ben_vulpes: asciilifeform, mod6: if pressing is intended to be curated by patch selection in the patches dir, seals in the sealsdir and keys in the wotdir, why does "press" need to take a head?
mats: i got the joke, yo.
ben_vulpes: the throwaway joke mats is that the top of the bell curve is entirely average, just like putting on pants in the morning
mats: i know enough physics to put my pants on in the morning
ben_vulpes: mebbe the 'stealth' tech
ben_vulpes: mats: did you ever read the books?
ben_vulpes: for instance the blood cloud that collapsed when the martian warship began its burn was pretty good
ben_vulpes: mats: the expanse is a surprisingly high-quality-for-such-a-low-budget scifi flick
asciilifeform: what was ~after~ these ?
asciilifeform: and yes, when mircea_popescu wakes up he will no doubt supply us with the mega-insight that if i have no money it is because i have no competence at anything and oughta be boiled for soap asap
asciilifeform: otherwise 'take what you're given, churl, and shuddup'
phf: work from home and they would not give it to home and that it's just life
phf: oh, a funny thing from last years interviews. i ask for a month vacation time (since 2 weeks is standard here, i just say 2 weeks pto and 2 weeks unpaid leave) written in the contract, so that there aren't any questions. during one interview guy was trying to convince me how that's bad for company and how it's a crazy thing to ask for, finally at the end he started complaining that he's been there for 5 years and was promissed friday
ben_vulpes: whoa thestringpuller v thorough
phf: at my old jobs i used to seek out talanted devs, and during weekend drinking convince them that they should go demand a raise, it worked couple of times. those who would listen will immediately start moving up the ladder, "who would've thought". some people still reach out and tell me about their salary fights in the "i tell them go fuck themselves" kind of terms. warms my heart
mircea_popescu: people not doing that (because people are generally NOT qualified for the jobs they get) is the principal reason it went toxic.
phf: well, i was out of the loop for couple of years, working for hsbc, and those guys don't haggle over 50k
mircea_popescu: trying to find out whether you know how much you're worth or not really at the very least.
phf: that works for all of us, i.e. my impression is that the expectation was that i would cave and take less
assbot: Logged on 06-02-2016 13:43:34; pete_d_out: "Moreover, employers may feel they can lowball applicants because they believe there is still a surplus of qualified candidates.
phf: http://log.bitcoin-assets.com/?date=06-02-2016#1397760 << when i was interviewing last year, was straight up told by several different companies that i should adjust my rate because i won't be able to compete in the market (that's a direct quote from on of the hr people). one company we went through several phone calls where different people were telling me that the salary requirement is a bit high, but maybe we can work something out
mircea_popescu: there's 73393 of them A's, so i imagine there's some browsers out there that don't do bounds checkingproperly ?
mircea_popescu: asciilifeform well the whole result here is that ~your~ 10 btc can wait for a better day.
asciilifeform: still wanna play ? mircea_popescu can put the 10 in snsa piggy, if he wishes. or we can let the matter rest.
mircea_popescu: your bias-less rng shits out n/2 ones. they go against a message containing 3/4n ones. they will flip n/2 items in the message, 3/4 of which being 1s and 1/4 being 0s. you thus end up with 3/8 old ones + 1/8 ex-zeroes for a grand total of exactly 1/2 whoa.
asciilifeform: (answer, for the thick, is that your rng, if it works correctly, is EXACTLY as likely to shit out a string that xors yours to 'kill stalin at midnight with table leg' as an equivalent length string of zeros, or any other.)
asciilifeform: but for some reason mircea_popescu understood why this is lunacy, ~then~, but not now?
asciilifeform: funnily enough, last year there was some derp who shat into mircea_popescu's comment section with 'otp doesn't work because rng might burp out N zeros and then what'
punkman: you can't get the bitmap penguin after otp
asciilifeform: i realize that it cries against every mathematical intuition, but with correctly functioning otp, it makes not a whit of difference what your plaintext is.
mircea_popescu: i had no fucking idea the notion that you're supposed to debias plaintext before otping it is even controversial.
asciilifeform: can he say what the ~previous~ flip was ?
asciilifeform: mircea_popescu finds a coin on the sidewalk.
asciilifeform: which is the xor lemma.
mircea_popescu: which was the original fucking point that ended up in all this weird.
mircea_popescu: asciilifeform otp bias cheifly doesn't matter here, as the same otp is delibverately used for both messages.
mircea_popescu: first plaintext counts up from 1 ; the 2nd counts down from 65535
mircea_popescu: so you can verify the program works correctly
punkman: what's the point of public otp
mircea_popescu: now, 64kb aren't that much, and the structure chosen is literally the simplest thing available for ease of implementation. nevertheless, a little DOES leak even so.
asciilifeform: consider posting the code ?
asciilifeform: 16, rather
mircea_popescu: the method described above, one plaintext counts up one counts down.
asciilifeform: this is elementary, and if mircea_popescu comes back and tells us that he had been drinking, i will believe him, and happily forget the whole thing.
asciilifeform: unless you are a telapath, there is nothing useful you can say about a bit which was flipped with probability 0.5.
asciilifeform: to say that its previous state had any bearing on the face it is showing when you find it,
asciilifeform: imagine you find a coin on the street.
asciilifeform: the mircea_popescu side of the game can only be won if 1) rng is biased 2) he knows how
asciilifeform: to see how ludicrous the proposition is
asciilifeform: i invite the curious log reader to play the game mircea_popescu proposed with single bits, with a friend
asciilifeform: (and that they were, hence, not crafted specifically to bulldoze whatever magical pattern he put in his strings)
asciilifeform: incidentally, the main reason i'd like a referee, is so that everybody knows that my random 'pads' were generated independently of mircea_popescu's challenge strings.
asciilifeform: this is then exactly isomorphic to my original.
punkman: I guess every other string can be all 0s
punkman: mp must guess how many of the 100 ciphertexts are made from the string ""mircea_popescu: long, deeply biased plaintexts are dangerous for otp.""
asciilifeform: what's the 3rd ?
punkman: the third variant is also ok I think
asciilifeform: gotta play with either my original scheme - N sets of 2-pronged - or punkman's - N files.
mircea_popescu: you can make as many otps as you want, it's still coming out the same way o.O
asciilifeform: then we just learn that mircea_popescu can break sha!
punkman: other variant: ascii makes 100 otps, makes 100 plaintexts, X of which are the string "mircea_popescu: long, deeply biased plaintexts are dangerous for otp.", then passes 100 ciphertexts to mp. mp must guess X withing some range.
mircea_popescu: can just deedbot the result.
asciilifeform: 4) mircea_popescu tells me which of the 100 it was.
asciilifeform: 3) i select one of these, sign, and send to jurov or kakobrekla or somebody, referee
asciilifeform: 2) i xor over each of them with 1MB from a cardano rng.
asciilifeform: it has to be with mircea_popescu generating the magic strings, because this is how he said he will carry out the telepathy - by selecting specially-crafted biased input.
mircea_popescu: ok i guess ima have to figure out some way to hm. hey asciilifeform , how about this deal : i pay you 10 btc of my eventual winnings, should they exist, but you make the messages and show the result. i dun have a compiler ready and nfi how you generate the described messages in bash
mircea_popescu: for the very reason that it can't create pattern,
asciilifeform: work it on paper. the plaintext (payload), in xor operation, merely flips the key bit.
asciilifeform: mircea_popescu: the output bits - the lot of them - is necessarily as entropic as my key.
asciilifeform: (i will happily collect the win in its stead, like that fool wanted to collect nobel for satoshi!11)
asciilifeform: you are still playing against the xor lemma.
asciilifeform: so, for this variant of game, algo would be 1) mircea_popescu generates his string set, signs, deedbots; 2) i xor'em, sign, deedbot at first only the signature; 3) i post one of the xor'ed strings 4) he telepathies which one 5) i reveal my hand, which is the tarball in step 2 6) if he wins, i lose 10b, or vice-versa
mircea_popescu: han byte n-1. The larger of the two indicates the message encrypted ; the difference between these counts indicate your confidence (or the rng's bias).
mircea_popescu: asciilifeform : Let message A consist of individual bytes counting down from FFFFFFFF ; let message B consist of individual bytes counting up from 00000000. Let the enemy xor one of these two against a random, unbiased OTP of the same length and supply the enciphered result. Take that result, and count the instances where byte n is larger than byte n+1. Take that result, and count the instances where byte n is larger t
asciilifeform: but in practice longer, because they must be N ~distinct~ strings
asciilifeform: if they are all of length L.
asciilifeform: and anyway that was not the proposed game (because it would not be the least bit interesting)
asciilifeform: if there is one otp key, and it gets used two or more times, with mircea_popescu controlling the input and knowing anything whatsoever about the output, he learns the key trivially.
asciilifeform: no two xors with one motherfucking bit.
asciilifeform: the way i read it, the 'if' is whether mircea_popescu can demonstrate convincingly higher than chance guessatronics.
mircea_popescu: which is why ima try and show it theoretically.
mircea_popescu: that i guess your message. which i suppose necessarily carries the caveat that "must not be by chance",
asciilifeform: mircea_popescu: what's the if
mircea_popescu: asciilifeform notice that this isn't "wins/loses". you're just giving 10 btc away, on the if.
asciilifeform: otherwise can immediately decode 'which one' based on length.
asciilifeform: punkman: not problem, but must specify this, otherwise somebody wins/loses on an idiot technicality that teachs nothing
thestringpuller: and this is what #b-a is the most amazing channel on freenode
asciilifeform: (and it goes without saying that the plaintexts must be same length)
mircea_popescu: mk, ima bbl see if i can hack together something that satisfies the audience theoretically.
punkman: mp makes 2 plaintexts, ascii generates 1000 otps, for each otp: picks one of the 2 plaintexts and xors with otp. mp must guess guess correctly 501?, 600? more?
mircea_popescu: why does there have to be a referee ?
asciilifeform: but why beat the horse? i'm willing to play !
mircea_popescu: you don't see the crc discussion sufficient for our purposes ?
gribble: The operation succeeded.
mircea_popescu: and if the plaintext is long enough, this is equivalent to a requirement of minimal bias in the otp pad.
mircea_popescu: but in general, if you do away with the requirement to recover ALL of the plaintext,
asciilifeform: those 'bits' are still 'in there.'
asciilifeform: this is basic theory per shannon.
mircea_popescu: how biased the otp needs to be is part of the crc spec, for instance "every 8th bit may be a 1" etc.
mircea_popescu: let me put it this way : stuff like CRC, or ECC etc, exists fundamentally out of "we guarantee you can recover the plaintext after it has been otp'd with a pad which is AT LEAST this biased"
asciilifeform: (i.e. they are independent streams)
asciilifeform: just as in the old thread where we demonstrate that trng XOR hitler's rng is still trng.
asciilifeform: in the original challenge it does also.
mircea_popescu: nevertheless!
mircea_popescu: the examples given are not structured and readily reduce to "1" and "0", so no, it wouldn't work here.
asciilifeform: actually this contradicts the xor lemma.
mircea_popescu: if you're making 1 mb of 01111110 and 1mb of 10000001 and then otp them against a random pad
asciilifeform: specifying wtf you're doing, clears the mind
mircea_popescu: asciilifeform funny how money clears the mind, even if it's too little to mention.
mircea_popescu: punkman why, he didn't feel obliged to add any btc to the other one, just bitch about the insufficiency of the sum.
mircea_popescu: you pick one of two lengthy, structured plaintexts i provide, you encrypt them with a biasless, purely random rng, and i decide which of the two you picked.
asciilifeform: mircea_popescu: specify the experiment ?
asciilifeform: the ciphertext literally tells you nothing useful, other than an upper bound for the length
asciilifeform: you can guess the message just as easily with telepathy, at home.
asciilifeform: mircea_popescu: think about it, with otp, there is no reason for you to actually intercept the ciphertext
mircea_popescu: because they are long, and structured.
mircea_popescu: they aren't all equally probable if i can rely on your otp being random.
asciilifeform: because they are all equally probable.
asciilifeform: an actual otp conveys no information whatsoever via the ciphertext.
mircea_popescu: there is another way to die using otp, and that way is to use a lengthy biased message the enemy knows most of.
asciilifeform: (but, the hard part, same one on both ends
asciilifeform: ergo the linked thread, where i posit that an ideal otp is actually a physical object which brings the bits somehow into existence one at a time
asciilifeform: (the latter is a common concern in all crypto)
asciilifeform: or captured, and then funkspieled
mircea_popescu: this alone should show they're deeply inadequate, but who knows fundamentals anymore.
mircea_popescu: since they all use xor.
mircea_popescu: asciilifeform technically speaking, the s-box cipher crapolade is an ellaborate exercise in reusingselect parts of otp
asciilifeform: (see, e.g., famously the 'venona' case)
asciilifeform: one is to ~ever, for any reason~ reuse any portion of the pad.
asciilifeform: there are several possible ways to die when otp
assbot: Logged on 03-02-2016 01:53:21; asciilifeform: actually for many years i have thought about the ideal electric otp.
mircea_popescu: a ok then.
assbot: Logged on 06-02-2016 16:59:13; mircea_popescu: then again i suppose there's some middle aged lawyers somewhere that remember the days facebook was really cool.
mircea_popescu: understand : if you collect say 1024 random bits, the chances of seeing 512 1s and 512 0s are < 1%
mircea_popescu: this is actually usable to describe a lot of the plain text, and exponentially more so when i know that debug.log tends to contain a lot of "connection" strings.
mircea_popescu: let's work with a very simple example. suppose we use two bits, and suppose the plaintext is as follows : 00 appears 1 case out of 8 ; 01 appears 2 cases out of 8 ; 10 appears 4 cases out of 8 and 11 appears one case out of 8. 1+1+2+4=8.
mircea_popescu: punkman "items" is used there deliberately, to scale with the size of the block you use.
mircea_popescu: the correct way to apply otp to something like human readable text is to weigh it.
mircea_popescu: nevertheless...
mircea_popescu: and yes as noted by alf the "pill" for this fundamental problem is to make sure that message length stays well under statistical sample.
BingoBoingo: The letter 'e' problem
mircea_popescu: this is fundamental instruction in the importance of.... large block sizes.
mircea_popescu: the necessary result is (different items have same varying, known probabilities to appear as in the plaintext)
mircea_popescu: to be studied in pairs, one kid makes the scheme, the other kid breaks the scheme, then alternate positions.
mircea_popescu: do the experiment for yourself, it's really a great entry thing into cryptanalysis.
mircea_popescu: esp since i know plenty of strings likely to appear in the plaintext.
mircea_popescu: i will then proceed to count the As and the Ws and break your thing to a large degree.
mircea_popescu: for instance, consider the naive situation where you take 1mb worth of debug.log, and xor it against 1mb of perfect noise.
BingoBoingo: <punkman> gotta have something to remember how much of the otp has been used << burn the used pages of your cipherbook
mircea_popescu: the whole power of the scheme comes from "everything's equally likely". yet if everything's not equally likely...
punkman: gotta have something to remember how much of the otp has been used
punkman: is there a decent otp implementation?
BingoBoingo: Seriously now, there's people paid to believe warez doesn't lead to innovation.
mircea_popescu: mod6 ah. well... negotiable insturment, you know. everyone values it as he values it. there's not exactly a dearth of offerings - notably the reward to prove qmail is buggy was 500. knuth's rewards are a dollar and change., etc
ben_vulpes: what does c-s buy one over the otp in that case?
mircea_popescu: that's why they're symmetric.
mircea_popescu: ben_vulpes all symmetric ciphers share the key.
mircea_popescu: in the EP? general scheme of true cryptography, otp occupies a peculiar spot, equivalent to rsa's use of multiplication, where otp uses "multiplication modulo 1" or "multiplication in the binary group" for a ยบ function
ben_vulpes: and the need to share the key does not impose the same operational considerations as otp?
asciilifeform: generally, we are interested in the moment of truth.
asciilifeform: rather than 100M turd
asciilifeform: also in the future, folks plz post last 1M max
mircea_popescu: gernika may be describing the blackhole thing ?
assbot: Logged on 06-02-2016 17:40:04; gernika: asciilifeform: http://www.exusiae.com/shared/debug.log - I am not sure what a useful summarization of what is in the log would be.
mircea_popescu: if nothing else, the tiny ammt of publicity we've been doing around it pisses people off. so...
mircea_popescu: and i'd rather that than rsa, myself.
asciilifeform: on the other hand, 'the spice must flow.' and if i hear nothing, 'g' is coming out with rsa or cramer-shoup in abusive mode.
mircea_popescu: alrighty then!
asciilifeform: mircea_popescu did learn a useful fact, if he had not already known it, namely that... there are not yet cryptographers
mircea_popescu: it DOES decide whether ~anyone~ is a cryptographer or not, however.
mircea_popescu: whether workable cipher materializes or not does not decide if mp is mp.
mircea_popescu: otherwise, whores and miners are abundant and i couldn't care less.
mod6: also, which block was the last accepted? i.e., which block was it grinding on?
asciilifeform: mircea_popescu laughs at warez aficionados but then wants the things he wants, to fall from the sky for phree
mod6: gernika: be sure to capture logs. we've seen wedges in the past, and they hvae some distinct tell tale signs in the logs.
mircea_popescu: the world owes you nothing. now go die, in any manner you choose for yourself.
mircea_popescu: and stop dreaming about the liv ing wage
mircea_popescu: there's no way to extrinsically motivate astrologers to become astronomers.
gernika: asciilifeform: Since I've already shutdown the node, I can't answer your other questions at this time. I will once I've started it up again and it re-wedges (i.e. no new accepted blocks for 12+ hours)
mircea_popescu: neither a nor b.
asciilifeform: my point was that if you want astronomy, and all you have to work with is astrologers, the only possible thing that could ever work is a) wait 1000 years, be very patient or b) track down promising ones and cut them loose from day job assembling horoscopes
gernika: asciilifeform: http://www.exusiae.com/shared/debug.log - I am not sure what a useful summarization of what is in the log would be.
mircea_popescu: so then.
asciilifeform: there is none, because charlatanry.
mircea_popescu: otherwise, cryptographer === magician.
mircea_popescu: show me this previous work in the field.
mircea_popescu: i can inspect other boeings that were made, including by the people that trained you.
mircea_popescu: asciilifeform there is a difference between making a boeing for pay and making a cipher for pay.
assbot: Logged on 06-02-2016 17:30:00; mircea_popescu: so - if "cryptologists" can not produce what i ask of them - their wives, to the brothel, they themselves to the mines, for fraud.
asciilifeform: http://log.bitcoin-assets.com/?date=06-02-2016#1398118 << it remains a challenge to get folks to produce things to scratch your itches when you aren't the one paying.
asciilifeform: is there network traffic ?
asciilifeform: what is the behaviour ? does it respond to rpc ?
asciilifeform: what is in the logs ?
gernika: or perhaps this is one of those "hands of the drowning" situations. bleh. C++ here I come.
asciilifeform: 'Although in theory Miller can claim priority, reality is more complex. As will be explained below, it is quite unlikely that either he or anyone else ever used his system for real messages; in fact, it is unclear if anyone other than he and his friends and family ever knew of its existence. That said, there are some possible links to Mauborgne. It thus remains unclear who should be credited with effectively inventing the one-
asciilifeform: (for n00bz, lilienfeld invented transistor in the '20s)
gernika: mod6: my 99996 node is wedging every 1k blocks or so. I would be happy to apply any logging or debugging patches that might be out there to help track down the problem.
gribble: Frank Miller (cryptography) - Wikipedia, the free encyclopedia: <https://en.wikipedia.org/wiki/Frank_Miller_(cryptography)>; One-time pad - Wikipedia, the free encyclopedia: <https://en.wikipedia.org/wiki/One-time_pad>; Frank Miller: Inventor of the One-Time Pad [pdf] - Columbia University: <http://www.cs.columbia.edu/~CS4HS/talks/FrankMillerOneTimePad.pdf>
asciilifeform: otp is ww1 state of the art.
mircea_popescu: i don't need "experts" and "universities" to tell me 1800 state of the art.
mircea_popescu: so - if "cryptologists" can not produce what i ask of them - their wives, to the brothel, they themselves to the mines, for fraud.
mircea_popescu: which... i dun recall the last time i used a message longer
mircea_popescu: asciilifeform> otp. << if the key is 64kb, technically otp would work fine for message up to 64kb.
thestringpuller: an exercise for the reader is always a good exercise. I'll see what 'netsec' tards at work say to that question.
asciilifeform: (find me ~one~ 'netsec' tard who can explain how the curves are chosen)
asciilifeform: thestringpuller: guess why.
thestringpuller: asciilifeform: dunno if this was in logs. but why is the "crypto comoonity" opposed to RSA?
asciilifeform: there are charlatans who will happily help you self-delude that it has been done, however.
asciilifeform: in any ciphersystem ~other~ than otp, the ciphertext carries, theoretically, ~some~ information re: the key.
asciilifeform: if i tell you that X xor Y == 1, you cannot infer X and Y, only that one is 1 and other is 0
asciilifeform: (the otp proof is kindergarten-level - the ciphertext tells you nothing at all - as in 0 bits - about the key or the plaintext)
asciilifeform: afaik no effort to produce another has ever yielded anything.
asciilifeform: the major boojum re: asking for (as i asked for) a cipher that has an actual mathematical proof of security, is that there is precisely one such known,
asciilifeform: to briefly return to the cipher thread,
asciilifeform: bonus, the carriage never gets cold...
BingoBoingo: AHA, Like motorcarriage powered by radiothermal generator
asciilifeform: which turns into a mathematically plausible but physically-ludicrous discussion akin to 'candle burning for 100 years will move a ferrari 1km forward'
asciilifeform: in which case you get the ridiculous american number of 30. which assumes an ideal spherical horse of an empire where the chump actually keeps getting that 100k for 30 years, and it isn't eaten away at by spiraling costs of fuel, food, medical, etc.
assbot: Logged on 06-02-2016 16:47:26; mircea_popescu: asciilifeform if the 100k is a salary, 100 years of that buys you a house where your job is. you denying this ?
asciilifeform: http://log.bitcoin-assets.com/?date=06-02-2016#1398011 << closer to 10. ~unless~ you use my magic formula and compute using ~the money you have left over to actually pay for the thing~
mircea_popescu: "if you make the list of places, and cross out the places where you woujldn't want to be seen, the result is the list of cool places"