asciilifeform: imho it is by far weakest link in the ensemble.
asciilifeform: i'm willing to 'marry' rsa, but not oaep, oaep only willing to casually fuck
asciilifeform: at any rate, i dun have an obviously-superior replacement for oaep. so presently ( see my rollout calendar ) i'ma implement one. but i dispute that 'cannot be made' claim.
asciilifeform: but if it were possible to have straight rsa, rather than rsa and hash,would be stronger system ( no hash ever was proven strong, even in the sense rsa is )
asciilifeform: mircea_popescu: we have hashes cuz some thing simply cannot be done without'em ( short rsa sigs of GB inputs, etc )
asciilifeform: ( how to take plaintext, with possible known patterns, and turn it into something about which NO useful 'and bit B is X' can be said )
asciilifeform: recall the thrd that provoked mircea_popescu into making shot at own hash algo etc. orig was a stab at the generalized problem of destructurizator.
asciilifeform: it puts 9000 tonnes of load on the hash to carry.
asciilifeform: it'll turn out to suck tho if it turns out that , say, if you know 3bits of what went into a keccakization, you now know 33 of its oaepization, or the like. i dun know a proof that ~not~ this, if that makes sense
asciilifeform: tru ( if i had proofism, would post, promise )
asciilifeform: mircea_popescu: the 'proof' is iffy ( iirc we dug into this in early thrd ) but that aint the thing that makes me hairs stand up: it's that oaep introduces structurism ( for comparison, even the oldest 'all or nuffin' algo, rivest's , does not )
asciilifeform: ( current mass of compressed phuctor snapshot )
asciilifeform: i dun expect it'll be esp painful in your case, yours wont be 30+GB
asciilifeform: also iirc diana_coman and hanbot both have mp's-wp on rk , and i dun recall either of'em ever reporting OOM
asciilifeform: ( seems , at least by my lights, uncharacteristically hungry... does it really take a coupla MB of working ram , per GET , to serve up a blog ? )
asciilifeform: BingoBoingo: have you found approx how much ram it eats per request ?
asciilifeform: esp. a wwwtronic thing, where there is a readily-available graceful failure mode ( make connector wait a few sec for a free slot )
asciilifeform: ( and behave gracefully when limit hit )
asciilifeform: erry proggy should at the very least take a param for max ram guzzle
asciilifeform: imho people should not default to runaway-ram
asciilifeform: BingoBoingo: fwiw postgres doesn't, 'out of the box', have the runaway ram problem. ( it had exact opposite -- i had to coax it into actually making constructive use of dulap III's very plentiful ram )
asciilifeform: i view it rather like (i picture) mircea_popescu views his 'mpb' item
asciilifeform: possibly 1 of these days i oughta publish my kludge for making ancient wp go on postgres; but it isn't half as polished as mp's and i dunno that anyone would win from cribbing it
asciilifeform: phuctor ( and in particular, some of the 'heavier' / unusual pheatures, like search ) i baked specifically around postgres.☟︎
asciilifeform: he did pick it for a logical reason, but i cannot currently recall what it was ( prolly detailed in l0gz )
asciilifeform: http://btcbase.org/log/2018-11-15#1872279 << currently i know veeery little about mysql ( always used postgres, and at this point know embarrassingly much re the internals and tuning knobs ) -- but iirc mp's-wp requires specifically mysql, so prolly doomed to study it at some point☝︎☟︎
asciilifeform: ( plenty of folx made 'soft' raid, but those imho are worse than useless )
asciilifeform: btw for many yrs i've searched for the obvious simple gadget, a y-shaped thing that'd turn 2 or moar usb sticks into an iron raid. but still not found, dun seem like anybody ever made.
asciilifeform: jurov do you recall what it was they used ? ( or was it custom )
asciilifeform: i was almost gonna say 'we're the first to put arm64 in a dc rack' but then recalled that jurov, years ago, saw such a thing somewhere
asciilifeform: BingoBoingo: if we ever build a rk-like board from the ground up, i'ma give it at least mirror raid. but presently afaik no such thing can be had.
asciilifeform: !Q later tell ben_vulpes didja find the eggog ? you estimated 'wednesday', and the day is nearly at end..☟︎
asciilifeform: also folx, pleeez make backups! i should not even have to remind. there is not such a thing known presently as an immortal disk.
asciilifeform: mod6 pleez let me know when we can swap yours, iirc you're the last rk fella on old disk
asciilifeform: dunno why BingoBoingo felt compelled to tempt the fates
asciilifeform: i did say 'let's errybody move to new rk disks asap' , neh
asciilifeform: ( i.e. when ciphertext passed through e.g. 'dieharder' it would be indistinguishable from FG )
asciilifeform: ideal algo imho would carry at least 5 bit of entropy for erry bit of payload, and in such a way that all bits are 0/1 with exactly 0.5 prob.; and such that flipping one bit of ciphertext flips at least 1/2 of the output bits.
asciilifeform: but for general-purpose pgp replacement, conceivably could use something 'hungrier' but with 0 fixed structural bits. i'ma invite mircea_popescu et al to consider the subj.☟︎
asciilifeform: and hence prolly also is The Right Thing for other space-constrained applications, e.g. udptronic gossipd
asciilifeform: in s.mg's incarnation, carries 245 octets of payload per 512 rsablock, i.e. ~48% efficient
asciilifeform: the fixed structure elements in oaep bother asciilifeform . ( initially was gonna do destructurization differently : each bit of payload turned into 4 via rng xor, then fisher-yates shuffle, then the 'deshuffling' binarysort code is appended to message. you can prove that the output is 'all or nuffin' transform. )
asciilifeform: i was hoping to avoid baking hashing into ffa/p , but loox like it isn't escapable if we're doing oaep
asciilifeform: fortunately i dun have ~that~ problem ( instead i have others, lol )
asciilifeform: it's 1 of the coupla items i dun have yet
asciilifeform: bvt: in all srs, thx for digging it up, and if anybody finds another , plox to also post, there is room in the kunstkammer .
asciilifeform: and 'how not to crypto', pretty good illustration of the tension between 'machine proofs' and 'fits in head' (author resolved wholly in favour of the former and took a tall shit on the latter)
asciilifeform: tldr : yet-another nonconstanttime , notfitinhead piece of shit, valuable exhibit for kunstkammer of 'how not to ada'
asciilifeform: '20 phunphakts didja know on reddit! there was a mad d00d, tried to write a working os, despite not working at microshit or even having codeofconduct..' i picture.
asciilifeform: 'safely dead', so i guess makes sense, turned into harmless lolcat.
asciilifeform: i could prolly get it to run on something or other, i think i still have old 'matrox' somewhere, if we ever come to where we want this.
