Thursday, December 27, 2007

Meeting: 26 Dec 2007 (w/ supervisor)

Agenda: Proposal Review, Requirements for Final Report, Meeting Minutes, First Presentation and System Design/Implementation

The following were discussed:

  • Review on proposal
    Supervisor has reviewed our proposal v1.0 and highlight to us some of the points
    - missing page numbers
    - literature review need to be shifted to appendix

  • First presentation
    Check with Supervisor about the first presentation requirements.
    - everyone must know the architecture structure
    - everyone must know each others parts (understand)
    - simple demo on product prototype (if possible)
    - power point slide for presantation
    - 10 to 15 minutes duration
    - key features of the products
    - what it so special compare to the market products

  • Calculate brute force timing during Implementation
    - to check our characters length long enough to counter brute force attack
    - the amount of resources required (whether reasonable or not)
    - Captcha challenge charectors length is set to 6 charectors
    - 36 x 36 x 36 x 36 x 36 x 36 = 2,176,782,336 possible formation

  • Secure web data transfered and communications
    - Secure Sockets Layer (SSL) was propsed as the cryptographic protocols that provide secure communications on the Internet for web browsing and data transfers
    - Certificate can be generated by us without officially registering

  • Random generator for CAPTCHA Design
    Some knowledge shared by Supervisor on the random generator algorithm.
    - Time can be used as the seed value for random generator.
    - Usually for the random generator, there is a seed input.
    - For instant, if seed value is "1234", random generator will always produce the same sequence of random output that is generated base on the seed value after re-start application and the same sequence will appear.
    - To avoid this, time can be used as the seed value as time is changed every seconds.
    - Hence it will be difficult for the attacker to guess the next output based on the current output.

  • Limitation by WAP browser issue.
    WAP browser only provides basic services and does not support rich content web application. It limits captcha design ideal as it only support still image format. WAP standard is also seldom used by the market in current days.

    Conclusion:Supervisor will check with Adrian Choo to confirm the project requirement on WAP application.


Attendence:
- SEAH CHOON YEE, SEBASTIAN
- CHEE SUEN SIANG, ALAN
- CHIA U-MENG, ADRIAN

Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)