asciilifeform: ( then we can say it is only brainamaged in the sense all sboxisms are )
asciilifeform: if all (a0..a31, b0..b31, ...) appear in the expansion, then serpent aint actually braindamaged in the sense originally contemplated by asciilifeform .☟︎
asciilifeform: mircea_popescu: loox, at least superficially, like a ok prng (for tetris at least). but how didja get the idea that it's fit for cipher ?
asciilifeform: to merit shooting, had to be either spy, or serial killer, or at least illicit gold dealer (1 afaik case , under hruschev)
asciilifeform: BingoBoingo: largely troo. with the exception of a few speshul trainflakes kept in 'психушка' , max term of imprisonment was 15y -- for instance.
asciilifeform: BingoBoingo: phunphakt -- in ye olde su, radio 'hooliganism' (as it was called) was rampant, almost rite of passage for electronics experimenters, and penalty was pretty soft by current-day reich's standards (generally limited to confiscation of the gear. which was made from junkyardwars at any rate, so not particularly big deal)
asciilifeform definitely tried to go to this zoo, gate was padlocked erry single day
asciilifeform: i gotta wonder what else they've got; maybe also a lunapark where only the employees get to ride
asciilifeform: btw, BingoBoingo , re waaay upstack -- trb 'throws bastards' from the simple reason that it doesn't keep track of peer heights, and ~always~ retransmits any block that it gets and happily welds to longchain
asciilifeform: ( i'm not actually certain why we do this test prior to bastardism, there's 0 point running any test on a block that fails do-we-have-its-father litmus . really this is leftover logic from removal of orphanage )
asciilifeform: tests for outrageous timestamps, sad pow, mutilated tx format
asciilifeform: iirc you can trivially extract next-state of mt if you get 1
asciilifeform: same observation arguably can be applied to errything else tho, so i'm not entirely sure it's a useful one.
asciilifeform: imho bitcoin is a quite poor cryptological 'mine canary' for this reason.
asciilifeform: for thread-completeness, asciilifeform will mention that he does not believe that ecc, as seen in bitcoin, is necessarily strong -- if there's a break, we won't hear of it unless somebody is catastrophically stupid -- it is analogous to those old safes that included 10 pounds of thermite for erry pound of benjie, torch it and you lose whole thing
asciilifeform: rsa & c-s (the latter, really a narrowed elgamal) are the only 2 oasis i know to exist in that desert.
asciilifeform: ( the 'intuitive' cure, 'let the primes be a sequence of primes, no prime used twice' is still breakable with fermat )
asciilifeform: mircea_popescu: multiplication with snipped off top half ?
asciilifeform: to make life even harder, rsa also suffers from 'can haz provably hard case' problem, there's classes of 'easy' primes, and no particular reason to think that we exhaustively know all of'em..
asciilifeform: ditto prng. they're legs of triangle.
asciilifeform: sorta why it did not make sense to asciilifeform that people sat and 'i'ma make a hash', 'i'ma make a cipher', a good x is exactly a good y
asciilifeform: ( they're the same thing, if you had a provably working one, you get the other 2 gratis )
asciilifeform: in '16 we trivially reduced it to symmcipher == prng == hash
asciilifeform: of course it is possible to come up with infinite variety of garbage ciphers that 'hey it confused me!' but imho not very useful activity
asciilifeform: it's the reason for asciilifeform's lulzsubmission to mircea_popescu's 'block contest'. it wasn't even joak, it was 'rsa is the only tool in that box that i have any reason to think actually worx'
asciilifeform: in '16 i burned coupla months on the q of 'can haz', mainly on np-hard problems / turing-complete cellular automata, in place of sboxation. but got stuck on the 'guaranteed hard instance' boojum.
asciilifeform: reasonable cipher requires element that is at least a ~conjectured~ trap door (i.e. 'entry is a buck but exit is two'), e.g. exponentiation-with-primes
asciilifeform: and yes if you had fast iron bignumtron, could use ordinary rsa and dispense with enigmas.
asciilifeform: ( tho the reason why rsa is based on exponentiation, rather than straight multiplication-of-'plaintext'-prime-by-seekrit-prime is that in the latter variant you could trivially extract seekrit-prime with gcd )☟︎
asciilifeform: the closest thing i can think of to a working variant of mircea_popescu's device, is where you keep the carries, and use primes... and we know it as.. rsa☟︎
asciilifeform: ( 'egyptian div', btw, is pretty much exactly gaussian elimination , restated )
asciilifeform: ( spoiler, btw -- if you had normal addition, yer algo reduces to 'multiply P by K', it'd then be exactly my 'egyptian' multiplier )
asciilifeform: perchance i can provoke mircea_popescu into writing a proggy that deciphers ?
asciilifeform: but what you have instead is addition over , if you will , galois field
asciilifeform: the gaussian elimination thing would work if you had add (as in with carries) rather than xor
asciilifeform: i gotta admit that i still dun grasp how to decipher unambiguously into 1 single orig plaintext
asciilifeform pictures koreans pronouncing name, ends up hashing to 'beriberi'
asciilifeform: main imho tech problem of our time, is that brekekekekex-amplifier is a penny while effective filter is a pound+.
asciilifeform: if man-alone dreams of 'money while sleep', fman-alone -- of 'money with dildo'
asciilifeform: mircea_popescu: i suspect roughly same dynamic as old-style spam. i.e. 'i heard others are doin' it, there gotta be moneys in it, so i'ma buy a webcam and interactivefetish kit'
asciilifeform: kinda how americanfootballists keep playing until their legs won't carry'em
asciilifeform: i aint an subj expert, but don't all cheap whores market as 'fresh' for as long as it is half-possible ?
