5134 entries in 0.896s
justJanne: Nah, I was just reading on the
RSA factorization article where someone claimed this channel would still DDoS everyone who joins. Sadly I can’t see any of that (was hoping to see if it actually is true xD)
joshbuddy: hiya, just hanging out after reading the hilarious
rsa key blog post by .. umm you
assbot: Logged on 17-05-2015 16:10:13; mircea_popescu: achtung BingoBoingo cazalla : phuctor broke a
rsa.
mircea_popescu: actually, a fully-explicit "how to extract your
rsa moduli as numbers, and how to test things" write-up may be a good use of someone's time.
JPT: I decided to read along a little since it got to me that some
rsa keys were broken ;)
davout: asciilifeform: it doesn't parse plain
rsa keys?
assbot: Successfully updated the rating for asciilifeform from 4 to 5 with note: 4 First man to factor a 4096
RSA key in the history of computing.
mircea_popescu: !rate asciilifeform 5 4 First man to factor a 4096
RSA key in the history of computing.
mircea_popescu: ;;rate asciilifeform 4 First man to factor a 4096
RSA key in the history of computing.
ascii_field: this plus
rsa is good enough to sig-only-revoke.
mircea_popescu: there are some things that don't need fixing. what needs fixing re gpg is to use
rsa throughout, rather than the current lulzatron.
ascii_field: one cannot claim the same degree of 'hardness' for this as for the actual
rsa, correct
copypaste: gpg: encrypted with
RSA key, ID 16B8E32E
assbot: Logged on 12-05-2015 22:03:27; mircea_popescu: so ascii_field from the above, am i correct in deducing that there have been at most 47728 - 31262-4584 = 11882 (out of 47728, or ~1/4) keys without any
RSA subkeys in them ?
mircea_popescu: so ascii_field from the above, am i correct in deducing that there have been at most 47728 - 31262-4584 = 11882 (out of 47728, or ~1/4) keys without any
RSA subkeys in them ?
☟︎ mircea_popescu: "
rsa. use for text.
rsa/aes. use for anything that's not text."
mircea_popescu: anyway, optimal thing would be user specified, and full
rsa option.
jurov: and? so the optimal thing would be to parse the email and encrypt some parts by
rsa and some by aes or what?
jurov: in this case it's not moore's law but bandwidth. you can't have megabytes/second with
rsa, or if you do, battery dies
mircea_popescu: funny how moore law is always there to justify doing something stupid, never to justify doing things like "
rsa all the way - we can afford it now"
jurov: iirc pgp/
rsa is computationally expensive, so it's only used to establish
rsa keys
pete_dushenski: i dun follow that part at all. the pgp/
rsa makes sense but where aes comes in is anyone's guess.
mircea_popescu: do they do the "
rsa encryption of an aes symmetric key" thing ?
pete_dushenski: "For maximum security, our BlackBerry PGP encryption service utilizes AES 256 bit PGP encryption with a 4096 bit
RSA key format." << also uses session keys, but these are presumably generated on the phone, so...
mircea_popescu is really curious what gcd over
rsa keys actually looks like in terms of resource consumption.
decimation: it would be handy to have a 'diceware' version for
rsa keys
assbot: Logged on 04-04-2015 03:39:35; decimation: but I would also like to pack enough bits on an 8.5x11 sheet of paper to convey a 4096 bit
rsa privkey
decimation: but I would also like to pack enough bits on an 8.5x11 sheet of paper to convey a 4096 bit
rsa privkey
mircea_popescu: how does it even work, you hash the "public key" and then multiply it with something ? sorta halfass
rsa ?
decimation: asciilifeform: it strikes me that a handy product would be a little ada microcontroller with an implementation of
rsa assbot: Logged on 13-10-2014 19:14:19; asciilifeform: ulbricht << unless he's learned to grind
rsa in his head, how is this to happen? his jailers will otherwise have the key at their leisure.
mircea_popescu: asciilifeform
rsa per se is not even really involved in all this o.O
nubbins`: ascii_field so what's the path from
rsa key -> seed node
ascii_field: ultimately the only proper box is one where the only magical constant is an
rsa key, and same key is also prominently burned into the chassis
ascii_field: 'Provides a working implementation of a backdoor embedded into the
RSA modulus of a Certification Authority public-key certificate and the code for a minimalistic client and server communicating over a TLS channel:'
mike_c: "
RSA received $10 million in a deal that set the NSA formula as the preferred, or default, method for number generation in the BSafe software"
mike_c: what? i thought it was common knowledge
rsa sold their soul.
mats: and re: BSafe, i'm not convinced
RSA could be sold on destroying their reputation for packing peanuts.
mats:
RSA upheld their end by backdooring the BSafe product
mircea_popescu: more like cracking
rsa : for the techology they had at the time, absolute security.
BingoBoingo: IN the very worst case and
RSA fails at least private languages aren't too bad compared to DES, provided the grammar and semantics are unique
BingoBoingo: danielpbarron: Even with GPG not everything is
RSA. Some people are stupid and use version 2-ish though it lacks backwards compatibility or they use 80's fail crypto which breaks easily.
adlai: although not all gpg keys are
rsa BingoBoingo: danielpbarron: Could even the good doktor mark such a large keyspace as
RSA as his numebers?
BingoBoingo: It is amusing. Still when it comes time to replace GPG it will look more like
https://github.com/tedu/reop than any Moxenslit iPerson thing (except... with
RSA support and done in ADA/Common Lisp)
BingoBoingo: gmaxwell: I'm just inclined towards giant
RSA keys and presenting a hard problem. It's just I'd like the option. That and ECC is already keeping the money safe...
mircea_popescu: asciilifeform if nubbins` weren't such a noob, he'd have laser etched a mechanical
rsa by now
decimation: asciilifeform: it would be amusing if someone were to make an electro-mechanical
RSA machine
decimation: also, today I was thinking about your
rsa-signed-udp-packets thingy
phillipsjk: DSA is assumed to be weak because 768bit
RSA primes have been publicly factored.
decimation: decimation: i wonder if the device keys have even been 'phuctored' ever. << "CMs MUST store and maintain the CM Device Certificate
RSA private/public key pairs. The CM MUST store the CM Device Certificate private keys in a manner that deters unauthorized disclosure and modification. Also, CMs SHOULD prevent debugger tools from reading the CM Device Certificate private key in production devices by restricting or blocking physical
decimation: ah "The CM MUST have two factory installed CM Device Certificates (and their associated private keys). The CM MUST have a CM Device Certificate installed that is issued from the new PKI. The CM MUST have a CM Device Certificate installed that is issued from the legacy PKI. The CM MUST have the same
RSA public key in the CM Device Certificate as the
RSA public key in the BPKM Attributes depending upon which CM Device Certificate is
decimation: apparently docsis 3.1 uses 2048-bit
rsa for the device, 4096 for the root ca
jurov: <davout> it occurs to me it would be really nice to have a way to easily dice-generate an
rsa keypair << needs just some 1585 dice throws to get two 2048bit seeds (from them prime search is sequential)