deedbot: Get your OTP: http://p.bvulpes.com/pastes/cOZTp/?raw=true
deedbot: http://www.thedrinkingrecord.com/2017/11/22/and-the-arrangements-continue/ << Bingo Blog - And The Arrangements Continue
BingoBoingo: ^ The update
ben_vulpes: solid thread phf, asciilifeform
ben_vulpes: good example of tmsr as antireddit: nothing in the "nollij of crowds", but if yr lucky some sages will come by with a set of koans to set you rethinkin priors
ben_vulpes: in which BingoBoingo sets hisself deadlines!
spyked: http://btcbase.org/log/2017-11-21#1741755 <-- crap. sorry for the confusion! I was thinking about builtin functions, not symbols. need a meaningful way to point symbols to those things, and meaningful way revealed itself once I finally grasped your point. /me proceeds to rewrite symbols+builtin pieces.
a111: Logged on 2017-11-21 19:35 phf: http://btcbase.org/log/2017-11-20#1741176 << i don't need to consider that, i grok metacircularity, i.e. there's no such thing as builtin symbols. bytecode or not is lateral to that point.
jurov: \znc clearallchannelbuffers
jurov: lol sorry
mircea_popescu: lol backwards!
spyked: http://btcbase.org/log/2017-11-21#1741759 , http://btcbase.org/log/2017-11-22#1741862 <-- string not a primitive, but -- "string" datatype aside -- symbol names are (conceptually) strings, so they (the symbol names) require an internal representation etc. cons'ing characters upon reading was simplest approach I found to storing and structuring them. con: list cells introduce memory overhead; pros: avoids arrays and magic numbers like
a111: Logged on 2017-11-21 19:38 phf: http://btcbase.org/log/2017-11-20#1741179 << you can just ignore the whole "string" question in first version, McCarthy's lisp used symbols instead of strings (that's why early nlp code, like eliza all come out as DOG SAID, HELLO) and the only operation you could do at some point was read and eq.
a111: Logged on 2017-11-22 00:33 mircea_popescu: string is not a primitive!
spyked: mccarthy's "up to 30 characters" (ref. Lisp manual Appendix F)
mircea_popescu: "not a primitive" means "nothing can '''conceptually''' be that"
spyked: mircea_popescu, I understood that. the point is, McCarthy's Lisp system still uses strings internally in some form.
mircea_popescu: it might just be that you look at mccarthy's symbols and think "oh strings".
spyked: nono, I look at Lisp symblol *names* and I think "strings", i.e. sequences of characters.
mircea_popescu: whereas odds are mccarthy thought indexes in an array.
mircea_popescu: you're familiar with how industrial technology looked at the time, the machine'd have a list of items internally, and glued on a piece of paper giving the words per item
mircea_popescu: (this mechanism survives in "error codes" lulz even today)
mircea_popescu: and in antique trilemas for the rotaku club (ie, great pieces i'm too lazy to translate), http://trilema.com/2012/pizdita-sau-antropologie-printre-taranii-de-la-oras/ aka mp knows more about "toxic manhood" an' "rape culture" than your local fabecook expert.
RagnarDanneskjol: mircea_popescu I may have someone worth inviting to chan for interview in the coming days. Most of the folks I know over there are primarily oral translators, so having to look around a bit. Just got back yesterday - BJ is a real shithole but the people are adorable, lots of good duck. FYI - 'VPN AC' (Romanian) seems to be the only one working well/consistently behind the firewall (I've used many) and
RagnarDanneskjol: Everbright Bank has, by far, the lowest entry barriers for business or tourist visitors opening new accounts.
mircea_popescu: oh they're still going on with their pretensions to sovereignity and whatnot, "firewalls", bs.
mircea_popescu: lulzy.
shinohai: gm #trilema
shinohai: !~later tell spyked got a question regarding the w3m patch when you have a sec.
jhvh1: shinohai: The operation succeeded.
spyked: morning, shinohai
shinohai: Heya spyked, was looking at your patch last night .... where did you get your w3m source code from if I may ask?
shinohai: https://www.digitaltrends.com/cool-tech/lava-lamps-encryption/ <<< in other faux phuctors (page refuses to archive for me)
spyked: shinohai, sourceforge, unfortunately (w3m devs still host it there for some reason). exact link: https://downloads.sourceforge.net/w3m/w3m-0.5.3.tar.gz same for the njs library; one sec, I'll look it up
shinohai: Its ok spyked .... this is the one I tried, albeit in a Debian VM. ./configure keeps failing for me saying there is no gc
shinohai: though it is available, I'm puzzled. (Your patch did apply cleanly)
spyked: ah crap. yes, I installed the gc lib from the debian repo. I don't know why they removed gc from the w3m tree
shinohai: Hmmm .... I have the gc repo though, still fails.
spyked: that's odd. can you paste somewhere?
spyked: the configure/make output, that is
spyked: shinohai, I remember getting this as well at some point. can you also paste config.log? the js library bits that I added to ./configure are very hack-ish (IMHO the thing shouldn't be dynamically linked anyway, so I just hacked through it to make it work)
shinohai: Just an aside, I *also* tried this unpatched and get same error. One sec, posting config.log
spyked: (ftr, libgc is why I rebased the patch on w3m-0.5.3 in the first place; for some reason the "mktable" executable generated by w3m was segfaulting in the gc library, while I knew 0.5.3 compiled on my system before, with libgc from debian sources)
shinohai: I know I have builit it plenty of times, I'm trying to remember if there was some patch for that, don't recall
shinohai: ( I think I used this version tbh https://github.com/tats/w3m ... I loath sourceforge lol)
spyked: shinohai, I know why the patch fails, though not sure why it fails without it... did you also compile and install libnjs? e.g. on line 1840 in config.log, "cannot find -ljs". hm. I am guessing you should have it installed if w3m-0.4 worked for you.
shinohai looks
shinohai: Nope, not available in repos either .... got a sauce?
spyked: the original w3m-js patch adds a -ljs compilation/link-time flag. now, there's another issue: if your libjs is in a path that the run-time linker can't find (e.g. /usr/local/lib as opposed to /usr/lib), it will fail again at some point.
spyked: shinohai, https://sourceforge.net/projects/njs/ (would be cool if there was out of sourceforge link too... /me will have to host all these somewhere publicly at some point)
shinohai: grrrr .... thanx for assistance spyked. I rather like w3m (because inline images) but truly needs a lot of cruft removed and things organised - mainly the sourceforge madness.
spyked: all these libraries (gc + njs + others) can be embedded in the original w3m and made self-contained (including removal of shared library nonsense, like gc was linked in 0.4), but they'll require me 1-2 full days. to put on list
spyked: I like w3m as well. the codebase is surprisingly easy to understand (took me a few hours yesterday to get a vague idea of how modules work together), though I have no idea why they need a gc. links is even more minimal, but I use w3m mainly because it runs in emacs.
shinohai: links is nice, it will at least open images in a framebuffer.
shinohai: bah, weird errors trying to build njs .... this is better left to when I can look at a full cleanup.
diana_coman: !!up Abot101
deedbot: Abot101 voiced for 30 minutes.
mircea_popescu: Abot101 who might you be ?
mircea_popescu: http://btcbase.org/log/2017-11-22#1742061 << lotta people do.
a111: Logged on 2017-11-22 13:23 spyked: shinohai, https://sourceforge.net/projects/njs/ (would be cool if there was out of sourceforge link too... /me will have to host all these somewhere publicly at some point)
spyked: hm. shinohai, I remember patching config.sub and config.guess at least. posting a patch in one minute.
shinohai: spyked: I did patch config.sub because it is horrendously old and has no idea what system I was using.
shinohai: oh and good morning Sr. Popescu o/
spyked: http://p.bvulpes.com/pastes/yVbXl/?raw=true <-- most of it is config.sub and config.guess. two lines at the end may fix shinohai's troubles. anyway, I'ma post the whole thing (w3m+gc+js+whatever else) once I manage to do a static build.
asciilifeform: in other noose, chaum ( see also http://btcbase.org/log/2016-01-10#1365552 ) peddles promisetronic shitcoin, https://archive.is/DQPVe , as if he had any reputation left to burn
a111: Logged on 2016-01-10 23:48 mircea_popescu: hey check that out, zimmerman makes nsa-phone and david chaum makes nsa-gossipd.
mircea_popescu: hola!
mircea_popescu: asciilifeform shameful excuses of the items they pretend to be.
shinohai: Adam Back gonna rage on that one
asciilifeform: meanwhile, https://archive.is/q98xo << intel burns moar amt fritzchip remote nsalogic
asciilifeform: at the same time fixing , i strongly suspect, the bug that recently showed promise of making the whole thing removable
asciilifeform: mircea_popescu: chaum is esp. sad case, was at one time actual thinking d00d, invented afaik hashtronic 'proof of work' , then proceeded to narrowly avoid doing anything useful with it
mircea_popescu: aha.
mircea_popescu: huge strategic mistake publicizing that item, but sadly i r not yet in the position of making ALL the calls.
mircea_popescu: (the bug i mean.)
asciilifeform: 'Intel would like to thank Mark Ermolov and Maxim Goryachy from Positive Technologies Research for working collaboratively with Intel on a coordinated disclosure for CVE-2017-5705.' << oh hey named quislings ftr
asciilifeform: mircea_popescu: aha, oughta have been used in mass rapefest
mircea_popescu: just kept under lid for 2-3 years.
mircea_popescu: let them build a lot of the chips.
asciilifeform: coordinated anal waltz, not 'coordinated disclosure'
mircea_popescu: very stupid russki geologists.
asciilifeform: mircea_popescu: it's a fw bug, not silicon , sadly patchable
asciilifeform: ( not, say, like the famous fdivbug in '90s )
mircea_popescu: not so cleanly cut.
mircea_popescu: should have let it pile.
asciilifeform: it piled since 2009
asciilifeform: when they started fritzchipping
mircea_popescu: iirc the early ones were different.
mircea_popescu: aaanyweays.
asciilifeform: http://btcbase.org/log/2017-11-22#1742041 << dun see what this has to do with phuctor... and 'lavarand' existed in '90s ( where is it nao..? )
a111: Logged on 2017-11-22 13:04 shinohai: https://www.digitaltrends.com/cool-tech/lava-lamps-encryption/ <<< in other faux phuctors (page refuses to archive for me)
asciilifeform: !~google lavarand
jhvh1: asciilifeform: Lavarand - Wikipedia: <https://en.wikipedia.org/wiki/Lavarand>; LavaRnd: <http://www.lavarand.org/>; What is LavaRnd?: <http://www.lavarand.org/what/index.html>
shinohai: asciilifeform: posted before full coffee, meant fuckgoats
asciilifeform: was sgi publicity stunt, even patented
asciilifeform: and apparently doomed to be recycled forever by svderps
asciilifeform: ( will also point out, the lamps per se contribute ~0 entropy, arrangement is really ~same as hashwhitening output of camera static with the lens cap on )
mircea_popescu: http://btcbase.org/log/2017-11-22#1741924 << http://trilema.com/2017/Кто-ты-по-жизни/
a111: Logged on 2017-11-22 01:08 BingoBoingo: Anyways, explaining to normal ordinary people in meatspace who Mircea Popescu is, is surprisingly simple.
mircea_popescu is evidently working towards a unified theory of mpdom.
deedbot: http://trilema.com/2017/%d0%9a%d1%82%d0%be-%d1%82%d1%8b-%d0%bf%d0%be-%d0%b6%d0%b8%d0%b7%d0%bd%d0%b8/ << Trilema - ?
shinohai: lol .... `?`
mircea_popescu: unicoarde.
shinohai: deedbot doesn't know who it is in life. xD
mircea_popescu: ahahaha
mod6: mornin'
mircea_popescu: hola
mod6: how goes today?
mircea_popescu: setting up teh yachting for laterz.
mod6: sounds relaxing :]
mircea_popescu: in other lulz : p&g cut 100mn off its "online advertising" budget 2nd q ; saw zero impact.
mod6: heheh
phf: http://btcbase.org/log/2017-11-22#1742041 << it's not surprising that cloudflare's piece doesn't mention lavarand, but the original was invented at SGI and has a couple of patents around it https://www.wired.com/2003/08/random/, https://web.archive.org/web/20010926221159/http://lavarand.sgi.com/
a111: Logged on 2017-11-22 13:04 shinohai: https://www.digitaltrends.com/cool-tech/lava-lamps-encryption/ <<< in other faux phuctors (page refuses to archive for me)
asciilifeform: phf: see thread
phf: oh bah
asciilifeform: ( am i the only one who actually uses phf's very spiffy pointy-hand arrows ? )
phf: actually i saw your follow up, but stopped reading at "where is it nao..?"
asciilifeform: phf: consider the sheer degree of unabashed cargocultism in the endless rehash of the lava lamp thing
asciilifeform: betcha it will become a 'new' idea at, e.g., google, a few yrs from now.
asciilifeform: and then again somewhere else.
asciilifeform: with bigger, bigger wall of lamps, each time.
asciilifeform for some reason unable to turn up the thread in the l0gz where we did the 'rng design is not a technical problem , but a political problem' thing
asciilifeform: also phf's linked pediwiki item is hilarious : '...floating material in lava lamps, extracting random data from the pictures, and using the result to seed a pseudorandom number generator.[1] Although the secondary part of the random number generation uses a pseudorandom number generator, the full process essentially qualifies as a "true" random number generator due to the random seed that is used.'
asciilifeform: didjaknow!
asciilifeform: Essentially Qualifies!
deedbot: danielpbarron: http://p.bvulpes.com/pastes/EnGVs/?raw=true
asciilifeform: in other lulz : http://www.openwall.com/lists/oss-security/2017/11/21/4 ( https://archive.is/N6vFJ ) << 'bignum fuzzer that compares the results of mathematical operations (addtion, subtraction, multiplication, ...) across multiple bignum libraries. Among these is the Go programming language, specifically the "math/big" package [1]. Recently, the fuzzer found a problem in its exponentiation operation...'
asciilifeform: hilarious on multiple levels : bignumtron so large and unfitting in head that it has to be probed via fuzzing, like microshit...
asciilifeform: or how about the 'pre-allocated vs not' nonsense
asciilifeform: or how about bugs in basic arithm routine.
mod6: eek
asciilifeform: in other noose, sci-hub.cc dun resolve nomoar.
asciilifeform: ( anyone outside of gringolandia wanna try ? )
asciilifeform: ... sci-hub.la turns out still worx ( reminds of ye olde mpex... )
diana_coman: asciilifeform, works from here
asciilifeform: unsurprising
asciilifeform: ( see also http://btcbase.org/log/2017-09-30#1718499 etc )
a111: Logged on 2017-09-30 00:25 cazalla: BingoBoingo, ah okay :\ dailystormer just got shoah'd again, this time from .is extension heh
mod6: asciilifeform: if there are updates (that are complete & published) for MPI, you may want to update the BTC-Dev ML with the new changes, and reference the original: http://therealbitcoin.org/ml/btc-dev/2015-October/000175.html
asciilifeform: mod6: whole thing is at http://www.loper-os.org/?p=1533
asciilifeform: orig & update , both properly vtronic
asciilifeform: also on phf's http://btcbase.org/patches?patchset=mpi&search=
asciilifeform: mod6: trb ml was really not imho the proper place for it: mpi is not used in trb
mod6: yeah, the first message says as much.
mod6: i just happened to stumble across it and also thought "this is out of date too..."
asciilifeform: feel free to upload the vdiffs/sigs to the ml yourself if you can think of a reason why it belongs there
BingoBoingo: <ben_vulpes> in which BingoBoingo sets hisself deadlines! << Sets deadlines for self, and establishes expectations based on collected information.
BingoBoingo: In other news. USG.blue youth program has instructed parents to not have their daughters hug family members and to discourage hugging especially in cases where girl has recieved gift from said family membe
BingoBoingo: r
ben_vulpes: wat
BingoBoingo: This isnstruction is not specific to throbbing family members
BingoBoingo: ben_vulpes: Apparently teaches girls to respond to favors with affection, Grill Scouts says bad family
deedbot: http://www.dianacoman.com/2017/11/22/taming-of-the-serpent-in-ada/ << Ossasepia - Taming of the Serpent in Ada
asciilifeform: oh hey hey hey ljb!
asciilifeform reads
diana_coman: asciilifeform, let me know if you see anything weird in there
asciilifeform: diana_coman: well 'a candidate replacement for the algorithm used at that time under the name of “Advanced ..' is not quite it, they competed for the usg tourney crown
asciilifeform: the item at the time known as 'rijndael' was crowned by nsa, and was proclaimed 'aes'
diana_coman: hm, right; creation of "aes" rather than replacement, right
asciilifeform: http://btcbase.org/log/2015-01-17#981006 << thread. possibly elsewhere.
a111: Logged on 2015-01-17 22:38 asciilifeform: or, alternatively, like the choice of 'aes' over the stronger but 'slower' 'serpent' cipher, it was merely orders from lizardhitler.
diana_coman: replacement for des rather
asciilifeform: aha.
asciilifeform: !#s from:asciilifeform aes
a111: 81 results for "from:asciilifeform aes", http://btcbase.org/log-search?q=from%3Aasciilifeform%20aes
asciilifeform: !#s from:mircea_popescu aes
a111: 38 results for "from:mircea_popescu aes", http://btcbase.org/log-search?q=from%3Amircea_popescu%20aes
asciilifeform: ^ possibly in there, actually. re the faux 'contest'.
diana_coman: updated; I'll read and link when I find it, as it should be linked I think
asciilifeform: the process whereby rijndael became usg's national One Troo Cipher was as dubious a thing as could be expected.
diana_coman: well, I was trying to keep my scope there relatively narrowly focused on serpent itself; it's not a very short post as it is anywya
diana_coman: found this so far: http://btcbase.org/log/2016-12-28#1591982
a111: Logged on 2016-12-28 17:09 asciilifeform: the political history is also rather interesting (it was on track to winning the 'aes competition', received fewest thumbs-down votes from the panelists, but mysteriously torpedoed by usg and did not win)
asciilifeform: truth be told, all published symmetric ciphers are fundamentally liquishit, and for approximately the same reason ( http://btcbase.org/log/2016-06-06#1477746 ) . they divide merely into the 'already publicly broken' and 'not yet'
a111: Logged on 2016-06-06 21:37 asciilifeform: i find it also very interesting that all aes-like ('boxes') cryptosystems are direct descendants of rotor machines. which were known to be pseudoscientific even when first built, as vernam existed
diana_coman checks
diana_coman: it is there now
diana_coman: I could have sworn I *did* upload it but apparently..I hadn't
diana_coman: asciilifeform, mind expanding a bit on what you had in mind as best way to expand serpent to 512 bits blocks?
diana_coman: and 512 bits key too for that matter
asciilifeform: to expand a K-bit (block and key, we'll assume, are each K-bit) voodoocipher to J bitness, xor split ( on rng ); having generated J / K independent keys; each incoming plaintext block of J bits, is cut into J / K blocks, and each enciphered with the corresponding key. decipher -- same.
asciilifeform: xor split each plaintext block, that is
asciilifeform: actually nm
asciilifeform: this is wrong; and the correct algo is in the l0gz...
asciilifeform: anyway for 512bit key, you still keep the 128bit block. but each time you have incoming 128b plaintext, you shamir it rngistically into 512bits, i.e. 4 128b parcels that must be xor'd to reconstitute the original. each of these get ciphered with one of 4 independently-generated 128b keys.
diana_coman: hm, I probably did not know how to search for it properly as I did look but still not very clear on it
asciilifeform: on the decipherment end, each split gets deciphered with the respective 128b key , and the four parcels xor'd to form the plaintext again.
asciilifeform: does this make sense ?
diana_coman: ah, it was the construction on top you had in mind
asciilifeform: the 1 aspect that historically bothered me, is that enemy knows now a relation between the plaintexts in the 4 streams
asciilifeform: sorta how i ended up exploring the http://btcbase.org/log/2016-12-24#1589881 item
a111: Logged on 2016-12-24 01:03 asciilifeform: picture the following 1-dimensional automaton, that eats bitstring in sets of 2bits, and : '10' -> 'tape step left' ; '01' -> 'tape step right' ; '11' -> invert bit at current square; '00' -> terminate.
asciilifeform: ( i see it as a still-unsolved problem. )
asciilifeform: back to the shamir scheme : the only thing i can properly prove about it, is that it isn't weaker than straight single-key-with-no-splits
asciilifeform: and, on top of this, each stream ~individually~ is not distinguishable from rngolade.
asciilifeform: anyway orig method is in log, http://btcbase.org/log/2017-02-25#1618462 << merely in application to slightly different form of the problem ( how to combine voodoociphers in such a way that the result can in no circumstances be weaker than the strongest of the items )
a111: Logged on 2017-02-25 21:26 asciilifeform: so, for instance, you can prove that a k-of-k (must have ALL parts) shamir split, where you then take each share and encipher with different method -- will NEVER be weaker than the strongest cipher used.
asciilifeform: you thereby get a 'ratchet'. which afaik is the only hard strength result in all of crypto aside from von neumann's otp proof...
asciilifeform: ( which it is really but a restatement of )
diana_coman: yes, I had found that one; for some reason I thought you had in mind a different approach for expanding block + key size for serpent itself
asciilifeform: nope. it isn't a keccak-like thing, isn't 'rubber'
asciilifeform: not defined for any kind of stretching.
asciilifeform: my approach is a universal 'stretcher', predicated on having reasonably fast and high-quality trng.
asciilifeform: ( your encipherment speed is limited to 1/S of your rng's bit rate, where S is the splitness )
asciilifeform brb,teatime
diana_coman: I think I need to read more on this, so I'll hit the books
shinohai has enjoyed asciilifeform 's and diana_coman 's exchange and also goes to tea [~}
ben_vulpes: "School superintended Keith Marty said it was a surprise to staff that the student responsible was not white." still? STILL a surprise? http://www.dailymail.co.uk/news/article-5108107/Student-writes-white-lives-matter-N-word-mirror.html
trinque: how did someone writing niggers in a school bathroom make the news?
trinque: they didn't even shoot anyone
ben_vulpes: writing niggers on the wall is basically shooting babies, trinque omfg be more sensitive
mod6: ya srsly
shinohai: lmfao this thread
asciilifeform: diana_coman: lemme give specific example. start with splitting 1 byte. to split byte B into X and Y, you take byte R from rng, and compute B xor R = X. then Y = R . X xor Y = B .
asciilifeform: diana_coman: now let's split 1 byte into ~four~, A,B,C,D. we take same transform and do it to X and Y in turn. in total, we've used 4 bytes from rng device, to cut 1 byte into 4 otpfrags.
mircea_popescu: http://btcbase.org/log/2017-11-22#1742164 << hey, next the "instruction function of soviet pioneer org in protecting the poor clueless adults from toxic facts and hate truth" will emerge. and then, probably, the NEP. and then, i guess, the http://trilema.com/2014/the-problem-of-enforcement/#footnote_0_55204
a111: Logged on 2017-11-22 20:14 BingoBoingo: ben_vulpes: Apparently teaches girls to respond to favors with affection, Grill Scouts says bad family
diana_coman: asciilifeform, that makes perfect sense, yes
asciilifeform: diana_coman: observe that knowing 1,2,or even 3, gives you 0 bits of info re the original.
asciilifeform: ( in the shannon sense. you haven't narrowed down what the 4th could be, by knowing 1..3 )
diana_coman: aha
mircea_popescu: http://btcbase.org/log/2016-02-06#1398048 << and so on
a111: Logged on 2016-02-06 16:55 mircea_popescu: derp #1 : "What is wrong with existing block ciphers like AES? AES has been in widespread use for over a decade and to the best of my knowledge, there is still no practical attack on it (unless someone has built a working quantum computer and not told anyone about it). Its totally free of patents and IP issues. Its been implemented in a huge variety of hardware and software (including the Intel CPU that I am using to m
mircea_popescu: hm that;s still kinda late.
asciilifeform: there was an earlier one... http://btcbase.org/log/2014-09-07#821750
a111: Logged on 2014-09-07 17:56 mircea_popescu: i wasn't aware this is public knowledge.
mircea_popescu: http://btcbase.org/log/2015-07-12#1198022 there's actually lotta these
a111: Logged on 2015-07-12 03:17 mircea_popescu: asciilifeform http://trilema.com/2014/minigame-smg-august-2014-statement/#comment-114754 << don't you find it a little odd that even on an obscure liuttle game such as eulora, someone does find the time to carefully probe me about aes ?
asciilifeform: right, plenty
mircea_popescu: apparently AES is one of those topics where someone could just pick up the log discussion over 3 years and make anencyclopedia entry
asciilifeform: almost impossible to bring up crypto in heathendom without a 'voice in the crowd' 'helpfully' reminding about 'standardized, well-designed aes'
a111: Logged on 2014-09-07 18:00 mircea_popescu: It gets worse. Nearly every AES implementation using AESNI will leave two values in registers: The final block of output, and the final round key. The final block of output isn't a problem for encryption operations it is ciphertext, which we can assume has leaked anyway but for encryption an AES-128 key can be computed from the final round key, and for decryption the final round key is the AES-128 key. (For AES
diana_coman: ha, back when I was blissfully only *playing* this game!!
mircea_popescu: diana_coman those happy days.
mircea_popescu: http://btcbase.org/log/2017-11-22#1742198 << how about actually using a 512 bit block
a111: Logged on 2017-11-22 21:45 asciilifeform: anyway for 512bit key, you still keep the 128bit block. but each time you have incoming 128b plaintext, you shamir it rngistically into 512bits, i.e. 4 128b parcels that must be xor'd to reconstitute the original. each of these get ciphered with one of 4 independently-generated 128b keys.
asciilifeform: mircea_popescu: serpent isn't defined as a stretchable thing - i.e. it isn't obvious what ought to be changed to produce a larger ( or smaller, for that matter ) block, and still to have it meaningfully similar to original
asciilifeform: rather like the diff b/w sha512 and keccak
asciilifeform: ( the latter is defined as a family of functions, and so 'rubber' )
mircea_popescu: dja see why i'd muchly prefer a native tmsr.rsa length symmetric cypher rather than this nonsense ?
asciilifeform: really not hard to see
mircea_popescu: and why trhe fuck am i using "4 bit permutations"
mircea_popescu: and so on and so on
asciilifeform: it does cost moar tho. even once i'm done with the asm version.
asciilifeform: modular exp is intrinsically costlier , at least on pc iron, than the idjit rotorization used in symmetrics
mircea_popescu: anyway, whatever, diana_coman : the correct implementation approach to patch the 256 bit serpent into 4096 bit rsa is to cut every rsa block into 16 fragments, cipher each independently with diff keys, then paste the 16 keys together make 4096 bit of key.
mircea_popescu: it's bullshit all the way down, "the 4096 bit block gets cut into 16 sub blocks to be fit into rotorizers that cut each block into 64 bits and process with their 4 bit s boxes". because we're from the fucking cartoons.
asciilifeform: sad, innit. asciilifeform for instance has a mtbf of about 1hr when reading about symmetric ciphers. after that -- barf
asciilifeform: because ultimately yes 'down to the 4bit sbox!'
mircea_popescu: asciilifeform i have this itching half-memory that serpent 256 was actually defined
asciilifeform: it was.
asciilifeform: but ~key~ size
asciilifeform: block was fixed at 128bit.
diana_coman: mircea_popescu, 256 key, 128 block
diana_coman: heh, crossed with asciilifeform
mircea_popescu: asciilifeform right you are, it's in the... 2006 spec.
mircea_popescu: in other lulz from same source (ross anderson of cambridge) http://www.cl.cam.ac.uk/~rja14/Papers/tamper.pdf
mircea_popescu: that one from 1998
asciilifeform: classic piece
diana_coman: mircea_popescu, let me see if I got this right re "patch": simply apply serpent as it is and then at the next level up glue x keys together and send as "key", glue the corresponding x outputs together and use as "output"; basically lump together 16 serpents
mircea_popescu: yea.
mircea_popescu: asciilifeform the "specificication" published on cambridge page is most likely a later fake. it's a 2006 item supposedly of a 1998 document.
mircea_popescu: OTHER 1998 documents, of lesser political sensitivity, exist there in original format.
asciilifeform: mircea_popescu: the current serpent www is at the very minimum known to be missing items from before
asciilifeform: so why not also serpent.
asciilifeform: keccak, i meant, turned up missing items
mircea_popescu doesn't recall why we picked up airbase 1 serpent in preference of japanese item ?
asciilifeform: branch-free
mircea_popescu is annoyed.
asciilifeform: y'know the splits dun all have to be ciphered with same scheme
mircea_popescu: asciilifeform dja recall the discssion with apelyobee fellow ? http://btcbase.org/log/2017-11-14#1737658
a111: Logged on 2017-11-14 14:55 mircea_popescu: this is the problem with "complexify the code machine" tendency. somehow it appears intuitively evident that having a portion of the code INSIDE the machine is "a more complex, therefore a more secure system". it is not. 100% of the key belongs in the key.
asciilifeform: sure
asciilifeform: i read that line as a restatement of the ancient 'seekrit algos are a stupidity, honest crypto keeps only privkey seekrit' truism
mircea_popescu: diana_coman and of course we end up with 8kb of bs "key" for every 4kb payload don't we.
asciilifeform: 16
mircea_popescu: well 256 bit keys 128 bit blocks.
asciilifeform: ah with no splits then yea
mircea_popescu: so basically we'll be reusing serpent keys, is the idea ?
asciilifeform: ( in other 'gangrene ? what gangrene?' horrors : 'LibTomCrypt is pretty nice to read (only bug found in last 10 years was in prime generation — failed to iterate Miller-Rabin)' -- from turd https://comsecuris.com/slides/slides-bignum-bhus2015.pdf re broken bignumatrons. cited line presented as a 'hey it's pretty good'... )
mircea_popescu: check it out, diana_coman has found de-facto work-around to "my theme overwrites text up top" : put an intro in, page or so before code :D
diana_coman: mircea_popescu, aha!
mircea_popescu: smart.
mircea_popescu: anyway, so what's the work mode here, every now and again server sends client a rsa-encrypted packet containing 16 aes keys ; client enciphers its comms to the server with one selected from a set of 8 selected from those 16 ; and deciphers server's with one selected from set of 8 other than previous set. now and again burns a key.
mircea_popescu: when left with two unburned gets new set.
diana_coman: mircea_popescu, aes keys??
mircea_popescu: sorry serpent keys
asciilifeform: dun have to swap ~all~ the keys every time there's an rsagram
mircea_popescu: sed 's/aes/serpent/'
mircea_popescu: asciilifeform client just keeps a list. adds to it when rsagram
mircea_popescu: strikes from it by criteria.
asciilifeform: right
mircea_popescu: this actually seems a rather workable method tbh.
mircea_popescu: allows for very elastic packets / metering of security needs by user.
asciilifeform: iirc this is the scheme asciilifeform originally suggested.
mircea_popescu: diana_coman thereby all game packets will be multiples of 128 bits, and in principle a client can live off the first original rsa op its entire life if it so wishes.
mircea_popescu: asciilifeform pretty cool.
asciilifeform: it costs, however, http://btcbase.org/log/2017-11-22#1742216 .
a111: Logged on 2017-11-22 21:56 asciilifeform: my approach is a universal 'stretcher', predicated on having reasonably fast and high-quality trng.
mircea_popescu: diana_coman i guess we'll define a "control packet" which is always the first 128 bits of every comm, which will contain data such as "killed key #x moved to #y" and also "running out of keys send moar".
mircea_popescu: asciilifeform sorry ?
mircea_popescu: server generates all serpent keys. no stretching .
asciilifeform: actually if client doesn't get to generate keys
asciilifeform: aha right
asciilifeform: if server generates all keys, client dun need an rng at all.
asciilifeform: ( aside from when creating his original rsa priv )
mircea_popescu: the major advantage of which is that user will be able to enjoy security flowing from server even without own fg.
mircea_popescu: right.
mircea_popescu: and suddenly the fg entropy debit is relevant : eulora server will be capable to produce iirc no more than 64 serpent keys/second per installed FG.
mircea_popescu: in reality less as it draws some itself.
asciilifeform: this is approx correct.
mircea_popescu: so i'm guessing a daily-ish serpent key change per client is not unreasonable.
asciilifeform: would depend on how populous, neh
asciilifeform: with few enough clients, even hourly'd be workable
mircea_popescu: but if memory serves the "attack" on serpent used 2^100 plaintexts sorta deal
mircea_popescu: asciilifeform yes but taking the assumptions other way to see how bad it looks.
mircea_popescu: imo dun look bad at all.
diana_coman: mircea_popescu, 16 serpent keys means 16 keys of 256 bits each?
mircea_popescu: right.
diana_coman: mircea_popescu, and then when client enciphers with 1 from a set of 8 selected from those 16: does this mean reusing that 1 key for as many 128 chunks that particular eulora message has? or do you mean 1 per chunk ?
mircea_popescu: it means reusing
diana_coman: k, I think I got it
mircea_popescu: in ~principle~ serpent doesn't expose the key anymore than it exposes the cipher. the claim is that if you know about 2^100 or so plaintext-ciphertext matches you can extract the key.
mircea_popescu: now, the expectation is that a full day of play will produce less than say 2^15 or so messages.
diana_coman: myeah, since reading more seriously on crypto I read a LOT of claims, certainly
asciilifeform: diana_coman: there is ~nothing serious printed on the subject publicly since... von neumann
asciilifeform: which is why 'hitting the books' is a very limited proposition. the most that can generally be asked from the dead trees, is an accurate picture of the popular algos, plus details of the most well-known attacks on various (e.g. lenstra's, pollard's, etc )
asciilifeform: but as for the general principles which a naive n00b might hope to find in such a work -- there's nothing since old man john von n.
asciilifeform: ( and , jaw-droppingly, just about every book 'on crypto' omits the otp proof. that very same, that constitutes the alpha and the omega of what's actually proven in the subject at all )
mircea_popescu: hey, every ro "blog" omits mention of trilema.
mircea_popescu: dun look good together.
asciilifeform: exactly same phenomenon imho
asciilifeform: including the otp proof would immediately invite the q, in even a half-awake reader, of why the fuck the rest of the tree had to die
asciilifeform: to produce the brick of nonsense that follows
mircea_popescu: something quite like that.
asciilifeform: in today's gnattronics finds :
asciilifeform: 1 ) build a gnat proj 2) gnatxref -a -aO path_where_your_ali_files_end_up yourmain.adb > xref.txt
asciilifeform: shits forth a concordance, e.g. http://wotpaste.cascadianhacker.com/pastes/MDZMh/?raw=true .
diana_coman: asciilifeform, I suspect it's quite possible that the writer would end up with that q so... no book
asciilifeform: ( full usage/dep topology for every named entity in your proj )
asciilifeform: with lines/columns where used, and where defined.
diana_coman: that being said, whenever I find I don't even have that poor picture as full and as clear as I'd like, I'm still left with little other choice then to go and read; possibly again, what can I do
asciilifeform: diana_coman: the writer is typically a schneier-style wretch who made 'the bargain' and very well knows about otp
asciilifeform: and ain't sayin'.
asciilifeform: diana_coman: aside from von neumann, and the crc encyclopaedia of well-known algos, i cannot in good conscience recommend much reading. there are works devoted to specific known attacks on rsa ( song y. yang, plus a few ru items ) ; at least 1 dead tree on differential cryptoanalysis ( how items like des get trivially demolished ) whose author presently escapes me; and that's just about it
asciilifeform: you're prolly better off reviewing the fundamentals of information theory ( shannon et al )
asciilifeform: asking for 'good books on crypto' is not wholly unlike to ask 'good books in astrology'
diana_coman: eh, 'good books in voodoo', let's not branch un-necessarily :p
mircea_popescu: lmao
shinohai: this is os hilarious http://archive.is/lPCer #etheredumb gonna fix bitcoin again hurr
BingoBoingo: En otra preguntas: "Are we honering that stupid one year plant policy for Christmas trees?"
ben_vulpes: shinohai: 'payinghyip'
shinohai: mah ec20 tokens
asciilifeform: shinohai: newer, cheaper grade of pinoy, or wat
asciilifeform: physically painful to read.
asciilifeform: 'solve bitcoin's problem by forking it ourself' etc
shinohai: https://www.reddit.com/r/altcoin/comments/7eveiu/bitcoin_2x_the_next_generation_of_crypto/dq7pvn2/
asciilifeform: i propose to enact this useful new word as a proper thing
asciilifeform: if an anthill could speak, it would use word 'ourself'
BingoBoingo: <asciilifeform> if an anthill could speak, it would use word 'ourself' << And the termitories use ourself too
mircea_popescu: and in other news, it was established in teh harem over dinner that human demographics should prolly work on the basis of the alcohol used to spawn them
mircea_popescu: thereby the jennifer generation mostly should be called tequilla-x
mircea_popescu: succeeding beer-x which came after gin-x and so on
asciilifeform: what was the 'jennifer generation' ?
asciilifeform: ( incidentally, mircea_popescu , possibly pertinent cultur-artifact, http://a-pesni.org/dvor/javychelrod.php )
asciilifeform: ( whole site pretty decent imho. )
phf: asciilifeform: https://duckduckgo.com/?q=jennifer+aniston&t=ffab&iar=images&iax=images&ia=images i wonder if mp used that trop before, or it comes from tlp (i'm rereading tlp again)
asciilifeform: lol agricultural face
mircea_popescu: phf in my case it's genuinely because i fuck 21f cali.
mircea_popescu: but anyway,
mircea_popescu: !~google the jennifer hairdo
jhvh1: mircea_popescu: See 13 Celebrities Who Have Rocked Jennifer Aniston's Rachel ...: <http://www.instyle.com/beauty/honor-friends-reunion-13-celebrities-who-have-also-rocked-rachel-haircut>; Jennifer Aniston reveals why she hated 'The Rachel' haircut: <https://www.today.com/style/jennifer-aniston-reveals-why-she-hated-rachel-cut-t20831>; The Story Behind Jennifer Aniston's Rachel Haircut | PEOPLE.com: (1 more message)
mircea_popescu: asciilifeform lol i can't read this. wtf is it ?
asciilifeform: mircea_popescu: prison folklore
asciilifeform: at some point i'ma take a stab at translation.
mircea_popescu: my vocab too poor
BingoBoingo: lol
mircea_popescu: pantsuited hilarity won miss world president race ourself.
BingoBoingo: With maximust termiterity!
BingoBoingo: !~ticker --market all
jhvh1: BingoBoingo: Bitstamp BTCUSD last: 8193.37, vol: 7970.22464966 | Bitfinex BTCUSD last: 8183.7, vol: 28256.73489211 | CampBX BTCUSD last: 3450.0, vol: 0 | Kraken BTCUSD last: 8203.5, vol: 2847.63427408 | Volume-weighted last average: 8187.1153965
BingoBoingo: !~bcstats
jhvh1: BingoBoingo: Current Blocks: 495672 | Current Difficulty: 1.364422081125E12 | Next Difficulty At Block: 495935 | Next Difficulty In: 263 blocks | Next Difficulty In About: 1 day, 21 hours, 57 minutes, and 14 seconds | Next Difficulty Estimate: None | Estimated Percent Change: None
mircea_popescu: and in other black girls code lulz, rorc girl explains FOSS : https://www.youtube.com/watch?v=T-QUSXpy3sk&feature=youtu.be&t=111
phf: lulzy, but she really needs to do some inhalations and exhalations, this is some speaking 101 torture going on
mircea_popescu: they're all fucking terrible. this one breathes like she's 1/3 on the way to orgasm.
mircea_popescu: buncha "speakers" that are SO FUCKING ANXIOUS you'd think they never spoke to people.
mircea_popescu: and since we're on this : i'm particularily insulted by the pretentions of ex-"journalists" owners of no more than two pairs of undewear and no two meatballs to rub together in their entrails at any given point that they're you know, postmodern women with preoccupations and opinions and options and whatnot. this shithead made in her entire 10 year long professional life a little over one bitcoin.
mircea_popescu: yet there she sits, and like her one billion utterly useless facebook tards. i've no doubt she votes, but not randomly -- she thinks she reasons! and in another decade she's gonna write a "book". and so fucking following.
mircea_popescu: in short, i've had it with the aferations of social participation coming from the facebook fake accounts up to fucking here.
mircea_popescu: "oh but mp, wetware-run fake accounts are real!!!" like hell they are. the fact that zuck uses a buncha biosacks to do the job of ten lines of perl doesn't mean the biosacks aren't really shitty raspberrypis. what the fuck next, he's gonna run the shitstorm on z80s and pretend like the z80s are people because "they're louder, slower and burn more energy than proper computers" ?! THEY STILL DO THE EXACT SAME THING.
mircea_popescu: "it's open source which means you don't have to know anything, just copy some codes from the endless information highway". ioana calen xrumer.
phf: where's genghis kahn when you need him? (c)
mircea_popescu: http://p.bvulpes.com/pastes/F4C3M/?raw=true << fucking illustratious.
asciilifeform: http://btcbase.org/log/2017-11-23#1742400 << mm pretty tho
a111: Logged on 2017-11-23 04:40 mircea_popescu: they're all fucking terrible. this one breathes like she's 1/3 on the way to orgasm.
mircea_popescu: asciilifeform i randomly clicked a link from an 2008 article by the itisa dood. i suppose he was fucking her at the time or w/e.
phf: obligatory https://www.youtube.com/watch?v=ita8xHOtv1k
asciilifeform: mebbe helps that asciilifeform is sitting on a box with no sound card
mircea_popescu: but this is the fucking "career" of these schmucks. born 83, graduated "college" 2003, worked as a fashion-culture-pop-media "editor" at some obscure local paper, then became "a PR officer!!1" by now pretending to "cultural management". motherfucker. management ?!
mircea_popescu: for the same money could pretend to cultural engineering. which, obviously, they do.
phf: asciilifeform: yeah, i had the same thought until she started speaking, i mean, shit, they don't have "toastmasters" in romania? practice your talk before going in front of people
mircea_popescu: phf it's not that they don't have toastmasters in romania. it's that they don'tr have anything if you're born after 1980.
mircea_popescu: and i mean this most literally.
mircea_popescu: " At Buyerbrain, Ioana performs as a researcher and as a multidisciplinary perspective analyst, disseminating and promoting the neuroscience culture while also applying those principles to marketing and communicating the laboratory." you understand me ?!
mircea_popescu: what fucking toastmasters.
mircea_popescu: the neuroscience fucking culture so help me.
asciilifeform: neuroscience culture..?!
mircea_popescu: apparently what, on the basis of this malfunctioning spam script they also don't have basic logic in romania now ?
phf: blockchain!
mircea_popescu: yeah, that's the entomological value here : that these EXACTLY IDENTICAL fucktards haven't yet heard of THAT fashionable bullshit. so they're still working the old style nonsense. yet the underlying opcodes are very visibly exactly the same.
mircea_popescu: allows for some diffing, "what's this z69 say vs that one ?"
mircea_popescu: and i'll insist and underline that no, can not be the case these are people. if i can emulate 10k of them on a stock amd, they're not people, they're 1/10k of a stock amd.