49200+ entries in 0.32s
mircea_popescu: you now look for the signature blocks of
a in b, and have the whole show.
mircea_popescu: afaik "shadow brokers" didn't release this principal rsa exploitation tool of "teh equation group", but : imagine you have
a machine
a) working on your own special-purpose made prng ; and b) generating rsa keys all the time and on call.
mircea_popescu: there ~are~ extension attacks, but those typically require more than
a dozen bits known.
mircea_popescu: of course, the odds of getting
a FF FF q and
a FF FF p are 1/2^32
mircea_popescu: ftr, octet is the fucking right word for 8 bits.
a byte should be 64 bits these days.
mircea_popescu: i have
a serious issue with bit/byte confusion trying to get myself out of it somehow.
a111: Logged on 2017-11-14 11:29 spyked:
http://btcbase.org/log/2017-11-13#1737294 <-- not sure if possible with ffatronic ada subset, though, because of "no dynamic objects" restriction. in my (yet-unpublished) prototype, lisp memory size is
a static knob.
a111: Logged on 2017-11-14 11:22 spyked:
http://btcbase.org/log/2017-11-13#1737268 <-- this. ftr, current adalisp prototype (not-yet-published and thus yet-vapourware!) represents "pointers" as indices in
a statically-allocated array.
diana_coman: asciilifeform, I meant in the final pair; i.e. you get p=3 and q=2^4095+1 sort of thing; ofc throw both in
a pair if product not right size; but if not enforcing any size condition at all on p and q then you can end up with any small prime too
a111: Logged on 2017-11-14 03:58 lobbes:
http://btcbase.org/log/2017-11-13#1737253 << time will tell. Depends on how much the logs-to-date worth of archives end up being in drive space. Bandwidth also
a factor. Many things left to be sussed out.
mircea_popescu: asciilifeform there is no communication among unknown parties. someone somewhere gives you
a key.
a111: Logged on 2017-11-14 11:09 apeloyee:
http://btcbase.org/log/2017-11-08#1734517 << not quite. for encryption, if I get your modulus, and you actually want to read my messages, I can generate
a public exponent between M/2 and (say) 3M/4, and attach it to the message in plaintext.
spyked:
http://btcbase.org/log/2017-11-13#1737264 <-- strings are (lisp) lists-of-characters. which, as it is, unfortunately makes parsing and evaluating builtin functions (e.g. cons, car, cdr)
a pain in the ass. can be structured cleanly though. also, this makes it not
a simple matter of find+replace in shithub scheme.adb.
☝︎☟︎ apeloyee: assuming M is
a modulus of
a useful RSA key, this will work
apeloyee: fwiw I just realized that this ^ leaks
a little via the modulus
deedbot: Provide
a paste URL to the ascii-armored GPG public key or the full 40 character key fingerprint without spaces or dashes.
deedbot: Provide
a paste URL to the ascii-armored GPG public key or the full 40 character key fingerprint without spaces or dashes.
BingoBoingo: Perhaps register
a key while you are here? You never know when you will need it.
hubud: Hard to find
a sane btc community these days
hubud: He's
a goat farmer
hanbot: <mircea_popescu> (asciilifeform's ticker idea) << nah, autospeaking bots to be kept at
a minimum which is 0. << for the curious, why is say deedbot's rss announcer
a non-auto event whereas
a market movement isn't?
mircea_popescu: i get odd viral influenzas in the first months of mingling with the whores of
a new land also.
mircea_popescu: asciilifeform no, because see, if you don't use nextprime you lack the "nop bridge" so to speak. rolling number 6 does not take you to 7. to get 7 you need
a natural 7, and this is equiprobable to rolling
a natural 2^74207281-1 on the space of (0,2^74207281-1).
a111: Logged on 2017-11-13 19:29 phf:
http://btcbase.org/log/2017-11-13#1737247 << it looks like
a properly structured scheme evaluator, but it's ~explicitly~ lacking
a native cons, which might be
a very good exercise for whoever™ adding
a static allocation space, adding mark-and-sweep, then all those To_Unbounded_String look like they can be simply search/replaced
a111: Logged on 2017-11-13 17:47 ben_vulpes: and in ancients, dusted off mpfhf benchmarker, finished the bit-banging of inputs, fired off
a run late last week that is *still hashing*
mircea_popescu: clarity is more valuable than
a nearer asimptote, in many contexts.
a111: Logged on 2017-11-14 01:02 mircea_popescu: im not going to have my tech people do backflips to seamlessly bridge imperial idiocy into reality when i could just have the marketing people point out to how the empire lied by making the difference
a point of difference.
mircea_popescu: asciilifeform 0 led either one, or rather, non 11 led either one gives you
a sub 4096 N
mircea_popescu: im not going to have my tech people do backflips to seamlessly bridge imperial idiocy into reality when i could just have the marketing people point out to how the empire lied by making the difference
a point of difference.
☟︎ diana_coman: at
a first pass this duplex thing based on keccak seems to be
a similar attempt really, hence my question if anyone looked at it more closely (I'm still trying to fully grasp it, not there yet)
a111: Logged on 2017-10-06 23:13 mircea_popescu: basically the scheme is, you rsa
a random bitfield, then you expand that into as much otp as you want by doing recursively Fi = hash(bitfield + Fi-1). there's
a limit on i, obviously, which can be set to 1.
diana_coman: yes; but it's unclear if
a simple bitfield xor is best option
phf: well, i'm thinking in terms of
a TMSR MACHINE. scheme.adb linked against ffa linked against that com1 hack you posted some time ago :p
phf: right, so that scheme.adb would benefit from
a way to cons onto an arbitrary sized array, and then later someone can bolt
a gc on top of that. can even implement it as an explicit function call rather than
a threshold thing
a111: Logged on 2017-11-12 23:12 asciilifeform: i'm not fully convinced that
a scripting lang ~needs~
a gc
phf: the array instead of pointers approach gives you free save (in fact you can run it against
a mmaped region and have
a ghetto core file)
phf: somewhat relatedly one handy thing i saw on CADR is named cons regions, i.e. explicit memory regions where you can cons and every allocation function having
a *-in-region equivalent, like (cons-in-region x y region). i'm not sure if that's there, but you presumably can do some kind (with-cons-region (region ...) body) thing. naturally those regions can be saved (preserved referential integrity) or cleared, etc.
phf: there be dragons. i mean, if you're rewriting
a parser in lisp, then you might as well have proper readtables, rather then hardcoded sexp hack
phf: well, right. i'm not sure what ada.strings is (i.e. is it
a protocol or concrete datatype), so i can't really comment further
a111: Logged on 2017-11-13 18:13 asciilifeform: use Ada.Strings.Unbounded; << mno ben_vulpes this is ~specifically~
a Do Not Want
phf:
http://btcbase.org/log/2017-11-13#1737247 << it looks like
a properly structured scheme evaluator, but it's ~explicitly~ lacking
a native cons, which might be
a very good exercise for whoever™ adding
a static allocation space, adding mark-and-sweep, then all those To_Unbounded_String look like they can be simply search/replaced
☝︎☟︎ ben_vulpes: asciilifeform: absolutely, have
a benchmarking in place, will be implementing those two changes and recording improvements
a111: Logged on 2017-08-15 22:51 asciilifeform: but instead flipping
a single bit that gets xored with the result every time you read from the would-have-been-flipped reg.
a111: Logged on 2017-11-13 17:47 ben_vulpes: and in ancients, dusted off mpfhf benchmarker, finished the bit-banging of inputs, fired off
a run late last week that is *still hashing*
ben_vulpes: and in ancients, dusted off mpfhf benchmarker, finished the bit-banging of inputs, fired off
a run late last week that is *still hashing*
☟︎☟︎ a111: Logged on 2017-11-13 12:44 mircea_popescu: this is not "true for very many keys like
a billion trillion keys". this is true all the way up, by the time one's made 10^609 keys we're starting to get into five-nines assurance of unicity.
a111: Logged on 2017-11-13 11:43 mircea_popescu: this is evidently
a "loss" of entropy, in the sense that what is advertised (4096) differs from what is actually delivered (no more than 4090). i am of
a good mind to start calling them 4090 bit keys tbh.