed. Sure, the daughters aren't necessarily fighting amongst each other to claim that throne, but they have other concerns in the front of their mind. This is why I don't consider Edmund to actually be a subplot, but rather a character that is at the front and centre of the action. He sees what is going on, and he sees a way where he can climb the ladder to take the throne for himself.

This inevitably happens when there are power vacuums. It is interesting to note that the daughters are pretty quickly attempting to strip Lear of his retinue, until such a time as he only has two faithful followers, and one of those followers is a fool, and a fool that is not afraid to actually say it like it is. The thing is that these daughters don't necessarily appear to be particularly strong rulers, especially since Edmund is playing in the background to seize power for himself. He first of all gets rid of his brother, then his father, and finally brings himself into a relationship with both of the daughters, with the intention of dispatching both of them. In fact he poisons Regan near the end of the play, and no doubt intends on dispatching Goneril as well once Albany is out of the way.

A King of Fools

So, what is the problem with King Lear. Well, it is clear that he is a bit of a narcissist. He panders to those who tell him what he wants to hear, and banishes those who speak the truth to him. At first I simply thought he was somebody who wants to be loved, but the reality is that when one has been in a position for so long where he is surrounded by yes men it means that one simply cannot stand to hear anything other than yes. The reality is that to deal with such people you have to tell them what they want to hear, but the thing is that if these people have all of the power then maybe doing so isn't necessarily going to assist you in your progression, but on the other hand maybe it will.


The problem that Lear faced was that due to his narcissism, he gave up all of his power to people whom in reality he couldn't trust. This is the danger. Since he only listened to those who would heap praise upon him, and since they knew that that was the way to get ahead with him, once he had dispensed his of his power, he simply wasn't able to do anything once they turned against him. In a way, he ended up becoming a king of nobody but a couple of fools. In fact you could attribute this to his descent into madness. His narcissism at the beginning of the play resulted in him being stripped of everything that matters to the point that he was wandering alone around the country side handing out flowers to anybody who would listen.


People have suggested that maybe Lear was suffering from Dementia, and at first I thought that this was a reasonable theory. However, I'm not entirely all that sure any more. The thing is that we are watching a man being stripped of everything that made him who he is. He thought that it was time to retire, and in fact that is probably quite reasonable, and smart, since he was getting rather old. However, it becomes pretty clear that he is not thinking straight. Well, not quite, because it seems that he is seeking praise and simply will not settle for anything less.

Yet with this mind set, he begins by fighting with both of his daughters, and then finds himself excluded, wandering around the moors drenched in the rain. Sure, he picks up poor Tom, who is actually Edgar in disguise, but he has literally become a man with nothing. This is the nature of Shakespeare's genius - he understands human nature, and understands what it means to be a narcissist, somebody who will only respond to praise, and will banish the critics. When everything is stripped away from them all that is left is madness.

In many cases we are all like that. I've been there, where people have tried to speak to me to help me understand my flaws. Yet the problem is that sometimes it is really difficult to differentiate it from those who are genuinely friends, and those who are only attempting to get a leg up on us. The reality is that everybody wants to offer us advise, and sometimes that advice simply isn't going to be good advice. In a way we need to learn to accept criticism, but to also be able to retain a semblance of free will so that we will not become dominated by people who seek to dominate us.

A part of me was wandering whether it is possible for me to write multiple posts on a single Shakespearian play. Well, it certainly seems possible because with every play we watch, and every time we watch a play, we will certainly see something different, and certainly be able to draw more out of it that we weren't able to draw out of it previously. One thing that I know is that there is more that I want to write about here, but at this point in time what I actually wanted to write about has completely slipped my mind. Oh well, I guess there is always another production of King Lear out there to watch.



Creative Commons License

Power Vacuum - King Lear's Resignation by David Alfred Sarkies is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. This license only applies to the text and any image that is within the public domain. Any images or videos that are the subject of copyright are not covered by this license. Use of these images are for illustrative purposes only are are not intended to assert ownership. If you wish to use this work commercially please feel free to contact me