1400+ entries in 0.168s
mircea_popescu: well, you might consider making yourself a
rsa key and registering with deedbot
a111: Logged on 2016-12-27 22:14 mircea_popescu: course since the nsa consulting work for minigame is going to produce ada
rsa, it might be an idea to have an ~ada~ tmsr crypto lib.
mircea_popescu: yes ; but can you appreciate how ffa is a lot more apt for tmsr-
rsa than for a simm cipher ?
mircea_popescu: the deeper problem here is that the evolution of warfare has rendered a symmetric cipher useless. for the launch codes or how you call it we're mostly in consensus to use pure
rsa, if memory serves, and for the prattle of eg game server, serpent will do.
mircea_popescu: in general i expect it is made for ~any purpose. be it
rsa, c-s, or yes, tetris.
a111: Logged on 2017-08-09 21:53 asciilifeform: at any rate it is just as easily implemented on pmachine as
rsa.
a111: Logged on 2016-08-26 16:34 asciilifeform:
http://btcbase.org/log/2016-08-26#1529877 << timing can be 'ceilinged' and it solves problem. but i am still chewing on the problem of enemy being able to determine who is speaking to whom by deriving the public keys. (this is trivial with
rsa, and i've been working on answering the q of whether is is also true for c-s)
a111: Logged on 2017-12-02 22:30 asciilifeform: fwiw asciilifeform will submit ffa.
rsa to be judged in mircea_popescu's symm cipher contest, supposing the latter is still running
a111: Logged on 2016-12-27 22:14 mircea_popescu: course since the nsa consulting work for minigame is going to produce ada
rsa, it might be an idea to have an ~ada~ tmsr crypto lib.
mquander: mircea_popescu: i understand asymmetric encryption and
RSA mircea_popescu:
rsa key is a basic tool of computer literacy anyway. like ability to write down own name basic standard of traditional literacy.
mircea_popescu: receiver listens to frequencies for specific quanta of transmission : "this is station X transmitting count Y",
rsa-signed. IF the signature verifies, and IF the y was not before seen (and if x on unit's access list etc) THEN the item is placed into quueue, to be sorted by signal strength. otherwise, dropped as noise.
a111: Logged on 2017-11-27 18:17 asciilifeform: moral -- measure seven times, cut once, etc. ( asciilifeform for instance is stuck with a 2048b
rsa, at least until we finally throw gpg )
ben_vulpes: also ironclad
rsa padding is notquiteright, trinque i believe knows a bit more
mircea_popescu: diana_coman thereby all game packets will be multiples of 128 bits, and in principle a client can live off the first original
rsa op its entire life if it so wishes.
mircea_popescu: anyway, so what's the work mode here, every now and again server sends client a
rsa-encrypted packet containing 16 aes keys ; client enciphers its comms to the server with one selected from a set of 8 selected from those 16 ; and deciphers server's with one selected from set of 8 other than previous set. now and again burns a key.
mircea_popescu: anyway, whatever, diana_coman : the correct implementation approach to patch the 256 bit serpent into 4096 bit
rsa is to cut every
rsa block into 16 fragments, cipher each independently with diff keys, then paste the 16 keys together make 4096 bit of key.
mircea_popescu: dja see why i'd muchly prefer a native tmsr.
rsa length symmetric cypher rather than this nonsense ?
a111: Logged on 2017-11-16 11:30 apeloyee:
http://btcbase.org/log/2017-11-15#1739383 << you can just use 4096*4096 multiplies. It's lulzy to see how you rant about "proper"
rsa and demand full-size exponents, but somehow restricting range of p and q is OK.
a111: Logged on 2017-11-16 11:30 apeloyee:
http://btcbase.org/log/2017-11-15#1739383 << you can just use 4096*4096 multiplies. It's lulzy to see how you rant about "proper"
rsa and demand full-size exponents, but somehow restricting range of p and q is OK.
mircea_popescu: yes, in about 6% of cases the N will come out as 111..., in which case you know that both p and q are actually 1111 1111 led, ie you'll have 2 bits of each. and in 0.001% of cases N will led by FF and have the next bit set, so you'll know both p and q have the first octet set. if you have an extension attack allowing you to parlay 8 leading bits into the prime exposure, you can thereby crack
rsa in 0.001% of cases.
a111: Logged on 2017-08-14 17:21 mircea_popescu: tmsr
rsa standard key is 515 bits, made out of a 257 and a 258 bit long prime.
a111: Logged on 2017-11-15 23:43 asciilifeform: and the difficulty of breaking
rsa via known methods is proportional to the size of the smallest prime. you oughta know that.
mircea_popescu: once you decide
rsa is based on mult, you decide to take the mult leak.
a111: Logged on 2017-11-14 14:33 asciilifeform: observe, you cannot say anything re p,q from he middle bits of pq (or
rsa would be useless)
mircea_popescu: afaik "shadow brokers" didn't release this principal
rsa exploitation tool of "teh equation group", but : imagine you have a machine a) working on your own special-purpose made prng ; and b) generating
rsa keys all the time and on call.
apeloyee: assuming M is a modulus of a useful
RSA key, this will work
a111: Logged on 2017-10-06 23:13 mircea_popescu: basically the scheme is, you
rsa a random bitfield, then you expand that into as much otp as you want by doing recursively Fi = hash(bitfield + Fi-1). there's a limit on i, obviously, which can be set to 1.
mircea_popescu: anyway, back to
rsa discussion : there's about 6.5e612 primes in the interval 2^2045-1, 0 (by teh prime number theorem). every key needs a pair of these, and no number can EVER be repeated (if it is -- phuctor breaks both keys).
mircea_popescu: it's important to have a
rsa key as it's the standard of identity these days.
mircea_popescu: there's a lot to be yet said on the mystical value of
rsa. take a "prime" - purely mystical concept, it literally means "was not seen before, virginal." "repetitions can not FOR THAT REASON ever be prime" and so on.
diana_coman: existing koch-
rsa, simply once with co-prime e, the other time with prime e
diana_coman: in other news: data collection on
rsa with random co-prime e and then with random prime e almost ready; at first glance on co-prime encryption:decryption times are as expected approx 4:1 (crt); with prime e the ratio is more like 2:1
mircea_popescu: i don't consider
rsa was used until we started using it.
ang-st: how long beetween the seminal
RSA paper and it's widespread use ?
mircea_popescu: what's this "genuine e".
rsa is based on p,q,N not on e's.
a111: Logged on 2017-04-09 14:45 mircea_popescu: asciilifeform incidentally, the more i think about it the more i'm convinced the ONLY "fingerprint" for
rsa key may be... the modulus. 4096 bits and fuck you, if you can't take 32 chars you don't belong here.
a111: Logged on 2017-04-09 14:45 mircea_popescu: asciilifeform incidentally, the more i think about it the more i'm convinced the ONLY "fingerprint" for
rsa key may be... the modulus. 4096 bits and fuck you, if you can't take 32 chars you don't belong here.
apeloyee: an' if you keep sparking next to detector across the street, you will Have Problems. because have to transmit enough to
rsa.
a111: Logged on 2017-10-17 05:59 jurov: "The flaw resides in the Infineon-developed
RSA Library version v1.02.013, specifically within an algorithm it implements for
RSA primes generation. "
mircea_popescu: tell you what : criminal lawyer either uses
rsa or isn't.
diana_coman: <mircea_popescu> asciilifeform no, i know. from the pov of
rsa-being-attacked, it's probably better to have non-standard exponent than "everyone uses 65537" <- this
mircea_popescu: asciilifeform no, i know. from the pov of
rsa-being-attacked, it's probably better to have non-standard exponent than "everyone uses 65537"
diana_coman: mod6, I couldn't find some that are directly comparable aka only the
rsa ops as such
diana_coman: from the post: Durations are given as CPU time in seconds, as reported by the clock() function (time.h) and calculated as ( (double) (end – start) ) / CLOCKS_PER_SEC where end is the value returned by clock() right before starting the
RSA operation and end() is the value returned by clock() right after returning from the
RSA operation
diana_coman: well yes, basically at
rsa stage all I had to change was at generating keys aka source of random bits; the rest was just identifying the relevant parts and nothing more
diana_coman: hm, public
rsa uses mpi_powm; secret
rsa uses crc; still though 100 fold