Elliptic-curve cryptography (ECC)


Elliptic-curve cryptography (ECC)

finding the discrete logarithm of a random elliptic curve element with respect to a publicly known base point is infeasible: this is the "elliptic curve discrete logarithm problem" (ECDLP). 

Applicable for 
ECC Key length comparison with RSA Key length. 


RSAECC
512112
1024160
2048224
3072256
7680384
15360512


Elliptic Curve

Public Key Cryptography



PKI (Public Key Infrastructure) 

  • CA (Certificate Authority) binds public key with identity. = TTP Trusted Third 
  • Party. E.g. Symantec, Comodo, GoDaddy
  • OSCP Responder
  • RA (Registration Authority) = subordinate CA in Microsoft PKI. 
  • VA (Validation Authority) 
  • Central Directory to store index keys
  • Certificate Management System
  • Certificate Policy
Method of certification

1. CA

2. Web of Trust. E.g. PGP (Pretty Good Privacy) and GnuPG
3. Simple Public Key Infrastructure (SPKI). Authorization loop : verifier = issuers 

Open Source implementation of CA



  • OpenSSL is the simplest CA and tool to build PKI enabled apps. C. Part of all major Linux distributions, 
  • EJBCA is a full featured, Enterprise grade, CA implementation. Java. 
  • OpenCA is a full featured CA implementation 
  • XCA is a graphical interface, and database. 
  • (Discontinued) TinyCA was a graphical interface for OpenSSL.
  • XiPKI CA and OCSP responder. With SHA3 support, OSGi-based Java.
  • IoT_pki is a simple PKI. Python cryptography library
  • DogTag
  • gnoMint
  • EasyRSA, OpenVPN's command line CA utilities using OpenSSL.
  • r509
  • Boulder is an automated server that uses the Automated Certificate Management Environment (ACME) protocol.
  • Windows Server : Active Directory Certificate Services.
Free digital certificate for public by CA

  • CAcert  https://en.wikipedia.org/wiki/CAcert
  • Let's Encrypt. https://en.wikipedia.org/wiki/Let%27s_Encrypt
Tools

Standards

Public Key Cryptography Standards : https://en.wikipedia.org/wiki/PKCS
Cryptographic Message Syntax :  https://en.wikipedia.org/wiki/Cryptographic_Message_Syntax and RFC 2315, RFC 2360, RFC 3369


Books

1. Introduction to cryptography and network security



2. Cryptography theory and practice

3. Field Arithmetic 

4. Problems in the Theory of Modular Forms



Kubernates - practicals



To get more practical insight about internals of Kubernetes 
1.https://github.com/kelseyhightower/kubernetes-the-hard-way

2.Learn Kubernetes using Interactive Browser-Based Scenarioshttps://www.katacoda.com/courses/kubernetes

3. 


Free course : “Kubernetes Hardway”



4.
Hands-on with Minikube: single node kubernates cluster

To install Minikube : 

https://gist.github.com/osowski/adce22b01fadd6e2bc3331c066d7d612

Then execute command:

minikube start

Now play around with Minicube with kubectl

Overview of kubectl
https://kubernetes.io/docs/reference/kubectl/overview/

kubectl Cheat Sheet
https://kubernetes.io/docs/reference/kubectl/cheatsheet/

istio


istio

Micro-service mesh management framework

It provides a uniform way to connect, manage, and secure microservices. It supports managing traffic flows between microservices, enforcing access policies, and aggregating telemetry data, all without requiring changes to the microservice code.

Benifit
=======

* A/B testing, 
* canary releases, 
* failure recovery, 
* metrics,

Key Capablity

* Traffic Management 
* load balancing, 
* rate limiting, 
* Observability
* monitoring
* Policy Enforcement 
* access control,
* load balancing, 
* Servie identity and security
* service-to-service authentication, 
* discovery of services, 
* end-to-end authentication.
* Platform Support
* Cloud, 
* on-premise, 
* Kubernetes, 
* Mesos
* Integration and Customization : integrate with existing solutions for 
* ACLs, 
* logging, 
* monitoring, 
* quotas, 
* auditing 
* etc.

Istio pre-configured addons
==========================

* Grafana : dashboard to visulize service mesh traffic data
* Prometheus : to query istio metrics 
* ServiceGraph :  generating and visualizing a graph of services within a mesh
* Zipkin : distributed tracing system

Architecture
============

1. Data plane : 
set of intelligent proxy (Envoy)
2. Control plane :
manage and configure proxy 
to route traffic
to enforce policy runtime. 

1. Envoy : sidecar proxy in same pod with features : 
dynamic service discovery, 
load balancing, 
TLS termination, 
HTTP & gRPC proxying, 
circuit breakers, 
health checks, 
staged rollouts with %-based traffic split, 
fault injection, 
rich metrics.

2. Mixer: 
platform independant
flexible plugin model 
with a variety of host environments and infrastructure backend
Tasks: 
enforce access control
enforce usage policies
collect telemetry data from envoy
Mixer configuration for
attribute extractation
policy evaluation

3. Pilot 
Tasks: 
converts high level routing rules that control traffic behavior into Envoy-specific configurations
propagates Envoy-specific configurations to the sidecars at runtime
abstracts platform-specifc service discovery mechanisms
transalate service discovery to Envoy data plane API
Benefits
service discovery
traffic management
intelligent routing
A/B tests, 
canary deployments
resiliency 
timeouts, 
retries, 
circuit breakers, 
etc.
multiple environments 
Kubernetes, 
Consul/Nomad

4. istio-Auth
Authentication using mutua TLS
Built-in identity + credentials management
enforce policy based on service identity

Kubernetes


1. Design
=========

API -> Primitives (Building Blocks) for 
1. deploy 
2. maintain 
3. scale 
apps. 

1.1 Pod
=======

* Scheduling unit
* Pod = 1+ co-located containers. and options how container(s) should run
* Pod has unique IP within cluster. 
* Can be managed by Kubernetes API or controller. 
* they share storage, Linux namespace, IP address
* ephemeral and disposable
* States : pending, running, succeeded, failed, CrashLoopBackOff

1.2 Labels, Selectors and namespace
===================================

Labels

* Key-Value pair
* attached to pod and node
* grouping mechanism 

Selectors

1. Equality based selector (= and !=)
2. Set based selector (IN, NOT IN, EXISTS)

Namespace

Multiple virtual cluster backed by same physical cluster. 
To divide cluster resources among multiple user using cluster quota. 
K8S has default namespace


1.3 Controllers
===============

* Manage a set of podes as per "Labels and Selector"
* reconciliation loop drive cluster state from actual to desirable 
* Benefits
1. App Reliability
2. Scalling
3. Load Balancing
E.g 
1. Replication controller: to scale up and down. Maintain correct number of pods. Now it replaces by Deployment Controller and raplicaset. 
2. Deployment controller : Declarative updates (YAML file) for pods and replica set. It updates PodTemplateSpec. So new Replicaset is created with new version of pod. If not OK, rollback to old Replicaset. 
3. Daemonset controller to run 1 pod on 1 node, 
4. Job controller 
5. endpoints controller, joins service and pod together,
6. namespace controller, 
7. service accounts and token controller for access mgmt
8. Node controller to manage worker states.


* Kind of controllers
Replicasets
Deploymnets
DaemonSet
Jobs
Services 


1.4 Services
============

* set of pods works together, E.g. tier in multi-tier
* set defined by labels & selector.
* service discovery by Kubernetes

2. Architecture
===============

* Master-slave

Master node is controlled by kubectl
Kubectl has kubeconfig file that stores : server information, authentication information to access API server
For production, min 3 node cluster. 


2.1 C-plane
===========

2.1.1 etcd
==========

* key value data store
* configuration data of cluster
* represent overall state of cluster
* other components monitors changed at etcd
* it stores : job scheduling info, pod details, storage information etc.

2.1.2 API server
================

* JSON over HTTP
* Validate REST request and update API objects's state at etcd
* so client can configure workloads, containers across the worker nodes

2.1.3 Schedular
===============

* plugable 
* match resource "supploy" to workload "demands"
* select nod to run pod
* inputs
- resource availability
- resource utilization
- resource requirement
- QoS
- afinity requirements
- anti-afinity requirements
- data locality 
- policy
- user specification 

2.1.4 controller manager
========================
* process to run (1) Daemonset controller (2) Replication controller and many more as per section 1.3
* communicate with API server to create, update, delete (1) pod, (2) service end points (3) etc.

2.2 Kubernetes Node
===================

= Worker = Minion 
* run container runtime. e.g Docker and below components

2.2.1 Kubelet (K8S Node Agent) 
=============

* hearbeat for health of node.
* it communicate with API server to see if the pod is to be run on this node. 
* If yes, it executes pod containers via container engine
* it mounts and run pod secrets and volumes. 
* it respond back the pod and node states to API server, after health check ( / master node) 
It used Podspec YAML file, that describe a pod
API Server / HTTP endpoint / File

2.2.2 Kube-proxy
================

* n/w proxy + load balancer
* route to container based on IP + port
* Process on all worker node
* 3 modes
1. User space mode
2. iptables mode
3. ipvs mode



2.2.3 cAdvisor
==============

Agent to collect resource usage. 

2.2.4 container tooling 
=======================

e.g. Docker

2.2.5 supervisord
=================

Restart component, as and when needed. 


Other alternatives
==================

  1. Docker Swarm
  2. Kubernetes To get started : kubernetes.io
  3. Mesos Marathon
  4. Amazon ECS (Amazon EC2 container service)
    1. Task == Pod
    2. It has its own repository. 
    3. Task can be part of CloudFormation stack. Task, Queue, EC2 Volume all together in CloudFormation to start and to cleanup
    4. To get started https://aws.amazon.com/ecs/
  5. AWS Fargate https://aws.amazon.com/fargate
  6. Google Kubernetes Engine (^L = clear = cls at Google Cloud Shell)
  7. Microsoft Azure Kubernetes Services (AKS)
  8. Hashicorp Nomad
  9. Cloud Foundry
  10. Rackspace
  11. Oracle Cloud Infrastructure 
  12. Docker Compose : Single machine. Not for large scale. With one command, "docker compose up" it will bring up : containers, volumes, networks
  13. Rancher
  14. Nomad


To get started : kubernetes.io

Artificial Intelligence / Machine Learning : Videos


1. Home AI Info

https://www.youtube.com/channel/UCWOC-Lp9ZpwDKlp6RylVuOg/playlists

https://www.youtube.com/channel/UCWOC-Lp9ZpwDKlp6RylVuOg
http://homeai.info/videos/

2. Intel Nervana


https://www.youtube.com/channel/UChQAxUd_onSPjBejB_Awk7Q

https://www.youtube.com/channel/UChQAxUd_onSPjBejB_Awk7Q/videos
https://www.youtube.com/channel/UChQAxUd_onSPjBejB_Awk7Q/playlists

3. sentdex


3.1 ML with Python :

https://www.youtube.com/watch?v=OGxgnH8y2NM&list=PLQVvvaa0QuDfKTOs3Keq_kaG2P55YRn5v

3.2 Image Recognition

https://www.youtube.com/watch?v=hbL_FTEZSyY&list=PLQVvvaa0QuDffXBfcH9ZJuvctJV3OtB8A

3.3 ML for trading

https://www.youtube.com/watch?v=v_L9jR8P-54&list=PLQVvvaa0QuDe6ZBtkCNWNUbdaBo2vA4RO

3.4 Creating a Chatbot with Deep Learning, Python, and TensorFlow
https://www.youtube.com/watch?v=dvOnYLDg8_Y&list=PLQVvvaa0QuDdc2k5dwtDTyT9aCja0on8j

3.5 Unconventional Neural Networks
https://www.youtube.com/watch?v=a7Og0ImTg9Q&list=PLQVvvaa0QuDdfN3lrO0NDYxa1JwCYes-E

3.6 Deep Learning in the Browser with TensorFlow.js
https://www.youtube.com/watch?v=Bc8UC_m7M_Y&list=PLQVvvaa0QuDcsopCRwbxxVZtJmHplV3uZ

3.7 Deep Learning with Python, TensorFlow, and Keras tutorial
https://www.youtube.com/watch?v=wQ8BIBpya2k&list=PLQVvvaa0QuDfhTox0AjmQ6tvTgMBZBEXN


4. Fast AI online courses

https://www.youtube.com/watch?v=Th_ckFbc6bI


5. NLP

https://www.youtube.com/watch?v=OQQ-W_63UgQ&list=PL3FW7Lu3i5Jsnh1rnUwq_TcylNr7EkRe6


6. Stanford University lecture series on convolutional neural networks
https://www.youtube.com/watch?v=vT1JzLTH4G4&list=PL3FW7Lu3i5JvHM8ljYj-zLfQRF3EO8sYv

7. Neural Networks series : https://www.youtube.com/watch?v=aircAruvnKk&list=PLZHQObOWTQDNU6R1_67000Dx_ZCJB-3pi


8. Machine Learning & Deep Learning Fundamentals: https://www.youtube.com/watch?v=_N5kpSMDf4o&index=7&list=PLZbbT5o_s2xq7LwI2y8_QtvuXZedL6tQU


8. Video Lectures


All : http://videolectures.net

AI for Good Foundation : http://videolectures.net/ai4good/
Machine Learning: http://videolectures.net/Top/Computer_Science/Machine_Learning/
Artificial Intelligence : http://videolectures.net/Top/Computer_Science/Artificial_Intelligence/

9. Intel AI DevCon 2018


https://aidc.gallery.video/category/videos/all-videos


10. NVIDIA Developer Connect


 https://drive.google.com/drive/folders/1-er_ORBUGr37dmM2owujO821_l1BmwC9?usp=sharing


11. Amazon opens up its internal machine learning training to everyone: 


https://www.engadget.com/2018/11/26/amazon-opens-internal-machine-learning-training/?yptr=yahoo



https://aws.amazon.com/training/learning-paths/machine-learning/

12. Codebasic YouTube channel 

12.1 Machine Learning Tutorial Python

https://www.youtube.com/watch?v=gmvvaobm7eQ&list=PLeo1K3hjS3uvCeTYTeyfe0-rN5r8zn9rw

13 Cristi Vlad YouTube channel


13.1 Neural networks and Tensorflow

https://www.youtube.com/watch?v=HjCB_hpPhpI&list=PLonlF40eS6nxsfQMKdUdUDcmQg_TzSdS9

13.2 Artificial Neural Networks with Python

https://www.youtube.com/watch?v=d1qVR_xbmn4&list=PLonlF40eS6nyYmALgj2sFMFMJF0nHwJ0M

13.3 Machine Learning with Scikit-Learn

https://www.youtube.com/watch?v=mHEC8tB9ZCc&list=PLonlF40eS6nynU5ayxghbz2QpDsUAyCVF

14. Manuel Amunategui YouTube channel

https://www.youtube.com/user/mamunate/videos

15. deeplizard YouTube Channel


15.1 Reinforcement Learning

https://www.youtube.com/watch?v=nyjbcRQ-uQ8&list=PLZbbT5o_s2xoWNVdDudn51XM8lOuZ_Njv

15.2 Deep Learning with PyTorch
https://www.youtube.com/watch?v=v5cngxo4mIg&list=PLZbbT5o_s2xrfNyHZsM6ufI0iZENK9xgG

15.3 TensorFlow.js Deep Learning with JavaScript
https://www.youtube.com/watch?v=HEQDRWMK6yY&list=PLZbbT5o_s2xr83l8w44N_g3pygvajLrJ-

15.4 Machine Learning and Deep Learning Fundamentals
https://www.youtube.com/watch?v=gZmobeGL0Yg&list=PLZbbT5o_s2xq7LwI2y8_QtvuXZedL6tQU

15.5 Keras
https://www.youtube.com/watch?v=RznKVRTFkBY&list=PLZbbT5o_s2xrwRnXk_yCPtnqqo4_u2YGL

16 "Machine Learning with Phil" YouTube channel

16.1 Deep Reinforcement Learning
https://www.youtube.com/watch?v=RfNxXlO6BiA&list=PL-9x0_FO_lgmP3TtVCD4X1U9oSalSuI1o

16.2 Reinforcement Learning in OpenAI
https://www.youtube.com/watch?v=ZipAjLSNlQc&list=PL-9x0_FO_lglnlYextpvu39E7vWzHhtNO


16.3 CNN in Tensorflow
https://www.youtube.com/watch?v=iRH8DslFHT8&list=PL-9x0_FO_lgmVvwAGaCY9fWvrlr_flhqo

16.4 How To Code A Neural Network From Scratch
https://www.youtube.com/watch?v=jmQwYVeCUVI&list=PL-9x0_FO_lglas4qwPt2n-hgY2Wd3xKqs

17 "Tanner Gilbert" YouTube  channel

17.1 Keras
https://www.youtube.com/watch?v=sPm-fNL95Us&list=PLoY9f-5DCBllMdKJtDewkggsARqGqadeX

17.2 TensorFlow.JS
https://www.youtube.com/watch?v=fSNWOaGmXuo&list=PLoY9f-5DCBllVeNcdYH8Hkfe327yZlMlm

17.3 RNN
https://www.youtube.com/watch?v=2GHcSDDZYGg&list=PLoY9f-5DCBllEFpW5foEWN3PJc_10PYT4

17.4 sklearn
https://www.youtube.com/watch?v=Lfz1qheTXOE&list=PLoY9f-5DCBln7ZsL4n9tFgGS0BXz5gXXR

17.5 CNN
https://www.youtube.com/watch?v=fMBu35M8Ppo&list=PLoY9f-5DCBllIdB11jtB9E_aK6etWEZxG

18 Siraj Raval YouTube Channel

18.1 TensorFlow
https://www.youtube.com/watch?v=2FmcHiLCwTU&list=PL2-dafEMk2A7EEME489DsI468AB0wQsMV

and many more

Machine Learning online courses


1. Machine Learning

2. Deep Learning

3. Convolutional Neural Network : CS231N

6. Intro to Machine Learning

7. Distributed Machine Learning with Apache Spark

Machine Learning


Today, Let me share a list of website related to Machine Learning.This list is created by referring to dhilipsiva@gmail.com 's e-mails to BangML meetup group. Acknowledged.