Root CA key generation compliant with WebTrust and HSM independent

I’m trying to figure out how to generate private key for the Root CA according the principles of WebTrust.

One additional requirement I have that the generate private key should be then imported to any HSM, independent of the vendor.

I have never done any WebTrust audit, so I am not able to figure out if something like that will break any principle or requirement. The following high level procedure can from my point of view ensure secure backup of private keys that can be imported to any HSM (the assumption is that all HW is certified according FIPS 140-2 Level 3 or similar):

  1. Generate strong symmetric key (e.g. AES-256) inside HSM with certified RNG
  2. Provide clear-text of at least 2 components of AES-256 key to key custodians, they will record it (or securely print it to security envelopes)
  3. Check the integrity of the components using KCV to be sure that it was recorded correctly
  4. Store the clear-text key components in secure envelopes inside safe, each separately
  5. Generate 4096 RSA private key inside the same HSM
  6. Export private key using AES key in a PKCS#8 format to file
  7. Create HMAC of generated file in order to record and verify later integrity of exported RSA key using the same AES key
  8. Delete RSA na AES key from HSM

The key generation procedure is supervised and the output is RSA key in PKCS#8 encrypted by AES key which is securely stored in clear-text components in safes (or it can be achieved the same using smart cards, PIN protected).

Then when I would like to import it into HSM, I should follow the supervised procedure on importing AES-256 key, and then importing RSA key which would not be exportable anymore, and delete the AES wrapping key.

The security of all keys should be ensured. Do you see any weak points, what would not be considered secure mainly form the WebTrust point of view?

Why is the distribution of the clustering coefficient of a random network independent of degree?

I was reading about clustering coefficient distribution, and it seems that it is independent of node degree for the case of random networks. I’m wondering why this is the case conceptually.

I do understand that the degree distribution in the case of a random network shows a Poisson behavior, but don’t understand why the clustering coefficient shows no change with degree.

Language independent protocols describing argument passing and parsing?

Scenario

I wrote a powershell installation script that passes a line of arguments to a .jar file through the command line. It comes down to:

  1. Converting an object into a list of strings
  2. Concatenating them into a single single string:
  3. Executing the `java -jar .jar
  4. Parsing the back into an object inside Java.

Several design choices I face are:

  • When I update the list of features, I will have changed the number of options the java parser should convert into the features property of the installation object. It might be wise to pass an explicit argument that contains the number of features, so that, in the future the script will immediately throw an error, if for some reason I/someone has forgotten to update the number of features that the argument parser should facilitate.
  • It feels like a work around of implementing a proper integration. It might be better to store the object as a temporary configurations.txt file that is read explicitly by the custom java parser.
  • Do I prepend every argument value with an -<argument name> or just hardCode the argument order into the argument order in both in the .ps1 script, as well as in the .jar script.

Since this is such a wide range of questions, I was wondering whether:

Question

What are the language-independent argument passing protocols?

Use hardware threads as independent cpus changes Barrier() behaviour

I am using Open MPI and C++ to try out simple programs on my laptop. When I use the 2 cores on my computer as processors, the program runs us expected. However, when I instead do –use-hwthread-cpus, it seams that I never get past the Barrier(). That is the only thing I am changing, just the way I start the program. It is the same .exe file running.

Can stories always be independent (following the INVEST principle)?

I was trying to follow the INVEST approach for our stories but frankly, the “Independent on each other” does not really makes sense. Quite often stories are building functionality upon what has been already done. For example, we have a story “As a user, I want to configure my access code” and another one “As a user, I want to activate my account”. The thing is, without configuring the access code, users cannot activate their account. Both features are independent from business perspective, you can have only your access code configured so merging them does not makes sense. However, then there is the dependency…

How can independent game-modules block system-wide behaviour

We’ve stumbled at an inconvenient design in a game and wondering, whether there is nothing simpler. The background needs some explaining so I’m sorry for the wall of text.

The setting

We have a player class. The player knows how to walk around in the world. At certain occasions, we want to disable the player from being able to walk around.

At first, we just wanted to stop our player from walking when they open the inventory menu.

The player can also walk around the world and inspect objects. This also is supposed to disable walking for the player.

Here is the problem however: You can open the inventory while inspecting an item. There was a bug: the inventory code did not know about the inspection code. As such, if you closed the inventory during inspection, the inventory code allowed the player to walk again.

Our solution

Naturally, to fix this problem we came up with a layer of indirection. It is somewhat similar to semaphores. In a nutshell our indirection is this class:

class ActionBlocker:  void Block(EBlockableAction) void Unblock(EBlockableAction)  Map<EBlockableAction, Array<Actions>> 

The EBlockableAction describes the type in-game action. For example, we have EBlockableAction::Inventory and EBlockableAction::Inspection.

When the inventory is opened, its code simply calls Block(EBlockableAction::Inventory). Likewise, when the inventory is closed it calls Unblock(EBlockableAction::Inventory). It is similar for the inspection code.

Each enum is assigned to an array of actions: each action can be performed and reversed. In the example above, one action is you can enable walking (perform) and disable walking (reverse).

The Block function goes through each action assigned to the enum and performs the action. The Unblock function tells each action to reverse.

Internally, each action has a counter of how many times it was requested to be performed. The action is only performed initially, i.e. when that counter goes from 0 to 1. Likewise, the action is only reversed, once every code that requested for that action to be performed requests for it to be reversed, i.e. when the counter goes from 1 to 0.

I hope the way the system works is clear now (if not I can further explain it).

The problem with our solution

We expanded this system across the game. The number of enum entries has grown. Each enum also has multiple actions now, e.g. there is an action to toggle mouse cursor visibility, another action for ignoring certain types of keyboard inputs, and more.

What we won: all gameplay code is independent from each other. They do not need to talk to each other to sync blocking certain types of things in-game.

What we lost: It is difficult to debug debug the overall system’s behaviour. When multiple features interact and block the same things, it is hard to know what is really blocking what.

The system is configured in a separate file. Sometimes it is not obvious that a certain gameplay action will block certain other features in the game.

It has happened on multiple occasions that we were left wondering why a certain input key was being ignored by our game. It was then often traced back to a Block call not getting made. This is difficult to debug.

My question(s)

We are looking for a more simple system than this. Do you have feedback / suggestions? Maybe you have encountered a similar scenario in the past and can enlighten your solution.

We’re left wondering whether this solution really is the way to go and it is just the nature of inter-feature dependencies that makes the system so complex, and not the code design itself…

Independent volume for Bluetooth headphones

I have Plantronics BackBeat Fit 2100 headphones. They were working fine with my Moto X4 (Android 9, May 2019 update) until this afternoon, at which point the volume controls stopped working.

Before: the headphone volume and phone system volume were independent. The phone dictated the max volume the headphones could reach. If I set the volume on the headphones to their max, I would get a “Volume maximum” message played through the headphones, but not if I set the phone volume to its max.

After: the headphone volume and phone system volume are tied together. The volume controls on the headphones don’t work at all. If I set the phone volume to maximum, I get the “Volume maximum” message played through the headphones.

I changed the developer option to disable “Absolute” volume, but this had no effect. What could have happened?

A vertex transitive graph has a near perfect/ matching missing an independent set of vertices

Consider a power of cycle graph $ C_n^k$ , represented as a Cayley graph with generating set $ \{1,2,\ldots, k,n-k,\ldots,n-1\}$ on the Group $ \mathbb{Z}_n$ . Supposing I remove an independent set of vertices of the form $ \{i,i+k+1,\ldots,\lfloor\frac{n}{k+1}\rfloor+i\}$ or a single vertex. Then, is it possible to obtain a perfect/ near perfect matching when I remove the independent set of vertices always? If not, then is it possible in case the graph is an even power of cycle?

I hope yes, as we can pair the vertices between any two independent sets of the above form or between the indpendent set and the single vertex to get a maximal matching which is near perfect(in case the order of induced subgraph is odd) or perfect(in case the order of the induced subgraph is even). Any counterexamples? Also, can we generalize this, if true, to any vertex transitive graph, that is, does there exist an indpendent set(non-singleton) of vertices, such that removing that set induces a perfect/near-perfect matching? Thanks beforehand.