tmsr - Search: i

23500+ entries in 0.172s

asciilifeform: https://www.cl.cam.ac.uk/~rja14/Papers/serpent.pdf ( pdfturd! ) << near as i can tell, is the 'full paper' referred to in the 'short'

asciilifeform: so then i go an' reread the paper, and whole thing is in this style. 'oh i picked the sboxes based on shuffling des's and rejecting the variants that keep bits in position toomuch' but where IS this scratch work posted?? apparently nowhere.. )

asciilifeform: mircea_popescu, diana_coman , el al -- what am i missing ?

asciilifeform: i still dun grasp why the fuck the author used this adhocism, with 1way propagation, rather than an actual hash (and 'because all other blockciphers did' is not an answer.. )

asciilifeform: or hrm, nm, i'm thick, after all

asciilifeform: for I in 0..131 loop W(I) := Rotate_Left(W(I-8) xor W(I-5) xor W(I-3) xor W(I-1) xor 16#9e3779b9# xor Unsigned_32(I), 11); end loop;

asciilifeform: mircea_popescu: i have a serious wtf re serpent, and neither the s.mg/classic ada, nor the orig paper, has helped me to make sense of it, and i'm suspecting that i'm thick... so here it is:

BingoBoingo: asciilifeform: I do have difficulty with that as well. Anyways people, no platforms.

asciilifeform: BingoBoingo: i have difficulty picturing the derps actually ponying up the coin to cover the not-insignificant cost of housing their rezistenta prin cultura idjitmagnet. but whoknows.

BingoBoingo: Anyways, if Gab somes knocking, I will try to get a price for them. Considering they were hosted on MS Azure for a long time, it is hard to tell if they can fit at any price or if their all comers deal makes them dependent on cheap Fort Mead bandwidth

asciilifeform: i suspect that they can no longer afford the 'luxury' of pepsi.

asciilifeform: there is, for instance, an Official cap on benjies, iirc 10k. but nobody ever counted'em in any usg airport i've been to, for so long as they fit in wallet

mircea_popescu: more power to 'em. i always carried rsa'd dumps.

asciilifeform: the concept of 'terror cell' that has 1-800 pnoje also, i suspect, throws the gears out of alignment. 'but where is the seekrit inner one, where they mix sarin', i expect, is the eternal itch.

asciilifeform: from what i can tell, their entire concept of 'terror suspect' is a hardcoded enumeration of largely accidental/stylistic features, e.g. 'bearded camel fucker', 'weev', 'loud activist'

asciilifeform: ( i was speaking of the lul where they give you a subscription that opens the no-customs door on the way back ~into~ reich )

asciilifeform: i can picture

asciilifeform: mircea_popescu: funnily enuff, dun even need to be kronprinz, you pay fiddibux or i fughet how much it was

asciilifeform: btw i'll add, nobody with half a brain would cross idjit ameri-border with device + card. 1 or the other at a time.

mircea_popescu: i have 0 expectation it will do anythingf besides create a lot of idle wank in "law enforcement" circles. ☟︎

mircea_popescu: i suppose the ~usecase is where dorks think they have a right to look into your bags because you are crossing a "border".

asciilifeform: was how i pictured it.

mircea_popescu: well... keyin pw every bootup, i guess.

mircea_popescu: i suppose this is true.

asciilifeform: mircea_popescu: i considered it, yrs ago, but imho it has serious minuses in the field

mircea_popescu: asciilifeform i was thinking dips

asciilifeform: actually scrach that, it's a terrible illustration. but i dun have a good one handy.

asciilifeform: i'll point out that nobody ever booted from '32x8 block' tho, if you recall folx booted from 8 (or 9 or whatever your byte bitness) + 'forward' button, word-at-a-time

asciilifeform: in today's variation, 'hey i found a dead mermaid' 'um, this is a bloated dolphin carcass' '...'

asciilifeform: sorta like the usual 'hey i found nessie' 'wouldja like to borrow my diving gear and thermal cam?' 'mmm nessie is invisible to thermal cam and what's a diving mask' '...'

asciilifeform: i saw |\n's snippet and thought 'loox familiar' and sure enuff it was in that 2017 piece.

|\n: well not really, i'm not too much 0day-aware kind of person as well

asciilifeform: mircea_popescu: yes i recall very well. this one is genuine, tho, but one half of a rigged academi-demo, requires ~their~ microcode patch

mircea_popescu: i'd rather hang the moron flattering himself with "enemy" that tried to lose me a disk than either of these.

asciilifeform: mircea_popescu: i view block ciphertrons as a 'slightly better than nuffin' kind of tech -- would slightly rather lose a serpented disk to enemy than naked one; but that's about it

mircea_popescu: i don't even think there's anything wrong whatsoever with studying the damned thing. my reservations were strictly around investing any kind of "this is te republic's encryptodisk" flag on it\

mircea_popescu: i certainly see the point re "explore the space" ; and yes a serpent implemented as both eulora workhorse and verilog is better studied than just former.

asciilifeform: i admit, the seekrit reason asciilifeform could even be arsed to pick the thing up, is that to write serpent in maximally algebraic form might tell us sumthing useful re the weakness.

asciilifeform: if i were baking asic ( not sure why anybody would blow 'orbit' moneys on serpent asic, but for the sake of arg ) would unroll the sbox invocation the way it is unrolled in the pc serpent diana_coman is using, there'd be no reason not to have 128 or what, independent copies. but in the tight space of ice40 this is out of the question.

asciilifeform: i've gathered afaik all of the commercial demo boards with ice40, they all have 1 ea.

asciilifeform: ( and conceivably, worth sumthing even if it takes having ~two~ on the board; problem is that i dun presently have a board with 2 , to actually try )

asciilifeform: those are blocking, i.e. take multiple clocks ea.

asciilifeform: i expect the sbox won't actually be the bottleneck in a full serpentron tho

asciilifeform: mircea_popescu: as in, whether it actually sboxates at the stated 25MHz ? notyet, gotta write a serial i/o thing for it, to do this. possibly later today.

asciilifeform: in other minutiae, the terms i left in xor-containing form, can of course be expressed in not/and/or , but this resulted in seven-term ORs , which i assumed is a greater delay than to let it use a xor LUT; but this is not experimentally confirmed, and one might conceivably get better throughput if all of the terms were rewritten in the and/or/not form.

asciilifeform: btw, spoiler : i put the thing in an ice40-8k , simply did not have time to write up yet, and the fwd sbox in fact eats roughly 1/4 of the gates . which leaves the orig question wide open...

asciilifeform: it is also possible that the equations can be simplified further, i did a fairly surface job of it, mostly by hand

asciilifeform: mircea_popescu: observe also that the sbox mechanism is 'bitsliced' (i.e. the bits move only 'vertically' there ) so potentially it can be shrunk at expense of speed . so the real puzzler isn't 'does serpent fit', it can almost certainly be shoehorned, but 'with how little/much unrollage' i.e. what resulting eating bitrate.

a111: Logged on 2018-10-13 07:14 hanbot: anyway the idea is to have an exhaustive list of news outlets with their contact email made, after which i'll have her mail that blurb; i expect something like a week's turnaround, and will report when it's done.

hanbot: mod6, ben_vulpes, et al: nicoleci sent 31 emails (as per http://btcbase.org/log/2018-10-13#1861765 ) to various news outlets last night, and will report any replies here. i expect more mail to go out this week, will update. ☝︎☟︎

diana_coman: http://btcbase.org/log/2018-10-27#1866701 - ok, I'll implement it this way then and we see ☝︎

BingoBoingo: <mircea_popescu> BingoBoingo it was just a throway oneliner ic ame up with while walking off a steak, sadly no more there. << AH, I though maybe Tess Hollandaise died of excess mass and had been replaced as leader of the hamplanets by a younger, dumpier model

mircea_popescu: Mocky not particularly, but i mean... your gf or w/e.

Mocky: mircea_popescu, do you have any interest in kuwait? if so I can keep this lead warm on the back burner while I work qatar

mircea_popescu: i wont cry if every once in 256 cases you do an extra oaep that 50-50 might've not been needed.

a111: Logged on 2018-10-26 21:09 diana_coman: basically "which one has a higher octet first if I walk them from left to right?"

a111: Logged on 2018-10-26 21:02 diana_coman: asciilifeform, I guess mircea_popescu has a point: one can choose just *what* has to go through the MPI swamp and what not

diana_coman: asciilifeform, myeah, I don't claim I fully know everything that goes on in there and I quite doubt anybody does; and ftr yes, I'm not at all comfortable with the fact that I had to and have to sign it but... I have to, pretty much

asciilifeform: it was a terrifing thing, i ran away from it. and buggy, also, per diana_coman's dig, and i'm not even convinced that we know the full extent of the buggism.

diana_coman: more of a hack to accommodate the stink of MPI - not sure it's something we want in there; if anything, I guess I can see more the point to just walking the octets in the array and basically doing the comparison in Ada

diana_coman: http://btcbase.org/log/2018-10-26#1866643 - to detail this: technically speaking one CAN test top bit until it's 0 for the oaep block (hence for *sure* < modulus) but I don't think it's great mainly because: 1. this fixes one more bit 2. it's really a way bigger hammer than needed - it can start with 1 and be smaller than modulus so potentially increases the number of repeat-oaep without any good reason 3. it's not even particularly clean, ☝︎

asciilifeform: the conversions are O(bitness) tho, i dun expect they will be major dent in performance. simply ugly aesthetically.

asciilifeform: but yes, i forgot that the comparison happens after oaep

diana_coman: yes, c_wrappers that I wrote have a wrapper for precisely that mpi_compare thing among other stuff

diana_coman: asciilifeform, I gave up on using gnat's ; mainly because at previous experience things went weird quite quickly

diana_coman: basically "which one has a higher octet first if I walk them from left to right?" ☟︎

asciilifeform: it's how i wrap c-isms, also, yea

diana_coman: precisely why I preferred to make a wrapper for it so I don't import the whole stinking pile further up

asciilifeform: recently was going over ancient notes from my torture room, and it was actually on my to-do, right before i shelved the thing

asciilifeform: diana_coman: until you wrote the recent piece, i actually forgot that mpi ~didnt~ shit out ordinary octet arrays as-supplied

diana_coman: asciilifeform, I guess mircea_popescu has a point: one can choose just *what* has to go through the MPI swamp and what not ☟︎

asciilifeform: the front end aint gonna change, so potentially could, as i understand

mircea_popescu: i dunno, cunt jewelry.

asciilifeform: i suspect , was same enamel as on actual rockets..

asciilifeform: possibly moar variants than i ever saw, who even knows how many

mircea_popescu: i wish i knew how they did that, incidentally. undentable fucking enamel.

mircea_popescu: i dunno, mine had this green enamel outside

asciilifeform: it did! with the brushed coating. there was a whole story re the d00d who came up with that, but i've sadly misplaced.

mircea_popescu: yeah, same thing i got downstairs for car detialing.

asciilifeform: i have a vaguely buran-like chinese thing, with 2 holes, but it eats paper filters, typical modern sad

mircea_popescu: i was fucking scared of that thing, as a 5yo

asciilifeform: oh ha yea i recall old thrd nao.

mircea_popescu: my ~grandparents~ had a buran. though perhaps i said this

BingoBoingo: I am going to ponder this while I run some errands, inevitably seeing at least two air cooled volkswagens buffered by a vast gulf of nothing seperating them from the late model Chinese plasticars

asciilifeform: ( iirc there was an extended mircea_popescu piece re subj, but i cannot nao recall which )

asciilifeform: when sov engineers knew how to make a konsoomer item 'eternal' -- they did. ( e.g. famous 'buran' vacuum cleaner, still shows up now and again on lulzbay, when i finally move my arse to 220v country, i'ma buy it ) . when they didn't know, they made eternally maintainable .

asciilifeform: BingoBoingo: funnily enuff, when i moved to usa, i briefly got hold of the 'genuine' lego, and was somewhat disappoint

mircea_popescu: i had two trucks which together built a nice house.

asciilifeform: in retrospect i'm actually a bit surprised that they pulled off the fine molding

asciilifeform: BingoBoingo: fwiw the sov clone i had , had 100% interchangeable bricks.

a111: Logged on 2017-09-02 20:04 phf: i'd say it's more like 80s lego and modern lego (if you haven't seen, now it's all >50% custom per-toy parts, that can be snapped to a traditional lego coupling, but otherwise non-universal)

BingoBoingo: <mircea_popescu> with all the "coc" bs, i suspect ~0 white men remaining who even know how to run a technical discussion, or ot what end it is done. << Just gotta make the definition of "white men" more inclusive like the FBI is doing

mircea_popescu: with all the "coc" bs, i suspect ~0 white men remaining who even know how to run a technical discussion, or ot what end it is done.

mircea_popescu: myeah. now, if i could have a cipher that has 512 byte payload, the above "single block" thing'd be satisfied. see ?

asciilifeform: mircea_popescu: classical serpent eats 256bit key. but ( as illustrated in http://ossasepia.com/2018/02/22/eucrypt-chapter-11-serpent/ ) eats/shits 16 byte payload blox as it goes; a 4096 byte flash sector would need 8 of these, plus i suspect a 9th for the block # ( see earlier re 'known plaintext'ism etc )

hanbot: alright, i'll have nicoleci send off the first batch asap.

hanbot: in other still-using-google fun, http://btcbase.org/log/2018-10-13#1861765 << news search for bitcoin nominally yields 103M results, of which shitoogle will actually produce 290, which in turn yields ~30 non-duplicates. delayed another week i expect for spelunking. ☝︎☟︎

mircea_popescu: i thought sds came into native blocksizes and yeah sure the driver atop will let you believe w/e.

mircea_popescu: IF i had a workable understanding of block ciphers, we could bake a device-block-tailored cipher and at least have that to show god.