log☇︎
46 entries in 0.608s
a111: Logged on 2016-02-05 20:57 ascii_butugychag: ;;later tell mircea_popescu http://www.verify-it.de/sub/cramer_shoup.html << in elisp, no less
asciilifeform: mircea_popescu: it was signalled five ways to pluto. or, say it now, did mircea_popescu think that cramer-shoup remained unimplemented because 'lazy self-indulgent idjits' ?
a111: Logged on 2016-04-19 16:35 asciilifeform: to which i bolted a cramer-shoup thing, and started out thinking 'i'll reuse the elgamal piece, c-s is after all a variant of elgamal' but nooooo
mircea_popescu: "The S.NSA entry is to be an implementation based on Cramer-Shoup. As it turns out, Cramer-Shoup has never been publicly implemented by anyone, at all."
asciilifeform: ( can you prove that cramer-shoup, or whatever we go with next yr, worx in yer alt-arithmetic, lol )
asciilifeform: ( incidentally reader might ask 'why not do montgomery? you're doing rsa anyway' and answer is not only 'maybe tomorrow, cramer-shoup and not rsa' but also that we do things such as primality testing , and other non-rsa op )
asciilifeform: now if you want a pubkeycrypto where this proof actually exists, i know of exactly one : cramer-shoup
trinque: obviously using the cramer shoup link is higher risk than the otp one
trinque: what does me moving a cramer shoup key over an otp link reveal about the otp link
a111: Logged on 2016-06-01 14:02 Framedragger: http://btcbase.org/log/2016-05-31#1474264 << that's nice, but doesn't the beloved cramer-shoup also use hashes? their scheme, to quote, "requires a universal one-way hash function"
asciilifeform: Framedragger: but i ought to emphasize for n00bs, cramer-shoup is merely the healthiest horse at this glue factory.
Framedragger: http://btcbase.org/log/2016-05-31#1474264 << that's nice, but doesn't the beloved cramer-shoup also use hashes? their scheme, to quote, "requires a universal one-way hash function" ☝︎☟︎
mircea_popescu: you can implement shit in whatever the hell you want. the reference implementation for cramer-shoup is in malbolge.
asciilifeform: to which i bolted a cramer-shoup thing, and started out thinking 'i'll reuse the elgamal piece, c-s is after all a variant of elgamal' but nooooo ☟︎☟︎
asciilifeform: cramer-shoup ~is~ provably equivalent to diffie-hellman discrete log.
mod6: <+mircea_popescu> hanbot mod6 maybe an extension to deedbot where people could go !tag <string> and then a collection of clickable tags is published somewhere, each leading to a list of loglines ? << This could work -- it's in the vein of the 'BUTTSECKS' flag. Which seems simple enough. And the given topic-'tag' is a decent idea, i.e. 'OOM' or 'Cramer-Shoup' or 'keccak'
asciilifeform: ben_vulpes: to get briefly back to the cramer shoup thing, i am very much curious re: who is going to review it, and how
asciilifeform: http://www.shoup.net/papers/cca-fac.pdf << claims to be a nyooer, better!!111 cramer-shoup.
assbot: Cramer-Shoup ... ( http://bit.ly/1p9oZ4I )
asciilifeform: http://www.cramer-shoup.com << lulzy
mod6: Perhaps this: Implement with Cramer-Shoup, and if the implementation is finalized before any worthy submissions come to us, then end the contest and pay the btc to alf?
mod6: I'm kinda torn, I want us to move forward with 'g', so Cramer-Shoup fits the bill for sure. On the other hand, I'd like to think that over a long interval we might see some interesting submissions eventually.
mod6: <+mircea_popescu> well lessee here, one of mod6 ben_vulpes give an opinion on this ? << In relation to the contest? I'm good with Cramer-Shoup.
asciilifeform: of cramer-shoup.
asciilifeform: ;;later tell mircea_popescu i was looking at generalizing the 'oracle' resistance from cramer-shoup to other systems
ascii_butugychag: ;;later tell mircea_popescu do you know of any working implementations of cramer-shoup other than the emacslisp one i linked last week ?
mircea_popescu: you ever looked into cramer-shoup ?
ben_vulpes: cramer shoup + shared key does not reduce to...otp?
mircea_popescu: as we agreed, cramer-shoup with shared key is acceptable symmetric cipher.
asciilifeform: on the other hand, 'the spice must flow.' and if i hear nothing, 'g' is coming out with rsa or cramer-shoup in abusive mode.
assbot: The Cramer Shoup Crypto System ... ( http://bit.ly/23OeAeS )
ascii_butugychag: ;;later tell mircea_popescu http://www.verify-it.de/sub/cramer_shoup.html << in elisp, no less ☟︎
mircea_popescu: cramer shoup!
mircea_popescu: ima do some shoup encoding on avenida cramer just for the fucks of it.
ascii_field: e.g., prove correctness (or otherwise) of cramer-shoup
mircea_popescu: let us indulge then. cramer-shoup is an asym key system, just like rsa or ecc.
assbot: 9 results for 'cramer-shoup' : http://s.b-a.link/?q=cramer-shoup
mircea_popescu: !s cramer-shoup
assbot: 6 results for 'cramer-shoup' : http://s.b-a.link/?q=cramer-shoup
mircea_popescu: !s cramer-shoup
mircea_popescu: apparently it goes with cramer-shoup
mircea_popescu: antephialtic i'd rather see Cramer-Shoup myself.
mod6: anyway, i was very intetersted in the VPSS scheme even though i'm sort of deep into implementing cramer-shoup into libgcrypt.
mod6: I don't wanna get too far off course just yet. Gotta wrap up this current bitotter work and get further along with my look into cramer-shoup
mod6: so here's an implementation of cramer-shoup, kinda looking at it now: http://www.verify-it.de/sub/crypter.html#SOURCES
mod6: yeah. i think that since elgamal is malleable, using the universal one-way hash to achieve the non-mallebility make cramer-shoup an interesting choice.