tmsr - Search: i

57900+ entries in 0.436s

mod6: Hi, I've updated the howto, it's not "finalized" yet. Please take a look and let me know if this doesn't read quite right, or if I've left something out: ☟︎

PeterL: oh, and I was trying to make the functions more general, avoid putting in magic numbers as much as possible

PeterL: ah, originally I had it written to allow user to change key sizes, that is a holdover just in case

a111: Logged on 2016-08-18 12:32 mircea_popescu: asciilifeform since we're on this btw, the way i want tmsr-rsa key generation to work is as follows : a contains a number of entropy bytes specified by user in tmsr-rsa.conf read whenever tmsr-rsa.conf specifies (such as urandom); b contains a base-tmsr string specified by user. c = base-tmsr(a).b ; p = nextprime(cut(sha512(c),257)) ; process is repeated for q = nextprime (cut(sha512(c'),258));

mircea_popescu: PeterL + padlen = min(keya.l, keyb.l) - 1 # make sure that the strings will not overflow the key mods << i don't get it, why do you have variable length keys ?

PeterL: also, my question re crc32 yesterday, I meant to say: given a (random) string of 250 chars, what is the proability that (random four byte string) will pass the crc32 test? which I think is just 1/256^4

mircea_popescu: i expect at least one's own history should be kept encrypted to a key of his.

mircea_popescu: PeterL is there any security contemplated for the data, such as i dunno, encrypt the lists of peers / keys / history etc ? or simply a case of "fuck you secure your machine" ?

mircea_popescu: if the machine is on and i'm long dead, am i online cuz it pings ?

mircea_popescu: there's no real concept of "online" i can form in my mind. for instance, am i online when i'm not online ? i do read the logs... in what sense am i not online ?

PeterL: but then I was thinking maybe we wouldn't want that anyway

mircea_popescu: yes, but it ruins the security of the scheme, as i don't expect you will be sending pings to ips associated with bogus keys ?

PeterL: actually, I was going to put in a ping but then didn't get around to it yet

PeterL: yes, I see

PeterL: I will review that again

PeterL: well, I guess I should put in something, I guess your nick can't be longer than the message size or there would be no room for any message

mircea_popescu: PeterL you have a max nick size now ? it is a bad idea to specify protocol semantics at transport level. let me sign my lines whichever way i want, not care about it.

PeterL: I just put in the crc32 as a checksum

asciilifeform: i saw one on ebay recently

asciilifeform: i thought it was marketed to cargo lines

a111: Logged on 2017-07-21 00:02 phf: by the time i started figuring out the socioeconomic part of the question it was a year too late (they started tightening the screws some time before putin came to power, which was not so much the beginning but the announcement of the done deal. i remember '99 the situation of a lot of people changed drastically.)

mircea_popescu: i expect "scientifically proven" a la "climate change" no less ?

mircea_popescu: still. every lease i ever saw/signed had fixed term for leasor at will clause for leaser.

asciilifeform: * i read

mircea_popescu: "i'll just dump these remains in your back yard, throw them out whenever you're sick of them" is not what a lease says.

asciilifeform: in other veryolds, somehow i missed https://archive.is/Kw78h

asciilifeform: this weekend i'ma see just how sad is key genning with the saddest but proper algo , quoted earlier.

asciilifeform: recall, constanttime karatsuba did not (afaik) publicly exist before i posted it...

asciilifeform: (i.e. always-worstcase)

mircea_popescu: i am now very suspicious you can't ever have a good solution, in the sense that if you find it... you'll have found a fine reason not to need it anymore.

mircea_popescu: i know that face glaring back at me. it is the face of unyielding fucking doom.

asciilifeform: it was the most effective optimization i knew, and the one i rejected first and most incurably.

mircea_popescu: i am telling you, his thing is ripe for rewritting in a more apt notation. he is misrepresenting it because thinking in therms of fucking logic gates

asciilifeform: i dun see it

mircea_popescu: i think we even spoke of it back in the day

mircea_popescu: i am all for keepiong the unrolled version at the ready ; but i really see no problem with having and using the unrolled loops version. you read it once, over a weekend or a week, and you use it ten billion times over fifty years.

asciilifeform: currently i lean to unrolling them ~in the proof doc~ and leaving proggy as is.

mircea_popescu: asciilifeform i doubt it. ~nobody who came before did anything useful and ~nobody currently active has an actually functioning brain.

asciilifeform: did i miss a whole thread

mircea_popescu: anyway. i think the point re : fathers are worthless , siblings are severely retarded is well vindicated

mircea_popescu: honestly i don't believe the somewhat more cl is such a problem.

mircea_popescu: asciilifeform yeah, i guess. depends though, good to have both variants.

asciilifeform: ( i'ma keep the general case, for nao, because it is always very easy to turn it into the above later. but not vice-versa. )

a111: Logged on 2017-08-08 23:51 asciilifeform: it thereby follows that i could unroll comba into explicit cases from 1 to 8 words

PeterL: ack, I meant crc32

PeterL: http://btcbase.org/log/2017-08-09#1696147 << I don't think we need to do a hash on the data, it is already xored with the random string ☝︎

a111: Logged on 2017-08-09 17:10 PeterL: I will check in later once I am back at my computer with my key to verify this conversation has been with the real PeterL

pa1atine: hi all, great reads I had those days. logs are a trove of wisdom

asciilifeform: but this being said , i am not even ready yet to barf re ref-keccak, i aint even yet done barfing re ffa not having already existed

mircea_popescu: no, i know.

asciilifeform: fwiw i have a half-built one here. on hold until p.

mircea_popescu: but yes, i agree that in principle something-like-keccak could be made to spit arbitrary len digests ; and perhaps also in fixed space. the latter will require actual impl to settle.

mircea_popescu: "tell that to some guy a little younger than you, who just fell off the turnip truck. there is no publicity value in my talk being at your conference. what, if you sell 2000 of them it'll be a miracle. and what, what are people going to say, uuuuuu i like how that erlehmann talks, i wonder if he's got a blog or anything".

erlehmann: maybe i am not clear enough: i did not get to hold a talk so i talked to random c developers for fun.

erlehmann: mircea_popescu i wanted to give a talk about non-existence dependencies at SHA 2017 and it was rejected with “provide a 5min lightning talk on problem instead”. problem: 5min are enough to understand the problem, not why you are having it or what follows from it.

mircea_popescu: asciilifeform i guess when he comes back from the mpfhf reverser ima make him do a keccak impl that ACTUALLY does the any-output thing. afaik they're all 32/64byte

mircea_popescu: i thought it's any input fixed output

erlehmann: mainly i realized why my talk to the conference was rejected

erlehmann: asciilifeform correct. the talk begins with me mentioning non-existence dependencies and ends with the recipient either having a solution (one guy), being aware of the problem already (i counted two) or being unaware of it but being aware that their software is a lie.

asciilifeform: cut it. like procrustes, or into independent subsystems, i don't care how

mircea_popescu: asciilifeform anyway, let's sit down and make something sane for this guy. peterl i mean. what's his message supposed to be like ?

asciilifeform: systems are to be fixed - i.e. brought into conformance with vtronics -- or discarded.

mircea_popescu: i dunno he has some abstractive grammars itch.

erlehmann: btw i found a new social game

asciilifeform: incidentally you get best attributes of both if you harness them as i described, via otpxor

asciilifeform: i know of no others worth bothering with.

asciilifeform: i don't know of any hard, tangible reason to avoid it.

mircea_popescu: i thought there's consensus re offering c-s in teh tmsr cryptotron

asciilifeform: but for above reasons i prefer rsa.

asciilifeform: now if you want a pubkeycrypto where this proof actually exists, i know of exactly one : cramer-shoup

asciilifeform: mno, i did go & read

asciilifeform: mircea_popescu: i looked at the pss thing, seems like simply yet another obfuscatorily-complex nsaological artifact

mircea_popescu: it's incomprehensible to me, how this "i moved from a forum to a ... forum" thing works in the public's mind.

a111: Logged on 2017-08-01 23:43 mircea_popescu: i suspect steemit is a sort of how did they call that alt-disqus/alt-github "let us steal your content" thing ?

mircea_popescu: BingoBoingo by following qntra link, i fell upon http://trilema.com/2014/the-woes-of-altcoin-or-why-there-is-no-such-thing-as-cryptocurrencies/#comment-117679 which i suppose explains http://btcbase.org/log/2017-08-01#1692327 ☝︎

PeterL: I do find it annoying that long messages get split, but I guess it is not the end of the world or anything

PeterL: still better than twitter, I guess

PeterL: (perhaps I misunderstand how udp packets get reassembled)

PeterL: well, I was putting it all in one udp packet

asciilifeform: ( i will also note, the problem with allowing packet fragging is that frag reassembly is a Something-To-Allcomers operation . )

PeterL: and my scheme splits messages into r and m xor r, so I need 1024 bytes to pass the smallest message, which is already larger than the UDP "unfragmentation limit" of 512 bytes, so why stop there and not just let the message get longer by adding in some more chunks?

mircea_popescu: really, use that item i linked earlier.

PeterL: alright, so my scheme pads everything to the length of the key, but as I understand it still has to be smaller than the key n?

PeterL: right, I understand that part

mircea_popescu: had there been a wrap, i couldn't have extracted the cube root [quite so easily]

mircea_popescu: that's what i meant earlier with the e-root. if say your key is 1024 bits, and your exponent is 3, and your "encrypted" message is, numerically, 1404928, i can readily extract the cube root and find the original as 112.

PeterL: I thought it was only bad if m^e was less than n?

mircea_popescu: i mean actual strategoi of the ancient greece.

mircea_popescu: pro tip : it is always a very useful thing to be able to reflect your own mental process, which starts with being able to answer "where i got this from". makes error handling much faster and infinitely more efficient.

PeterL: well, shoot, I must be confused somewhere

mircea_popescu: im guessing i'll be taking ads in the local newspaper, "looking for lawyers willing to sue the government, apply within".

erlehmann: mircea_popescu it feels like work. i had that experience a few minutes ago, when i explained to a rando on the train the concept of non-existence dependencies.

PeterL: but I want to make longer messages possible

mircea_popescu: don't even have to, but consider the context. yes "it's what rsa is", that's what i'm checking, that he knows.

asciilifeform: aite, i'ma let mircea_popescu handle pedagogical thread, brb

PeterL: I am still learning here, the last time I came and said "how do I know if I have used the right key to decrypt it?" nobody suggested a checksum, now I will try to figure out how that would fit into the program

PeterL: I see.

PeterL: who am I to stop people from sabotaging themselves?

PeterL: asciilifeform, I am not sure I understand what you are getting at here

asciilifeform: aite, i'm walking the l0gz still