Problem solving an exercices in system architecture

So hey guys hope you are doing well. I have aproblem solving this exercices. I have tried a lot but it seems my answer are always wrong first here is the problem:

In the case where these registers have the following values:

AX = 13C4; BX = 324F; CX = 2200; BP = 1500, DS = 3000; SS = 5000; SI = 1100; DI = 2000
Calculate the physical address of the memory where the operand is saved, as well as the content of the memory locations in each of the following addressing modes: at.
MOV [2000], AX
b. MOV [SI],
AL vs. MOV [BX], CX
d. MOV [DI + 25], AX
e. MOV [BP], BX

Computer Architecture Problem

A computer system has a 64KB main memory and 1 KB space for the cache memory, and transfer between cache and main memory is 16 * 8 Blocks, uses 2 space blocks in each set(uses set associative), and uses LRU when deciding to change blocks, uses Read Through for read, Write allocate for write and simple write back for write back. offset = 4 number of sets = 32 tag = 7 index = 5 Q) in this system, each element for 20 elements has 8bit, the start of these addresses is arr1 = $ 0000 (in hexadecimal), arr2= $ 0200(in hexadecimal), and assume we wrote a mips program that reads and compare these two arrays elements and writes the big one into an array starts with address arr3 = $ 0410(in hexadecimal), initially assume that the cache is empty, in which blocks and sets the arrays will be placed and the number after comparing in which sets and blocks will be placed (Just I need calculations for hit and miss and read ratios ) and if you can draw it, it would be great

Architecture of smartphone security: why FBI needed apple’s help?

I want to focus on technical aspects, not on the fact that they wanted to make a precedence.

i assume the smartphone security architecture is following:

  1. cryptography chip. it’s read only and stateless. it contains physical cryptography key. it offers some transformations of user input. it doesn’t expose the key. it doesn’t remember number of retries

  2. NAND disk. contains encrypted data

  3. OS. get input from user, talks to the chip, changes the content of the NAND

  4. retries counter. no idea where is it? is it stored on NAND disk or some other dedicated long term memory?

from what i know the FBI wanted apple to make for them less secure iOS version that doesn’t erase the disk after a few failed retries. but why do the need it? can’t they just:

  • make a copy the NAND disk (in case it has some killswitch)
  • get the chip’s spec and just send to it a few millions decrypt request (testing every possible user pin / password)
  • if the chip stores retires counter in some dedicated memory, they can always plug in a tweaked memory that always replies with the same value when read

why do they even need an OS? it’s just a simple program that can communicate with a chip. what am i missing?

Find the flaw in my architecture: Shamir’s Secret implementation for data encryption and recovery

This will be a long one.

Here’s the thing: I want to build a privacy-preserving system where the user data is not even accessible to the database administrator.

Intuitively, I immediately thought of simply using AES to encrypt user data with their own password and hashing their username so that an attacker with access to my database would need to brute-force the password for the encrypted data to get the info and then brute-force the username to maybe get an idea of who the decrypted data is about.

This would be great but leads to the problem of forgotten passwords. If one forgets their password they could reset it by providing the correct username or recovery email (also hashed), but they could not get their data back. ProtonMail, for instance, claims your data is safe even from them, but you cannot recover your emails if you forget your password.

I then started looking at secret sharing and came across Shamir’s secret. My question therefore is: Is the system I propose below worse than simply storing data in plaintext with obfuscated (hashed) usernames?

I understand that:

  1. Security does not come with complexity
  2. This system will not be entirely flawless

However, I just want to know if it is any better than a much simpler solution. Because as long as it is equally easy/hard for a hacker but harder for the database admin to gather any info from the data, it would be worth it for me.

It is “complex” because it is the only system my mind has currently come up with that allows for data encryption + somewhat simple recovery protecting data from hackers and admins. I would also happily take suggestions for other implementations.

So here we go.

The proposed system would use Shamir’s secret to encrypt the user data with k=6 and n=11 so that 6/11 parts are needed to decrypt the data. User information would then be given a “weight” and utilized to store a proportional number of parts in an encrypted manner. Something like this:

Weights

  • Username: 2
  • Password: 4
  • Email: 2
  • Security Question 1: 1
  • Security Question 2: 1
  • Name + Date of Birth: 1

Based on those weights, the following is done to the user’s private data (pseudocode):

SHAMIR(user_data, k=6, n=11)

This will produce something like a uint8 array with length=11. Let’s call that array parts.

The database would then use symmetric encryption (let’s say AES) to store these parts as follows (only the resulting ciphertext is stored):

{   username: AES(key=username, message=parts[0:2])   password: AES(key=password, message=parts[2:6])   email: AES(key=email, message=parts[6:8])   seq1: AES(key=answer, message=parts[8:9])   seq2: AES(key=answer, message=parts[9:10])   id: AES(key=name+dob, message=parts[10:11]) }  

Login would then happen with the traditional username+password or email+password, such that the user will be authenticated/logged in if the data is decrypted correctly. Both combinations give access to enough parts (6) to decrypt the data. From the user perspective, it’s all the same as everywhere else.

Then, user forgets their password. Well, now they need to find an alternative way to gather the 4 “points” provided by the password. So they would click “Forgot Password”, and a form would pop up with all the possible fields to fill in. They must then fill enough to gather 4 more parts (in addition to username or email) in order to decrypt their data. For example:

username (2) + email (2) + seq1 (1) + namedob (1) = 6

(Email verification could also be implemented)

So now the user has 6/11. Server decrypts the data, user sets a new password, data is re-encrypted, and all the fields are updated with the new parts. By definition, a user who forgot their password will have accumulated a minimum of 10 out of 11 “points” after password reset is complete (The 6 points they provided + the 4 from the new password). Therefore, 1 point could be missing. Given that the user cannot provide that last point, they can be prompted to add a new security question, at which point all is back to normal.

So, in conclusion:

I know all parts of the secret being in the same place is not great, nor is it great to use AES with low-entropy secrets.

However, this should add some security, no? To get the data, an attacker would have to brute force at least a password and a username, or, to not brute-force the password, would have to brute-force quite a bit of other data. It isn’t perfect by any means, but it’s better for data privacy than the standard, no? What am I missing? Assuming it’s implemented perfectly and it works as intended, is it possibly worse than how companies treat our data today? For most, a database breach means the data is already out there, only the password has to be brute-forced, right?

Lastly, could these objectives be achieved in any other way?

That’s it. If you’ve read until now, thank you. Please go easy on me.

Cheers.

EDIT: I’m also thinking somewhat about UX here. The entropy of the data used to store the parts is definitely low, but giving users a higher-entropy “random recovery code” or something would be problematic from a UX perspective.

Is there any connection between imperative programming and the Von Neumann architecture?

I have ran into a wall with this question in the exercise my teacher gave me, is there any actual connetion between the Von Neumann architecture and imperative programming ?

I have tried googling and finding questions similar to this, but I couldn’t find anything, and the one question that I have found actually said that there shouldn’t be any connection between the Von Neumann architecture and programming paradigms.

Any help would be appreciated, I’m new to StackExchange, so if I’m breaking any rules please do tell me 🙂

true/false in computer architecture

In general computer science, I know several ways of shortly writing falsehood and veracity in English texts, apart from the widely known false and true:

  • 0, 1

  • F, T

  • N, Y

  • ⊥, ⊤

  • Lo, Hi

In German computer-science text, I saw variants

  • F, W

  • N, J

  • O, L

in addition.

Now the question: what do the hardware folks, i.e., researchers or practicioners doing computer architecture, predominantly use? I am interested in answers concerning English or German language (or both). As you can imagine, googling for “true false hardware” in books has led me nowhere.

Is there an abstract architecture equivalent to Von Neumann’s for Lambda expressions?

In other words, was a physical implementation modelling lambda calculus (so not built on top of a Von Neumann machine) ever devised? Even if just on paper?
If there was, what was it? Did we make use of its concepts somewhere practical (where it can be looked into and studied further)?

— I’m aware of specialised LISP machines. They were equipped with certain hardware components that made them better but eventually they were still the same at their core.

If there isn’t such thing, what stops it from being relevant or worth the effort? Is it just a silly thought to diverge so greatly from the current hardware and still manage to create a general-purpose computer?

Machine has 64 bit architecture and two word long instruction

A machine has a 64-bit architecture, with 2-word long instructions. It has 128 registers, each of which is 32 bits long. It needs to support 49 instructions, which have an immediate operand in addition to two register operands. Assuming that the immediate operand is a signed integer, the maximum value of the immediate operand is that can be stored is?

edit: would 1 word long instruction for this case be of 64 bit and 2 word long instruction be of 128 bits? Also do we have to add an extra bit while calculating the total bits required for 49 instructions?

Computer Architecture, Cache Memory question

A computer system has the following characteristics. The main memory has 1000 blocks. One block contains 8 words. Cache memory has 32 words. a)What is the format of the address? b)A program passes 4 times through the locations 7 to 37 decimally. What is the hit rate? And how does the cache look after the 4 passings. The system uses direct mapping.

I know that there are 1000 * 8 = 2^10 * 2^3 = 15 bits for the address. Other than that I am stuck.

Thanks!

How to conduct expert interviews to evaluate artefacts like software architecture?

I am searching for a guideline on how to conduct expert interviews. Preferable it would cover the evaluation of software architecture or system design. In particular, I am looking for a quotable scientific guideline.

So far I couldn’t find a guideline like this with search engines like google scholar.