log☇︎
109500+ entries in 0.061s
asciilifeform: let's posit that the proving system itself contains no errors. what classes of error do these systems claim to exclude ?
zx2c4: fiat-crypto also has a 64bit one, but the HACL* one was faster
zx2c4: our two x25519 C implementations (32bit and 64bit) are actually generated by theorem proving software, so that we're sure they dont contain any errors ☟︎
zx2c4: another advantage of DH over RSA is that ECDH allows for really short and sweet keys
asciilifeform: let's return to DH
asciilifeform: at any rate, we can come back to this piece
zx2c4: which can take entropy from trngs bla bla
zx2c4: (i've got a project going on right now to rewrite that actually)
zx2c4: in otherwords, the kernel's built-in RNG
asciilifeform: since you mentioned rng : what source of rng does your system use in a typical configuration ?
zx2c4: or some combination of the above
zx2c4: when the RNG is backdoored, the ephemerals are compromised, but not necessarily the statics
zx2c4: for example, when your static longterm keys are compromised, but the ephemeral keys have not been compromised, since they're erased/renewed every 2 minutes
zx2c4: key compromise impersonation is what happens when somebody steals your private key, and then can impersonate anybody else _to_ you
asciilifeform: expland please re the latter
zx2c4: - authentication in the first message, so that unauthenticated packets arent replied to, hence ensuring things are stealthy
asciilifeform: ( i grasp the connectionless scheme , having prototyped a similar item )
zx2c4: so for the handshake we want these properties in 1-RTT:
zx2c4: - wireguard doesnt expose any state to the administrator. there's either an interface or there isnt. theres no concept of "connection". with a very simple timer state machine, we're able to completely hide all details from the sender side
asciilifeform: how's that ? you can encipher a symmetric key in an rsagram , and that's 1 packet. then 1 packet back to ack receipt. neh ?
zx2c4: - wireguard isn't chatty. when you're not sending traffic, it shuts up and you cant tell its there
zx2c4: KEMs like RSA are more complicated to implement in as few round trips as DH-based protocols
asciilifeform: zx2c4: carry on, but after that let's come back to DH
zx2c4: ive got some more design properties to enumerate if you'd like, but i can answer your direct questions too
zx2c4: asciilifeform: i agreed to stick around for 2 hours. worry not. :P
zx2c4: - the whole cryptokey routing table thing is very important for making things extremely simple. it pairs the identity of a public key with the ip address someone is allowed to be inside the tunnel. no fancy security marks or whatever from ipsec bloat
asciilifeform: zx2c4: don't go away yet plz. i'd like to ask a few q re your crypto design
zx2c4: asciilifeform: oh cool. i havent seen this ill take a look
asciilifeform: no-dynamic-allocation is also a Good Thing, for instance in my FFA crypto lib ( http://www.loper-os.org/?cat=49 ) this property exists
zx2c4: - ease of system administration. since its interface-based, things like iptables and whatnot work as you'd expect.
zx2c4: - extremely simple configuration interface. short base64 25519 pubkeys you can paste around through any means. simple config files. everything happens on the interface level.
zx2c4: indeed. i guess you could call the property 'stealthiness'
asciilifeform: hence the interest in zx2c4's published item
a111: Logged on 2015-01-07 01:22 asciilifeform: with udp, you can make the 'friend or foe?' decision upon receipt of a single (!) packet.
asciilifeform: 'silent to unauthorized packets' is a good thing, and some of the folx here, incl. asciilifeform , are working on systems with this property (e.g. http://btcbase.org/log/2015-01-07#967274 ) ☝︎
zx2c4: - denial of service resistance. as mentioned, you should be able to put this on the outer edge of a network
zx2c4: - no dynamic memory allocation. all the memory used by wireguard should be allocated at configuration time, not in response to incoming packets.
zx2c4: - minimal state machine, as mentioned above, which means 1-RTT: if something goes wrong with a message being dropped, the solution is always to just "start over the protocol", since it's only 1-RTT. this saves amazing amounts of complexity ☟︎
zx2c4: - silent to unauthorized packets. if you dont know there's a wireguard endpoint there and don't have credentials to talk to it, you can't get it to respond to anything. so, you cant scan for endpoints. this makes it a good thing to put on the outer edge of your network.
zx2c4: then on top of that i wanted a few nice properties:
zx2c4: to make something that would make this all possible
zx2c4: wireguard is supposed to be implementable using simple algorithms with as small of a state machine as possible, so that the code size and complexity is kept at a minimum. in otherwords, it aims to be easily auditable so that people can actually read it and feel confident that it doesnt have horrible vulnerabilities. with massive codebases and highly complex designs like openvpn or ipsec, this obviously isnt possible. so with wireguard i was trying
zx2c4: are you interested in learning about the security properties i had in mind when designing wireguard?
zx2c4: it's small, minimal, has the flexibility to be exactly what i needed and nothing larger. makes conservative choices. fits into the security model i was aiming for with the implementation properties i was looking for. i was also involved with noise from very early on, so several concerns and needs i had with wireguard got factored into noise. and since noise is a very interesting framework, it's now receiving much needed academic attention in
asciilifeform: zx2c4: how did you select the 'noise' protocol ?
asciilifeform: zx2c4: it so happens that i have a few q:
zx2c4: hello. mircea_popescu asked me to come here for two hours to field some questions about wireguard from you all. i'm not very familiar with this channel or the community in it, but i am happy to talk to whomever about wireguard. so let's start the timer now?
asciilifeform: aaaand a happy cosmonautics day ( http://www.loper-os.org/?p=854 rerun!11 ) to errybody.
spyked: http://btcbase.org/log/2018-04-12#1796749 <-- that's probably my thing, I've been playing with it for the last two weeks or so, I have it in a loop grabbing feeds from republican blogs. ☝︎☟︎
a111: Logged on 2018-04-12 01:31 mircea_popescu: spyked but why would it be difficult in that way ?
a111: Logged on 2017-08-19 18:25 mircea_popescu: are you aware i think your "formal" model is a piece of shit from paragraph one ?
spyked: http://btcbase.org/log/2017-08-19#1701034 <-- /me now wonders whether e.g. http://btcbase.org/log/2017-08-19#1701034 could have been "illuminated" in any other way than through whipping. it is what it is, isn't it? ☝︎☟︎
ckang: granted im sure things are progressing, but its hard to outperform something from a billet of aluminum ☟︎
ckang: cant get behind all this 3d printer fanboy stuff, its just not a good substrate with the current materials for anything you want to last somewhat longterm ☟︎
mircea_popescu: really, 3d printed thin nozzles ?
ben_vulpes: http://p.bvulpes.com/pastes/EadTe/?raw=true << either star trek smoke and mirrors or the stuff of boyhood dreams (sabre anti freeze)
ben_vulpes: black magic, i tell you. cold-fusion grade bezzle.
ben_vulpes: ah there it is
mircea_popescu: this is what they spec.
ben_vulpes: why would the intake stream have to get that cold?
mircea_popescu: this magical heat exchanger getting air to -150 should be interesting.
ben_vulpes: basic principle is to dump the heat from intake into the onboard lh2 supply, boil a bit off to turn the pumps, and then cut over to internal supplies once out of the atmosphere.
ben_vulpes: yeah, they did some really impressive work with fine pipe drawing for the intercooler, and some Black Fucking Magic to keep hell from freezing over
ben_vulpes: awww shit reaction engines limited bezzled boeing and rolls-royce into pouring another pile of bezzlars into the sabre engine
britknee: i feel smarter having read all the stuff above but still have no clue what it means lol
mircea_popescu: http://trilema.com/2014/ill-pay-for-your-tits/ << and updated with the largest single day slutcrop yet!
trinque will get to these tomorrow, girls ☟︎
trinque: somewhere a star printer screeches with the sound of titties.
mircea_popescu: ben_vulpes do you realise the 0.5 is measured through dns and all that ? did you do same with nginx ?
ben_vulpes: you put those goalposts back
mircea_popescu: yaya. until there's some load on it./
ben_vulpes: mircea_popescu: nginx can serve hanbots in .01s, not the .6 of apache
mircea_popescu: it has nothing to do with apache ; let everyone who isn't hanbot fix their mp-wp
mimisbrunnr: Logged on 2018-04-12 06:49 ben_vulpes: hanbot danielpbarron: apache with mod_php is, sadly, much slower than the nginx setup we've had until now. however now we can move forward with getting your .htaccess files set up and uploads and such. i'm going to knock off for now but please let me know how i can support your mp-wp projects next.
ben_vulpes: i am still flabbergasted that it takes apache 2.7 seconds to render what nginx can do with the fpm pool in a tenth of a second.
britknee: they are all good ppl though who would do anything they could to help me or each other
ben_vulpes: mircea_popescu: thank you so very very much.
mircea_popescu: britknee with friends like that no wonder you're broke!
britknee: most of my friends are pretty talentless, one can sign but the rest, nothing special i know of
mircea_popescu: anyway ben_vulpes here's where you thank me profusely for having saved you dicking about with entirely nonbroken stacks for an alfternity.
mircea_popescu: speaking of friends, do you have any super talented cartoon artist friends ?
mircea_popescu: see, THAT is exactly typical and properly working.
britknee: but i have my friends who would show you their tots !
britknee: it is nice being able to do what i want every day
britknee: is that # random or does it mean anything?
britknee: i dont know if i can get them on irccloud though is only thing
britknee: wow that easy? you want my friends to? lol
sashahsas: Oh, thats right, I completely forgot about that but the name is familiar.
sashahsas: No, Louisiana had a french colony at some point I think.
sashahsas: There is also the Cajun style which is pretty interesting.
sashahsas: Nope, just heard them through media, TV, news and such.
mircea_popescu: do they come there often ?
mircea_popescu: "chinese head-breaker". this makes sense, to them.
mircea_popescu: sashahsas you don't speak french ? it's how the frenchies say "puzzle".
sashahsas: I need to download a thesaurus or dictionary to understand that sentence I think
mircea_popescu: sashahsas we here at trilema terrorist republic specialize in headhurting & casse-tete chinois.
sashahsas: That hurts my head trying to see it
ben_vulpes: ama nap, that sounds good right now
mircea_popescu: sashahsas ok, ok, how about this -- amanap : lanac a nalp a nam a
ben_vulpes: i am unsure as to how serious you are being.