asciilifeform: bureaucrats probably came in their pants, they hate the chore of key distribution, etc
asciilifeform: but one could conceive of F' being the key itself
asciilifeform: cads: with some 'hardness assumption' in the way of practically accomplishing this, yes.
asciilifeform: you have turds of a certain number-theoretical variety, that turn into plaintext when subjected to function F. F(turd) = plain. but you don't know F'(plain) = turd.
asciilifeform: (where 'anyone enciphers, only one reads')
asciilifeform: so you want something opposite to 'rsa'
asciilifeform: cads: idea probably was, you'd like to block-cipher the blob, but don't want to send a symmetric key (however contained) into the field.
asciilifeform: we'll know when an american Mitrohin or Rezun lifts the specs.
asciilifeform: mircea_popescu: angels/pinhead, etc. one could easily picture something clever (block cipher allowing direct execution of crypted instructions, without an intermediate buffer for mass decrypt) or something foolish.
asciilifeform: cads: J. was devised for some unknown, godforsaken 1980s silicon. perhaps it sat the decryptor between the memory bus and cpu proper
asciilifeform: even predominated. Actually, so far as he could judge, the majority of people in Airstrip One were small, dark, and ill-favoured. It was curious how that beetle-like type proliferated in the Ministries: little dumpy men, growing stout very early in life, with short legs, swift scuttling movements, and fat inscrutable faces with very small eyes. It was the type that seemed to flourish best under the dominion of
asciilifeform: "On the far side of the room, sitting at a table alone, a small, curiously beetle-like man was drinking a cup of coffee, his little eyes darting suspicious glances from side to side. How easy it was, thought Winston, if you did not look about you, to believe that the physical type set up by the Party as an ideal-tall muscular youths and deep-bosomed maidens, blond-haired, vital, sunburnt, carefree - existed and☟︎
asciilifeform: implication is that this achieved something more than one can get by merely hashing & signing code.
asciilifeform: cads: not so simple. you can't have the machine actually branch in any obvious sense
asciilifeform: (verified to do what you intended it to.)
asciilifeform: because the result can never be verified.
asciilifeform: you are forever doomed to trust the mechanism whereby you generated the cryptoturd.
asciilifeform: unless you are carrying out the compilation with paper and pencil,
asciilifeform: one neglected aspect of homomorphic turdcraft (let's assume that it were possible and practical in some general-'enough' case! for the sake of argument) is:
asciilifeform: cads: i reinvented the concept, as probably just about every maths student has, when first reading about Paillier's Addition and thinking 'what if you glue this to OISC - 'jump if zero' - machine.
asciilifeform: turdware vendors are mightily annoyed that the occasional consumer, 'smarter than average rabbit', pries open and exposes their turdwork.
asciilifeform: cads: look who is working on this, and why. or do i have to draw a picture.
asciilifeform: problem is (well, depending on how you look), the consumer is to be on the 'wrong end of the barrel' for this one.
asciilifeform: cads: exists (provably not in the general case, but for many particular cases, sure)
asciilifeform: garden variety winblows box could busy a thousand auditors for a thousand years.
asciilifeform: of course, no need for such shenanigans if the box is already built of 'cooperative' iron.
asciilifeform: (if cosmic rays are insufficient, someone might be so kind as to pump some ionizing strange through your server. or merely turn up the thermostat in the cage. etc.)
asciilifeform: go ahead, prove anything useful about an x86 box where an arbitrary bit might flip.
asciilifeform: it is an attempt to hide head in the sand, escape from the fact that the only way to guarantee expected function is: actual understanding
