1500+ entries in 0.279s
mircea_popescu: basically the scheme is, you rsa a random bitfield, then you expand that into as much
otp as you want by doing recursively Fi = hash(bitfield + Fi-1). there's a limit on i, obviously, which can be set to 1.
☟︎☟︎ mircea_popescu: i don't get it. so you get hdd 1, make 5 copies, i capture one, start grinding it into an
otp. so do you. if my computer is 10% faster i'll have the i+1 10% faster than you will.
mircea_popescu: you make
otp 1 and 2, and send 2 to china. i take 2 and make 3 and 4, pass off 3 as 2 and keep 4.
a111: Logged on 2017-09-28 09:39 mircea_popescu: not necessarily the specific example. but yes, symmetric cipher always reduces to a "parametrized
otp".
mircea_popescu: not necessarily the specific example. but yes, symmetric cipher always reduces to a "parametrized
otp".
☟︎ mircea_popescu: to voice self say !!up to deedbot in pm, then decrypt the thing he gives tyou and say !!v to him with the
otp trinque: the thought re
OTP is if I don't force people to verify one, I'm letting allcomers generate "chosen-plaintext" for a particular key
a111: Logged on 2016-05-31 19:51 asciilifeform: not a single symmetric cipher other than
otp has ever been proven to be worth a sparrow's fart.
mircea_popescu: but outside of this, "has T told X about Y's
otp" is very much a "you wouldn't download a car" type of problem.
a111: Logged on 2017-08-06 05:36 mircea_popescu: trinque re last para, what's wrong with you know,
http://btcbase.org/log/2017-08-03#1693444 ? basically replace "The user decrypts the ciphertext and returns the cleartext
OTP to D, which relays it to T, meanwhile revealing it to L. T replies to D with either "OK" or "FAIL", and a transaction is complete." with "T sends hash(C) to L, encrypted(C) to D. The user decrypts the ciphertext and returns the cleartext
OTP to D, which
a111: Logged on 2017-08-06 05:36 mircea_popescu: trinque re last para, what's wrong with you know,
http://btcbase.org/log/2017-08-03#1693444 ? basically replace "The user decrypts the ciphertext and returns the cleartext
OTP to D, which relays it to T, meanwhile revealing it to L. T replies to D with either "OK" or "FAIL", and a transaction is complete." with "T sends hash(C) to L, encrypted(C) to D. The user decrypts the ciphertext and returns the cleartext
OTP to D, which
mod6: mike_c: it's now ``!!up'' and ``!!v <
OTP>''
PeterL: and so it uses your proposed "virtual
otp" straight rsa encryption
mircea_popescu: relays hash(it) to T and L. T replies to D with either "OK" or "FAIL", and reveals (C) to L. L calculates hash(
OTP) and compares it with what D sent."
mircea_popescu: trinque re last para, what's wrong with you know,
http://btcbase.org/log/2017-08-03#1693444 ? basically replace "The user decrypts the ciphertext and returns the cleartext
OTP to D, which relays it to T, meanwhile revealing it to L. T replies to D with either "OK" or "FAIL", and a transaction is complete." with "T sends hash(C) to L, encrypted(C) to D. The user decrypts the ciphertext and returns the cleartext
OTP to D, which
☝︎☟︎☟︎ trinque: in order for a log of OTPs to be meaningful, in that it asserts a particular person assented to an action at a given time, gotta know the
OTP corresponds to the item sent to that person. the way I've been thinking about that is encrypting the
OTP with two keys, one of which I hold; the other belonging to the outside party
trinque: ah now I recall what might reduce the print audit's usefulness. it means visual inspection of the encrypted items, as well as OTPs. logger box has to first see the encrypted item, second, corresponding
OTP, and then this log has to be verified by someone who can (elsewhere) crack open the encrypted ones and match up the OTPs.
trinque: funny thing was I'd already considered having the
OTP box burn a CD as it went along, just shitter printing without visual inspection.
a111: Logged on 2017-08-03 17:41 trinque: if there were a hardware-only way of logging what traveled over that serial port, even better. that'd be the audit trail instead of the
OTP box's disk.
trinque: if there were a hardware-only way of logging what traveled over that serial port, even better. that'd be the audit trail instead of the
OTP box's disk.
☟︎ trinque: ah probably string of command, since folks need to see what it is they've gotten an
OTP for. at any rate, still not branch-causing.
trinque:
otp box can be msdos over serial port, input parsing is trivial (key parameters, hash of command; so all numeric - none causing branching)
trinque: the
otp part discussed here stands alone, though. a rather dumb piece of software can keep track of encrypted OTPs it dispatched, the corresponding command (which sits in the encrypted item), and when it got the
OTP back.
trinque:
otp generator can keep an audit trail, which can be run out of band when moving actual coin.
trinque:
http://btcbase.org/log/2017-07-14#1683508 << apologies, this is going to take another weekend. the bot wallet service is done, but it occurs to me that it'd be wise to separate the
OTP generation from the rest of the services. on one side, a big, complicated wonder of modern computing; on the other, a simple box connected by serial port which can receive
OTP requests, generate them, and confirm/ignore OTPs.
☝︎ daffadil: This might be interesting to some: "DNA based Random Key Generation and Management for
OTP Encryption"
mircea_popescu: it is similarily possible for last bit of xor
otp to flip only last bit of r.
sina: I assumed it was deedbot style
OTP thing
sina: I was just happy to get the
OTP working for today and will continue to increment it
sina: alright. the gossipd thingo is 0.0.1 implemented. peers can communicate, each session (fetch messages) is mediated by deedbot style
OTP with per peer-pair RSA keys (no GPG shell asciilifeform, using libtomcrypt). I wrote a tiny client to add peers, exchange keys, broadcast msgs and view stored msgs. there is a README.
daffadil: +mircea_popescu so I don't need to do anything with that deedbot
OTP message?
daffadil: don't understand the "Get your
OTP" message from deedbot, whose key encrypted it?