tmsr - Search: " T"

65100+ entries in 0.037s

asciilifeform: the transform is not reversible.

BingoBoingo: In other updates: Cansorship resistance piece approaching 1500 words and has yet to advance beyond 2014 Republican state of the art.

mircea_popescu: to be clear : it's exactly the same scheme ; showing you how P ~must~ be obtainable from known K and E.

asciilifeform: so how does this diff from the previous item , what am i missing

mircea_popescu: so if K[q] = 0, then that line's skipped ; otherwise it's applied.

mircea_popescu: no no, x is xor * is multiplication (in the sense that if the key is 0 at that offset, the rb dun get applied)

asciilifeform: so, this is exactly the previous scheme, but with * rather than xor ?

mircea_popescu: for a 5 bit key you only have to try 2^3 permutations or so, it's true. but anyways.

mircea_popescu: To obtain P back from E without K : P[1] = P[1] x K[1] * P[1] x K[2] * P[2] x K[3] * P[3] x K[4] * P[4] x K[5] * P[5] ; P[2] = P[2] x K[1] * P[2] x K[2] * P[3] x K[3] * P[4] x K[4] * P[5] x K[5] * P[6] ; and so following all the way down.

mircea_popescu: E therefore is : E1 = 0 x 0 x 1 = 0 ; E2 = 0 x 0 x 1 = 0 ; E3 = 1 x 1 x 0 = 0 ; E4 = 1 x 1 x 0 = 1 ; E5 = 1 x 1 x 1 = 0 thus E = 00010.

asciilifeform: the basic boojum is that it aint a cipher of any kind, and the ubiquitous sbox derpery is simply squid ink to obscure this. maslennikov details how he pointed this out to 1980s kgb and got sacked. ☟︎

asciilifeform: ( and if mircea_popescu's point was that ~all~ present-day 'block ciphers' are reducible to some variant of it -- the point is made )

a111: Logged on 2018-10-29 18:29 asciilifeform: it's about xor, in the specific style used in winblowz shitware to hide strings from av.

asciilifeform: mircea_popescu: seems to me that ~now~ you correctly defined... the http://btcbase.org/log/2018-10-29#1867192 cipher. ☝︎

asciilifeform: mircea_popescu: feel free to bake this by curing the little proggy pasted earlier

asciilifeform: diana_coman et al : http://p.bvulpes.com/pastes/uX1BM/?raw=true << for convenience, the recurrence eqs rewritten 1) as sexpr 2) with the orig constant-xors included

mircea_popescu: as long as P doesn't have more bits than K, this is a determinate system.

mircea_popescu: so this is, in fact, a system of (here) 512 xor-equations, with ak nown result (e[x]) and a known parameter matrix (K)

mircea_popescu: E is just what these equal to, see.

mircea_popescu: well, we're trying to get P back right.

asciilifeform: 'any one bit of P is the result of xoring of up to k bits of P' << y'mean 'any one bit of E' ?

asciilifeform: i suspect i'ma need some strong чифир for this chipher

mircea_popescu: asciilifeform check this out : as per the "chipher", let there be a plaintext P of n bits ; and a key K of k bits. given a ciphertext E of n bits, it is a fact that any one bit of P is the result of xoring of up to k bits of P. if you know K you know ~which ones~, and as you have E you know ~what they must xor to~. this results in a message-wide system of k equations which is determinate.

a111: Logged on 2018-10-29 19:22 diana_coman: asciilifeform, that helps, thank you! I had to take break and I'm slow on this sort of things so it'll take a while until I get to say anything

asciilifeform: http://btcbase.org/log/2018-10-29#1867215 << dun feel sad, serpent had to hang on asciilifeform's wall for 2yrs before this. ☝︎

asciilifeform: nao y'know wai asciilifeform dun have a tv..

mircea_popescu: now tell me, "why can't tv be more entertaining".

asciilifeform hoses down vivisection table

mircea_popescu: asciilifeform this is so much better than having to correct the title.

mircea_popescu: "our block cipher has to have backdoor because we built a paper shredder and well..."

asciilifeform: see, you win phree toy, from this arcade.

asciilifeform: pretty handy proof , however, that the xor liquishit on the right hand side of those serpent eqs, doesn't conserve entropy ! ☟︎

asciilifeform: and before you ask, variant where either key or msg can be longer, http://p.bvulpes.com/pastes/AQPnG/?raw=true , and transpose msg and key for reverse, dun reverse either.

asciilifeform: ^ bits are printed in ascending majority, left to right

asciilifeform: mircea_popescu: http://p.bvulpes.com/pastes/gWzx9/?raw=true , satisfy yerself that it dun reverse

diana_coman: asciilifeform, that helps, thank you! I had to take break and I'm slow on this sort of things so it'll take a while until I get to say anything ☟︎

mircea_popescu: and no, "we have pre-padded ring buffers with THIS particular message that's worth hardwiring because it's ever so magical" ain't a reasoning.

mircea_popescu: asciilifeform like it or not, this is the ur-blockchipher. ALL OTHERS, not only casually but NECESSARILY, are mini-clipped versions of this. "competition or no competition", if it got shitboxes it's this and naught else.

asciilifeform: mircea_popescu: your offsetting rotates (as e.g. ram on z80) or truncates? ( when message is shifted beyond the buffer bound ) ?

mircea_popescu: same procedure, xor the Pmessage as per key.

deedbot: http://trilema.com/2018/so-i-designed-a-block-chipher/ << Trilema - So I designed a block chipher.

asciilifeform: ( having, that is, the key )

asciilifeform: mircea_popescu: meanwhile plz be so kind as to say how to decipher.

asciilifeform: pretty tired from curing serpent.

asciilifeform: sure, wainot , after tea

asciilifeform: shannon already showed how to break, it's in the kindergarden text

mircea_popescu: weaker than serpent.

mircea_popescu: are you saying this is weak ?

asciilifeform: i deciphered these with perl script, for a living, for yrs.

asciilifeform: it's about xor, in the specific style used in winblowz shitware to hide strings from av. ☟︎

mircea_popescu: ow shit, i mystypoed in the title, wtf is a "chipher".

mircea_popescu: didja read that whole thing

asciilifeform: lol you almost got me, i half-expected the piece to be about a block cipher

mircea_popescu: i'd have said more, but the editor showed wordcount 777, and i deem this a very good omen re cipher quality.

asciilifeform: ( they're broken up in the log, so possibly this is handier )

asciilifeform: diana_coman: http://p.bvulpes.com/pastes/94fgv/?raw=true << the raw emacs-sewed recurrence equations, if it helps

asciilifeform: ( no hard dating for either , tho )

diana_coman: I can cite though from the 2000 paper (or apparently 2000...): "Since then we have sought to strengthen the algorithm and improve its performance. As a result, we have selected new, stornger, S-boxes and changed the key schedule slightly."

asciilifeform: aite, won't distract then

asciilifeform: for lulz, would be interesting to dig up the list of 'luminaries' who voted for serpent. ( last i recall, it was public )

asciilifeform: diana_coman: i'm still boggled re the sheer wtf of it all.

asciilifeform: diana_coman: that's exactly what i remembered.

asciilifeform: ( i'd walk over to uni to try an' dig it up, but then remembered that they abolished the paper-papers archive for 'electronic' lulz )

asciilifeform: btw i seem to recall that the original mircea_popescu & diana_coman thread where 'let's try serpent' turned up that the current 'paper' is not in fact the original, and the orig has evaporated. nao gotta wonder what was in it.

asciilifeform: hilariously, i have a tall pile of academiliquishit re serpent right here on desk, and it ALL without exception dwells on the sboxes & lineartransform, 0 discussion of key schedule.

asciilifeform: whether asciilifeform takes month, week, or day, to cough up pill

asciilifeform: i do suggest to look for a spare tyre, tho, this one's hissing air.

mircea_popescu: bright kid walks in with a convincing story as to how he's gonna walk in with item != bright kid walks into here one day with that item.

mircea_popescu: the issue is that ~however many~.

asciilifeform: you dun need 'acres of crays' to walk 2**64 or however many, troo-keyz.

mircea_popescu: he GOTTA WALK WITH IT THO

a111: Logged on 2018-10-26 17:05 mircea_popescu: yeah but suppose some bright kid walks into here one day with that item we all suspect is under a rock somewhere

BingoBoingo: asciilifeform: If your math stands the week, you may be the best qualified to do the qntra on it

a111: Logged on 2018-10-26 17:04 mircea_popescu: in short, because this winding discussion risks overwhelming buffers, the salient points are a) that i'm not ready to go to war over serpent, it's a meh-maybe item ; b) that building our spearheads around items we're not willing to die for may be how the converse of http://btcbase.org/log-search?q=bitcoin+corrupts altogether.

a111: Logged on 2018-10-26 16:48 mircea_popescu: i am experimenting with serpent, and yes it's borne of that ancient discussion of ours, but i'm nowhere near-ready to bake it into "this is tmsr secure disk"

mircea_popescu: so far, we're still ~in the same position as http://btcbase.org/log/2018-10-26#1866400 / http://btcbase.org/log/2018-10-26#1866449 ☝︎☝︎

asciilifeform: washington can pay for its own auto-pill fpga, if they want one tho, i dun see why to do this work for them.

mircea_popescu: suppose... you actually do that ?

asciilifeform: ( dun forget to acct for the constants )

asciilifeform: a proggy that takes a 256b key and shits out its 4+ sister-keys, prolly wouldnt hurt, either; if somebody can be arsed to write. ☟︎

asciilifeform: BingoBoingo: mebbe give it a week, whoknows, somebody turns up a mistake in asciilifeform's maffs. then can qntra...

deedbot: http://qntra.net/2018/10/godaddy-does-it-again-taking-domain-name-in-response-to-media-pressure/ << Qntra - GoDaddy Does It Again: Taking Domain Name In Response To Media Pressure

asciilifeform: i can't speak for other folx, but i'ma have to repeat h. hughes, 'fly in it? i wouldn't walk under it'

asciilifeform: i suspect that the thing was a mine planted specifically, if you will, for tmsr.

asciilifeform: relatedly, for shits & giggles asciilifeform has been reading a 'digital evidence' law school textbook, for entomological/ameritardological studies, and it goes out of its way to mention 'serpent sank an fbi case'

asciilifeform: 'omfg they bought it'

asciilifeform: i feel pretty stupid, tbh, for not noticing in '16

mircea_popescu: asciilifeform likely explanation being "whisperer", ie, technical quimby sinking it behind the doors because "it's fucking stupid".

mircea_popescu: asciilifeform consider also that if a, b, c, d, e, f are rng words, then (P xor a) xor b) etc does not in fact substract anything.

asciilifeform: i gotta take off my hat to whoever cooked that up.

asciilifeform: entirely possible also that the 'lost despite most votes' thing was engineered stunt.

asciilifeform: it also suggests a very different picture, vs the one i previously supposed, re why it didn't win the tourney. ( rather than washington:'omfg too strong', rather went 'omfg our academi.flunkies kissing arse so hard they cant breathe' )

asciilifeform: hey, it didn't click in asciilifeform's head either until asciilifeform went to fpgaize it..

mircea_popescu: the reason being that it wasn't gonna move till i baked it in some pie.

asciilifeform: and for some reason this took 20yrs ?! to get out...

asciilifeform: thus far, afaik, we already know that there aint 2**256 possible 528-byte serpent expandedkeys. nor 2**128. and as i currently suspect, not even 2**64 .

asciilifeform: for our purposes, that means 'they subtract'.

a111: Logged on 2018-10-29 16:06 asciilifeform: nao, is it a controversial statement that xors with an item that's already been rolled in, can only ~subtract~ entropy, never add ?

mircea_popescu: http://btcbase.org/log/2018-10-29#1867088 << not controversial. can substract, though doesn't necessarily have to ; can never add. ☝︎