tmsr - Search: " T"

109400+ entries in 0.733s

zx2c4: well im still around here for another half hour or so, so feel free to lob anything more at me

a111: Logged on 2018-04-12 09:42 spyked: http://btcbase.org/log/2018-04-12#1796749 <-- that's probably my thing, I've been playing with it for the last two weeks or so, I have it in a loop grabbing feeds from republican blogs.

a111: Logged on 2018-04-12 09:38 spyked: http://btcbase.org/log/2017-08-19#1701034 <-- /me now wonders whether e.g. http://btcbase.org/log/2017-08-19#1701034 could have been "illuminated" in any other way than through whipping. it is what it is, isn't it?

mircea_popescu: http://btcbase.org/log/2018-04-12#1796976 << you know me. he doesn't know you. this makes all the difference in the world -- i can whip my slavegirls into shape because they ~love me~. people without this benefit are stuck going at snail speed, which is why "education" in the unsexualized way it's implemented publicly does not work. it couldn't fucking work. ☝︎

mircea_popescu: speaking of which and ben_vulpes boyhood dreams, ssto and so on : i dreamt last night that someone actually managed to create that true wunderwaffen material, the composite/ceramic with higher tensile strength than steel, but negligible caloric conductivity. making some iiiincredible jet engines.

a111: Logged on 2018-04-12 08:33 ckang: granted im sure things are progressing, but its hard to outperform something from a billet of aluminum

mircea_popescu: http://btcbase.org/log/2018-04-12#1796974 << yes dood, sintering is a joak in terms of material strength and high performance generally. ☝︎

a111: Logged on 2018-04-12 08:31 ckang: cant get behind all this 3d printer fanboy stuff, its just not a good substrate with the current materials for anything you want to last somewhat longterm

zx2c4: well, feel free to keep filling up my wallet, say, with thousands of coins O_o

mircea_popescu: i think if you have not enough in your wallet it drops it silently ; and if the payment's not processed yet you might have nothing in your wallet yet.

zx2c4: i wonder if that verification worked i just posted

mircea_popescu: zx2c4 mind that transfers are not instantaneous.

zx2c4: lets see if that works

mircea_popescu: so it permits indefeasible record of deeds ; something the fiat sovereigns have not yet managed.

mircea_popescu: http://deedbot.org/ << on deedbot you can register any arbitrary item ; it keeps a record that indeed your signature did so ; and it marks the time, through inclusion in the bitcoin blockchain

mircea_popescu: the deed in deedbot comes from the republican system for registration of deeds. think of it as your county clerk, you can go to him to register your wedding or business or w/e.

mircea_popescu: this is a lot more than meets the eye ; because it actually restructures conversations into a tree. things here have a depth not encountered anywhere else.

zx2c4: if you guys wind up using wireguard for part of your infra and want to support wireguard for a year, i'm always looking for large donations, etc. not sure if that's what deedbot is for exactly but that would be quite the nice deed

mircea_popescu: you can click the link and see a website-based story of the log ; the bot also reads the line referenced in conversation.

a111: Logged on 2018-04-12 16:32 mircea_popescu: now let's look at the logs :

mircea_popescu: now let's look at the logs : ☟︎

zx2c4: horrah! thanks

asciilifeform: zx2c4: he just threw a whole bitcoin into your piggy.

mircea_popescu: they are not for you ; they are for me. deedbot works an otp verification model -- you tell it to do whatever youwant, it asks you to prove you own the key, if you do it does it.

asciilifeform: zx2c4: they're for mircea_popescu to decrypt; it makes the command go.

zx2c4: no, not at all. im also not quite sure what to do with these pgp encrypted blobs i cant decrypt

mircea_popescu: zx2c4 you understand how the logs work btw ?

zx2c4: asciilifeform: oh, okay. im happy to keep going though. and if you want to be uncivilized, ill gladly accept any harshness you want to throw my way. i dont scare easilyt

mircea_popescu: zx2c4 the tls fails i bet.

asciilifeform: mircea_popescu: lol notyet, i did the 'civilized' thing as you suggested.

zx2c4: mircea_popescu: no, thought it was quite productive actually

mircea_popescu: did you two come to blows ?

asciilifeform: zx2c4: i'ma leave the rest of the session to mircea_popescu , owner of this chan, and my co-author in e.g. the FUCKGOATS auditable trng, https://archive.is/CGQkR )

zx2c4: ill try it in public here instead

zx2c4: i tried registering my key privately to deedbot but it didnt respond

asciilifeform: but it so happens that i in particular do not think much of the work of current 'pro cryptographers'.

mircea_popescu: o hey there zx2c4

zx2c4: seems like lots of things these days have testimonials

zx2c4: i havent compiled a list of Name+WrittenReview. maybe i should do that ☟︎

asciilifeform: any possibility to see who ?

zx2c4: and then since several other colleagues and cryptographers have reviewed the system favorably

asciilifeform: zx2c4: so it is not possible currently for me to learn , which cryptographers reviewed, and what they had said ?

zx2c4: then in the acknowledgement of the paper, a few others arementioned who reviewed it while it was being written

asciilifeform: i'm curious, for instance, whether any of the cryptographers observed that the arithmetical routines behind your ecc are not in fact constant time on e.g. arm.

zx2c4: i dont think they post the reviews? except that it was "accepted" to the conference

asciilifeform: happen to have a link handy ?

zx2c4: yea usually there's lots of information on the conference and board and whatnot

asciilifeform: and the reviews themselves, also ?

asciilifeform: are the reviews published somewhere ?

asciilifeform: since mentioned scrutiny : on www of 'wireguard', there is mention of 'reviewed by cryptographers' . may i ask, who reviewed ?

zx2c4: its in a much better place than just raw md5

zx2c4: i dont think hmac-md5 is anywhere near broken, actually.

asciilifeform: i don't see 'not publicly smashed to bits of just yet' as a proof of strength, given as it is true of literally every system ever devised, until the moment of public breakage

zx2c4: blake2 came from blake which went through the sha3 contest as a finalist

zx2c4: but anyway, the world has learned quite a bit since md5

zx2c4: blake is also faster than md5 which is nice

zx2c4: similar criteria - well understood, simple to implement, fast on nearly all hardware

asciilifeform: but to move on from this item : zx2c4 how did you select 'blake2' hashing system ?

zx2c4: i'd be surprised to see all 20 rounds of chacha broken

zx2c4: i'm pretty sure there's no conspiracy

zx2c4: theyre simple and fast on all hardware, and he came up with an api for using them that many developers like to use (the nacl stuff)

asciilifeform: but of djb's in particular, their sudden popularity in past few yrs also has no satisfying explanation imho.

asciilifeform: i am skeptical of all symmetric ciphers and hashes, given as there exists no scientific basis for considering any of them to be actually strong.

zx2c4: are you skeptical of djb primitives? wondering with what motivation came that question?

asciilifeform: several yrs ago i went in search of ~any~ problem that can be shown to have a ~nphard average case~ . and found none.

zx2c4: seems like there are many places and interesting ways to optimize at this point. lots of neat creative work coming out. but that with aes and whatnot, we're in a pretty good place in terms of symmetric crypto

asciilifeform: when i ask for 'reduces to nphard', obviously i cannot mean 'factoring', because its hardness is not proven

zx2c4: so anyway, im less concerned about symmetric cryptography than other things

zx2c4: but even hardness of factoring... how hard is this actually? what number theoretic advances are right around the corner? ☟︎

asciilifeform: sadly enough, there is not, as of my last look, a proof that rsa reduces to hardness-of-Factoring

zx2c4: things like RSA boil down to number theory problems. but that's in a sense scarier than the set of problems that good block ciphers tend to boil down to. because it means that those primitives have lots of _structure_, and generally structure is something that can be exploited. just look at all the amazing and fantastic attacks on things with structure. so just boiling down to a [currently considered] "hard problem" doesn't provide as much solace ☟︎

asciilifeform: ( i.e. a reduction to np-hard or for that matter ANY particular complexity class )

zx2c4: not anymore than other things in cryptography worry me

asciilifeform: zx2c4: does it bother you that no proof of strength for any symmetric cipher other than otp (e.g. aes, chacha, etc ) exists ?

zx2c4: aes is also well understood, but is neither easy to implement, simple, nor fast on all hardware

zx2c4: its also easy to implement and simple

asciilifeform: how did you settle on the use of bernsteinian cryptoprimitives ( e.g. chacha ) ?

asciilifeform: but let's come back to your product, zx2c4 :

asciilifeform: ( or see the ffa article series, http://www.loper-os.org/?cat=49 , currently on sabbatical but due to resume after i come back from upcoming biznistrip )

asciilifeform: zx2c4: i've spent the past ~2yrs writing a properly constant-time arithmetic lib. it is being slowly published. ( see earlier link to my www )

zx2c4: if you're interested in crypto primitives in wireguard in general, i can give you an overview of our implementations. the hacl and fiat code is not the only code we have in there

asciilifeform: zx2c4: most of the currently-sold intels are ok re : imul. arm, however, is not

zx2c4: i dont own any via 2000 hardware to test on

asciilifeform: zx2c4: this particular architectural sadness is not my discovery

asciilifeform: zx2c4: to observe it, you will have to hand-emplace rdtsc around it , and run on properly doctored inputs

zx2c4: if you've found an architecture attack though, please do publicise it. that sounds like it could be some really great security attack work.

zx2c4: asciilifeform: i haven't been able to observe any non-constant time multiplications on intel in that code

asciilifeform: zx2c4: phf has been fiddling with the thing's uniturd processing of late; prolly introduced bug

zx2c4: does that entitle me to deedbot btc?

asciilifeform: http://btcbase.org/log/2018-02-17#1784243 << see e.g. this discussion. ☝︎

asciilifeform: btw zx2c4 , i must regret to inform you that the code you linked, is in fact NOT constant-time on several common architectures, because it makes use of machine MUL instruction ( gcc will compile a nonconstant-operanded '*' to e.g. IMUL on x86 )

zx2c4: you mean if you just wanted to hand audit the .o that comes out of this?

asciilifeform: if i want to hand-audit it, say.

asciilifeform: out of curiosity, how big is the typical built binary for this library ? ( say, on amd64 )

zx2c4: ill show you the code

zx2c4: our discussion of HACL* and fiat-crypto pertains to the two C implementations of x25519

zx2c4: yes, there are no conditional jumps

zx2c4: by only using a limited subset of constructs which are known to be constant time

asciilifeform: how is the latter guaranteed ?

zx2c4: also, constant time