DOCSLIB.ORG

Cryptografie Aan Het Werk

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cryptografie Aan Het Werk Cryptogra¯e aan het Werk Cryptogra¯e aan het Werk Gerard Tel (Red.) iv Inhoudsopgave Inhoudsopgave v Voorwoord ix 1 Calling with Skype and Zfone (R¶emonvan de Kamp ) 1 1.1 The Public Switched Telephone Network . 1 1.2 Skype . 2 1.3 Zfone . 4 Summary and Conclusions . 7 2 Sleuteluitwisseling (Eelco Lempsink ) 9 2.1 Veiligheidseisen . 9 2.2 Protocollen . 10 Samenvatting en conclusies . 15 3 NTRU (Mark Stobbe ) 17 3.1 NTRU . 17 3.2 Aanvallen . 20 Samenvatting en conclusies . 21 4 Microsoft Crypto API (Pieter Hoogestijn ) 23 4.1 Cryptographic Service Providers . 23 4.2 Welke applicaties maken gebruik van de Crypto API . 24 4.3 NSA invloeden op de CryptoAPI . 26 4.4 CryptoAPI in de aanval . 27 5 OpenPGP (Sander Schuckman ) 29 5.1 Werking . 29 5.2 Berichtformaat . 31 5.3 Aanvallen . 33 Samenvatting en conclusies . 37 6 Side Channel Attacks (Kasper Brink ) 39 6.1 Achtergrond . 39 6.2 Simple Branch Prediction Analysis . 43 6.3 Di®erential Power Analysis . 47 Samenvatting en conclusies . 52 v vi Inhoudsopgave 7 Hellman Voorbij (Max Waaijers ) 53 7.1 Time/Memory tradeo® aanvallen . 53 7.2 Time/Memory/Data tradeo® aanvallen . 56 7.3 T/M/K aanval op UNIX wachtwoorden . 58 7.4 Ondergrens . 59 Samenvatting en conclusies . 60 8 UPnPTM (Paul Bouman ) 61 8.1 Doelstelling van UPnPTM .......................... 61 8.2 Ontwerp van UPnPTM ............................ 62 8.3 Cryptogra¯e in UPnPTM ........................... 67 8.4 UPnPTM in de praktijk . 71 Samenvatting en conclusies . 73 9 Smashing SMASH (Roeland Luitwieler ) 75 9.1 Inleiding . 75 9.2 SMASH . 76 9.3 Het breken van SMASH . 82 Samenvatting en conclusies . 84 10 Privacy-Preserving Data Mining (Henno Vermeulen ) 85 10.1 Data Mining . 86 10.2 Secure Multiparty Computation . 87 10.3 Mining Association Rules . 89 10.4 Secure Scalar Product Computation . 94 Summary and Conclusions . 99 11 Loterijen (Ruben van der Zwaan ) 101 11.1 Aanvallen . 103 11.2 Eigenschappen van loterijen . 104 11.3 Implementatie van een Elektronische Loterij . 105 11.4 Technieken . 108 11.5 Samenvatting . 109 12 Digitale identi¯catie (R.A. van den Beukel ) 111 12.1 De¯nities . 112 12.2 Internetbankieren . 114 12.3 Elektronische Overheid . 118 12.4 Een gevaarlijke chaos . 120 Samenvatting en conclusies . 122 13 Hardeschijf versleuteling (Martin Warmer ) 123 13.1 Bestands versleuteling . 123 13.2 Een eerste oplossing . 124 13.3 Getweakte versleuteling . 125 13.4 LRW-AES . 126 13.5 XTS-AES . 127 Cryptogra¯e aan het Werk vii Samenvatting en conclusies . 129 14 Valkuilen bij kleine exponenten in RSA (Jefrey Lij±jt ) 131 14.1 Introductie in het kraken van RSA . 131 14.2 Oude bekenden . 132 14.3 Het kettingbreukalgoritme . 133 14.4 Het roosteralgoritme . 134 14.5 Uit balans . 135 14.6 Staat van de kunst . 135 Samenvatting en conclusies . 136 15 Een geheugen e±ciÄente achterdeur in RSA (Jos Roseboom ) 137 15.1 Elliptische krommen . 138 15.2 SETUP . 142 Samenvatting en conclusies . 145 Bibliogra¯e 147 Index 155 viii Inhoudsopgave Voorwoord Deze bundel bevat literatuurstudies die besproken zijn op een klein symposium, genaamd Cryptogra¯e aan het werk, gehouden op 25 januari 2007 aan de Universiteit Utrecht. Deelname aan het symposium en schrijven in deze bundel waren verplichtingen in het college Cryptogra¯e (november 2006 tot januari 2007). Er werden 17 presentaties gehpuden (door 18 sprekers), verdeeld over de thema's Systemen, Aanvallen, Nieuwe toepassingen en Onderzoeksthema's: Ik hoop dat deze bundel de lezer een idee zal gevan van het symposium en van de inzet van de studenten. Gerard Tel, juli 2007. email: [email protected] ix Chapter 1 Calling with Skype and Zfone Written by R¶emonvan de Kamp This chapter is about security in Skype and Zfone. For completeness and comparison, a small section about calling via the Public Switched Telephone Network (PSTN ) is included. Througout this chapter, after the short overview of the PSTN, the encryption used in Skype and Zfone (The PSTN uses no encryption) will be described in terms of installation, call establishment and during a call. Skype will be described ¯rst and Zfone will be described after that. 1.1 The Public Switched Telephone Network The best known and most used way of calling is through the PSTN, the Public Switched Telephone Network. This is a circuit-switched network, meaning that when person A calls person B, a physical connection is made through the network between the two phones. All information goes through this connection, nothing is routed in other routes through the network. Because of this and because by default calls made this way are not in any way encrypted, calls can be eavesdropped only by persons who have physical access to either the call switching hardware within the phone company or the local loop1. Eavesdropping in the local loop is very unlikely, because one would have to dig into the ground to reveal the phone line and this digging in public will of course draw lot attention. There exist phones that are able to encrypt calls, given that both ends of the conversation have the same type of phone, but this falls out of the scope of this chapter. 1The local loop is the last section of phone line that goes from the local phone junction to the customer's house. 1 2 Calling with Skype and Zfone 1.2 Skype Skype is an immensely popular program for making calls. Originally it was created by Niklas Zennstrom and Janus Friis, who also developed KaZaA, but now it is in the hands of eBay, who bought it for $2.6 billion. From the beginning, despite several requests to disclose this, the creators have been vague about the encryption techniques used in Skype. So Skype relies on security by disclosure. Other systems have also relied on the disclosure of their cryptography, but have been revealed by reverse engineering2. However the Skype executable uses anti-debug tech- niques, code obfuscation and an heavily encrypted executable, which is decrypted at run-time, directly after which the code for decryption is erased from memory, making it impossible to get a decrypted version of the whole executable[BD06]. As a result, there is no public information available about the real Skype encryption. Therefore, this section will be based on a document [Ber05] by Tom Berson of the Anagram Lab- oratories [KAMa]. He has worked for Skype for some time to analyze and criticize the cryptography used in their program. This makes it questionable how reliable a source he is (because he worked for Skype, Skype could have ordered him to bias his report). The rest of this section is information taken from his document, and can therefore unfortunately not be assumed to be the absolute truth about the workings of Skype. 1.2.1 Installation The cryptographic secret in Skype is the Skype Central Server's private signing key SS. Each client has the corresponding public veri¯cation key SV hard-coded in the executable. When a user uses Skype for the ¯rst time3, he or she will be asked to provide a username (A) and a password (PA). The application will then generate an RSA keypair VA,SA 4 and send A, Hash (PA) and VA to the Skype Central Server, using AES with a session key that is created using random functions from the user's Operating System5. The client can, and will check, that it is actually talking to the Skype Central Server6. The Skype Central Server will check if the username is unique and otherwise acceptable 7 under Skype naming rules . If this is the case, the server will store (A, Hash(Hash(PA)) in its user database. Next, it forms and signs an Identity Certi¯cate for A, ICA, which 8 contains, among other things , the Skype Central Server signature binding A and VA, S fA, VAgS and the key identi¯er of the SS. The Skype Central Server's Signing key used is determined by the fact wether the user has subscribed to extra options such as 2For instance the encryption mechanism of mobile phones 3Assuming he or she doesn't have a username/password combination already 4It is currently unknown what hash-function Skype uses 5It is currently unknown how this connection is established exactly 6It is currently unknown how this is achieved, but probably via a challenge from the client which gets returned and signed by the server's signing key SS 7For example that it has no invalid characters in it and is between 6 and 32 characters long, all of which is also checked client-side 8It is currently unknown what other 'things' 1.2 Skype 3 SkypeOut or SkypeIn. If the latter is the case, a SS with a modulus of 1536 bits will be used, otherwise a SS of 2048 bits will be used. After this process is done, ICA will be returned to A. 1.2.2 Establishing a call When a Skype user (U1) calls another Skype user (U2), a peer-to-peer connection will be made through the internet. How this connection is established falls out of the scope of this chapter. Once the connection is established, the peers challenge each other with 64 bits nonces9. The peers modify these received nonces in a standard way10, sign it with their own RSA private signing key SU1 and SU2 respectively, and send the result back to the sender. After this, they exchange their Identity Certi¯cates ICP1 and ICP2 . The receivers can verify that these Identity Certi¯cates are signed by the server because they have the Skype Central Server's public veri¯cation key encoded in their executables.
Load more

Recommended publications
  • Sourcefire White Paper
    And Its Role in the Security Model www.sourcefire.com June 2002 Sourcefire, Inc. 7095 Samuel Morse Drive Suite 100 Columbia, MD 21046 410.290.1616 | 410.290.0024 TABLE OF CONTENTS Table of Contents ............................................................................................................2 Open Source Software: OSS...........................................................................................3 What is OSS?..........................................................................................................................3 History.....................................................................................................................................4 Opinions on OSS.....................................................................................................................4 Arguments in favor of OSS ......................................................................................................5 Security, Stability, and Cost .......................................................................................................................5 Standards, Immediacy, and Lack of Restrictions......................................................................................7 Arguments Against OSS..........................................................................................................7 Status Quo and Security.............................................................................................................................8 Poor Packaging and Support .....................................................................................................................9
    [Show full text]
  • Bastian Ballmann Attack and Defense with Python 3 2Nd Edition
    Bastian Ballmann Understanding Network Hacks Attack and Defense with Python 3 2nd Edition Understanding Network Hacks Bastian Ballmann Understanding Network Hacks Attack and Defense with Python 3 2nd Edition Bastian Ballmann Uster, Switzerland ISBN 978-3-662-62156-1 ISBN 978-3-662-62157-8 (eBook) https://doi.org/10.1007/978-3-662-62157-8 © Springer-Verlag GmbH Germany, part of Springer Nature 2015, 2021 This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifcally the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microflms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specifc statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. The publisher, the authors and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors give a warranty, expressed or implied, with respect to the material contained herein or for any errors or omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in published maps and institutional affliations. Responsible Editor: Martin Börger This Springer imprint is published by the registered company Springer-Verlag GmbH, DE part of Springer Nature.
    [Show full text]
  • Alan Watt "Cutting Through the Matrix" Live on Rbn #101
    Transcripts of: ALAN WATT "CUTTING THROUGH THE MATRIX" LIVE ON RBN #101 - 125 April 14, 2008 – June 9, 2008 Dialogue Copyrighted Alan Watt - 2008 (Exempting Music, Literary Quotes and Callers' Comments) Alan Watt's Official Websites: WWW.CUTTINGTHROUGHTHEMATRIX.COM www.alanwattsentientsentinel.eu "While Inflicting Torture and Pain, Our Masters "All That Was must Pass Away" Make Hay for Financial Gain - May 12, 2008 #113 The End of Morality in the New Corporate Feudal System" - April 14, 2008 #101 "Your Neighbourhood Snoopers are Such Party Poopers" - May 14, 2008 #114 "Crisis Cry-Sis from the Boys at the Top" April 16, 2008 #102 "The Web it said Will Soon be Dead" May 16, 2008 #115 "The Nation-State is now Transcendent, You are now Global Slaves and Interdependent - Analysis "Freedom of Mind for He Who Chooses, Is of Gordon Brown Speech at Kennedy Center" Known by Controllers Who Study The Muses" April 18, 2008 #103 May 19, 2008 #116 "Gorge and Binge to go Out of Fashion" "The Chessboard's Set, The Pawns are in Place, April 21, 2008 #104 As They Move Toward The Humanimal Race" May 21, 2008 #117 "The New Autism ain't What It used to Be - Comparative Studies within Amish Community" "The Mass-Man Moves toward Integration, The April 23, 2008 #105 Few with Spirit toward Separation" May 23, 2008 #118 "Big Brother's Coming Door-to-Door to Enquire about Your Sex Life - "Con of the Carbon Life-form" Strictly For Statistical Reasons, of course" May 26, 2008 #119 April 25, 2008 #106 "For 'Trekkie' fans, It's 'Red Alert!', "Shortly, Food Supplements
    [Show full text]
  • The Hacker Voice Telecomms Digest #2.00 LULU
    P3 … Connections. P5 … You Got Mail… Voicemail. P7 … Unexpected Hack? P8 … Rough Guide To No. Stations pt2. P12 … One Way/One Time Pads. P16 … Communications. Your Letters, Answered… Perhaps! P17 … The Hacker Voice Projects. P19 … Automating Network Enumeration. P22 … An Introduction to Backdoors. The Hackers Voice Digest Team P27 … Interesting Numbers. Editors: Demonix & Blue_Chimp. Staff Writers: Belial, Blue_Chimp, Naxxtor, Demonix, P28 … Phreaking Bloody Adverts! Hyper, & 10Nix. Pssst! Over Here… You want one of these?! Contributors: Skrye, Vesalius, Remz, Tsun, Alan, Desert Rose & Zinya. P29 … Intro to VoIP for Practical Phreaking Layout: Demonix. Cover Graphics : Belial & Demonix. P31 … Google Chips. Printing: Printed copies of this magazine (inc. back issues) are available from P32 … Debain Ubuntu A-Z of Administration. www.lulu.com. Thanks : To everyone who has input into this issue, especially the people who have P36 … DIY Tools. submitted an article and gave feedback on the first Issue. P38 … Beginners Guide to Pen Testing. Back Page: UV’s World War Poster Productions. P42 … The Old Gibson Phone System. What is The Hackers Voice? The Hackers Voice is a community designed to bring back hacking P43 … Introduction to R.F.I. and phreaking to the UK . Hacking is the exploration of Computer Science, Electronics, or anything that has been modified to P55 … Unexpected Hack – The Return! perform a function that it wasn't originally designed to perform. Hacking IS NOT EVIL, despite what the mainstream media says. We do not break into people / corporations' computer systems and P56 … Click, Print, 0wn! networks with the intent to steal information, software or intellectual property.
    [Show full text]
  • Bastian Ballmann Attack and Defense with Python
    Bastian Ballmann Understanding Network Hacks Attack and Defense with Python Understanding Network Hacks Bastian Ballmann Understanding Network Hacks Attack and Defense with Python 123 Bastian Ballmann Uster, Switzerland Translation from the German language edition “Network Hacks - Intensivkurs”, c Springer-Verlag, 2012 ISBN 978-3-662-44436-8 ISBN 978-3-662-44437-5 (eBook) DOI 10.1007/978-3-662-44437-5 Springer Heidelberg New York Dordrecht London Library of Congress Control Number: 2014960247 © Springer-Verlag Berlin Heidelberg 2015 This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. Exempted from this legal reservation are brief excerpts in connection with reviews or scholarly analysis or material supplied specifically for the purpose of being entered and executed on a computer system, for exclusive use by the purchaser of the work. Duplication of this publication or parts thereof is permitted only under the provisions of the Copyright Law of the Publisher’s location, in its current version, and permission for use must always be obtained from Springer. Permissions for use may be obtained through RightsLink at the Copyright Clearance Center. Violations are liable to prosecution under the respective Copyright Law. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use.
    [Show full text]
  • Why Open Source Software / Free Software (OSS/FS, FLOSS, Or FOSS)? Look at the Numbers! 1. Introduction
    Why Open Source Software / Free Software (OSS/FS, FOSS, or FLOSS)? Look at the Nu...Page 1 of 139 Translations available: Czech | French | Japanese | Spanish Why Open Source Software / Free Software (OSS/FS, FLOSS, or FOSS)? Look at the Numbers! David A. Wheeler http://www.dwheeler.com/contactme.html Revised as of November 14, 2005 This paper provides quantitative data that, in many cases, using open source software / free software (abbreviated as OSS/FS, FLOSS, or FOSS) is a reasonable or even superior approach to using their proprietary competition according to various measures. This paper’s goal is to show that you should consider using OSS/FS when acquiring software. This paper examines market share, reliability, performance, scalability, security, and total cost of ownership. It also has sections on non-quantitative issues, unnecessary fears, OSS/FS on the desktop, usage reports, governments and OSS/FS, other sites providing related information, and ends with some conclusions. An appendix gives more background information about OSS/FS. You can view this paper at http://www.dwheeler.com/oss_fs_why.html (HTML format). A short presentation (briefing) based on this paper is also available. Palm PDA users may wish to use Plucker to view this longer report. Old archived copies and a list of changes are also available. 1. Introduction Open Source Software / Free Software (OSS/FS) (also abbreviated as FLOSS or FOSS) has risen to great prominence. Briefly, OSS/FS programs are programs whose licenses give users the freedom to run the program for any purpose, to study and modify the program, and to redistribute copies of either the original or modified program (without having to pay royalties to previous developers).
    [Show full text]
  • TOP THEMA Datenmissbrauch Und Wirtschafts-Spionage ______
    _______________________________________________________________________ TOP THEMA Datenmissbrauch und Wirtschafts-Spionage _______________________________________________________________________ Handelsblatt: 50-Milliarden-Schaden jährlich durch Wirtschaftsspionage http://www.handelsblatt.com/politik/deutschland/wirtschaftsspionage-50-milliarden- schaden/8705934.html Bitcom schätzt 51 Milliarden Euro Schaden jährlich durch digitale Wirtschaftsspionage - Erschreckende Statistik: Rund 51 Prozent aller deutschen Unternehmen waren bereits von Datendiebstahl, Sabotage oder Spionage betroffen http://www.heise.de/newsticker/meldung/Bitkom-51-Milliarden- Euro-Schaden-jaehrlich-durch-digitale-Wirtschaftsspionage-2609577.html Der Ingenieursverband ist sieht die Sache noch dramatischer: Laut seinen Schätzungen sind die Schäden durch Wirtschaftsspionage in Deutschland erheblich alarmierender. Deutsche Unternehmen würden mindestens 100 Milliarden Euro pro Jahr verlieren, schätzt der Verband. http://www.faz.net/aktuell/wirtschaft/wirtschaftsspionage-ingenieursverband-100- milliarden-euro-schaden-12782369.html Aber wie funktioniert so etwas? Haben Sie das gewusst? Windows ist ein NSA Trojaner 1998 entdeckten zwei IT-Experten – Dr. Nicko Someren und Andrew Fernandes - versteckte „NSA“ Hintertüren im Betriebssystem von Microsoft. Obwohl diese Entdeckung von höchster Brisanz gewesen war, nutzen viele Firmen, Behörden und Privatpersonen leichtsinnig weiter das Betriebssystem Windows. Doch lesen Sie selbst... Die Entdeckungen von Dr. Nicko van Someren und
    [Show full text]
  • Como Entender As Denúncias De Vigilantismo Global
    PROTEÇÃO DE DADOS A BITCOIN e-SAÚDE na União Europeia pode derrubar os EUA e privacidade no Brasil o instituto nupef é uma organização sem fi ns Uma publicação do Instituto Nupef • outubro / 2013 • www.politics.org.br de lucro dedicada à refl exão, análise, produção de conhecimento e formação, principalmente centradas em questões relacionadas às tecnologias da informação e Comunicação (tiCs) e suas relações políticas com os direitos humanos, a democracia, o desenvolvimen- to sustentável e a justiça social. além de realizar cursos, eventos, desenvolver pesquisas e estudos de caso, o nupef edita a politiCs, a rets (revista do terceiro setor) e mantém o projeto tiwa – provedor de serviços internet voltado exclusivamente para instituições sem fi ns lucrativos – resultado de um trabalho iniciado há 21 anos, com a criação do alternex (o pri- meiro provedor de serviços internet aberto ao público no Brasil). o tiwa é um provedor comprometido prioritariamente com a pri- vacidade e a segurança dos dados das entidades associadas; com a garantia de sua liberdade de expressão; com o uso de software livre e de plataformas abertas não-proprietárias. Tecnologias e pessoas com defi ciência: questão política rua sorocaba 219, 501 | parte | Botafogo | CeP 22271-110 | rio de Janeiro | rJ | Brasil Como entender telefone/fax +55 (21) 3259-0370 | www.nupef.org.br as denúncias de vigilantismo global nº16 EDITOR CARLOS A. AFONSO CAPA, PROJETO GRÁFICO E DIAGRAMAÇÃO MONTE DESIGN DISTRIBUIÇÃO VIVIANE GOMES Índice TRADUÇÕES RICARDO SILVEIRA 02 >Como entender as denúncias Esta é uma publicação do Instituto Nupef. de vigilantismo global Versão digitalizada disponível em www.politics.org.br e no sítio do Nupef - www.nupef.org.br Pedro Antonio Dourado de Rezende Para enviar sugestões, críticas ou outros comentários: [email protected] >10 Rua Sorocaba, 219 | 501 - parte | Botafogo | 22271-110 Sugestões relativas às políticas públicas brasileiras sobre Rio de Janeiro RJ Brasil | telefone +55 21 2527-0294 tecnologias assistivas para pessoas com deficiência visual Apoio: Fernando H.
    [Show full text]
  • The Economic Properties of Software
    A Service of Leibniz-Informationszentrum econstor Wirtschaft Leibniz Information Centre Make Your Publications Visible. zbw for Economics von Engelhardt, Sebastian Working Paper The economic properties of software Jena Economic Research Papers, No. 2008,045 Provided in Cooperation with: Max Planck Institute of Economics Suggested Citation: von Engelhardt, Sebastian (2008) : The economic properties of software, Jena Economic Research Papers, No. 2008,045, Friedrich Schiller University Jena and Max Planck Institute of Economics, Jena This Version is available at: http://hdl.handle.net/10419/25729 Standard-Nutzungsbedingungen: Terms of use: Die Dokumente auf EconStor dürfen zu eigenen wissenschaftlichen Documents in EconStor may be saved and copied for your Zwecken und zum Privatgebrauch gespeichert und kopiert werden. personal and scholarly purposes. Sie dürfen die Dokumente nicht für öffentliche oder kommerzielle You are not to copy documents for public or commercial Zwecke vervielfältigen, öffentlich ausstellen, öffentlich zugänglich purposes, to exhibit the documents publicly, to make them machen, vertreiben oder anderweitig nutzen. publicly available on the internet, or to distribute or otherwise use the documents in public. Sofern die Verfasser die Dokumente unter Open-Content-Lizenzen (insbesondere CC-Lizenzen) zur Verfügung gestellt haben sollten, If the documents have been made available under an Open gelten abweichend von diesen Nutzungsbedingungen die in der dort Content Licence (especially Creative Commons Licences), you genannten Lizenz gewährten Nutzungsrechte. may exercise further usage rights as specified in the indicated licence. www.econstor.eu JENA ECONOMIC RESEARCH PAPERS # 2008 – 045 The Economic Properties of Software by Sebastian von Engelhardt www.jenecon.de ISSN 1864-7057 The JENA ECONOMIC RESEARCH PAPERS is a joint publication of the Friedrich Schiller University and the Max Planck Institute of Economics, Jena, Germany.
    [Show full text]
  • Essays in Revealed Preference Theory and Behavioral Economics
    Essays in Revealed Preference Theory and Behavioral Economics Thesis by Taisuke Imai In Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy California Institute of Technology Pasadena, California 2016 (Defended December 11, 2015) ii c 2016 Taisuke Imai All Rights Reserved iii To my family. iv Acknowledgements First and foremost, I would like to express my sincere thanks to my advisor, Colin Camerer, for his support, patience, and encouragement. I first met him in the hot summer of 2007 at the University of Tokyo. He gave a talk on then-emerging field of neuroeconomics. The day after his seminar, I had an opportunity to show him around several sightseeing places in Tokyo. During this tour, he enthusiastically talked about the history, challenges, and future directions of behavioral, experi- mental, and neuro-economics. I was astonished by his encyclopedic knowledge and was deeply inspired by his passion for pioneering new fields of researches. That was the moment I decided to come to Caltech to conduct researches in those fields. My research interest drifted during the course, but he always supported me and gave the best guidance at every stage of my doctoral work. I benefited greatly from Federico Echenique and Kota Saito. Keeping up with their speed of discussion was sometimes challenging to me, but at the same time, working with them has always been enjoyable. Conversations with Ming Hsu, Pietro Ortoleva, Antonio Rangel, and Matthew Shum have also been immensely helpful. I would also like to thank my friends who gave me constructive feed- backs and thoughtful questions: Ryo Adachi, Rahul Bhui, Ben Bushong, Kyle Carlson, Matthew Chao, John Clithero, Cary Frydman, Keise Izuma, Andrea Kanady Bui, Yutaka Kayaba, Jackie Kimble, Ian Krajbich, Gidi Nave, Euncheol Shin, Alec Smith, Shinsuke Suzuki, Federico Tadei, and Romann Weber.
    [Show full text]
  • Why Open Source Software / Free Software (OSS/FS, FLOSS, Or FOSS)? Look at the Numbers!
    Translations available: Czech | French | Japanese | Spanish Why Open Source Software / Free Software (OSS/FS, FLOSS, or FOSS)? Look at the Numbers! David A. Wheeler http://www.dwheeler.com/contactme.html Revised as of July 18, 2015 This paper (and its supporting database) provides quantitative data that, in many cases, using open source software / free software (abbreviated as OSS/FS, FLOSS, or FOSS) is a reasonable or even superior approach to using their proprietary competition according to various measures. This paper’s goal is to show that you should consider using OSS/FS when acquiring software. This paper examines popularity, reliability, performance, scalability, security, and total cost of ownership. It also has sections on non-quantitative issues, unnecessary fears, OSS/FS on the desktop, usage reports, governments and OSS/FS, other sites providing related information, and ends with some conclusions. An appendix gives more background information about OSS/FS. You can view this paper at http://www.dwheeler.com/oss_fs_why.html (HTML format). A short presentation (briefing) based on this paper is also available. Palm PDA users may wish to use Plucker to view this longer report. Old archived copies and a list of changes are also available. 1. Introduction Open Source Software / Free Software (aka OSS/FS), also described as Free/Libre and Open Source Software (FLOSS), has risen to great prominence. Briefly, FLOSS programs are programs whose licenses give users the freedom to run the program for any purpose, to study and modify the program, and to redistribute copies of either the original or modified program (without having to pay royalties to previous developers).
    [Show full text]
  • Microsoft's Plans for the Internet: Some Key Issues
    Microsoft's Plans For The Internet: Some Key Issues Scott Granneman Senior Consultant in Internet Services Bryan Consulting [email protected] Last updated 18 July 2001 © 2001 Scott Granneman – You may freely redistribute this presentation, as long as the content is not altered. Open Standards, Open Source What Are Open Standards? Open standards are technology specifications that are ... Published so anyone can read & use them Agreed upon Changed after a review process To learn more, you can go to: RFCs W3C Examples Of Open Standards HTML, the language of Web pages POP & SMTP, which transfers email ASCII, used by any text editor JPEG, which displays images TCP/IP, the language of the Internet XML, the future language of the Web Importance Of Open Standards The Internet was built on Open Standards The use of Open Standards ... Allows for innovation Prevents "vendor lock-in" Is inclusive for all types of computers & users What Is Open Source? Developers can see, use, & change the code Code may be freely redistributed without restriction Public specification, development, & extension process Often made freely available Open Source Licensing Various licenses govern Open Source software All use the word "free" Free = freedom Free may or may not = $$$ Most famous is GPL, the GNU Public License GPL In Its Own Words "Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get
    [Show full text]