log☇︎
253 entries in 0.735s
mircea_popescu: zx2c4 don't break up your sentences in multi lines, we read everything anyway.
a111: Logged on 2018-04-12 15:36 zx2c4: - minimal state machine, as mentioned above, which means 1-RTT: if something goes wrong with a message being dropped, the solution is always to just "start over the protocol", since it's only 1-RTT. this saves amazing amounts of complexity
asciilifeform: zx2c4: do i misread ? because in the spec, 'No confidentiality. This payload is sent in cleartext.' ( http://www.noiseprotocol.org/noise.html#message-format section 7.4 )
a111: Logged on 2018-04-12 15:28 zx2c4: sure
asciilifeform: zx2c4: are you the author of 'noise' protocol ?
asciilifeform has 1 more q for zx2c4 , after mircea_popescu finishes
mircea_popescu: zx2c4 mind that transfers are not instantaneous.
asciilifeform: zx2c4: which you can withdraw using deedbot at your leisure
asciilifeform: zx2c4: he just threw a whole bitcoin into your piggy.
asciilifeform: zx2c4: they're for mircea_popescu to decrypt; it makes the command go.
mircea_popescu: zx2c4 you understand how the logs work btw ?
mircea_popescu: !!pay zx2c4 1 ☟︎
mircea_popescu: !!rate zx2c4 1 j. a. donenfeld, wireguard guy.
deedbot: AB9942E6D4A4CFC3412620A749FC7012A5DE03AE registered as zx2c4.
mircea_popescu: zx2c4 the tls fails i bet.
asciilifeform: zx2c4: i'ma leave the rest of the session to mircea_popescu , owner of this chan, and my co-author in e.g. the FUCKGOATS auditable trng, https://archive.is/CGQkR )
zx2c4: !!register https://www.zx2c4.com/keys/AB9942E6D4A4CFC3412620A749FC7012A5DE03AE.asc
mircea_popescu: zx2c4 do me a favour and !!register your key
mircea_popescu: !!key zx2c4
mircea_popescu: o hey there zx2c4
asciilifeform: zx2c4: so it is not possible currently for me to learn , which cryptographers reviewed, and what they had said ?
asciilifeform: but to move on from this item : zx2c4 how did you select 'blake2' hashing system ?
deedbot: zx2c4 voiced for 30 minutes.
asciilifeform: !!up zx2c4
asciilifeform: zx2c4: does it bother you that no proof of strength for any symmetric cipher other than otp (e.g. aes, chacha, etc ) exists ?
asciilifeform: but let's come back to your product, zx2c4 :
asciilifeform: zx2c4: i've spent the past ~2yrs writing a properly constant-time arithmetic lib. it is being slowly published. ( see earlier link to my www )
asciilifeform: zx2c4: most of the currently-sold intels are ok re : imul. arm, however, is not
asciilifeform: zx2c4: this particular architectural sadness is not my discovery
asciilifeform: zx2c4: to observe it, you will have to hand-emplace rdtsc around it , and run on properly doctored inputs
asciilifeform: zx2c4: phf has been fiddling with the thing's uniturd processing of late; prolly introduced bug
zx2c4: https://data.zx2c4.com/curve25519-from-hacl-for-asciilifeform.o
asciilifeform: btw zx2c4 , i must regret to inform you that the code you linked, is in fact NOT constant-time on several common architectures, because it makes use of machine MUL instruction ( gcc will compile a nonconstant-operanded '*' to e.g. IMUL on x86 )
zx2c4: https://git.zx2c4.com/WireGuard/tree/src/crypto/curve25519-hacl64.h
zx2c4: https://git.zx2c4.com/WireGuard/tree/src/crypto/curve25519-fiat32.h ☟︎
asciilifeform: zx2c4: which proving system did you use ?
deedbot: zx2c4 voiced for 30 minutes.
asciilifeform: !!up zx2c4
asciilifeform: zx2c4: carry on, but after that let's come back to DH
asciilifeform: zx2c4: why did you select diffie-hellman ? ( vs e.g. rsa )
asciilifeform: zx2c4: don't go away yet plz. i'd like to ask a few q re your crypto design
asciilifeform: hence the interest in zx2c4's published item
asciilifeform: zx2c4: how did you select the 'noise' protocol ?
asciilifeform: zx2c4: it so happens that i have a few q:
asciilifeform: zx2c4: author of 'wireguard' ? ☟︎
asciilifeform: zx2c4: hello ?
deedbot: zx2c4 voiced for 30 minutes.
asciilifeform: !!up zx2c4
ckang: hey mircea_popescu I had a talk to zx2c4 to try and smooth things over a bit
a111: Logged on 2018-04-11 04:16 mircea_popescu: "<mircea_popescu> (on #wireguard) zx2c4 (the owner, j. donenfeld) : if you're willing to set two hours apart on any day of your choosing to answer wireguard questions on #trilema, i'm willing to donate 1 btc to your project. let me know, i'm usually on freenode (this nick). thanks & gl." << asciilifeform spyked whoever else might care.
ckang: oh theres an interesting read regarding its security flaw, operators. https://lists.zx2c4.com/pipermail/wireguard/2017-November/001969.html
mircea_popescu: "<mircea_popescu> (on #wireguard) zx2c4 (the owner, j. donenfeld) : if you're willing to set two hours apart on any day of your choosing to answer wireguard questions on #trilema, i'm willing to donate 1 btc to your project. let me know, i'm usually on freenode (this nick). thanks & gl." << asciilifeform spyked whoever else might care. ☟︎
pankkake: protip: http://www.zx2c4.com/projects/password-store/