21600+ entries in 0.012s
mircea_popescu: rsa-size and serpent-size packets handled, rest discarded (and sources punished)
mircea_popescu: diana_coman 2944 bit rsa keys, meaning 1384 bit usable message space in the rsa packet ? with oaep and everything ?
mircea_popescu: alright then, ima put 1472 bytes helo packet ; meaning 2944 bit rsa keys.
mircea_popescu: am i absurd in wanting to start from 1499 rather than 1500 ?
mircea_popescu: ( and btw diana_coman it's entirely possible this will mean republic might well inherit the format, seeing how the problem we are dealing with isn't of our own make -- others will run into it too.)
mircea_popescu: let's calculate this precisely. so what size is my actual payload here, 1468 reliably ?
mircea_popescu: i'm going to re-write the rewrite of comms protocol with this new paradigm.
mircea_popescu: but yes, as far as anyone knows 2048 bit keys perfectly safe, now and for the foreseable future (this isn't a comment on koch faux-pgp, which unsafe at any length as well documented in logs qntra and so on).
mircea_popescu: im not sure anyone'd want to use his main key for this anyway
mircea_popescu: suppose i make the rsa packet 1498 bytes. this then means 2996 bit rsa. problem ?
mircea_popescu: i mean, really, 2048, not 1460 ? written in heavens or what ?
mircea_popescu: of course... if we used smaller rsa keys we could fit in the mtu...
mircea_popescu: anyway, i have no intention to deal with udp flood at gameserver level.
☟︎ mircea_popescu: asciilifeform so interface silently and timely reassembled 50kb packet out of 30 fragments ?
mircea_popescu: diana_coman well, possibly. iirc we didn't specifically check for that.
mircea_popescu: ie, mtu is two things : no smaller frame shall issue from interface ; and larger packets MAY (but don't have to) travel as multiple frames.
mircea_popescu: there's more, somewhere i say "meanwhile people figured out the complexity's not worth the saving" and etc. recurrent topic.
mircea_popescu: well, rsa packets are 4096 bits multiple ; serpent packets are multiples of 128. rsa key exchange is 16kb fix.
mircea_popescu: i can't have as many interfaces as packet types for crying out loud.
mircea_popescu: asciilifeform the problem degrades gracefully : even if you do have shared rsa key, client sometimes wants to send serpent keys (which go to rsa) and some other times wants to send plain cruft (goes to serpent). so two sizes again
mircea_popescu: server as it stands now doesn't talk to any new people, hence the "talk to mp" thing in client.
mircea_popescu: here's the bojum with that : soner or later, you gotta meet new people. the DEFINITION of "new people" is "no way to secret prior". so...
mircea_popescu: see ? it's not that i hate you, but we gotta talk of the same things to talk to any sort of productive end.
mircea_popescu: looky, we're discontinuing this discussion, because you've not taken the time to familiarize with priors and i don't judge it's worth your time to do so, or mine to make you do so.
mircea_popescu: i am not so interested in holding on to chunks of future.
mircea_popescu: asciilifeform and the attacker sends you sequence-1 packets. and you hold them. and as i said, "doesn't take so much work to ask me to hold 16gb of chunks."
☟︎ mircea_popescu: my problem is that i can't ~not~ have 2 sizes of udp packets.
mircea_popescu: meanwhile if every single 13 byte posupdate takes 16kb... that's insanity.
mircea_popescu: this must-have magical packet of 16kb is extremely rare -- basically only sent when new client making new account.
☟︎ mircea_popescu: doesn't take so much work to ask me to hold 16gb of chunks.
mircea_popescu: asciilifeform nevermind that. to re-asm you gotta keep chunks.
mircea_popescu: now, if it also has 1 single size, that means the size of all packets is 16kb
mircea_popescu: 6. if you pertmit this 16kb item be chunked, you basically rebuild the tcp ddos bs long discussed here. if it has to be in 1 piece, you can always use or discard on sight.
mircea_popescu: 1. server must be able to acquire RSA key of client. 2. the rsa key of client will have to go in a rsa message, because they presumably don't have serpent keys agreed upon ; 3. the payload for one chunk of rsa key is 1960 bytes, fixed ; 4. the size of a key is 3.x such 1960 byte chunks, meaning 4 chunks. 5. the size of a 4 payload message is 16kb.
mircea_popescu: and forcing all packets 16kb may lose us on some routes.
mircea_popescu: asciilifeform because the largest packet we ~need~ is 16kb
mircea_popescu: padding wouldn't cost in principle, except if crypto produced then entropy costs.
mircea_popescu: anyway, re "client pays for traffic" -- yes, but message traffic not packet traffic.
mircea_popescu: so far, productive activity, but only made it up to 3.
mircea_popescu: kinda what the whole thing is all about ; moat made of earned knowledge and so on.
mircea_popescu: exactly! i agree, this is the icon of the problem. lithium batteries, everywhere. precisely-so.
mircea_popescu: "we are the premiere science and technology nothingatall in teh world!" "then how come the world series is always in fucking iowa"
mircea_popescu: so you know, "usa is the powerfulest thing ever" "reheheally" / "oh, #metoo matters" "where ?" and so on ad infinitum.
☟︎ mircea_popescu: i can also position girls with palm leaves on balcony, or just mere tits. but we'll skip this.
mircea_popescu: yes but i don't have problems with the elements at my desk.
mircea_popescu: if we ever end up doing our own network, i utterly want this patched out.
mircea_popescu: ro generic is "bici", whip. cnut is specifically weighted item