900+ entries in 0.224s
a111: Logged on 2017-09-13 17:17 asciilifeform: apeloyee: anything that beats multiply-then-divide is an improvement, so long as it meets the basic demands (
constant time,
constant space, NO branches that depend on input bits, no use of approximations, no massively heavy - 100 loc is a good approx max - code )
a111: Logged on 2017-09-12 23:12 mircea_popescu: and finally 3. the item there described is not exactly a function. it rather something i'd call a mechanism, a discrete item that does a fully defined thing. as we're looking more and more through ada eyes and
constant time things and so on, a study of these mechanisms as an distinct category will prolly be useful. somewhere between conway's cells and commandline utils, they are.
mircea_popescu: and finally 3. the item there described is not exactly a function. it rather something i'd call a mechanism, a discrete item that does a fully defined thing. as we're looking more and more through ada eyes and
constant time things and so on, a study of these mechanisms as an distinct category will prolly be useful. somewhere between conway's cells and commandline utils, they are.
☟︎ mircea_popescu: if you want
constant time, you feed the list 9, 0,0,0,0,8,0,0,1. it will do 18, 1, 18, 1, 18, 1, 18, 1 etc.
mircea_popescu: consider the number 97. is is 1100001. they do mp_mod (2^6, 2^5, 2^0) ; you can do (2^6, 2^5, 0* 2^4, 0* 2^3,0* 2^2,0* 2^1,2^0). the list method will sitll work, but this time in
constanttime.
mircea_popescu: will necessarily have the modulus of the sum. this entire procedure is
constant time.
mircea_popescu: you write by hand a function which takes a list with a promise none of the items on it exceed a mod, and returns the mod of the sum of the sum of the elements, in
constant time.
mircea_popescu: just write it all out by hand, the
constanttime mod distributivetor.
mircea_popescu: that small cost can be slightly higher and
constant time.
phf: list, typically around 409,600 bytes. The kernel
constant ben_vulpes: also with shitty
constants gleaned in a hurry
mircea_popescu: ideally you get something denser than trad printer. if you manage 2-3k dpi (with a tractor!) then you can just prepare your receiver on an endless sheet of paper (process upstream) and just print and print and print.
constantly. sort-of how the correct re-asphalt road crew works.
mircea_popescu: (this is a significant problem. consider a model : there's what, ten-twenty millions of bernsteins, kanzure , fyr and what have you on one hand ; and only a hundred or so of us. even if we were to work a full 200 hour's week, if on average one needs 1k man-hours of
constant whipping to redress into humanity, we encounter the following birthday paradox : either the whipping is undirected, in which case every tard gets 15 minut
mircea_popescu: the notion that the price of btc / the fall of
constantinople / etc hjave anything to do with this is so much lulz.
mircea_popescu: "no sooner said than done" is the
constant refrain of the folk tales ruinning through such goodfolk's heads at all times.
mircea_popescu: asciilifeform this is EXACTLY not the case. i am saying "7.62 is sufficient, because it will blow a hole through man, as result of interplay of actual universal
constants" and you are saying "yes but 15.2 would be bigger".
mircea_popescu: anyway. other than the above "can
constantify mpfhf ?" question, also open is the matter of alternative padding. currently all we have is oaep.
a111: Logged on 2017-08-15 22:52 mircea_popescu:
constant-time MPFHF is now an open question for teh interested.
mircea_popescu:
constant-time MPFHF is now an open question for teh interested.
☟︎ mircea_popescu: so unless you're willing to do ALL the alternatives every time, you won't have "true"
constantttime.
mircea_popescu: the ONE way to
constant-mpfhf is to calculate ALL the tree of possibilities, 2^message length items EVERY TIME
mircea_popescu: consequently this idiot's teahouse was
constantly ringing of alarms on multiple voices from multiple points.
mircea_popescu: asciilifeform amusingly, the guy complains about the modular exponentiation not being
constant time. maybe write to him ask where he ever saw a sane algo ?
edivad: so, back to the question, is the fuckgoats device meant to be, for instance, if i run a bitcoin service that
constantly need to generate private keys, let's say, for example, for an hot wallet?
mircea_popescu:
constantinople wasn't so important militarily ; but certainly in the copying monk sense here discussed. even after the venetians sacked it, it still had shit.
mircea_popescu: this is not happenstance. cairo fell in 1517 BECAUSE
constantinople had fallen, and for no other reason.
mircea_popescu: this is not very clear. turks captured cairo because htey held
constantinople.
mircea_popescu: it's how i learned all the physics
constants say, "fuck me if i have to check one more fucking time!"
mircea_popescu: hence the
constant "you can either make it foolproof ; or else make it lordship only". which is how bots work etc.
mircea_popescu: "Pape-Dawson will continue to emphasize character and moral integrity; develop solutions in the best interest of the client and public;
constantly re-evaluate and sharpen our engineering skills; provide an environment that encourages employee development and satisfaction; actively participate in professional, religious, and civic associations; nurture trusting relationships; and offer services only in our area of technical ca
sina: "today, until a
constanttime solution is in place, gpg is the tool of choice for RSA encryption. any time you use it, you can't know whether you have completely compromised your private key. and we use it anyway."
sina: it's not an argument, only the next thought that pops into my head as a consequence of the discussion. all here seem on the same page re
constanttime stuff, yet all here are using the tool in spite of that, so there must be some thought process which allows someone as reasonably paranoid as asciilifeform to do so, i.e. "I am not concerned with timing attacks of class X, Y, Z from adversary A, B,C when I
sina: my understandinf of your POV is that there is currently no adequate
constanttime impl
mircea_popescu: sina you mean, is there a side channel for
constant time ops ? or for rsa as commonly implemented atm ?
sina: asciilifeform: basically I am wondering about the "threat model" of
constanttime sidechannel stuffs. for example, let's say I want to write you an email with RSA encrypted body, or receive same from you, is there really a sidechannel there? I guess I'm asking in terms of async vs sync encrypted comms
sina: asciilifeform: if you are about I have a question for the resident expert on
constanttime stuff
mircea_popescu: see, cuz if they looked like "u of maryland goes on horseback", half the schmucks seated backwards or whatnot, then it'd make sense. but how did these people manage to acquire riding skills with the
constant tapdistraction ?
mircea_popescu: correct play, too. he really has no interest in putting in the work to try and salvage the nonsense ; and the pantsuits will have a hell of a time arguing that "we put on the books laws that don't work because we expect they can be
constantly patched as a matter of course -- and this is fine"
mircea_popescu: the sofas, to be clear, are teh young women and teh young men who aspire to them. the former will graze, and in between their legs which run perl sofas
constantly grow to be burned.
a111: Logged on 2017-07-15 13:00 asciilifeform: btw if you're actually doing something that doesn't need
constanttime, you can simply put the obvious check-for-zero in the karatsuba and get 2-9000x boost for mul.
phf:
http://btcbase.org/log/2017-07-14#1683203 << glider specifically. you drop a glider from a balloon, you have known altitude, air foil and weight, you can figure out maximum distance, but that one's
constantly changing, which you can track from rate of descent vs distance traveled. your drop point is also random because of the balloon drift, but it's somewhere around sites of interest
☝︎ phf:
http://btcbase.org/log/2017-07-14#1683186 << traveling salesman has approximate solution strategies. besides in this case there's additional complexity of upper limit on travel distance, which is also
constantly changing. so if your maximum distance is above shortest path, then you want tsp, but if it's below then you probably have to rely on nearest neighbor/nearest fragment heuristics anyway
☝︎