Forum logs for 22 Nov 2017

Monday, 16 March, Year 12 d.Tr. | Author:
danielpbarron: !!withdraw 0.5 1NmvgX3Z2Rvt48CeNgksT8koP616hx9tB5 [00:29]
deedbot: Get your OTP: [00:29]
danielpbarron: !!v D0F05C6FC6B6D03BB6CB01C9DEF031CD00831B96AEEEBE071D4B0E1618527BD4 [00:32]
deedbot: [00:32]
danielpbarron: !!balance [00:33]
deedbot: [00:33]
deedbot: << Bingo Blog - And The Arrangements Continue [01:34]
BingoBoingo: ^ The update [01:34]
ben_vulpes: solid thread phf, asciilifeform [03:59]
ben_vulpes: good example of tmsr as antireddit: nothing in the "nollij of crowds", but if yr lucky some sages will come by with a set of koans to set you rethinkin priors [04:00]
ben_vulpes: in which BingoBoingo sets hisself deadlines! [04:01]
spyked: <-- crap. sorry for the confusion! I was thinking about builtin functions, not symbols. need a meaningful way to point symbols to those things, and meaningful way revealed itself once I finally grasped your point. /me proceeds to rewrite symbols+builtin pieces. [05:23]
a111: Logged on 2017-11-21 19:35 phf: << i don't need to consider that, i grok metacircularity, i.e. there's no such thing as builtin symbols. bytecode or not is lateral to that point. [05:23]
jurov: \znc clearallchannelbuffers [05:23]
jurov: lol sorry [05:24]
mircea_popescu: lol backwards! [05:24]
spyked: , <-- string not a primitive, but -- "string" datatype aside -- symbol names are (conceptually) strings, so they (the symbol names) require an internal representation etc. cons'ing characters upon reading was simplest approach I found to storing and structuring them. con: list cells introduce memory overhead pros: avoids arrays and magic numbers like [05:53]
a111: Logged on 2017-11-21 19:38 phf: << you can just ignore the whole "string" question in first version, McCarthy's lisp used symbols instead of strings (that's why early nlp code, like eliza all come out as DOG SAID, HELLO) and the only operation you could do at some point was read and eq. [05:53]
a111: Logged on 2017-11-22 00:33 mircea_popescu: string is not a primitive! [05:53]
spyked: mccarthy's "up to 30 characters" (ref. Lisp manual Appendix F) [05:53]
mircea_popescu: "not a primitive" means "nothing can '''conceptually''' be that" [05:53]
spyked: mircea_popescu, I understood that. the point is, McCarthy's Lisp system still uses strings internally in some form. [05:58]
mircea_popescu: it might just be that you look at mccarthy's symbols and think "oh strings". [05:59]
spyked: nono, I look at Lisp symblol *names* and I think "strings", i.e. sequences of characters. [06:01]
mircea_popescu: whereas odds are mccarthy thought indexes in an array. [06:02]
mircea_popescu: you're familiar with how industrial technology looked at the time, the machine'd have a list of items internally, and glued on a piece of paper giving the words per item [06:03]
mircea_popescu: (this mechanism survives in "error codes" lulz even today) [06:03]
mircea_popescu: and in antique trilemas for the rotaku club (ie, great pieces i'm too lazy to translate), aka mp knows more about "toxic manhood" an' "rape culture" than your local fabecook expert. [06:08]
RagnarDanneskjol: mircea_popescu I may have someone worth inviting to chan for interview in the coming days. Most of the folks I know over there are primarily oral translators, so having to look around a bit. Just got back yesterday - BJ is a real shithole but the people are adorable, lots of good duck. FYI - 'VPN AC' (Romanian) seems to be the only one working well/consistently behind the firewall (I've used many) and [06:41]
RagnarDanneskjol: Everbright Bank has, by far, the lowest entry barriers for business or tourist visitors opening new accounts. [06:41]
mircea_popescu: oh they're still going on with their pretensions to sovereignity and whatnot, "firewalls", bs. [07:00]
mircea_popescu: lulzy. [07:00]
shinohai: gm #trilema [07:19]
shinohai: !~later tell spyked got a question regarding the w3m patch when you have a sec. [07:19]
jhvh1: shinohai: The operation succeeded. [07:19]
spyked: morning, shinohai [08:01]
shinohai: Heya spyked, was looking at your patch last night .... where did you get your w3m source code from if I may ask? [08:02]
shinohai: <<< in other faux phuctors (page refuses to archive for me) [08:04]
spyked: shinohai, sourceforge, unfortunately (w3m devs still host it there for some reason). exact link: same for the njs library one sec, I'll look it up [08:04]
shinohai: Its ok spyked .... this is the one I tried, albeit in a Debian VM. ./configure keeps failing for me saying there is no gc [08:05]
shinohai: though it is available, I'm puzzled. (Your patch did apply cleanly) [08:06]
spyked: ah crap. yes, I installed the gc lib from the debian repo. I don't know why they removed gc from the w3m tree [08:06]
shinohai: Hmmm .... I have the gc repo though, still fails. [08:06]
spyked: that's odd. can you paste somewhere? [08:07]
spyked: the configure/make output, that is [08:07]
shinohai: spyked: [08:08]
spyked: shinohai, I remember getting this as well at some point. can you also paste config.log? the js library bits that I added to ./configure are very hack-ish (IMHO the thing shouldn't be dynamically linked anyway, so I just hacked through it to make it work) [08:11]
shinohai: Just an aside, I *also* tried this unpatched and get same error. One sec, posting config.log [08:12]
spyked: (ftr, libgc is why I rebased the patch on w3m-0.5.3 in the first place for some reason the "mktable" executable generated by w3m was segfaulting in the gc library, while I knew 0.5.3 compiled on my system before, with libgc from debian sources) [08:13]
shinohai: config.log > [08:14]
shinohai: I know I have builit it plenty of times, I'm trying to remember if there was some patch for that, don't recall [08:15]
shinohai: ( I think I used this version tbh ... I loath sourceforge lol) [08:17]
shinohai: ah ha! [08:18]
spyked: shinohai, I know why the patch fails, though not sure why it fails without it... did you also compile and install libnjs? e.g. on line 1840 in config.log, "cannot find -ljs". hm. I am guessing you should have it installed if w3m-0.4 worked for you. [08:19]
* shinohai looks [08:20]
shinohai: Nope, not available in repos either .... got a sauce? [08:21]
spyked: the original w3m-js patch adds a -ljs compilation/link-time flag. now, there's another issue: if your libjs is in a path that the run-time linker can't find (e.g. /usr/local/lib as opposed to /usr/lib), it will fail again at some point. [08:22]
spyked: shinohai, (would be cool if there was out of sourceforge link too... /me will have to host all these somewhere publicly at some point) [08:23]
shinohai: grrrr .... thanx for assistance spyked. I rather like w3m (because inline images) but truly needs a lot of cruft removed and things organised - mainly the sourceforge madness. [08:24]
spyked: all these libraries (gc + njs + others) can be embedded in the original w3m and made self-contained (including removal of shared library nonsense, like gc was linked in 0.4), but they'll require me 1-2 full days. to put on list [08:27]
spyked: I like w3m as well. the codebase is surprisingly easy to understand (took me a few hours yesterday to get a vague idea of how modules work together), though I have no idea why they need a gc. links is even more minimal, but I use w3m mainly because it runs in emacs. [08:30]
shinohai: links is nice, it will at least open images in a framebuffer. [08:32]
shinohai: bah, weird errors trying to build njs .... this is better left to when I can look at a full cleanup. [08:38]
diana_coman: !!up Abot101 [08:41]
deedbot: Abot101 voiced for 30 minutes. [08:41]
mircea_popescu: Abot101 who might you be ? [08:45]
mircea_popescu: << lotta people do. [08:46]
a111: Logged on 2017-11-22 13:23 spyked: shinohai, (would be cool if there was out of sourceforge link too... /me will have to host all these somewhere publicly at some point) [08:46]
spyked: hm. shinohai, I remember patching config.sub and config.guess at least. posting a patch in one minute. [08:46]
shinohai: spyked: I did patch config.sub because it is horrendously old and has no idea what system I was using. [08:47]
shinohai: oh and good morning Sr. Popescu o/ [08:49]
spyked: <-- most of it is config.sub and config.guess. two lines at the end may fix shinohai's troubles. anyway, I'ma post the whole thing (w3m+gc+js+whatever else) once I manage to do a static build. [08:55]
asciilifeform: in other noose, chaum ( see also ) peddles promisetronic shitcoin, , as if he had any reputation left to burn [08:59]
a111: Logged on 2016-01-10 23:48 mircea_popescu: hey check that out, zimmerman makes nsa-phone and david chaum makes nsa-gossipd. [08:59]
mircea_popescu: hola! [08:59]
mircea_popescu: asciilifeform shameful excuses of the items they pretend to be. [09:00]
shinohai: Adam Back gonna rage on that one [09:00]
asciilifeform: meanwhile, << intel burns moar amt fritzchip remote nsalogic [09:01]
asciilifeform: at the same time fixing , i strongly suspect, the bug that recently showed promise of making the whole thing removable [09:02]
asciilifeform: mircea_popescu: chaum is esp. sad case, was at one time actual thinking d00d, invented afaik hashtronic 'proof of work' , then proceeded to narrowly avoid doing anything useful with it [09:03]
mircea_popescu: aha. [09:04]
mircea_popescu: huge strategic mistake publicizing that item, but sadly i r not yet in the position of making ALL the calls. [09:05]
mircea_popescu: (the bug i mean.) [09:05]
asciilifeform: 'Intel would like to thank Mark Ermolov and Maxim Goryachy from Positive Technologies Research for working collaboratively with Intel on a coordinated disclosure for CVE-2017-5705.' << oh hey named quislings ftr [09:06]
asciilifeform: mircea_popescu: aha, oughta have been used in mass rapefest [09:06]
mircea_popescu: just kept under lid for 2-3 years. [09:07]
mircea_popescu: let them build a lot of the chips. [09:07]
asciilifeform: coordinated anal waltz, not 'coordinated disclosure' [09:07]
mircea_popescu: very stupid russki geologists. [09:07]
asciilifeform: mircea_popescu: it's a fw bug, not silicon , sadly patchable [09:07]
asciilifeform: ( not, say, like the famous fdivbug in '90s ) [09:08]
mircea_popescu: not so cleanly cut. [09:08]
mircea_popescu: should have let it pile. [09:08]
asciilifeform: it piled since 2009 [09:08]
asciilifeform: when they started fritzchipping [09:09]
mircea_popescu: iirc the early ones were different. [09:09]
mircea_popescu: aaanyweays. [09:09]
asciilifeform: << dun see what this has to do with phuctor... and 'lavarand' existed in '90s ( where is it nao..? ) [09:16]
a111: Logged on 2017-11-22 13:04 shinohai: <<< in other faux phuctors (page refuses to archive for me) [09:16]
asciilifeform: !~google lavarand [09:16]
jhvh1: asciilifeform: Lavarand - Wikipedia: <> LavaRnd: <> What is LavaRnd?: <> [09:16]
shinohai: asciilifeform: posted before full coffee, meant fuckgoats [09:17]
asciilifeform: was sgi publicity stunt, even patented [09:17]
asciilifeform: and apparently doomed to be recycled forever by svderps [09:17]
asciilifeform: ( will also point out, the lamps per se contribute ~0 entropy, arrangement is really ~same as hashwhitening output of camera static with the lens cap on ) [09:19]
mircea_popescu: <<Кто-ты-по-жизни/ [09:29]
a111: Logged on 2017-11-22 01:08 BingoBoingo: Anyways, explaining to normal ordinary people in meatspace who Mircea Popescu is, is surprisingly simple. [09:29]
* mircea_popescu is evidently working towards a unified theory of mpdom. [09:29]
deedbot: << Trilema - ? [09:36]
shinohai: lol .... `?` [09:38]
mircea_popescu: unicoarde. [09:39]
shinohai: deedbot doesn't know who it is in life. xD [09:39]
mircea_popescu: ahahaha [09:39]
mod6: mornin' [09:41]
mircea_popescu: hola [09:42]
mod6: how goes today? [09:43]
mircea_popescu: setting up teh yachting for laterz. [09:44]
mod6: sounds relaxing :] [09:44]
mircea_popescu: in other lulz : p&g cut 100mn off its "online advertising" budget 2nd q saw zero impact. [10:31]
mod6: heheh [10:37]
phf: << it's not surprising that cloudflare's piece doesn't mention lavarand, but the original was invented at SGI and has a couple of patents around it, [11:04]
a111: Logged on 2017-11-22 13:04 shinohai: <<< in other faux phuctors (page refuses to archive for me) [11:04]
asciilifeform: phf: see thread [11:05]
phf: oh bah [11:05]
asciilifeform: ( am i the only one who actually uses phf's very spiffy pointy-hand arrows ? ) [11:05]
phf: actually i saw your follow up, but stopped reading at "where is it nao..?" [11:06]
asciilifeform: phf: consider the sheer degree of unabashed cargocultism in the endless rehash of the lava lamp thing [11:16]
asciilifeform: betcha it will become a 'new' idea at, e.g., google, a few yrs from now. [11:16]
asciilifeform: and then again somewhere else. [11:16]
asciilifeform: with bigger, bigger wall of lamps, each time. [11:16]
* asciilifeform for some reason unable to turn up the thread in the l0gz where we did the 'rng design is not a technical problem , but a political problem' thing [11:18]
asciilifeform: also phf's linked pediwiki item is hilarious : '...floating material in lava lamps, extracting random data from the pictures, and using the result to seed a pseudorandom number generator.[1] Although the secondary part of the random number generation uses a pseudorandom number generator, the full process essentially qualifies as a "true" random number generator due to the random seed that is used.' [11:21]
asciilifeform: didjaknow! [11:21]
asciilifeform: Essentially Qualifies! [11:21]
deedbot: danielpbarron: [11:22]
asciilifeform: in other lulz : ( ) << 'bignum fuzzer that compares the results of mathematical operations (addtion, subtraction, multiplication, ...) across multiple bignum libraries. Among these is the Go programming language, specifically the "math/big" package [1]. Recently, the fuzzer found a problem in its exponentiation operation...' [11:51]
asciilifeform: hilarious on multiple levels : bignumtron so large and unfitting in head that it has to be probed via fuzzing, like microshit... [11:53]
asciilifeform: or how about the 'pre-allocated vs not' nonsense [11:53]
asciilifeform: or how about bugs in basic arithm routine. [11:53]
mod6: eek [11:57]
asciilifeform: in other noose, dun resolve nomoar. [13:05]
asciilifeform: ( anyone outside of gringolandia wanna try ? ) [13:05]
asciilifeform: ... turns out still worx ( reminds of ye olde mpex... ) [13:17]
diana_coman: asciilifeform, works from here [13:20]
asciilifeform: unsurprising [13:21]
asciilifeform: ( see also etc ) [13:30]
a111: Logged on 2017-09-30 00:25 cazalla: BingoBoingo, ah okay :\ dailystormer just got shoah'd again, this time from .is extension heh [13:30]
mod6: asciilifeform: if there are updates (that are complete & published) for MPI, you may want to update the BTC-Dev ML with the new changes, and reference the original: [14:59]
asciilifeform: mod6: whole thing is at [15:00]
asciilifeform: orig & update , both properly vtronic [15:01]
asciilifeform: also on phf's [15:01]
asciilifeform: mod6: trb ml was really not imho the proper place for it: mpi is not used in trb [15:02]
mod6: yeah, the first message says as much. [15:02]
mod6: i just happened to stumble across it and also thought "this is out of date too..." [15:02]
asciilifeform: feel free to upload the vdiffs/sigs to the ml yourself if you can think of a reason why it belongs there [15:03]
BingoBoingo: <ben_vulpes> in which BingoBoingo sets hisself deadlines! << Sets deadlines for self, and establishes expectations based on collected information. [15:11]
BingoBoingo: In other news. youth program has instructed parents to not have their daughters hug family members and to discourage hugging especially in cases where girl has recieved gift from said family membe [15:13]
BingoBoingo: r [15:13]
ben_vulpes: wat [15:13]
BingoBoingo: This isnstruction is not specific to throbbing family members [15:14]
BingoBoingo: ben_vulpes: Apparently teaches girls to respond to favors with affection, Grill Scouts says bad family [15:14]
deedbot: << Ossasepia - Taming of the Serpent in Ada [15:51]
asciilifeform: oh hey hey hey ljb! [16:12]
* asciilifeform reads [16:12]
diana_coman: asciilifeform, let me know if you see anything weird in there [16:13]
asciilifeform: diana_coman: well 'a candidate replacement for the algorithm used at that time under the name of “Advanced ..' is not quite it, they competed for the usg tourney crown [16:13]
asciilifeform: the item at the time known as 'rijndael' was crowned by nsa, and was proclaimed 'aes' [16:14]
diana_coman: hm, right creation of "aes" rather than replacement, right [16:15]
asciilifeform: << thread. possibly elsewhere. [16:15]
a111: Logged on 2015-01-17 22:38 asciilifeform: or, alternatively, like the choice of 'aes' over the stronger but 'slower' 'serpent' cipher, it was merely orders from lizardhitler. [16:15]
diana_coman: replacement for des rather [16:15]
asciilifeform: aha. [16:16]
asciilifeform: !#s from:asciilifeform aes [16:16]
a111: 81 results for "from:asciilifeform aes", [16:16]
asciilifeform: !#s from:mircea_popescu aes [16:16]
a111: 38 results for "from:mircea_popescu aes", [16:16]
asciilifeform: ^ possibly in there, actually. re the faux 'contest'. [16:16]
diana_coman: updated I'll read and link when I find it, as it should be linked I think [16:18]
asciilifeform: the process whereby rijndael became usg's national One Troo Cipher was as dubious a thing as could be expected. [16:19]
diana_coman: well, I was trying to keep my scope there relatively narrowly focused on serpent itself it's not a very short post as it is anywya [16:20]
diana_coman: found this so far: [16:21]
a111: Logged on 2016-12-28 17:09 asciilifeform: the political history is also rather interesting (it was on track to winning the 'aes competition', received fewest thumbs-down votes from the panelists, but mysteriously torpedoed by usg and did not win) [16:21]
asciilifeform: truth be told, all published symmetric ciphers are fundamentally liquishit, and for approximately the same reason ( ) . they divide merely into the 'already publicly broken' and 'not yet' [16:21]
a111: Logged on 2016-06-06 21:37 asciilifeform: i find it also very interesting that all aes-like ('boxes') cryptosystems are direct descendants of rotor machines. which were known to be pseudoscientific even when first built, as vernam existed [16:21]
asciilifeform: << 404 btw [16:22]
* diana_coman checks [16:23]
diana_coman: it is there now [16:24]
diana_coman: I could have sworn I *did* upload it but apparently..I hadn't [16:24]
diana_coman: asciilifeform, mind expanding a bit on what you had in mind as best way to expand serpent to 512 bits blocks? [16:36]
diana_coman: and 512 bits key too for that matter [16:38]
asciilifeform: to expand a K-bit (block and key, we'll assume, are each K-bit) voodoocipher to J bitness, xor split ( on rng ) having generated J / K independent keys each incoming plaintext block of J bits, is cut into J / K blocks, and each enciphered with the corresponding key. decipher -- same. [16:40]
asciilifeform: xor split each plaintext block, that is [16:41]
asciilifeform: actually nm [16:42]
asciilifeform: this is wrong and the correct algo is in the l0gz... [16:43]
asciilifeform: anyway for 512bit key, you still keep the 128bit block. but each time you have incoming 128b plaintext, you shamir it rngistically into 512bits, i.e. 4 128b parcels that must be xor'd to reconstitute the original. each of these get ciphered with one of 4 independently-generated 128b keys. [16:45]
diana_coman: hm, I probably did not know how to search for it properly as I did look but still not very clear on it [16:45]
asciilifeform: on the decipherment end, each split gets deciphered with the respective 128b key , and the four parcels xor'd to form the plaintext again. [16:45]
asciilifeform: does this make sense ? [16:46]
diana_coman: ah, it was the construction on top you had in mind [16:46]
asciilifeform: the 1 aspect that historically bothered me, is that enemy knows now a relation between the plaintexts in the 4 streams [16:46]
asciilifeform: sorta how i ended up exploring the item [16:47]
a111: Logged on 2016-12-24 01:03 asciilifeform: picture the following 1-dimensional automaton, that eats bitstring in sets of 2bits, and : '10' -> 'tape step left' '01' -> 'tape step right' '11' -> invert bit at current square '00' -> terminate. [16:47]
asciilifeform: ( i see it as a still-unsolved problem. ) [16:47]
asciilifeform: back to the shamir scheme : the only thing i can properly prove about it, is that it isn't weaker than straight single-key-with-no-splits [16:49]
asciilifeform: and, on top of this, each stream ~individually~ is not distinguishable from rngolade. [16:51]
asciilifeform: anyway orig method is in log, << merely in application to slightly different form of the problem ( how to combine voodoociphers in such a way that the result can in no circumstances be weaker than the strongest of the items ) [16:53]
a111: Logged on 2017-02-25 21:26 asciilifeform: so, for instance, you can prove that a k-of-k (must have ALL parts) shamir split, where you then take each share and encipher with different method -- will NEVER be weaker than the strongest cipher used. [16:53]
asciilifeform: you thereby get a 'ratchet'. which afaik is the only hard strength result in all of crypto aside from von neumann's otp proof... [16:53]
asciilifeform: ( which it is really but a restatement of ) [16:54]
diana_coman: yes, I had found that one for some reason I thought you had in mind a different approach for expanding block + key size for serpent itself [16:55]
asciilifeform: nope. it isn't a keccak-like thing, isn't 'rubber' [16:55]
asciilifeform: not defined for any kind of stretching. [16:55]
asciilifeform: my approach is a universal 'stretcher', predicated on having reasonably fast and high-quality trng. [16:56]
asciilifeform: ( your encipherment speed is limited to 1/S of your rng's bit rate, where S is the splitness ) [16:58]
* asciilifeform brb,teatime [17:06]
diana_coman: I think I need to read more on this, so I'll hit the books [17:07]
* shinohai has enjoyed asciilifeform 's and diana_coman 's exchange and also goes to tea [~} [17:07]
ben_vulpes: "School superintended Keith Marty said it was a surprise to staff that the student responsible was not white." still? STILL a surprise? [17:09]
trinque: how did someone writing niggers in a school bathroom make the news? [17:11]
trinque: they didn't even shoot anyone [17:11]
ben_vulpes: writing niggers on the wall is basically shooting babies, trinque omfg be more sensitive [17:17]
mod6: ya srsly [17:30]
shinohai: lmfao this thread [17:31]
asciilifeform: diana_coman: lemme give specific example. start with splitting 1 byte. to split byte B into X and Y, you take byte R from rng, and compute B xor R = X. then Y = R . X xor Y = B . [17:46]
asciilifeform: diana_coman: now let's split 1 byte into ~four~, A,B,C,D. we take same transform and do it to X and Y in turn. in total, we've used 4 bytes from rng device, to cut 1 byte into 4 otpfrags. [17:47]
mircea_popescu: << hey, next the "instruction function of soviet pioneer org in protecting the poor clueless adults from toxic facts and hate truth" will emerge. and then, probably, the NEP. and then, i guess, the [17:48]
a111: Logged on 2017-11-22 20:14 BingoBoingo: ben_vulpes: Apparently teaches girls to respond to favors with affection, Grill Scouts says bad family [17:48]
diana_coman: asciilifeform, that makes perfect sense, yes [17:49]
asciilifeform: diana_coman: observe that knowing 1,2,or even 3, gives you 0 bits of info re the original. [17:49]
asciilifeform: ( in the shannon sense. you haven't narrowed down what the 4th could be, by knowing 1..3 ) [17:50]
diana_coman: aha [17:51]
mircea_popescu: << and so on [17:52]
a111: Logged on 2016-02-06 16:55 mircea_popescu: derp #1 : "What is wrong with existing block ciphers like AES? AES has been in widespread use for over a decade and to the best of my knowledge, there is still no practical attack on it (unless someone has built a working quantum computer and not told anyone about it). Its totally free of patents and IP issues. Its been implemented in a huge variety of hardware and software (including the Intel CPU that I am using to m [17:52]
mircea_popescu: hm thats still kinda late. [17:53]
asciilifeform: there was an earlier one... [17:53]
a111: Logged on 2014-09-07 17:56 mircea_popescu: i wasn't aware this is public knowledge. [17:53]
mircea_popescu: there's actually lotta these [17:54]
a111: Logged on 2015-07-12 03:17 mircea_popescu: asciilifeform << don't you find it a little odd that even on an obscure liuttle game such as eulora, someone does find the time to carefully probe me about aes ? [17:54]
asciilifeform: right, plenty [17:54]
mircea_popescu: apparently AES is one of those topics where someone could just pick up the log discussion over 3 years and make anencyclopedia entry [17:54]
asciilifeform: almost impossible to bring up crypto in heathendom without a 'voice in the crowd' 'helpfully' reminding about 'standardized, well-designed aes' [17:54]
mircea_popescu: [17:55]
a111: Logged on 2014-09-07 18:00 mircea_popescu: It gets worse. Nearly every AES implementation using AESNI will leave two values in registers: The final block of output, and the final round key. The final block of output isn't a problem for encryption operations — it is ciphertext, which we can assume has leaked anyway — but for encryption an AES-128 key can be computed from the final round key, and for decryption the final round key is the AES-128 key. (For AES [17:55]
diana_coman: ha, back when I was blissfully only *playing* this game!! [17:55]
mircea_popescu: diana_coman those happy days. [17:55]
mircea_popescu: << how about actually using a 512 bit block [17:57]
a111: Logged on 2017-11-22 21:45 asciilifeform: anyway for 512bit key, you still keep the 128bit block. but each time you have incoming 128b plaintext, you shamir it rngistically into 512bits, i.e. 4 128b parcels that must be xor'd to reconstitute the original. each of these get ciphered with one of 4 independently-generated 128b keys. [17:57]
asciilifeform: mircea_popescu: serpent isn't defined as a stretchable thing - i.e. it isn't obvious what ought to be changed to produce a larger ( or smaller, for that matter ) block, and still to have it meaningfully similar to original [17:58]
asciilifeform: rather like the diff b/w sha512 and keccak [17:59]
asciilifeform: ( the latter is defined as a family of functions, and so 'rubber' ) [17:59]
mircea_popescu: dja see why i'd muchly prefer a native tmsr.rsa length symmetric cypher rather than this nonsense ? [17:59]
asciilifeform: really not hard to see [18:00]
mircea_popescu: and why trhe fuck am i using "4 bit permutations" [18:00]
mircea_popescu: and so on and so on [18:00]
asciilifeform: it does cost moar tho. even once i'm done with the asm version. [18:00]
asciilifeform: modular exp is intrinsically costlier , at least on pc iron, than the idjit rotorization used in symmetrics [18:01]
mircea_popescu: anyway, whatever, diana_coman : the correct implementation approach to patch the 256 bit serpent into 4096 bit rsa is to cut every rsa block into 16 fragments, cipher each independently with diff keys, then paste the 16 keys together make 4096 bit of key. [18:02]
mircea_popescu: it's bullshit all the way down, "the 4096 bit block gets cut into 16 sub blocks to be fit into rotorizers that cut each block into 64 bits and process with their 4 bit s boxes". because we're from the fucking cartoons. [18:03]
asciilifeform: sad, innit. asciilifeform for instance has a mtbf of about 1hr when reading about symmetric ciphers. after that -- barf [18:04]
asciilifeform: because ultimately yes 'down to the 4bit sbox!' [18:04]
mircea_popescu: asciilifeform i have this itching half-memory that serpent 256 was actually defined [18:07]
asciilifeform: it was. [18:08]
asciilifeform: but ~key~ size [18:08]
asciilifeform: block was fixed at 128bit. [18:08]
diana_coman: mircea_popescu, 256 key, 128 block [18:08]
diana_coman: heh, crossed with asciilifeform [18:08]
mircea_popescu: asciilifeform right you are, it's in the... 2006 spec. [18:10]
mircea_popescu: in other lulz from same source (ross anderson of cambridge) [18:12]
mircea_popescu: that one from 1998 [18:12]
asciilifeform: classic piece [18:12]
diana_coman: mircea_popescu, let me see if I got this right re "patch": simply apply serpent as it is and then at the next level up glue x keys together and send as "key", glue the corresponding x outputs together and use as "output" basically lump together 16 serpents [18:12]
mircea_popescu: yea. [18:12]
mircea_popescu: asciilifeform the "specificication" published on cambridge page is most likely a later fake. it's a 2006 item supposedly of a 1998 document. [18:13]
mircea_popescu: OTHER 1998 documents, of lesser political sensitivity, exist there in original format. [18:14]
asciilifeform: mircea_popescu: the current serpent www is at the very minimum known to be missing items from before [18:14]
asciilifeform: so why not also serpent. [18:14]
asciilifeform: keccak, i meant, turned up missing items [18:14]
* mircea_popescu doesn't recall why we picked up airbase 1 serpent in preference of japanese item ? [18:15]
asciilifeform: branch-free [18:15]
* mircea_popescu is annoyed. [18:15]
asciilifeform: y'know the splits dun all have to be ciphered with same scheme [18:15]
mircea_popescu: asciilifeform dja recall the discssion with apelyobee fellow ? [18:17]
a111: Logged on 2017-11-14 14:55 mircea_popescu: this is the problem with "complexify the code machine" tendency. somehow it appears intuitively evident that having a portion of the code INSIDE the machine is "a more complex, therefore a more secure system". it is not. 100% of the key belongs in the key. [18:17]
asciilifeform: sure [18:18]
asciilifeform: i read that line as a restatement of the ancient 'seekrit algos are a stupidity, honest crypto keeps only privkey seekrit' truism [18:18]
mircea_popescu: diana_coman and of course we end up with 8kb of bs "key" for every 4kb payload don't we. [18:19]
asciilifeform: 16 [18:19]
mircea_popescu: well 256 bit keys 128 bit blocks. [18:19]
asciilifeform: ah with no splits then yea [18:19]
mircea_popescu: so basically we'll be reusing serpent keys, is the idea ? [18:20]
asciilifeform: ( in other 'gangrene ? what gangrene?' horrors : 'LibTomCrypt is pretty nice to read (only bug found in last 10 years was in prime generation — failed to iterate Miller-Rabin)' -- from turd re broken bignumatrons. cited line presented as a 'hey it's pretty good'... ) [18:21]
mircea_popescu: check it out, diana_coman has found de-facto work-around to "my theme overwrites text up top" : put an intro in, page or so before code :D [18:22]
diana_coman: mircea_popescu, aha! [18:22]
mircea_popescu: smart. [18:22]
mircea_popescu: anyway, so what's the work mode here, every now and again server sends client a rsa-encrypted packet containing 16 aes keys client enciphers its comms to the server with one selected from a set of 8 selected from those 16 and deciphers server's with one selected from set of 8 other than previous set. now and again burns a key. [18:23]
mircea_popescu: when left with two unburned gets new set. [18:23]
diana_coman: mircea_popescu, aes keys?? [18:24]
mircea_popescu: sorry serpent keys [18:24]
asciilifeform: dun have to swap ~all~ the keys every time there's an rsagram [18:24]
mircea_popescu: sed 's/aes/serpent/' [18:24]
mircea_popescu: asciilifeform client just keeps a list. adds to it when rsagram [18:24]
mircea_popescu: strikes from it by criteria. [18:24]
asciilifeform: right [18:25]
mircea_popescu: this actually seems a rather workable method tbh. [18:25]
mircea_popescu: allows for very elastic packets / metering of security needs by user. [18:25]
asciilifeform: iirc this is the scheme asciilifeform originally suggested. [18:25]
mircea_popescu: diana_coman thereby all game packets will be multiples of 128 bits, and in principle a client can live off the first original rsa op its entire life if it so wishes. [18:26]
mircea_popescu: asciilifeform pretty cool. [18:26]
asciilifeform: it costs, however, . [18:27]
a111: Logged on 2017-11-22 21:56 asciilifeform: my approach is a universal 'stretcher', predicated on having reasonably fast and high-quality trng. [18:27]
mircea_popescu: diana_coman i guess we'll define a "control packet" which is always the first 128 bits of every comm, which will contain data such as "killed key #x moved to #y" and also "running out of keys send moar". [18:27]
mircea_popescu: asciilifeform sorry ? [18:27]
mircea_popescu: server generates all serpent keys. no stretching . [18:27]
asciilifeform: actually if client doesn't get to generate keys [18:27]
asciilifeform: aha right [18:28]
asciilifeform: if server generates all keys, client dun need an rng at all. [18:28]
asciilifeform: ( aside from when creating his original rsa priv ) [18:28]
mircea_popescu: the major advantage of which is that user will be able to enjoy security flowing from server even without own fg. [18:28]
mircea_popescu: right. [18:28]
mircea_popescu: and suddenly the fg entropy debit is relevant : eulora server will be capable to produce iirc no more than 64 serpent keys/second per installed FG. [18:31]
mircea_popescu: in reality less as it draws some itself. [18:32]
asciilifeform: this is approx correct. [18:32]
mircea_popescu: so i'm guessing a daily-ish serpent key change per client is not unreasonable. [18:32]
asciilifeform: would depend on how populous, neh [18:33]
asciilifeform: with few enough clients, even hourly'd be workable [18:33]
mircea_popescu: but if memory serves the "attack" on serpent used 2^100 plaintexts sorta deal [18:33]
mircea_popescu: asciilifeform yes but taking the assumptions other way to see how bad it looks. [18:33]
mircea_popescu: imo dun look bad at all. [18:33]
diana_coman: mircea_popescu, 16 serpent keys means 16 keys of 256 bits each? [18:36]
mircea_popescu: right. [18:36]
diana_coman: mircea_popescu, and then when client enciphers with 1 from a set of 8 selected from those 16: does this mean reusing that 1 key for as many 128 chunks that particular eulora message has? or do you mean 1 per chunk ? [18:39]
mircea_popescu: it means reusing [18:39]
diana_coman: k, I think I got it [18:40]
mircea_popescu: in ~principle~ serpent doesn't expose the key anymore than it exposes the cipher. the claim is that if you know about 2^100 or so plaintext-ciphertext matches you can extract the key. [18:42]
mircea_popescu: now, the expectation is that a full day of play will produce less than say 2^15 or so messages. [18:42]
diana_coman: myeah, since reading more seriously on crypto I read a LOT of claims, certainly [18:43]
asciilifeform: diana_coman: there is ~nothing serious printed on the subject publicly since... von neumann [18:44]
asciilifeform: which is why 'hitting the books' is a very limited proposition. the most that can generally be asked from the dead trees, is an accurate picture of the popular algos, plus details of the most well-known attacks on various (e.g. lenstra's, pollard's, etc ) [18:46]
asciilifeform: but as for the general principles which a naive n00b might hope to find in such a work -- there's nothing since old man john von n. [18:46]
asciilifeform: ( and , jaw-droppingly, just about every book 'on crypto' omits the otp proof. that very same, that constitutes the alpha and the omega of what's actually proven in the subject at all ) [18:47]
mircea_popescu: hey, every ro "blog" omits mention of trilema. [18:48]
mircea_popescu: dun look good together. [18:48]
asciilifeform: exactly same phenomenon imho [18:49]
asciilifeform: including the otp proof would immediately invite the q, in even a half-awake reader, of why the fuck the rest of the tree had to die [18:49]
asciilifeform: to produce the brick of nonsense that follows [18:49]
mircea_popescu: something quite like that. [18:49]
asciilifeform: in today's gnattronics finds : [18:50]
asciilifeform: 1 ) build a gnat proj 2) gnatxref -a -aO path_where_your_ali_files_end_up yourmain.adb > xref.txt [18:51]
asciilifeform: shits forth a concordance, e.g. . [18:51]
diana_coman: asciilifeform, I suspect it's quite possible that the writer would end up with that q so... no book [18:51]
asciilifeform: ( full usage/dep topology for every named entity in your proj ) [18:52]
asciilifeform: with lines/columns where used, and where defined. [18:52]
diana_coman: that being said, whenever I find I don't even have that poor picture as full and as clear as I'd like, I'm still left with little other choice then to go and read possibly again, what can I do [18:52]
asciilifeform: diana_coman: the writer is typically a schneier-style wretch who made 'the bargain' and very well knows about otp [18:52]
asciilifeform: and ain't sayin'. [18:53]
asciilifeform: diana_coman: aside from von neumann, and the crc encyclopaedia of well-known algos, i cannot in good conscience recommend much reading. there are works devoted to specific known attacks on rsa ( song y. yang, plus a few ru items ) at least 1 dead tree on differential cryptoanalysis ( how items like des get trivially demolished ) whose author presently escapes me and that's just about it [18:56]
asciilifeform: you're prolly better off reviewing the fundamentals of information theory ( shannon et al ) [18:56]
asciilifeform: asking for 'good books on crypto' is not wholly unlike to ask 'good books in astrology' [18:57]
diana_coman: eh, 'good books in voodoo', let's not branch un-necessarily :p [18:58]
mircea_popescu: lmao [18:58]
shinohai: this is os hilarious #etheredumb gonna fix bitcoin again hurr [19:04]
BingoBoingo: En otra preguntas: "Are we honering that stupid one year plant policy for Christmas trees?" [19:04]
ben_vulpes: shinohai: 'payinghyip' [19:07]
shinohai: mah ec20 tokens [19:08]
asciilifeform: shinohai: newer, cheaper grade of pinoy, or wat [19:09]
asciilifeform: physically painful to read. [19:09]
asciilifeform: 'solve bitcoin's problem by forking it ourself' etc [19:10]
shinohai: [19:10]
asciilifeform: i propose to enact this useful new word as a proper thing [19:10]
asciilifeform: if an anthill could speak, it would use word 'ourself' [19:10]
BingoBoingo: <asciilifeform> if an anthill could speak, it would use word 'ourself' << And the termitories use ourself too [19:12]
mircea_popescu: and in other news, it was established in teh harem over dinner that human demographics should prolly work on the basis of the alcohol used to spawn them [19:14]
mircea_popescu: thereby the jennifer generation mostly should be called tequilla-x [19:14]
mircea_popescu: succeeding beer-x which came after gin-x and so on [19:14]
asciilifeform: what was the 'jennifer generation' ? [19:15]
asciilifeform: ( incidentally, mircea_popescu , possibly pertinent cultur-artifact, ) [19:20]
asciilifeform: ( whole site pretty decent imho. ) [19:20]
phf: asciilifeform: i wonder if mp used that trop before, or it comes from tlp (i'm rereading tlp again) [19:30]
asciilifeform: lol agricultural face [19:31]
mircea_popescu: phf in my case it's genuinely because i fuck 21f cali. [19:57]
mircea_popescu: but anyway, [19:57]
mircea_popescu: !~google the jennifer hairdo [19:57]
jhvh1: mircea_popescu: See 13 Celebrities Who Have Rocked Jennifer Aniston's Rachel ...: <> Jennifer Aniston reveals why she hated 'The Rachel' haircut: <> The Story Behind Jennifer Aniston's Rachel Haircut | (1 more message) [19:57]
mircea_popescu: asciilifeform lol i can't read this. wtf is it ? [19:59]
asciilifeform: mircea_popescu: prison folklore [20:01]
asciilifeform: at some point i'ma take a stab at translation. [20:02]
mircea_popescu: my vocab too poor [20:02]
BingoBoingo: lol [20:02]
mircea_popescu: pantsuited hilarity won miss world president race ourself. [20:03]
BingoBoingo: With maximust termiterity! [20:03]
BingoBoingo: !~ticker --market all [23:14]
jhvh1: BingoBoingo: Bitstamp BTCUSD last: 8193.37, vol: 7970.22464966 | Bitfinex BTCUSD last: 8183.7, vol: 28256.73489211 | CampBX BTCUSD last: 3450.0, vol: 0 | Kraken BTCUSD last: 8203.5, vol: 2847.63427408 | Volume-weighted last average: 8187.1153965 [23:14]
BingoBoingo: !~bcstats [23:17]
jhvh1: BingoBoingo: Current Blocks: 495672 | Current Difficulty: 1.364422081125E12 | Next Difficulty At Block: 495935 | Next Difficulty In: 263 blocks | Next Difficulty In About: 1 day, 21 hours, 57 minutes, and 14 seconds | Next Difficulty Estimate: None | Estimated Percent Change: None [23:17]
mircea_popescu: and in other black girls code lulz, rorc girl explains FOSS : [23:24]
phf: lulzy, but she really needs to do some inhalations and exhalations, this is some speaking 101 torture going on [23:38]
mircea_popescu: they're all fucking terrible. this one breathes like she's 1/3 on the way to orgasm. [23:40]
mircea_popescu: buncha "speakers" that are SO FUCKING ANXIOUS you'd think they never spoke to people. [23:40]
mircea_popescu: and since we're on this : i'm particularily insulted by the pretentions of ex-"journalists" owners of no more than two pairs of undewear and no two meatballs to rub together in their entrails at any given point that they're you know, postmodern women with preoccupations and opinions and options and whatnot. this shithead made in her entire 10 year long professional life a little over one bitcoin. [23:42]
mircea_popescu: yet there she sits, and like her one billion utterly useless facebook tards. i've no doubt she votes, but not randomly -- she thinks she reasons! and in another decade she's gonna write a "book". and so fucking following. [23:43]
mircea_popescu: in short, i've had it with the aferations of social participation coming from the facebook fake accounts up to fucking here. [23:44]
mircea_popescu: "oh but mp, wetware-run fake accounts are real!!!" like hell they are. the fact that zuck uses a buncha biosacks to do the job of ten lines of perl doesn't mean the biosacks aren't really shitty raspberrypis. what the fuck next, he's gonna run the shitstorm on z80s and pretend like the z80s are people because "they're louder, slower and burn more energy than proper computers" ?! THEY STILL DO THE EXACT SAME THING. [23:46]
mircea_popescu: "it's open source which means you don't have to know anything, just copy some codes from the endless information highway". ioana calen xrumer. [23:48]
phf: where's genghis kahn when you need him? (c) [23:50]
mircea_popescu: << fucking illustratious. [23:51]
asciilifeform: << mm pretty tho [23:51]
a111: Logged on 2017-11-23 04:40 mircea_popescu: they're all fucking terrible. this one breathes like she's 1/3 on the way to orgasm. [23:51]
mircea_popescu: asciilifeform i randomly clicked a link from an 2008 article by the itisa dood. i suppose he was fucking her at the time or w/e. [23:52]
phf: obligatory [23:52]
asciilifeform: mebbe helps that asciilifeform is sitting on a box with no sound card [23:52]
mircea_popescu: but this is the fucking "career" of these schmucks. born 83, graduated "college" 2003, worked as a fashion-culture-pop-media "editor" at some obscure local paper, then became "a PR officer!!1" by now pretending to "cultural management". motherfucker. management ?! [23:53]
mircea_popescu: for the same money could pretend to cultural engineering. which, obviously, they do. [23:53]
phf: asciilifeform: yeah, i had the same thought until she started speaking, i mean, shit, they don't have "toastmasters" in romania? practice your talk before going in front of people [23:53]
mircea_popescu: phf it's not that they don't have toastmasters in romania. it's that they don'tr have anything if you're born after 1980. [23:54]
mircea_popescu: and i mean this most literally. [23:54]
mircea_popescu: " At Buyerbrain, Ioana performs as a researcher and as a multidisciplinary perspective analyst, disseminating and promoting the neuroscience culture while also applying those principles to marketing and communicating the laboratory." you understand me ?! [23:54]
mircea_popescu: what fucking toastmasters. [23:54]
mircea_popescu: the neuroscience fucking culture so help me. [23:55]
asciilifeform: neuroscience culture..?! [23:55]
mircea_popescu: apparently what, on the basis of this malfunctioning spam script they also don't have basic logic in romania now ? [23:55]
phf: blockchain! [23:55]
mircea_popescu: yeah, that's the entomological value here : that these EXACTLY IDENTICAL fucktards haven't yet heard of THAT fashionable bullshit. so they're still working the old style nonsense. yet the underlying opcodes are very visibly exactly the same. [23:56]
mircea_popescu: allows for some diffing, "what's this z69 say vs that one ?" [23:56]
mircea_popescu: and i'll insist and underline that no, can not be the case these are people. if i can emulate 10k of them on a stock amd, they're not people, they're 1/10k of a stock amd. [23:57]
Category: Logs
Comments feed : RSS 2.0. Leave your own comment below, or send a trackback.

One Response

  1. [...] n=1 case still means 92 reuses per Serpent key. Such is the nature of the beast : there's no self-obvious way to stretch Serpent to larger sizes ; there's not much utility to smaller UDP packets ; a procedure [...]

Add your cents! »
    If this is your first comment, it will wait to be approved. This usually takes a few hours. Subsequent comments are not delayed.