asciilifeform: 'when choosing astrologer, hire the cheapest'☟︎
asciilifeform: i used it myself when writing rootkits.
asciilifeform: BingoBoingo: nsa uses rc6 for all 'deniable ops', because it is goodenough+short in asm
asciilifeform: there are surely people other than mircea_popescu and asciilifeform who -- have interest in subj + have the theoretical pre-reqs + seriously ready to get their hands dirty + not thralls of usg
asciilifeform: but also i was referring to ~people~ as much as to algos.
asciilifeform: (keccak or another hash can be abused as a stream cipher, but it is precisely 'retarded homebrew', i will leave the reason ~why~ as an exercise)
asciilifeform: esp. because ciphers are a blindingly obvious 'political art', where if you aren't schneier et al, you don't get printed in journals, invited to conferences, implemented by open sores monkeys, etc.
asciilifeform: i asked 'professional cryptographers of international repute' and 0 answer beyond 'here's a banana, monkey boy'
asciilifeform: especially transpositions as we know them. i'm still waiting to hear why s-boxes are fixed, rather than entirely configured by the key, ever.
asciilifeform: mircea_popescu: more dire, even, than this, we aren't dealing with 20 years of disinfo artistry, but ~70 ! hagelin, crypto-ag, etc. and the entire poppycock of transposition ciphers surviving into computer age
asciilifeform: noshit.jpg. ~same ~2dozen people involved.
asciilifeform: BUT it is in several ways, apparent to the naked eye, less retarded than aes☟︎
asciilifeform: now i will remind readers that 'serpent' is not, afaik, on any kind of scientific foundation. it was made using voodoo doll, just like every other block cipher. (what kind of doll, is described in the paper.)
asciilifeform: more or less simply declared 'history, done with'
asciilifeform: davout: it was a loud, public wank, ~impossible to 'unhappen' to any reasonable degree
asciilifeform: the political history is also rather interesting (it was on track to winning the 'aes competition', received fewest thumbs-down votes from the panelists, but mysteriously torpedoed by usg and did not win)☟︎
asciilifeform since release of FUCKGOATS, spent much time studying 'serpent' block cipher.☟︎
asciilifeform: this is for when mircea_popescu gets his botnet.
asciilifeform: Framedragger: this also. but -- slow.
asciilifeform: whereas this is elementarily reasonable.
asciilifeform: one of the hidden evils of 'of course generating key takes 10 minutes!' traditional entropy starvation -- is that nobody expects to be able to do the test where you generate 10 billion keys and make sure that the resulting keys have gcd of 1
asciilifeform: the other interesting experiment, yet undone, is to generate ssh, ssl, pgp, etc. keys on some of the other os with known-broken rng -- e.g., freebsd 2010-2014 (or when was it), possibly other
asciilifeform: the interesting bit re tropos is that it is not a konsoomer box, but infrastructural (isp, public wifi, gsm, utility sensors) and for some reason popular in orc world
asciilifeform: (it displays unremarkable ssh hello, the litmus for it uses the ssl cert that the boxes also display on 443)
asciilifeform: mircea_popescu: tropos , i recall now, was the other big one.
asciilifeform: now if someone here knew where to get a hold of even one !
asciilifeform: ditto the huawei boxes, the voip thing, whatever it was called, and the dozen or so other examples i catalogued in recent months
asciilifeform: the thing to observe here is that, e.g., mikrotik, should be susceptible to the debian treatment (enumerate the possible factors, then shoot)
