337600+ entries in 0.203s
danielpbarron: a year is long enough. picking out
the ones with old dates mostly
danielpbarron: heh, my list was getting a little
too long
to fit in my head so
to speak
shinohai: danielpbarron is
thinning out
the herd O.o
gribble: napedia was last seen in #bitcoin-assets 51 weeks, 6 days, 16 hours, 49 minutes, and 12 seconds ago: <napedia> I don't write for SNI. My opinion is
that I'd like
to see SNI sort it out with economic reasoning and good articles. Pierre's arguments are most persusasive.
assbot: Successfully unrated
thomas_d
assbot: You rated user
thomas_d on 24-Nov-2014, with a rating of 1, and supplied
these additional notes: plays on seals as
thomas_dick.
assbot: Successfully updated
the rating for
thestringpuller from 1
to 1 with note: wrote
the hard fork missile crisis qntra article
maqp: ben_vulpes: I
think you're confusing patriotism with nationalism
maqp: AFAIK Snowden hasn't got a degree in math/crypto, but what he said might indicate something in
the leaks
the journalists chose not
to publish. It's a long shot but since
there was no harm in cascading...
ben_vulpes: what
the fuck is
this "tongue slipped"
maqp: That's pretty much
the story behind CEV
maqp: Additive keystreams have very low risk after all and I didn't have
to
trust single external crypto library
maqp: Snowden hinted something about using cascading at Harvard Privacy Synopsium when he was
talking with Schneier. Schneier disagreed but it left me wondering whether Snowden's
tongue slipped. Cascading was agreed as a good practice in
the Schneier's Friday squid blog so I had a go
maqp: mircea_popescu: Didn't see
that. CEV was built
to distribute
trust over multiple cryptographic primitives and designers
fluffypony: "It's not clear why WhatsApp settled on
the oddly specific number, but it'll be good news for
those users for whom 100 just wasn't big enough."
maqp: unconditionally secure authentication fits information
theoretically secure algorithms (not ciphers)
punkman: maqp: what other algorithms are you
thinking of
that fit
the
title?
punkman: "because why
trust on a single cryptographic primitive" << because it's nice if
the whole
thing fits-in-head, and even if you cascade
there is still
the possibility of meet-me-in-the-middle attacks or I dunno what else
ben_vulpes: the superb owl impends, and
the girls need a hand hefting cakes and buckets of wangs
ben_vulpes: anyways, i now return you
to your regularly scheduled programming
punkman: "why use information
theoretically secure ciphers" << not really plural
there,
there is only otp
assbot: Logged on 07-02-2016 16:56:01; ascii_rear: ben_vulpes: good 'v' summary - but i'm still waiting for somebody
to crap out a
treatise re:
the philosophical 'why' of it
ben_vulpes: phf:
thank you for
the rewriting and clarification on why vdiff doesn't on macos.
maqp: "because why
trust on a single cryptographic primitive" makes a lot more sense
than "why use information
theoretically secure ciphers"
maqp: Keccak512-CTR - XSalsa20 -
Twofish-CTR - AES256-GCM - HMAC-SHA512 - SHA3-512-MAC
assbot: Logged on 07-02-2016 16:42:15; mircea_popescu: funny application of
the entire symbols vs words debate, incidentally. was it deliberate ?
maqp: CEV is
the cascading encryption version
maqp: It's also a lot easier with NaCl
than with OTP/CEV (there's a separate command for adding PSKs)
punkman: I
think pronounceable words beat baseX
maqp: NaCl also lets you pre-share 256-bit XSalsa20-Poly1305 keys. It was
the only practical post-quantum solution at
the moment
mircea_popescu: as
the saying goes, #b-a presence counts for 30 iq points.
maqp: indeed. I'll look into
that <:
maqp: Base36 would reduce public key length
to 56 chars
maqp: But since you don't have
to read
the public key in Base58 format, it could use
two different encodings
ben_vulpes: mircea_popescu: if you don't show up in
the forum, marshall hoplits on demand, are you still a senator?
maqp: having
to say "upper case B, lower case c".. is almost as bad as
the one used in
Telegram
maqp: But since users are verifying
the public key over Signal call
mircea_popescu: ben_vulpes generally i'm
thinking,
to make it in people gotta put you in ; but once you're in, yoiu're in, and baring disaster you stay in.
maqp: I wonder if
there's a library for
that
maqp: mircea_popescu: indeed. I just figured
the few extra chars were't
that important, and
that
typing upper/lower case might make it slower. I'll have
to look into
that
ben_vulpes: mircea_popescu: dude he has like
three
assbot: Successfully added a rating of 1 for maqp with note: I showed him
the log, and he joined! I'm on a roll.
ben_vulpes: yes but /inclusion in
the lordship/ for
that?
ben_vulpes: i don't intend
this as an attack on mthreat,
trying only
to
tease out
the logic.
mircea_popescu: my
thinking, vague as i admit it may be, is
that if
the guy's service is running,
the guy is ok.
mircea_popescu: ben_vulpes well,
the search is running ok.
this is a
thing.
ben_vulpes: i also don't quite know what mthreat's doing in
there beyond running search and being a known usg antagonist.
punkman: maqp, is
that a carter-wegman MAC in your otp version?
ben_vulpes: also does lordship survive
termination of corporeal instantiation?
maqp: That could work of course, base58 might be better as
there's less similar looking chars
maqp: unfortunaltely
that's
the only way
to prevent nation state from remotely injecting malware
to
transmitter device after setup
mircea_popescu: ben_vulpes no objection ; and in light of
the
traverser no objection.
ben_vulpes: i propose excising artifexd from
the lordship, and i further propose adding phf
to it
maqp: Since it's ECDHE,
the security is actually 3072-bit RSA equivalent
maqp: The current version has 72 hex char key you have
to manually
type
to
transmitter device; it's similar
to manually
typing Ricochet/Tox ID
maqp: I
tried it earlier, but
the classic Diffie-Hellman had much less security and a lot longer public key
gribble: diametric was last seen in #bitcoin-assets 1 week, 1 day, 21 hours, 42 minutes, and 31 seconds ago: <diametric> not sure
that makes it a
trivial non-crime at
that point.
maqp: So anyway, as far as
the
TFC goes, NaCl is
the first one
to provide practical public key crypto
gribble: artifexd was last seen in #bitcoin-assets 41 weeks, 3 days, 22 hours, 19 minutes, and 18 seconds ago: <artifexd> I'm comfortable calling it a review. Not just of what it is but what it was and how it got
to where it is.
maqp: As far as it goes with cast iron list, it remains
to be seen who's now closer
to "terrorists"
ben_vulpes: nigga you
think i keep shit in my head
that computers remember for me?
ben_vulpes: right, and given
the extremely long lead
time for review around here i want
to kick
the conversation off now
ben_vulpes: you proposed changes, but i'm not seeing
those changes cemented anywhere.
mircea_popescu: well no, not really april yet.
there should prolly be some discussion for a new one huh.
mircea_popescu: hey, an interest in actual crypto / security ? DEFINITELY
terrorism.
ben_vulpes: maqp: where does
the handle come from?
mircea_popescu: maqp now you can self-voice ; just say !up
to assbot in a pm and it'll give you a string
to decrypt. pass it with !v and you're voiced.
assbot: Searching pgp.mit.edu for key with fingerprint: 559FA134DE33AED70DF97D8B085ADF061C2B20CD.
This may
take a few moments.
maqp: interesting.
There doesn't seem
to be a setting for
that when uploading key
to MIT key server
maqp: mircea_popescu: What's
the prefix in front of pub key fingerprint?