Category: Technology

A simplistic Node.js implementation of RSA encryption/decryption

paschmann

This is a basic and simplistic implementation of RSA in JS which used to understand the implementation/math required for encryption/decryption and opportunities for hacking RSA using Quantum Computing.

If you are looking for a nice article on RSA and a small practical example, this might be helpful https://simple.wikipedia.org/wiki/RSA_algorithm

Hacking RSA using Prime Number Factorization

Hacking RSA uses the numeric public exponent from the public key and tries to calculate its largest common multiple factors (p and q) – from those two numbers you can calculate the Private Key. Using traditional computing to hack “small” RSA public keys can be done with a few modern algorithms, including the currently fastest General Number Field Sieve.

A nice library for General Number Field Sieves is http://cado-nfs.gforge.inria.fr/

You can use this site to factor a prime without having to install anything https://asecuritysite.com/encryption/factors. Enter the Public Key which gets generated by the code (should be < 100 bits for the site to be able to factor)

Installation

npm install

Usage

Edit the index.js file if you would like to edit the size or message being encrypted:

// Message
const message = 'Hello';

// Generate RSA keys (bits), max is 232 digits (768 bits)
const keys = RSA.generate(80);

Run the code

npm run start

Example Output

Public Key Exponent (e):65537 Random Prime (p): 798000088811 Random Prime (q): 563631878177 Totient (lcm of (p-1)(q-1)): 224889144420297550405280 ------------------------------------------------- Keys Public Key (n = p * q): 449778288841956732777547 Public Key Length: 24 digits (79 bits) Private Key (d = e multiplicative inverse (totient)): 210473481577786144493313 Private Key Length: 24 digits (78 bits) ------------------------------------------------- Message: Hello Encoded: 72101108108111 Encrypted (c = encoded message (m) ^ e modulo n): 426078873740860671226694 Decrypted (m = encrypted message (c) ^ d modulo n): 72101108108111 Decoded: Hello Correct? true read more

Plaid

paschmann

Plaid is a company in the financial technology, or more commonly known as the “fintech” space, which was founded in 2013, pivoted sometime in 2014 and was purchased by Visa in January 2020 for $5.3 billion dollars.

Plaid was founded by two entrepreneurs who set out to develop a consumer app in the budgeting and account reconciliation field. A mobile or app-based version of Quicken or Intuits Quick Books where users could provide their credit cards and bank account and the interface would allow them to get some insights into their spending habits and create budgets and reports to better manage their personal finances. The startup entered and won a prestigious grand prize award during a TechCrunch Disrupt hackathon in New York in 2013 with their application which at that time was called “Rambler”. During the development process the founders recognized that one of the biggest challenges to building “Rambler” was the bank connectivity component – it was time consuming and resource intensive to develop a solution which connected to each financial institution. The duo wanted their application to connect to the majority of US banks and this required writing code which would need to securely connect and consume the banks exposed API’s for retrieving account information, transaction reports and transaction details. This development exercise was required for each new financial institution the company wanted to include in their app. read more

Open Source Project & Paper: Blockchain proof of concept

paschmann

Late last year I wrote a small paper (for my MBA program) and developed an accompanying proof of concept (Javascript/Node/P2P) on the implementation of blockchain in the retail or food distribution network around protecting goods from food fraud.

Source Code: https://github.com/paschmann/blockchain_origin

Abstract

Food fraud is a crime which has the potential to negatively affect the brand image, financial resources and impact multiple parties in the supply chain paradigm of food distribution. The ability to track and trace the origin and touch points of products throughout the network is imperative to limit the impact caused by a food fraud incident or a food safety issue. Blockchain has the potential to disrupt multiple industries by providing a shared and trusted ledger of transactions which no single company controls. One practical application of blockchain is utilizing the platform as a static register – a distributed database for storing reference data. In this paper I will describe a technical implementation of a blockchain in a practical scenario which shares the details and a proof of concept of a food origin scenario. The implementation will share a simplistic JavaScript application of a digital ledger based blockchain allowing manufacturers to register data on the food origin in the static registry and vested parties the ability to augment and view the data for the purpose of traceability and accuracy. read more

Technical Talks

paschmann

Here is a nice summary of a user curated list of technical talks: https://news.ycombinator.com/item?id=18217762

Some I have watched and enjoyed:

Control engineering:

Gunter Stein’s inaugural Bode prize lecture from 1989 titled “Respect the Unstable” [0]. In this talk, he uses a minimum of mathematics to clearly demonstrate the fundamental (and inevitable!) trade-offs in control systems design. He effortlessly makes the link between his (in)ability to balance inverted rods of various lengths on his palm (with shorter rods being harder to balance) to why the X-29 aircraft was almost impossible to control and why Chernobyl blew up.

The fundamental message is extremely important and the derivation is so crystal clear that it is simply marvelous to watch him present it. I like it so much that I re-watch it about once a year. read more

Open Source Project: Rasa UI

paschmann

Rasa is an open source machine learning framework to automate text-and voice-based conversations.

Rasa UI is a web application built on top of, and for Rasa. Rasa UI provides a web application to quickly and easily be able to create and manage bots, NLU components (Regex, Examples, Entities, Intents, etc.) and Core components (Stories, Actions, Responses, etc.) through a web interface. It also provides some convenience features for Rasa, like training and loading your models, monitoring usage or viewing logs.

I developed Rasa UI to help me manage my bots as well as creating and managing the training data. The app is developed on NodeJS, and uses a simple SQLite DB for persistence (previously PostgresDB). read more

Lending Club Data Analysis

paschmann

LendingClub is a US peer-to-peer lending company headquartered in San Francisco, California, and has helped over 2.5 million customers simplify their finances in the last 10 years. LendingClub improves the loan process for borrows by offering a fast and easy online application. For investors, the company offers historical returns of 3 – 8% and anyone can invest with as little as $1000 [1].

Because LendingClub relies heavily on technology to evaluate their borrowers, getting an accurate risk analysis for each applicant requires systems which can quickly assess the applications, and upon approval, offer these loans to interested investors at a given interest rate. Of the $7.9 billion dollars loaned in 2018, $233 million was written off as defaulted loans. While this may seem insignificant at 2.9%, this does represent risks and losses which investors and the company would prefer to avoid. In order to mitigate risk, lending companies traditionally apply a fitting interest rate to each loan. For example, loans for a home or a car may have lower interest rates because the risk is reduced due to directly related collateral. In another example, someone with a poor credit history or having declared bankruptcy may have a higher interest rate due to the inherent risk of history repeating. read more