Show Idle (>14 d.) Chans

← 2018-10-28 | 2018-10-30 →
mircea_popescu: i dunno i like "block" to begin with.
asciilifeform: relatedly, asciilifeform tried to bake a proof that the lamehash keyinflater function of serpent is one-to-one ( i.e. actually carries 256bit of the key register's entropy into the 528 bytes of whiteolade ) and not only didnt , but realized that afaik no such proof exists for any 'troo' hash also ( incl keccak.. )
asciilifeform: mebbe i'm thick and it's a trivial provable ? ( diana_coman ? mircea_popescu
asciilifeform: ? know a proof? )
mircea_popescu: i'm not aware such a thing was ever proven.
asciilifeform: actually, funnily enuff , i nao see a proof for serpent's, but not keccak
asciilifeform: ( in serpent inflator, the only ops are xor, rotate, and sboxation, all 3 conserve entropy )
mircea_popescu: asciilifeform this isn't much of an argument, let alone "proof". + and * also conserve entropy, yet y=x/2 - x/2 +4 does not.
deedbot: << Bimbo.Club - TMSR Log Summary - 10/24/2018
Mocky: or a more direct counter argument: A xor A = 0
Mocky: >> using a variation this algo you can stuff a block half full of bits without any 2 consecutive bits being from a known plaintext, while the accumulating xor prevents the penguin
a111: Logged on 2018-10-29 03:26 asciilifeform: nao, exercise for the reader : find the bandwidth of this channel ( how many bits , if more than one, can be stuffed into a block and still preserve this property ) ...
asciilifeform: diana_coman: aha
asciilifeform: Mocky_: yea , calls for an actual proof..
asciilifeform: meanwhile, in other lulz, << trivial local-privesc in xorg ( introduced by shitgnomes in '16 )
mircea_popescu: Mocky_ yeah but i wanted to drive the point home.
asciilifeform: mircea_popescu: not only were you right, but i just about have a handle on deriving the factual key bitness of serpent..
mircea_popescu: and it's almost 2/3 ?
asciilifeform: i'ma refrain from pons&fleischmanning this one..
asciilifeform: ( for anybody who wants to take a stab at this in parallel with asciilifeform , hint : xor-with-constant is injective , can be factored out of equation; ditto sboxes )
asciilifeform: mircea_popescu: 1/3
asciilifeform: i.e. 85-bit strength, possibly smaller ( i haven't algebraicized the entire recurrence yet )
deedbot: << Qntra - Germany: Merkel Plots Her Exit
asciilifeform: let the key words (32bit ea.) be A,B,C,D,E,F,G,H. so W(-8)=A, W(-7)=B, W(-6)=C, W(-5)=D, W(-4)=E, W(-3)=F, W(-2)=G, W(-1)=H ;
asciilifeform: now we factor out the ... xor 16#9e3779b9# xor Unsigned_32(I), it's an injective operation (neither adds nor subtracts entropy) ;
asciilifeform: ditto the s-boxes (they are reversible, merely permute)
mircea_popescu: i'm not so persuaded by this latest bit.
asciilifeform: mircea_popescu: they're reversible !
asciilifeform: i.e. have exactly same number of possible outputs as there are inputs
asciilifeform: thinkaboutit, then we'll proceed
asciilifeform: ( if sboxes were'nt reversible, deciphering wouldn't work )
mircea_popescu: that they are reversible is tru!
asciilifeform: therefore the inputs:outputs are 1:1 .
mircea_popescu: and in point of fact reversed as the thing works.
asciilifeform: correct
asciilifeform: how else could it work.
asciilifeform: and the two xor's-with-constants, just the same reversible.
mircea_popescu: consider the sets P {1,2,3,4} and E {1,2,3,4,5}. now, the function taking all numbers <4 to themselvews and 4 to either 4 or 5 with 50-50 probability IS in fact reversible
asciilifeform: thereby do not affect the quantity we are seeking.
mircea_popescu: is however not in fact entropy conserving
asciilifeform: mircea_popescu: if it has a random component, it aint reversible, how wouldja reverse it ? with time machine ?
asciilifeform: gimme an inverse for it, we can go to vegas
mircea_popescu: i can reverse it, cuz P4 or P5 are E4 so i need to now nothing.
asciilifeform: i dun get it, what's P5 ?
mircea_popescu: the 5th element of P set.
mircea_popescu: a fuck i did it backlwards
mircea_popescu: E4 and E5 are both P4.
asciilifeform: whole thing plox ?
mircea_popescu: consider the sets P {1,2,3,4} and E {1,2,3,4,5}. now, the function taking all numbers <4 to themselvews and 4 to either 4 or 5 with 50-50 probability IS in fact reversible (because E5 and E4 are directly P4). is however not in fact entropy conserving.
mircea_popescu: it is entropy* conserving, where entropy* is a special "entropy-colored-for-meaning", but this isn't useful.
asciilifeform: let's try this. so i throw in {1,2,3,4,5} and the rng cranks and i get a {1,2,3,5,5}, then i put it back and rng cranks again and i get a {1,2,3,4,4}, with nonzero probability. so i reversed ??
mircea_popescu: can't throw in 5. the P set is 1,2,3,4.
asciilifeform: ( not even speaking of fact that this aint a function of the inputs, in the civilized sense, it is a function of input and rng )
mircea_popescu: i agree this is uncivilised.
asciilifeform: then it aint reversible if it can't turn the 5 back into a 4
asciilifeform: what am i missing
mircea_popescu: the problem with one's preoblems is that they rarely have the decency.
mircea_popescu: asciilifeform what 5 ?
asciilifeform: well i put in {1,2,3,4} and out came {1,2,3,5}.
asciilifeform: now i want reverse.
mircea_popescu: and the reverse is 1,2,3,4.
asciilifeform: but what function gives it to be with prob=1 ?
mircea_popescu: cuz E4, E5 are the indistinct sysnonyms of P4.
mircea_popescu: the function which takes all numbers <4 to themselves and all numbers >4 to 4.
asciilifeform: by this token there exists inverse keccak, consisting of a list of values which when xor'd with any given one, produces original.
mircea_popescu: i agreed it is not civilised!
mircea_popescu: what do you want me to do ?
asciilifeform: this is trivially true but is not what we want when asking 'can haz reverse keccak'
mircea_popescu: i have problems with statements.
mircea_popescu: it's what i do for a living.
asciilifeform: with the tools in the actual box, however, afaik there is no headache of this kind, xor-with-constant is reversible and conserves.
asciilifeform: there are exactly as many possible outputs as inputs, and if you xor with the constant again, you get the input back.
asciilifeform: so, continuing: we throw out the constants, and:
asciilifeform: W(0) = RLeft11(xor(a,d,f,h))
asciilifeform: W(1) = RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h))))
asciilifeform: W(2) = RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h))))))
asciilifeform: W(3) = 3,RLeft11(xor(d,g,RLeft11(xor(a,d,f,h)),RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h))))))))
asciilifeform: W(3) = RLeft11(xor(d,g,RLeft11(xor(a,d,f,h)),RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h))))))))
asciilifeform: W(4) = RLeft11(xor(e,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))),RLeft11(xor(d,g,RLeft11(xor(a,d,f,h)),RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h))))))))))
asciilifeform: W(5) = RLeft11(xor(f,RLeft11(xor(a,d,f,h)),RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))))),RLeft11(xor(e,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))),RLeft11(xor(d,g,RLeft11(xor(a,d,f,h)),RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h))))))))))))
asciilifeform: W(6) = RLeft11(xor(g,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))),RLeft11(xor(d,g,RLeft11(xor(a,d,f,h)),RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))))))),RLeft11(xor(f,RLeft11(xor(a,d,f,h)),RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))))),RLeft11(xor(e,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))),RLeft11(xor(d,g,RLeft11(xor(a,d,f,h)),RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h))))))))))))))
asciilifeform: W(7) = RLeft11(xor(h,RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))))),RLeft11(xor(e,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))),RLeft11(xor(d,g,RLeft11(xor(a,d,f,h)),RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))))))))),RLeft11(xor(g,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))),RLeft11(xor(d,g,RLeft11(xor(a,d,f,h)),RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))))))),RLeft11(xor(f,RLeft11(xor(a,d,f,h)
asciilifeform: ),RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))))),RLeft11(xor(e,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))),RLeft11(xor(d,g,RLeft11(xor(a,d,f,h)),RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h))))))))))))))))
asciilifeform: but after this, it chews the cud, e.g. W(8) = RLeft11(xor(RLeft11(xor(a,d,f,h)),RLeft11(xor(d,g,RLeft11(xor(a,d,f,h)),RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))))))),RLeft11(xor(f,RLeft11(xor(a,d,f,h)),RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))))),RLeft11(xor(e,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))),RLeft11(xor(d,g,RLeft11(xor(a,d,f,h)),RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h))))))
asciilifeform: )))))),RLeft11(xor(h,RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))))),RLeft11(xor(e,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))),RLeft11(xor(d,g,RLeft11(xor(a,d,f,h)),RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))))))))),RLeft11(xor(g,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))),RLeft11(xor(d,g,RLeft11(xor(a,d,f,h)),RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))))))),RLeft11(xor(f,RLeft11(xor(a,d,f,h)
asciilifeform: ),RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))))),RLeft11(xor(e,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))),RLeft11(xor(d,g,RLeft11(xor(a,d,f,h)),RLeft11(xor(c,f,h,RLeft11(xor(b,e,g,RLeft11(xor(a,d,f,h)))))))))))))))))) , and we can ignore these
asciilifeform: apologies for the log clutter, but this imho belongs in the l0gz
asciilifeform: nao, is it a controversial statement that xors with an item that's already been rolled in, can only ~subtract~ entropy, never add ?
asciilifeform: regardless of how rotated.
asciilifeform: anything that appears on the right-hand side of one of those xor's, can potentially cancel itself out...
asciilifeform: so! for instance ! if a, d, f, h are such that xor(a,d,f,h) = 0, then term a no longer appears in the equation at all !
asciilifeform: so all possible inputs where this holds , result in the same inflated-key.
mod6: holy moly
asciilifeform: bahahaha
asciilifeform: 'cipher contest' my shiny metal arse...
asciilifeform: if xor(b,e,g) = 0, then term b no longer appears in equation...
asciilifeform: if xor(c,f,h) = 0 -- then c...
asciilifeform: and so on.
asciilifeform: at this point i strongly suspect that the actual bitness, is 64 OR SMALLER
mircea_popescu: asciilifeform the objection you had, you know, "this is trivially true but is not what we want" goes very much to the core of the issue -- cryptographic notions of strength are very hard to meaningfully describe mathematically because htey're always "obviously this has ONE trivial solution, but does it have more than the one ?!" math deals in 0 and 1s, it's ill equipped to deal with this batshit nonsense.
asciilifeform: mircea_popescu: it dun even seem like we need exotica here
mircea_popescu: right. anyway, back to the practicals -- are sbox outputs ~equiprobable~ ?
asciilifeform: the actual bitness of serpent , seems like, is so small as to be iterable on pc.
mircea_popescu: because if not, then VERY likely what we're seeing is a subclass of
a111: Logged on 2018-10-29 15:53 mircea_popescu: it is entropy* conserving, where entropy* is a special "entropy-colored-for-meaning", but this isn't useful.
asciilifeform: mircea_popescu: what would mean 'equiprobable' ? they're a 1:1 mapping
mircea_popescu: yes 1:1 by count. but by occurence ?
asciilifeform: you put in 000..., you always get same thing, you put in 111... you get another distinct thing, ditto, and so on
asciilifeform: they're caesar's cipher.
asciilifeform: alphabet-a -> alphabet-b.
asciilifeform: or, if you like, enigma rotors.
mircea_popescu: << not controversial. can substract, though doesn't necessarily have to ; can never add.
a111: Logged on 2018-10-29 16:06 asciilifeform: nao, is it a controversial statement that xors with an item that's already been rolled in, can only ~subtract~ entropy, never add ?
asciilifeform: for our purposes, that means 'they subtract'.
asciilifeform: thus far, afaik, we already know that there aint 2**256 possible 528-byte serpent expandedkeys. nor 2**128. and as i currently suspect, not even 2**64 .
asciilifeform: and for some reason this took 20yrs ?! to get out...
mircea_popescu: the reason being that it wasn't gonna move till i baked it in some pie.
mircea_popescu: which finally got some attention from ppls.
asciilifeform: hey, it didn't click in asciilifeform's head either until asciilifeform went to fpgaize it..
asciilifeform: 'notation is worth +80 iq' or how did it go.
asciilifeform: it also suggests a very different picture, vs the one i previously supposed, re why it didn't win the tourney. ( rather than washington:'omfg too strong', rather went 'omfg our academi.flunkies kissing arse so hard they cant breathe' )
asciilifeform: entirely possible also that the 'lost despite most votes' thing was engineered stunt.
asciilifeform: i gotta take off my hat to whoever cooked that up.
mircea_popescu: asciilifeform consider also that if a, b, c, d, e, f are rng words, then (P xor a) xor b) etc does not in fact substract anything.
asciilifeform: mircea_popescu: yer xoring overlapped copies, remember
asciilifeform: rotleft-11
mircea_popescu: asciilifeform likely explanation being "whisperer", ie, technical quimby sinking it behind the doors because "it's fucking stupid".
asciilifeform: mircea_popescu: cuz it ~is~
asciilifeform: i feel pretty stupid, tbh, for not noticing in '16
asciilifeform: quimby must have died of laughter by nao
asciilifeform: 'omfg they bought it'
asciilifeform: relatedly, for shits & giggles asciilifeform has been reading a 'digital evidence' law school textbook, for entomological/ameritardological studies, and it goes out of its way to mention 'serpent sank an fbi case'
asciilifeform: b00k circa 2007 iirc
asciilifeform: i suspect that the thing was a mine planted specifically, if you will, for tmsr.
asciilifeform: i can't speak for other folx, but i'ma have to repeat h. hughes, 'fly in it? i wouldn't walk under it'
deedbot: << Qntra - GoDaddy Does It Again: Taking Domain Name In Response To Media Pressure
asciilifeform: BingoBoingo: mebbe give it a week, whoknows, somebody turns up a mistake in asciilifeform's maffs. then can qntra...
asciilifeform: a proggy that takes a 256b key and shits out its 4+ sister-keys, prolly wouldnt hurt, either; if somebody can be arsed to write.
asciilifeform: ( dun forget to acct for the constants )
mircea_popescu: suppose... you actually do that ?
asciilifeform: i will, eventually, if nobody else can be arsed
asciilifeform: washington can pay for its own auto-pill fpga, if they want one tho, i dun see why to do this work for them.
a111: Logged on 2018-10-26 16:48 mircea_popescu: i am experimenting with serpent, and yes it's borne of that ancient discussion of ours, but i'm nowhere near-ready to bake it into "this is tmsr secure disk"
a111: Logged on 2018-10-26 17:04 mircea_popescu: in short, because this winding discussion risks overwhelming buffers, the salient points are a) that i'm not ready to go to war over serpent, it's a meh-maybe item ; b) that building our spearheads around items we're not willing to die for may be how the converse of altogether.
BingoBoingo: asciilifeform: If your math stands the week, you may be the best qualified to do the qntra on it
asciilifeform: mircea_popescu: as i understand not; we're at .
a111: Logged on 2018-10-26 17:05 mircea_popescu: yeah but suppose some bright kid walks into here one day with that item we all suspect is under a rock somewhere
mircea_popescu: he GOTTA WALK WITH IT THO
asciilifeform: you dun need 'acres of crays' to walk 2**64 or however many, troo-keyz.
mircea_popescu: the issue is that ~however many~.
mircea_popescu: bright kid walks in with a convincing story as to how he's gonna walk in with item != bright kid walks into here one day with that item.
asciilifeform: what bitness wouldja live with ?
mircea_popescu: the court will only consider positive cases.
asciilifeform: i do suggest to look for a spare tyre, tho, this one's hissing air.
mircea_popescu: seems like it.
asciilifeform: whether asciilifeform takes month, week, or day, to cough up pill
asciilifeform: ( i certainly didn't expect ~this~ 3days in... )
asciilifeform: hilariously, i have a tall pile of academiliquishit re serpent right here on desk, and it ALL without exception dwells on the sboxes & lineartransform, 0 discussion of key schedule.
asciilifeform: btw i seem to recall that the original mircea_popescu & diana_coman thread where 'let's try serpent' turned up that the current 'paper' is not in fact the original, and the orig has evaporated. nao gotta wonder what was in it.
asciilifeform: ( i'd walk over to uni to try an' dig it up, but then remembered that they abolished the paper-papers archive for 'electronic' lulz )
diana_coman: asciilifeform, yes re original - I could not source it and no idea why
asciilifeform: diana_coman: that's exactly what i remembered.
asciilifeform: diana_coman: i'm still boggled re the sheer wtf of it all.
asciilifeform: for lulz, would be interesting to dig up the list of 'luminaries' who voted for serpent. ( last i recall, it was public )
diana_coman: I'm re-reading here with pen and paper
asciilifeform: aite, won't distract then
diana_coman: I can cite though from the 2000 paper (or apparently 2000...): "Since then we have sought to strengthen the algorithm and improve its performance. As a result, we have selected new, stornger, S-boxes and changed the key schedule slightly."
asciilifeform: yaya i have both papers here
asciilifeform: ( no hard dating for either , tho )
asciilifeform: diana_coman: << the raw emacs-sewed recurrence equations, if it helps
asciilifeform: diana_coman: can substitute with search-and-replace
asciilifeform: ( they're broken up in the log, so possibly this is handier )
mircea_popescu: i'd have said more, but the editor showed wordcount 777, and i deem this a very good omen re cipher quality.
asciilifeform: lol you almost got me, i half-expected the piece to be about a block cipher
mircea_popescu: isn't it ?!
asciilifeform: haha, after a fashion.
mircea_popescu: didja read that whole thing
mircea_popescu: ow shit, i mystypoed in the title, wtf is a "chipher".
asciilifeform: it's about xor, in the specific style used in winblowz shitware to hide strings from av.
asciilifeform: i deciphered these with perl script, for a living, for yrs.
mircea_popescu: are you saying this is weak ?
asciilifeform: define weak!111
mircea_popescu: weaker than serpent.
asciilifeform: slightly, lol
mircea_popescu: show me!
asciilifeform: it's multiply-run otp, wat.
asciilifeform: shannon already showed how to break, it's in the kindergarden text
mircea_popescu: do you mind ?
asciilifeform: sure, wainot , after tea
asciilifeform: pretty tired from curing serpent.
asciilifeform: mircea_popescu: meanwhile plz be so kind as to say how to decipher.
asciilifeform: ( having, that is, the key )
deedbot: << Trilema - So I designed a block chipher.
mircea_popescu: same procedure, xor the Pmessage as per key.
asciilifeform: mircea_popescu: your offsetting rotates (as e.g. ram on z80) or truncates? ( when message is shifted beyond the buffer bound ) ?
mircea_popescu: rotates, it's a ring buffer.
mircea_popescu: asciilifeform like it or not, this is the ur-blockchipher. ALL OTHERS, not only casually but NECESSARILY, are mini-clipped versions of this. "competition or no competition", if it got shitboxes it's this and naught else.
mircea_popescu: and yes, you've inspired me.
mircea_popescu: and no, "we have pre-padded ring buffers with THIS particular message that's worth hardwiring because it's ever so magical" ain't a reasoning.
diana_coman: asciilifeform, that helps, thank you! I had to take break and I'm slow on this sort of things so it'll take a while until I get to say anything
asciilifeform: mircea_popescu: , satisfy yerself that it dun reverse
asciilifeform: ^ bits are printed in ascending majority, left to right
asciilifeform: mircea_popescu: 'write-only memory'
asciilifeform: and before you ask, variant where either key or msg can be longer, , and transpose msg and key for reverse, dun reverse either.
asciilifeform: it's a crosscut-shredder, not a ciphrator..
asciilifeform: pretty handy proof , however, that the xor liquishit on the right hand side of those serpent eqs, doesn't conserve entropy !
asciilifeform: see, you win phree toy, from this arcade.
mircea_popescu: "our block cipher has to have backdoor because we built a paper shredder and well..."
mircea_popescu: asciilifeform this is so much better than having to correct the title.
asciilifeform: ahahayes
asciilifeform hoses down vivisection table
mircea_popescu: this has been a very fun morning.
mircea_popescu: now tell me, "why can't tv be more entertaining".
asciilifeform: nao y'know wai asciilifeform dun have a tv..
asciilifeform: << dun feel sad, serpent had to hang on asciilifeform's wall for 2yrs before this.
a111: Logged on 2018-10-29 19:22 diana_coman: asciilifeform, that helps, thank you! I had to take break and I'm slow on this sort of things so it'll take a while until I get to say anything
mircea_popescu: asciilifeform check this out : as per the "chipher", let there be a plaintext P of n bits ; and a key K of k bits. given a ciphertext E of n bits, it is a fact that any one bit of P is the result of xoring of up to k bits of P. if you know K you know ~which ones~, and as you have E you know ~what they must xor to~. this results in a message-wide system of k equations which is determinate.
mircea_popescu: (provided of course k>=n, which yes, it's a block cipher)
asciilifeform: i suspect i'ma need some strong чифир for this chipher
asciilifeform: 'any one bit of P is the result of xoring of up to k bits of P' << y'mean 'any one bit of E' ?
mircea_popescu: well, we're trying to get P back right.
asciilifeform: well yes, presumably from E ?
asciilifeform: or else from what.
mircea_popescu: P[n] = K[0]*P[a] x K[1] * P[b] x ...
mircea_popescu: E is just what these equal to, see.
mircea_popescu: E[i] = K[0]*P[a] x K[1] * P[b] x ...
mircea_popescu: so this is, in fact, a system of (here) 512 xor-equations, with ak nown result (e[x]) and a known parameter matrix (K)
mircea_popescu: as long as P doesn't have more bits than K, this is a determinate system.
asciilifeform: diana_coman et al : << for convenience, the recurrence eqs rewritten 1) as sexpr 2) with the orig constant-xors included
asciilifeform: ( define RL11 as 'rotate left by 11 bits inside 32bit reg' )
asciilifeform: grr, loox like i munged it, 1s, will fix
asciilifeform: mircea_popescu: feel free to bake this by curing the little proggy pasted earlier
asciilifeform: mircea_popescu: seems to me that ~now~ you correctly defined... the cipher.
a111: Logged on 2018-10-29 18:29 asciilifeform: it's about xor, in the specific style used in winblowz shitware to hide strings from av.
asciilifeform: ( and if mircea_popescu's point was that ~all~ present-day 'block ciphers' are reducible to some variant of it -- the point is made )
asciilifeform: !#s maslennikov
a111: 22 results for "maslennikov",
asciilifeform: the basic boojum is that it aint a cipher of any kind, and the ubiquitous sbox derpery is simply squid ink to obscure this. maslennikov details how he pointed this out to 1980s kgb and got sacked.
asciilifeform: all 'enigma', regardless of what kinda lipstick is put on'em, are sad.
mircea_popescu: Consider K = 01010 ; P = 00111 ; RB = (00111), (01110), (11100), (11001), (10011).
mircea_popescu: E therefore is : E1 = 0 x 0 x 1 = 0 ; E2 = 0 x 0 x 1 = 0 ; E3 = 1 x 1 x 0 = 0 ; E4 = 1 x 1 x 0 = 1 ; E5 = 1 x 1 x 1 = 0 thus E = 00010.
mircea_popescu: To now obtain P back from E and K : P[1] = P[1] x P[2] x P[4] ; P[2] = P[2] x P[3] x P[5] ; P[3] = P[3] x P[4] x P[1] ; P[4] = P[4] x P[5] x P[2] ; P[5] = P[5] x P[0] x P[3].
mircea_popescu: To obtain P back from E without K : P[1] = P[1] x K[1] * P[1] x K[2] * P[2] x K[3] * P[3] x K[4] * P[4] x K[5] * P[5] ; P[2] = P[2] x K[1] * P[2] x K[2] * P[3] x K[3] * P[4] x K[4] * P[5] x K[5] * P[6] ; and so following all the way down.
mircea_popescu: so : with K it's a system of 5 equations with 5 unknowns ; without K it's a system of 5 equations with 10 unknowns.
mircea_popescu: for a 5 bit key you only have to try 2^3 permutations or so, it's true. but anyways.
asciilifeform: mircea_popescu: what's RB ?
mircea_popescu: ring buffers
mircea_popescu: s-boxes, if you prefer.
asciilifeform: and you prolly meant 'P[1] = E[1] x E[2] x E[4] ;' neh
asciilifeform: then i dungetit
asciilifeform: how does P[1] = P[1] x P[2] x P[4] work
mircea_popescu: E[1] = P[1] x P[2] x P[4] ; P[2] = P[2] x P[3] x P[5] is what i meant.
asciilifeform: this in re 'to obtain P back from E and K'
asciilifeform: so, this is exactly the previous scheme, but with * rather than xor ?
mircea_popescu: no no, x is xor * is multiplication (in the sense that if the key is 0 at that offset, the rb dun get applied)
mircea_popescu: so if K[q] = 0, then that line's skipped ; otherwise it's applied.
asciilifeform: so how does this diff from the previous item , what am i missing
asciilifeform: .. and how do i eat P[2] = P[2] x P[3] x P[5] , it's recursive
mircea_popescu: to be clear : it's exactly the same scheme ; showing you how P ~must~ be obtainable from known K and E.
BingoBoingo: In other updates: Cansorship resistance piece approaching 1500 words and has yet to advance beyond 2014 Republican state of the art.
asciilifeform: mircea_popescu: if i encrypt message=2 with key=10, i get same 5 as if i encrypt message=2 with key=10
asciilifeform: err if i encrypt message=2 with key=10, i get same 5 as if i encrypt message=7 with key=10
asciilifeform: run the proggy.
asciilifeform: it aint 1:1.
asciilifeform: i.e. crosscut shredder.
asciilifeform: the transform is not reversible.
asciilifeform: worse, msg=8,key=10 still 5.
asciilifeform: knowing the key and the ciphertext tells you almost nuffin about the plaintext, cuz it's a write-only-memory, lol
asciilifeform: you lose the info as it gets xor'd with rotated copies of self.
a111: Logged on 2018-10-29 19:39 asciilifeform: pretty handy proof , however, that the xor liquishit on the right hand side of those serpent eqs, doesn't conserve entropy !
mircea_popescu: asciilifeform you agree that if i give you 5 equations with 5 unknowns, this is in fact resolvable ?
asciilifeform: mircea_popescu: it'd be resolvable if that's actually what you had. but in fact you dun have.
asciilifeform: yer bits got xor'd with selves and turned into 0s.
mircea_popescu: only if 1st bit of key is set :(
a111: Logged on 2018-10-29 06:45 Mocky: or a more direct counter argument: A xor A = 0
asciilifeform: ( ty Mocky btw, it's what got the whole thing moving )
mircea_popescu: there's a reason i say " Consider K = 01010"
asciilifeform: mircea_popescu: that's the k in my example, neh
mircea_popescu: i confess i dunno what teh breakdown is, here.
asciilifeform: try the proggy, it will make sense, i suspect
mircea_popescu: asciilifeform why "new buf: [1, 1, 0, 1]" ?
asciilifeform: after xor for that step
asciilifeform: ( keep in mind that [1, 1, 0, 1] is 11, we print the bits in ascending majority. can reverse if it makes moar readable, if you like )
asciilifeform: in that step, yer message was [1, 1, 1, 0], it got rotated by 1 place, and is then [1, 1, 0, 1], and that's yer buf after 1st step.
mircea_popescu: asciilifeform K = 0101, P = 1110. RB = (1110), (1101), (1011), (0111). E1 = 1 x 1 x 0 = 1 ; E2 = 1 x 1 x 1 = 0 ; E3 = 1 x 0 x 1 = 0 ; E4 = 0 x 1 x 1 = 0 ; E = 1000.
mircea_popescu: why is your E 1010 ?
asciilifeform: btw 'message gets xor'd with self' is not whole story, what you're doing is asking 1 bit to store 3 or more , this dunwork
mircea_popescu: i honestly have nfi what you're talking aboot.
asciilifeform: you're xoring Kbits distinct (if lowest kbit is 0, and there are no symmetries in the message) strings into a Kbits-sized hole.
asciilifeform: this dun make sense ?
asciilifeform: i dun currently know how to make it clearer.
mircea_popescu: i guess this'll have to rest then.
mircea_popescu: unless you're willing do debug the .py, it's spitting out wrong values.
asciilifeform: willing
asciilifeform: plox to show for which pair wrong output
mircea_popescu: ok, so make 7 10 yield 1000 not 1010. as above!
asciilifeform: also, mircea_popescu: 1 x 1 x 0 aint 1
asciilifeform: and 1x1x1 aint 0
asciilifeform: if we're speaking of xor.
asciilifeform: yer example dun go with the arithmetic on my planet, no matter how i define 'x'
asciilifeform: dun have to believe proggy, do it with pen, and write the troof table for xor if you must.
asciilifeform: ( spoiler : 1x1->0, 0x1->1, 1x0->1, 0x0->0 )
asciilifeform brb,meat
mircea_popescu: lmao ima have to redo this. apparently im terrible at handmaffs
mircea_popescu: K = 0101, P = 1110. RB = (1110), (1101), (1011), (0111). E1 = 1 x 1 x 0 = 0 ; E2 = 1 x 1 x 1 = 1 ; E3 = 1 x 0 x 1 = 0 ; E4 = 0 x 1 x 1 = 1 ; E = 0101 ?
mircea_popescu: asciilifeform ^
mircea_popescu: mno, actually still bs.
mircea_popescu: K = 0101, P = 1110. RB = (1110), (1101), (1011), (0111). E1 = 1 x 1 x 0 = 0 ; E2 = 1 x 1 x 1 = 1 ; E3 = 1 x 0 x 1 = 0 ; E4 = 0 x 1 x 1 = 0 ; E = 0100.
mircea_popescu: by now, covered all the possible combinations of 4 bits (ain't that many) -- but never fell on the 1010.
asciilifeform: mircea_popescu: your 1st 'lmao will have to redo' is correct.
asciilifeform: except that you did the key walk backwards.
asciilifeform genuinely bbl
mircea_popescu: i don't actually follow your proggy any ; regardless, the values it spits dun seem to agree with what i expect.
mircea_popescu: if we manage to fixate on a specific datapoint we'd prolly benefit here.
mircea_popescu: on the other hand, entirely unclear to me why the fuck we're discussing some [evidently buggy/misimplemented] program or my own inept handcalculus. either we agree a system of n equations with n unknowns is determinate or we don't and that's the end of the matter.
diana_coman: -> asciilifeform, do you mind outlining how you see this? I'm still chewing it all but atm I have trouble fully grasping this.
a111: Logged on 2018-10-29 16:52 asciilifeform: a proggy that takes a 256b key and shits out its 4+ sister-keys, prolly wouldnt hurt, either; if somebody can be arsed to write.
diana_coman: basically I get BUT can't yet follow it to mainly because it seems to me that the effect of A is basically in fixing d,f,h (so that xor(a,d,f,h)=0); in short: wouldn't a change (of any number of bits) in a trigger (if imposing xor(a,d,f,h)=0 still) changes further in b-h so that the resulting key schedule is different? theoretically that would be the ration
a111: Logged on 2018-10-29 16:18 asciilifeform: so! for instance ! if a, d, f, h are such that xor(a,d,f,h) = 0, then term a no longer appears in the equation at all !
a111: Logged on 2018-10-29 16:19 asciilifeform: so all possible inputs where this holds , result in the same inflated-key.
diana_coman: ale for the choice of underlying primitive polynomial but I'm still fuzzy on what goes on in there exactly
asciilifeform: mircea_popescu: if we can agree to walk the key in same direction, we get same answ
deedbot: << Bingology - BingoBoingo's Blog - Censorship Resistance In 2018 - An Introduction
BingoBoingo: ^ asciilifeform mod6 mircea_popescu Please correct me if I have misunderstood anything
asciilifeform: diana_coman: look at the recurrence, term a appears directly only once, in w(0)
BingoBoingo: Just under 2100 words
asciilifeform: diana_coman: errywhere else, it appears strictly as a copy of w(0)
asciilifeform: ditto, term b only appears directly in w(1)
asciilifeform: and c -- in w(2) ; d -- in w(3) .
BingoBoingo: If the censorship resistance piece survives peer review, Imma test it on some orcs and start using it as my explainer to heathens for why the fuck I am in this hell hole
asciilifeform: e -- in w(4) .
asciilifeform: err, strike that
asciilifeform: but the rest, appear-directly 1ce.
asciilifeform: diana_coman: i'm baking a proggy that shits out sister keys, if it still dun make sense, you can wait till its birthed and try yourself.
asciilifeform: test is straightforward, you take yer vintage serpent and feed in k1,string, get ciphertext1, k2,string, get ciphertext2, and observe that the ciphertexts are same (cuz key expanded to same thing)
asciilifeform: cleaning up the above : a, b, c, appear directly 1ce; the rest --only as recurrence terms.
asciilifeform: if you have d,f,h, such that a == d xor f xor h ( or if you like , a xor d == f xor h , or a xor d xor f == h , it's transitive) then a term disappears from the eqn
BingoBoingo: !Q later tell nicoleci please use irc instead of linked in messaging
asciilifeform: will leave the others as exercise.
asciilifeform: likewise, e.g., entire w(1) term will disappear if you have (XOR B E G (RL11 (XOR A D F H #9e3779b9 0)) == #9e3779b9 ( the 1 dun du nuffin, as 9 is odd)
asciilifeform: can similarly do for the other right-hands.
asciilifeform: grr, #9e3779b8, the 1 flips. i'ma leave this alone until proggy.
mircea_popescu: BingoBoingo fledling / fledgling ?
mircea_popescu: also i wouldn't give & co obscure grupuscle any voice. freeze peach, really ? five morons talking about "things" "as if they were things" dun make "things" anything.
mircea_popescu: and don't be the sixth.
mircea_popescu: also, dubious expressions, a collection : "to understand that why they want" ; "if your words actual words are avaible" ; "manufacter a pretext" ; "lack anyway to know" ; "the manufactered insecurity" ; "maladapted in ways invite bullying."
mircea_popescu: but the main issue is that this reads like an approximately sorted succession of conclusions. painfully absent a) the logical justification for the various sentences and b) a very clear indication of structure, how they all work together ; from this b there would then flow a much better a.
mircea_popescu: so i'd say needs a rewrite.
BingoBoingo: Rewrite it is
mircea_popescu: BingoBoingo also weirdly i don't get your pingbacks
BingoBoingo: I'll look into that too, since moving to mp-wp should have alleviated that.
BingoBoingo: Anyways, having stepped away from the shovel and rereading I realize I also left out any timelines of the frog boiling
mircea_popescu: BingoBoingo that article's call-list also reminded me of like, and such great lulz
mircea_popescu: remember back in 2013, when the power-rangers genuinely thought htey had an existence, of their own and by themselves, entirely outside of my say-so ?
BingoBoingo: I do indeed
mircea_popescu: i had apparently forgotten.
BingoBoingo: I remember reading the original mice and men piece on Trilema and thinking "I gotta start fixing myself"
mircea_popescu: that's impressive!
BingoBoingo: 5 years later and I'm still working on it
mod6: evenin'
BingoBoingo: evenin mod6
mod6: I'm just sitting over here, pondering The Foundation monthly address...
BingoBoingo: Anyways, with the blog business I have resigned myself to the medium's resistance to my filling it. Treating the blog as a notebook that I happen to let others read (A habit I have been suggesting Latinas mulling the blog hobby adopt) I accept there is no shame in rewriting.
mircea_popescu: i can see it.
BingoBoingo: I can't effectively read anything without having reread it first, and I can't write pieces over 300 words without needing to rewrite them.
mircea_popescu: hey, forum forces changes in people ; i used to do multiple articles/day (even have days with 12+!) ; nowadays do maaaybe two a week. it's what it is.
mircea_popescu: start with a theoretical idea of blog, resign to how it practically works.
mod6: Also, I finally ate the whole block chain again with my node; it's currently syncing the final ~2000 blocks. Should be back up and running fully in the next day or two. Yes, totally got a full back just in case.
BingoBoingo: With some low stakes matters like the cannabis piece I trust myself to do the rewriting, hence the long turn around time. For a piece on Republican doctrine, the republic's gotta weigh in on a draft
mircea_popescu: BingoBoingo fwiw i believe bansky makes a way the fuck better example than weev.
BingoBoingo: And one thing that clicks off and on with me is how very much Qntra as a herald and wire service is very much not a blog
mod6: (noad running with mod6_excise_hash_truncation.vpatch + mod6_phexdigit_fix.vpatch (reground, not yet posted because keccak) + asciilifeform_whogaveblox.vpatch
mod6: (alf's patch reground onto phexdigit -- for my peronsal use only at this point)
BingoBoingo: mircea_popescu: Banksy is as best as I can tell unrepentant Pantsuit scum working for
BingoBoingo: I use weev as the example for the tragedy of him having touched the republic and missed the point.
mircea_popescu: how do you reason ?
mircea_popescu: but yes, sure, i can see the oedipian tragedy of weev.
BingoBoingo: Banksy is pop culture
mircea_popescu: what's what mean ?
BingoBoingo: He did an intro for the Simpsons
mircea_popescu: lmao. so if i ever go on 60 minutes i'm banned ?
BingoBoingo: If you go on 60 minutes, I assume you are going to have them read the articles of surrender while the girls affix their cock cages
mircea_popescu: well yeah but i mean... so he was on simpsons. i dun see the logic.
mod6: lol bombing me with bastards
mod6: 404 of them :D
BingoBoingo: As best as I can tell banksy does this vague anti-capitalist, anti-fascist schtick to much pantsuitist adoration while a substantial number of nytimes-ish media folk seem to be in on the seekrit
BingoBoingo: I just have trouble seeing what is supposed to make banksy cool
BingoBoingo: As opposed to another john oliver turning parody into cancer
a111: Logged on 2014-07-19 02:47 Pierre_Rochard: WHCD stands for White House Correspondents Dinner, where journalists go to pretend like they’re doing shit
BingoBoingo: mod6: That is my present residential ip
mod6: oh. huh
mod6: maybe i just caught a bad run from ya
mircea_popescu: it's true nobody but ny outfits with ~0 readership or influence a la ever mention it. but it seemed to me more the case of "look at st james' desperation to pretend like he's hanging on" than any sort of active pushing.
mircea_popescu: where the fuck is that line, i recall putting the dork's current fake media effort in the logs at some point, for the 0 readers 0 anything lulz.
mircea_popescu: now i can't even find it anymore. talk about fade-out.
BingoBoingo: I'd take banksy a lot more seriously if he caught the bad side of the feds, won on appeal, touched the republic, then decided he could stack his own chairs just fine as he proceeded on his moon mission
mircea_popescu: (incidentally, for the midden diggers : that "club kids" crew actually invented the pantsuit. yes it's true hilary stwart wore it on tv before going to jail, so it became popular with her fat old white women crowd. but before she could wear it, someone had to make it -- and they did. "here, this is the unitard. This and a hat was basically the whole thing. You can get different hats and I guess paint your face to look differe
mod6: lmao
mod6: *snort*
mircea_popescu: meanwhile at mp compound, "martha stewart is the one with the conviction and the late night cable tv infomercials. hilary clinton in the one with the failed bids to everything" "you seriously expect me to distinguish these two ? how ?!"
BingoBoingo: Martha Stewart lost by partnering with Kmart, Clinton lost by being a loser all on her own
mircea_popescu: well, she partnered with "i was in the situation room!!!! SITTING THERE!!!! WHERE WERE YOU >?!?!?!?!"
BingoBoingo: In 2003 between my junior and senior years of highschool I wrote a piece of music that my computer compiled only for the faggot running the concert to butcher my short biography at the time.
BingoBoingo: That was 15 years ago.
BingoBoingo: New York has done nothing in the interim to redeem its city or its people
asciilifeform knows what orig pantsuit was, but always pictures it as a sort of jumpsuit, no arms, zips up all the way at the nose , leaving only eyes exposed, gigantic pants
mod6: that's a bodybag.
mod6: similar
asciilifeform: moar like 'reddit bag'
mod6: hah
asciilifeform: face visible, so you can sorta tell the occupants apart
BingoBoingo still laments the lack of reddit bags off shore as I go to visit the harmonics lab
BingoBoingo: <mod6> CALL 1-900-PANT-SUIT RIGHT NOW TO ORDER YOURS! JUST FIVE EASY INSTALLMENTS OF $12.99! ORDER NOW AND GET AN ENTIRE SECOND UNITARD OUTFIT, FREEEEE!!!!111 << mod6 you would be amazed the things they let people finance here in 18 monthly payments
BingoBoingo: like sneakers
asciilifeform: btw BingoBoingo i've conceived of a land-based use for reddit bags : stick a valve stem on'em and you have a coupla wks of fuel..
mod6: lol. i was buying a fishing pole in Show Low the other week... a guy put an 870 on the counter for "Lay-away". I was kinda blown away that still existed.
asciilifeform: ( for 1burner stove )
asciilifeform: mod6: mossberg??
mod6: rem
asciilifeform: that's, what, a 300 $ piece ?
BingoBoingo: And 870 when I left was anywhere from $250 to $1500
mod6: used to be... now probably like 700-800 maybe.
asciilifeform: then again, i saw 80 $ desk lamp being advertised 'layaway'
asciilifeform: and mircea_popescu saw calendar in egypt, ditto
BingoBoingo: In Uruguay a 300 USD shotgun sells for at least 650 USD
mod6: anyway, i guess thats not very redic. i just had it in my mind that a man comes in to buy shotgun. pays, leaves with shotgun. doesn't do very much good if it's still at the store when you need it.
asciilifeform: it's a ~musket, not exactly high tech
mod6: BingoBoingo: I believe it. It's probably hard to aquire firearms down there 'eh?
asciilifeform: i suppose still made in usa, accts for the price
BingoBoingo: mod6: Still easy by Latin American standards by the book. Easier off the book per the traditional methods.
mircea_popescu liked ny, but that was more in the 80s.
asciilifeform: i do recall BingoBoingo mentioning his musical days
BingoBoingo: For the record I played euphonium in high school, have no idea how a saxophone works
mircea_popescu: close enough, kek
BingoBoingo: Anyways it is amaxing the things that can be had in Uruguay. The grow shops are sitting on piles of borosilicate glass and pointy pieces of titanium because the Uruguayos can't roll good joints and see no reasons to explore alternatives.
BingoBoingo: Yet, try looking for RAM and all of a sudden its fucking junkyard wars
asciilifeform: BingoBoingo: if its for yer human lappy, say what type and i'ma mail you some wrapped in birdcage liner
asciilifeform: (if its for opterons, fughet it, hard enuff to get ~here~)
BingoBoingo: asciilifeform: the lappy has more ram than I can use
BingoBoingo: At this point I do a lot of pre-emptive shopping
mod6: Good call. Grab that stuff if you see it.
BingoBoingo: Anyways, if anyone wants a PPC machine colo'd in Pizarro feel free to inquire. There's not a deep market, but there is one.
asciilifeform: bigendian tester !
BingoBoingo: G3 and G4 apple portables do pop up for sale here
mod6: can do sparc64 bigE too, probably find even 1U box
BingoBoingo: Looked, apparently Sun Microsystems never shined this far south
mod6: ah
asciilifeform: mod6: they're a dime a dozen here, but not rally worth cost of transport
asciilifeform: *really
asciilifeform: less horse than rk
asciilifeform: (while eating 200-400 watt )
BingoBoingo: My back
asciilifeform: BingoBoingo: i meant , from gringolandia
BingoBoingo: My back's memory is pretty sure a kitted out Sun Ultra 80 will fail to meet the checked bag weight
mod6: hanbot: Still have interest in an offical Co-Chair seat for the Foundation?
asciilifeform: eh they aint anywhere near the limit
asciilifeform: minitower.
BingoBoingo: Tower, but mini for odd deinfitions of mini. Lots of sharp plastic too
asciilifeform: ( i was speaking of the 1us tho, they weigh ~same as our boxen )
mod6: hanbot nicoleci: Thanks for your hard work this month to get the Toll Free Number setup and going (asciilifeform too). I expect if hanbot were to take an offical Co-Chair seat, she could lead the outreach inititive.
asciilifeform: one time i was offered entire pallet of'em, iirc 10bux/ea. passed.
asciilifeform: fella had sgi's also.
mod6: iirc mircea_popescu said we could even have three chairs(?) might be mis-remembering that (may have to log-dig for that). I'd be happy to continue doing my role with a TRB focus, or I could step down officially and just keep doing TRB stuffs without the fancy title.
mod6: (I bring this all up now, as I want to announce that hanbot and nicoleci are now helping out with the outreach and phone number -- and if there are going to be possible new chair, or added chair, etc)
a111: Logged on 2018-10-01 16:30 mircea_popescu: ~then~, after that gets established, one can step down, add another, and so on. like a steps process, with continuity and everything.
BingoBoingo: Also December 7, 8, and 9th will be the expocannabis Uruguay. I plan on going there in a recon capacity, if anyone else is looking for a very Uruguay reason to visit Uruguay, that would be the weekend to come on down.
BingoBoingo trying to find explanations other than hunger and misplaced optimism for why borosilicate and genetics sell cheaper here than they do in the US
BingoBoingo: Maybe there's a suitcase courier network I missed out on in spite of more than half a year in a hostel
asciilifeform: BingoBoingo: it's glass, can be made anywhere
asciilifeform: ( and who's to say that borated. can entirely be ordinary. )
BingoBoingo: Enthusiastic impact tests by store proprietors support borated
BingoBoingo: And though glass can be done anywhere, like most things it requires skill and discipline which forces China as a source
BingoBoingo: <asciilifeform> ( and who's to say that borated. can entirely be ordinary. ) << To be clear doping glass is borosilicate because dopers are clumsy when doped. Because dabbing is apparently a thing now titanium means titanium when it comes to dope tools that get heated. Otherwise metal not specified means Zamac, and Aluminum usually means Zamac, because that's what the first A in Zamac is for
mircea_popescu: BingoBoingo brazilians tho.
BingoBoingo: Sure, better people
BingoBoingo: They got trusted with the job of converying product to the local neighborhood dope warehouse forts
BingoBoingo: Kinda curious what the police mean by a kilo of hashish considering that's a substance which has gone through some reddit "we R innovators" stuff in the past five years
BingoBoingo: Welcome back phf
BingoBoingo eagerly awaits family tree showing common ancestor shared by Emperor Dom Pedro II and Bolsonaro
mircea_popescu: "ve con buenos ojos" ?! whgat the fuck nonsense is this
← 2018-10-28 | 2018-10-30 →