52400+ entries in 0.024s
mircea_popescu: this sad is dissected in logs last someone mentioned this. which might've been me, last year ish
mircea_popescu: the sad fact of bitcoin relay network is that it actually forces people who aren't to nevertheless act like idiots.
mircea_popescu: trinque the only known pill is keeping large pile of secretly connected nodes, measuring who mothballs you and why, sending assassins over,
mircea_popescu: no it's not a solution. it reduces to "bring your own missing parts of this bitcoin"
mircea_popescu: asciilifeform in which vein : nothing wrong in principle with the idea (of all-coins-given-at-t0) but you will have to solve the problem of time.
mircea_popescu: i don't want a different flavour of footshooting musket.
mircea_popescu: this alt-granpa pistol is no replacement for the actual item
mircea_popescu: that's the iffy thing about blocks. not so much the "work", but the metronome.
mircea_popescu: the problem with "no time", see ? it's that now... no time!
mircea_popescu: by the time you ask "why would anyone choose the wrong color bits" you've moved from protocol to promise.
mircea_popescu: how can non-usg node correctly identify C' as retcon ?
mircea_popescu: so if at t0 the chain is C, and at t1 large owners decide they don't like C and retroactively create C' ?
mircea_popescu: yes. but when you encounter two different chains, how do you choose one ?
mircea_popescu: there's nothing fundamentally wrong with a non-mining coin, ie, where all coins are created at t0.
mircea_popescu: i have no idea what the item would even cost today. billions, prolly.
mircea_popescu: in other lulz : 32 hectares of land across the strip from the flamingo cost under 1mn in 1962.
mircea_popescu: not sure that is a bad thing. but yes, evidently large topic for discussion.
mircea_popescu: but the contention here is that picking something like modexp is a better choice than just piling on hashes.
mircea_popescu: primeness doesn't enter into this, we're just leveraging that apparently modexp is megaexpensive.
mircea_popescu: let's take a = every other bit of n. to mine this block, you must produce an x so that x is twice the bitsize of n, and (x+a)^n is mod congruent to x^n + a (mod n)
mircea_popescu: incidentally...if this is so fucking slow... guess who just found a new pow.
mircea_popescu: (which, i confess, striked/strikes me as a seductively good idea)
mircea_popescu: but the base factor can't be this fucking humongous ffs, it's just (x+a)^n vs x^n+a.
mircea_popescu: the order IS log^6, which was the great progress, originally it was log^12
mircea_popescu: ie, suppose the factors f1... f8 have bitnesses of 1,1,2,2,3,3,2042,2042. so then we try f1f3f5f7 and f2f4f6f8. and we also try f2f3f5f7 f1f4f6f8. and so on.
mircea_popescu: it's a finite set of factors, they work together into fixed bitnesses only so many ways.
mircea_popescu: the thus reconstructed p and q should be tested for whether they indeed have no true witness of compositeness as low as gpg tests.
mircea_popescu: each of these factors will have a bitness. admitting none of them has a bitness = 2048, they can be arranged into a p and a q so that each of these has a bitness of 2048
mircea_popescu: the ~other~ part of it is : suppose (i don't have example ready, but constructively) there's a N that popped into factors f1... fm.
mircea_popescu: was it ever checked whether it would appear prime to koch-gpg ?
mircea_popescu: !#s E668E8C9185CD163C976FB378648E3842D4774D508DB7C3B13C43DB30E92C064
mircea_popescu: bernstein smooth parts of integers empowered sieve popped a factor ?
mircea_popescu: asciilifeform importantly, re the test above : not the ~factors~ must be tested, but the actual composite p or q, as reconstructed from the factors.
mircea_popescu: and i have a good mind to mandate eucrypt impl of m-r actually uses 2^8 ie 256 as minimum.
mircea_popescu: ie gpg is wasting its time with "oh, let's see if 2 is a witness".
mircea_popescu: for the record, if n = 2 ^ 2048, that limit is ~238.728599954.
mircea_popescu: (for the record : it is a fact that there exist infinite composites so that their SMALLEST witness is at least ln (n) ^ 1/(3 * ln (ln(ln(n))). yet "cryptography community" keeps doing this small witness bs.)
mircea_popescu: iirc there was a "study" showing how "it is enough to test these" for whatever size.
mircea_popescu: so the recipe would be, "for every composite N, sort the factors so as to obtain two 2048 bit chunks ; then check whether 2, 3, 5, 7, 11, 13, 17 are strong liars for the item.
mircea_popescu: this is what i say : reconstruct the original two "primes" of which at least one wasn't ; then see which of such items have in fact low primes as strong liars.
mircea_popescu: a composite that passes a low round m-r can be composite of >2 factors np.
mircea_popescu: it'd be worth it at this point to see which of the composite "primes" have the whole set of primes under say 29 as strong liars.
mircea_popescu: asciilifeform at this point there's little doubt in my mind that >0 of the items cracked by phuctor were bona-fide keys, composite slipped past the 4+1 round m-r.
mircea_popescu: and so we'd like to have an alternative, if for no reason then just to have it.
mircea_popescu: this'd be a special alternate because we're very unhappy with the fact that a) "everonye" (=usg) uses m-r and b) evidently lies about the strength assumptions.
mircea_popescu: asciilifeform for my curiosity, run the above linked c++ gmp item
mircea_popescu: yes. if you want you cal look up tje log for ben_vulpes ' item or else write your own in cl and compare after.
mircea_popescu: that said, a gmp version pushed out as a patch on mpi might not be entirely without merit.
mircea_popescu: esthlos i'd love for you to be able to jump straight into this ; however there's some groundwork to be laid. look into the V system, because ideally you'd be presenting the finished item as a patch on diana's eucrypt lib. and asciilifeform is working on and publishing a final FFA which is what we intend to use here.
mircea_popescu: so he has something to work on, rather than wait for tutorial completion, is the logic
mircea_popescu: rather than being all negative!!!, got a review copy of ffa somewhere to pass to esthlos ?