mircea_popescu: i don't think i follow.

mircea_popescu: asciilifeform importantly, re the test above : not the ~factors~ must be tested, but the actual composite p or q, as reconstructed from the factors.

mircea_popescu: and i have a good mind to mandate eucrypt impl of m-r actually uses 2^8 ie 256 as minimum.

mircea_popescu: ie gpg is wasting its time with "oh, let's see if 2 is a witness".

mircea_popescu: for the record, if n = 2 ^ 2048, that limit is ~238.728599954.

mircea_popescu: (for the record : it is a fact that there exist infinite composites so that their SMALLEST witness is at least ln (n) ^ 1/(3 * ln (ln(ln(n))). yet "cryptography community" keeps doing this small witness bs.)

mircea_popescu: iirc there was a "study" showing how "it is enough to test these" for whatever size.

mircea_popescu: so the recipe would be, "for every composite N, sort the factors so as to obtain two 2048 bit chunks ; then check whether 2, 3, 5, 7, 11, 13, 17 are strong liars for the item.

mircea_popescu: it is testable, yes.

mircea_popescu: this is what i say : reconstruct the original two "primes" of which at least one wasn't ; then see which of such items have in fact low primes as strong liars.

mircea_popescu: a composite that passes a low round m-r can be composite of >2 factors np.

mircea_popescu: it'd be worth it at this point to see which of the composite "primes" have the whole set of primes under say 29 as strong liars.

mircea_popescu: asciilifeform at this point there's little doubt in my mind that >0 of the items cracked by phuctor were bona-fide keys, composite slipped past the 4+1 round m-r.

mircea_popescu: and so we'd like to have an alternative, if for no reason then just to have it.

mircea_popescu: this'd be a special alternate because we're very unhappy with the fact that a) "everonye" (=usg) uses m-r and b) evidently lies about the strength assumptions.

mircea_popescu: it is not THAT slow.

mircea_popescu: asciilifeform for my curiosity, run the above linked c++ gmp item

mircea_popescu: yes. if you want you cal look up tje log for ben_vulpes ' item or else write your own in cl and compare after.

mircea_popescu: so do that first ; then.

mircea_popescu: esthlos i'd love for you to be able to jump straight into this ; however there's some groundwork to be laid. look into the V system, because ideally you'd be presenting the finished item as a patch on diana's eucrypt lib. and asciilifeform is working on and publishing a final FFA which is what we intend to use here.

mircea_popescu: so he has something to work on, rather than wait for tutorial completion, is the logic

mircea_popescu: rather than being all negative!!!, got a review copy of ffa somewhere to pass to esthlos ?

mircea_popescu: it's not THAT bad.

mircea_popescu: at this juncture having options is the right move. let user decide.

mircea_popescu: asciilifeform tell you what, m-r as found in gpg, with its "12" that are really 11 witnesses is worthlessly useless. ☟︎

mircea_popescu: esthlos look through the various FFA items as pasted by asciilifeform first ; to get an idea what the item is like. so you don't have to wait till he's finished publishing it all

mircea_popescu: !#s totient

mircea_popescu: do i get a closed set to pick amongst ?

mircea_popescu: http://yves.gallot.pagesperso-orange.fr/arbregen.html << tho apparently there's a genealogy tree going back to 1600s, so how bad can it be.

mircea_popescu: http://yves.gallot.pagesperso-orange.fr/src/aks_gmp.html << supposed c++ impl ; though i have nfi who gallot fellow is. ☟︎

mircea_popescu: come to think of it.

mircea_popescu: actually it's possible bernstein had a variant too.

mircea_popescu: given n > 2 and a coprime to n, n is prime only if (x+a)^n mod-congruent x^n+a (mod n)

mircea_popescu: you know, three indian kids got a godel prize a decade ago for the first ever primality test that's deterministic, polynomial and unconditional

mircea_popescu: or rather 4.6e-10 as the case may be, since you need two.

mircea_popescu: diana_coman should prolly add a comment in there pointing out to people who are making keys for serious use that 1e-10 is really not nearly good enough.

mircea_popescu: seems a gratuitous (but not readily computable) degradation of the 4^-k outer bound.

mircea_popescu: in other news : the mpi m-r implementation has a fixed witness at 2.

mircea_popescu: phf you know, that pretty graphing item

mircea_popescu: http://btcbase.org/log/2017-12-18#1753256 << no. the naive bare life (bios as opposed to zoon, see http://trilema.com/2014/it-all-depends-on-what-power-means/#selection-109.0-106.2 ) approach is that sunken costs matter. this feeds right into shaw above. whereas any gambler worth two shits knows you... fold when you know it can't win, not when you judge you can afford to lose "your" share of the pot. ☝︎

mircea_popescu: this is the true meaning of being wealthy, when your wealth stays wealthy for longer than the world stays active. they run out of puff afore you run out of dosh

mircea_popescu: and as bonus lulz, we'll never know whether i would have actually paid the whole length or not.

mircea_popescu: faff. i didn't even know that was a word.

mircea_popescu: ben_vulpes this is why artificial intelligence will never be able to compete with the genuine article.

mircea_popescu: or as the orthodox tradition says, "durerea-i ziditoare"

mircea_popescu: move into the pain not away from it. pain is good for you.