asciilifeform: i thought in ro cosmography england was an uninteresting backwater. or is that only mircea_popescu

asciilifeform: but there at least they dun pretend to have created the airplane.

asciilifeform: there was a '90s american film where there is a scene, where an airplane lands in africa and in fast motion gets stripped for parts, like elephant carcass by hyenas ☟︎

asciilifeform: depressing reading. 'suddenly dud rsa keys, hip!'

asciilifeform: czechs, germans, etc boecks.

asciilifeform: i stopped keeping track in real time.

asciilifeform: veritable feast for the vultures, it's been lately

asciilifeform: ( recall the primalitytest thread )

asciilifeform: sure.

asciilifeform: afaik no published work re known middles

asciilifeform: anyway original observation was re upper and lower cont. strings

asciilifeform: if rsa is strong

asciilifeform: so sheer weight of 1s can't be much use

asciilifeform: 1024 is ten bits of info, readily brutable

asciilifeform: within 1sd or so lel

asciilifeform: gotta be continuous, or i could 'mahaha, i know mircea_popescu's q has 1024 ones!'

asciilifeform: lel

asciilifeform: last link got cut

asciilifeform: sorta lulzy to learn that a day of bulldozering costs moar than a used bulldozer.

asciilifeform: ( a preowned SEM is mebbe 10k )

asciilifeform: supposing i had where to keep one, and weren't gearing up for escape

asciilifeform: re 30k, it's moar than enuff for own motherfucking microscope

asciilifeform: i can't picture it appreciating to the point where i can spare 30k worth of it

asciilifeform: separate item neh

asciilifeform: because the talent pool aint any bigger

asciilifeform: aha and the 40 remaining % gets to charge same or moar

asciilifeform: it's a surgery, d00d strips carefully the layers , takes pics

asciilifeform: no, like appendectomy.

asciilifeform: the microscope per se is 1940s tech.

asciilifeform: so cost dun move much

asciilifeform: it's mostly manual work, mircea_popescu

asciilifeform: in sadder noose, cheapest bolix ivory microscopy quote, chinese, that covers all the layers ( metal and passivation ) is ~30,000 usd. ☟︎

asciilifeform: lol

asciilifeform: betcha it could live for years.

asciilifeform: i'ma half a mind to build that antenna , btw, and see how long before confiscated

asciilifeform: but this is a thread for another time.

asciilifeform: within a given bitness category

asciilifeform: looking for any kind of outliers by any conceivable measure

asciilifeform: reminds me, not long before the beginning of the time of dulap troubles, and the isp winter, asciilifeform was experimenting with statistical tests of the ~moduli~ a la dieharder

asciilifeform: aa

asciilifeform: or mircea_popescu was thinking of the particular one illustrated earlier

asciilifeform: dun need periodicity for rng diddle, necessarily

asciilifeform: the archetypical example is 'digits of pi'

asciilifeform: generally there are cheaper ways to make use of 'key' to chump rng

asciilifeform: ( bottom or top consec. bits )

asciilifeform: iirc most recent black magic gives you polynomialtime breakage if >=.22b of bitness b of p or q bits are known ☟︎

asciilifeform: aha.

asciilifeform: *the already

asciilifeform doesn't expect to see a pill against this, other than he already obvious engineering margin of using respectable number of bits of entropy for whole thing

asciilifeform: otherwise yes

asciilifeform: ok i misread a leading ...

asciilifeform: this is sloppy thinking

asciilifeform: where's the ... in there

asciilifeform: srsly try it

asciilifeform: mircea_popescu: nope. carry exists.

asciilifeform: observe, you cannot say anything re p,q from he middle bits of pq (or rsa would be useless) ☟︎

asciilifeform: problem only properly exists in the tail ('youngest') bit, where carry is 0

asciilifeform often says 'eldest' , as in ru

asciilifeform: aite

asciilifeform: let's settle another matter -- which bit is 'first'

asciilifeform: mircea_popescu: octets??

asciilifeform: so pegging primes min size does 0.

asciilifeform: the other thing, diana_coman , is that if enemy knows that you will never use a p or q below limit l -- he can start bruting from l

asciilifeform: diana_coman: generally speaking, anything one could conceivably walk over, is unsafe - i.e. primes smaller than the number of femtoseconds in a millenium, if i had to give a heuristic

asciilifeform: understand, setting the top bit won't help you, i can just as easily say 'but what if the middle 2000 bits in my prime end up zeros!'

asciilifeform: in an honest rng

asciilifeform: diana_coman: calculate the probability of fatally small p or q.

asciilifeform: spyked: i use generic, which (quite unlike in cpp) results in a fully static structure that is created at runtime

asciilifeform: http://btcbase.org/log/2017-11-14#1737525 << this is therightthing. but note that not only is http://btcbase.org/log/2017-11-14#1737533 not a problem, but the behaviour is fundamental to ffa. in ada a structure is considered nondynamic if its size doesn't change at run time. not if 'magic number' size, like in overflowlang. ☝︎☝︎

asciilifeform: and diana_coman , there is no 'trouble if one is too small', you throw out ~both~ if the test fails

asciilifeform: imho ^ is The Right Thing, at least for folx who aren't generating keys in a burning hurry

asciilifeform: http://btcbase.org/log/2017-11-14#1737528 <<< >>> http://btcbase.org/log/2017-11-14#1737387 ☝︎☝︎

asciilifeform: i.e. until we have one another's mods ~and~ pubexps! we're not really rsaparties. with all that flows from this.

asciilifeform: i was answering apeloyee's odd 'but i can give you my pubexp later, over unauthenticated plaintext, anywhere' oddity.

asciilifeform: mircea_popescu: aha!

asciilifeform: http://btcbase.org/log/2017-11-14#1737520 << what keeps a million enemies from offering false pubexps in false conversations, preventing us from agreeing on a genuine one ? ☝︎☟︎

asciilifeform: a la microshit.

asciilifeform: BingoBoingo: default firmware is known-boobytrapped ☟︎

asciilifeform: ( it could buy a veeeery small, in a bottle , flotilla... )

asciilifeform: pretty sure i still have a coin i paid 0 for, lel

asciilifeform: ( i could even readily believe that an , e.g., 25x rise in the heathenbux:btc exch rate would make no practical diff to mircea_popescu . but i suspect that i am not the only one here for whom it would make a palpable diff. )

asciilifeform: http://btcbase.org/log/2017-11-14#1737451 << i see the q of whether a coin buys a rowboat, a battleship, or entire flotilla, as broadly interesting one -- but mebbe that's just me ☝︎

asciilifeform: http://btcbase.org/log/2017-11-14#1737435 << keep in mind, this was not a high bar -- ru soldiers took home even toilets from germany ☝︎

asciilifeform: http://its.svensson.org/m.f.d.(file) << in evenmoar obscura

asciilifeform: that at least has up-side

asciilifeform somewhat addled with viral fevers, and strange dreams at night ( featuring such colourful characters as tov. ceaușescu )

asciilifeform: yea

asciilifeform: now i recall having argued this myself, lol

asciilifeform: ( 2048 rather. but you get the idea )

asciilifeform: ( there are still fewer primes than 2^4096bit phase space )

asciilifeform: somewhat counterintuitively, you still get same result ( minus the time sidechannel leak, naturally )

asciilifeform: afaik the only remaining, and most obvious 'loss' is the one implicit in prime number theorem ( where , wat, ~10k possible rng outputs correspond to same prime output )

asciilifeform: iirc she is pumping it straight from fg.

asciilifeform: ( she is using my sanitized gpg bignum. but i did not preserve koch's faux-rng atrocity ; so anything pertaining to entropy, is new )

asciilifeform: afaik diana_coman exhaustively showed the places

asciilifeform: honestly labeled box imho suffices.

asciilifeform: at any rate i haven't any argument against http://btcbase.org/log/2017-11-14#1737376 ☝︎

asciilifeform: 4 all in all

asciilifeform: ( plus the 2 bottoms )

asciilifeform: you lose 1. but in koch's variant you lose 2 .