132 entries in 0.137s
maqp: having to say "upper case B, lower case c".. is almost as bad as the one used in Telegram
maqp: But since users are verifying the public key over Signal call
maqp: I wonder if there's a library for that
maqp: mircea_popescu: indeed. I just figured the few extra chars were't that important, and that typing upper/lower case might make it slower. I'll have to look into that
maqp: punkman: It's a classical one-time MAC with excess key expenditure. Not a good idea I admit
maqp: That could work of course, base58 might be better as there's less similar looking chars
maqp: unfortunaltely that's the only way to prevent nation state from remotely injecting malware to transmitter device after setup
maqp: Since it's ECDHE, the security is actually 3072-bit RSA equivalent
maqp: The current version has 72 hex char key you have to manually type to transmitter device; it's similar to manually typing Ricochet/Tox ID
maqp: I tried it earlier, but the classic Diffie-Hellman had much less security and a lot longer public key
maqp: So anyway, as far as the TFC goes, NaCl is the first one to provide practical public key crypto
maqp: As far as it goes with cast iron list, it remains to be seen who's now closer to "terrorists"
maqp: Handle is mixed play with markus, nickname maku, how q is pronounced ku and p and q in crypto
maqp: !register 559FA134DE33AED70DF97D8B085ADF061C2B20CD
maqp: interesting. There doesn't seem to be a setting for that when uploading key to MIT key server
maqp: mircea_popescu: What's the prefix in front of pub key fingerprint?
maqp: i.e. I'll have to look into secure deployment when generating one.
maqp: Maybe. Provided that there are no obligations to where my project should be heading towards. I could use a cup of coffee, but it'll take some time to learn how to secure the account and endpoint
maqp: yeah, sure. I haven't had the need for it. At least yet.
maqp: I see. The problem with GPG however is the lack of deniability. I'd rather keep things off the record <:
maqp: So are you running something that signs all your IRC messages or what are we talking about?
maqp: Well, since this is a public chat room with no secrecy/authenticity, I don't really see the need at the moment
maqp: I haven't had the time to update the two other versions
maqp: thanks. I wanted to recommend you guys take a look at the TFC-NaCl that's fresh out of oven and has better design compared to OTP/CEV versions
maqp: Hey. Came to say hi after someone requested