#asciilifeform | 2021-09-14

pest - 6h 28m
asciilifeform - 502d

Show Idle (>14 d.) Chans

← 2021-09-13 | 2021-09-15 → ↓

02:03	*	asciilifeform thinking further re the algo -- can be simplified as follows :
		↖
02:03	dulapbot	Logged on 2021-09-13 16:25:46 asciilifeform: sooo punkman , cgra , et al: let's try this 'solution' on for size :
02:04	asciilifeform	1) any message where bounces==0 and Speaker is not in H is rejected.
02:04	dulapbot	Logged on 2021-09-13 16:43:42 asciilifeform: i.e. an attempted impersonation by someone in the victim's l1.
02:05	asciilifeform	2) ~every~ hearsay message (rather than strictly in-wot hearsay) is embargoed for a configurable interval.
02:05	dulapbot	Logged on 2021-09-13 16:36:56 asciilifeform: proposes a value of 1s for 'Td' .
02:06	asciilifeform	3) within this interval, the number of distinct peers who sent a bounces==1 duplicate of the message is counted.
02:06	dulapbot	Logged on 2021-09-13 16:38:33 asciilifeform: in fact already specified this in 4.1.2.2.2. In-WOT Hearsay. simply, now also count the # of peers from whom got bounce<=1 dupes of a given msg.
02:07	asciilifeform	4) if this number is 3 or less, the message is displayed in the format e.g. ' asciilifeform(cgra,signpost,punkman): .... ' where the handles in the parens are the peers who sent in the bounces==1 hearsay copies of the msg
02:07	asciilifeform	... if the number is 4 or more, then the format ' asciilifeform(4): .... ' is used.
02:09	asciilifeform	^ oughta be configurable on station, the exact value is an aesthetic preference.
02:10	asciilifeform	the count represents simply the number of distinguishable 'simultaneous' (w/in ~1s) paths which the message took to reach your console.
02:12	asciilifeform	nao a forgery would need to be injected via the peripheral (i.e. non-common) peers of N of your peers ~simultaneously~, to have a shot of fooling you.
02:12	asciilifeform	on top of this, we retain the selfchain mechanism, which continues to work a++ for folx who have decent net connections.
02:13	*	asciilifeform sees this as adequate solution ; invites comment. and will bbl.
		~ 5 hours 57 minutes ~
08:10	punkman	https://www.theartnewspaper.com/news/hermitage-goes-virtual-with-nft-exhibition
		~ 1 hours 4 minutes ~
09:14	punkman	Here's idea following from: http://logs.nosuchlabs.com/log/asciilifeform/2021-09-13#1057933
09:14	dulapbot	Logged on 2021-09-13 14:36:02 punkman: if we forget about packet size limitation, I suppose message could contain N encrypted copies, one for each peer, and hearsay broadcast now has meaningful sig for recipient, even if not received directly
09:20	punkman	suppose we put an HMAC(Message) next to Message in Red Packet. Maybe Peer1 can somehow aggregate one HMAC for each of his peers, into a single HMAC(Message) that doesn't take up N*64 bytes
		↖
09:22	punkman	now Peer2 can forward Peer1's message to Peer3, and Peer3 checks for "is HMAC(K_1, Message) in AGGREGATE-HMAC(Message)", and can thus verify that the forwarded message was indeed signed by Peer1
09:24	punkman	maybe Peer1 can make a Bloom filter that can hold (number of peers)*2 64byte strings, he calculates HMAC(K_N, Message) for each peer, puts it in Bloom filter, and uses that as the AGGREGATE-HMAC
09:28	punkman	now if you peer with a new person and he tries to getdata, neither you or other peers can send him the old packets, they must be reground by original speaker so AGGREGATE-HMAC includes HMAC for the new peer.
09:29	punkman	so new peer can only getdata directly from you, and doesn't even need the inner AGGREGATE-HMAC to verify it's coming from you
09:31	punkman	question is how small can we make this Bloom Filter, while keeping the "is HMAC(K_1, Message) in AGGREGATE-HMAC(Message)" operation reliable/secure
		~ 31 minutes ~
10:03	punkman	found a couple related papers: https://cacr.uwaterloo.ca/techreports/2012/cacr2012-32.pdf https://www.cs.umd.edu/~jkatz/papers/aggregateMAC.pdf
		~ 2 hours 10 minutes ~
12:13	PeterL	http://logs.nosuchlabs.com/log/asciilifeform/2021-09-13#1057913 << RE. handle collisions: you can ask politely that one of the two change their name, but iiuc that would require setting up new connections with each of their peers?
12:13	dulapbot	Logged on 2021-09-13 14:25:56 asciilifeform: punkman: say asciilifeform has peers a,b,c. punkman has peers x,y,z. asciilifeform and punkman became peers.
12:16	punkman	if Peer2 wants to send "Peer1 says he luvs cock" to Peer3, he could generate a filled up bloom filter with a XX% false positive rate, and then HMAC(K3<->1, FakeMessage) will pass the test XX% of the time.
12:16	punkman	so Peer3 must be able to verify that the Bloom filter has a small enough false positive rate
		↖
12:17	punkman	which I think can be done like this: https://en.wikipedia.org/wiki/Bloom_filter#Approximating_the_number_of_items_in_a_Bloom_filter
12:23	punkman	PeterL: even if one of the Joes decides to be "Joe_2", now everyone that has logs/cache must go and change, if logs are to keep making sense
		↖
		~ 42 minutes ~
13:06	asciilifeform	http://logs.nosuchlabs.com/log/asciilifeform/2021-09-14#1058098 << imho terrible idea. there's what, 320 message bytes avail. to cannibalize for such a pseudosig; even if you leave only a pittance for the msg text itself -- that's still a very small space, while a wot could be ANY # of entries
13:06	dulapbot	Logged on 2021-09-14 05:20:19 punkman: suppose we put an HMAC(Message) next to Message in Red Packet. Maybe Peer1 can somehow aggregate one HMAC for each of his peers, into a single HMAC(Message) that doesn't take up N*64 bytes
13:06	asciilifeform	if i have 500 peers, and the aggregate is only 4x larger than a standard hmac, what do you suppose will happen.
13:07	asciilifeform	http://logs.nosuchlabs.com/log/asciilifeform/2021-09-14#1058108 << it trivially won't. and meanwhile adds mega-overhead to all processing.
13:07	dulapbot	Logged on 2021-09-14 08:16:50 punkman: so Peer3 must be able to verify that the Bloom filter has a small enough false positive rate
13:07	asciilifeform	it is difficult imho to think of a worse idea for pest.
13:08	*	asciilifeform doesn't even understand why to contemplate any such thing, when reasonable solution already posted.
13:08	dulapbot	Logged on 2021-09-13 16:25:46 asciilifeform: sooo punkman , cgra , et al: let's try this 'solution' on for size :
13:08	asciilifeform	http://logs.nosuchlabs.com/log/asciilifeform/2021-09-14#1058110 << mno ? so, trinque turned into signpost , do 'logs must change, to make sense' ? why ?
13:08	dulapbot	Logged on 2021-09-14 08:23:28 punkman: PeterL: even if one of the Joes decides to be "Joe_2", now everyone that has logs/cache must go and change, if logs are to keep making sense
		~ 48 minutes ~
13:57	punkman	asciilifeform: yes never mind about the logs
13:59	punkman	per simple calculator: 120bytes gives you 100 item bloom filter with 1% false positive, 180 bytes for 100 items 0.1% false positive
14:00	punkman	not great for 500 peers
14:00	punkman	and you'd have to process 500 MACs
14:01	asciilifeform	500macs per se aint fatal, they parallelize (speaking here of the ordinary kind, rather than lossy)
14:06	asciilifeform	punkman: the problem is elementarily that the bottle is finite but the water, if you will, is unbounded
14:08	punkman	do you suppose you will ever have 500 peers, meaning 500 people with GPG keys, and exchange secrets with all of them?
14:09	asciilifeform	punkman: likely not. but not prepared to say 'well you oughtn't have moar than x.. and btw probability of forgery will go up geometrically with # of peers'
14:09	asciilifeform	right now the only limit for peer count is how many cpu cores you can spare
14:12	punkman	suppose you had 500 people in WOT, 2-3 times Dunbar number, is it so wrong to say that "I can only fit 100 in my living room"
14:12	asciilifeform	punkman: i find the very principle of climbing forgery %rate unacceptable.
14:12	asciilifeform	bloom filter exemplifies errything asciilifeform despises about heathen crypto.
14:13	asciilifeform	the crypto is to function identically regardless of # of peers. or it's hokum.
14:14	punkman	1 in 100 false positive with 100 people, means if I generate message+random bloom filter, I need to send to ~100 peers for 1 to believe in forgery, then you can also add in that "bogosity" measure
14:15	asciilifeform	mno. simply means you need to generate 100 forgeries.
14:15	asciilifeform	(in practice, ~50)
14:15	punkman	if I send more than 1 forgery, you can already sound alarm
14:16	punkman	we have selfchain
14:16	asciilifeform	punkman: i aint using lossy crypto. i aint participating in a network that uses lossy usg.crypto. this is asciilifeform's final word on bloom filters.
14:17	punkman	and if we also think about the commitment scheme, then I need to send message and reveal random for you to have correct random in forgery
14:17	asciilifeform	punkman: lol how many bytes wouldja then leave for text ?
14:17	asciilifeform	if yer eating 100 for blomism, anuther 64 (32 : H(R), 32 : R') for committment ?
14:19	asciilifeform	156 for msg is kinda laffable imho
14:20	asciilifeform	anyways i utterly , thoroughly fail to grasp the point of this horror show, when one can simply print the # of peers who duped-with-bounces==1 a given hearsay. as detailed yest.
14:20	asciilifeform	each such peer counted is effectively equivalent to that msg carrying that peer's sig.
14:22	punkman	no particular point, just derping out loud. might be useful for different application
14:24	punkman	was also thinking about commitments and ended up with horror show of a hash-based signature scheme
14:24	punkman	what does asciilifeform think of hash-based sigs as replacement for GPG signing?
14:26	asciilifeform	punkman: i've a canonical piece re subj
14:26	asciilifeform	(only practical imho for emergency use)
		~ 1 hours 9 minutes ~
15:35	asciilifeform	!w poll
15:35	watchglass	Polling 17 nodes...
15:35	watchglass	185.85.38.54:8333 : Could not connect!
15:35	watchglass	84.16.46.130:8333 : Could not connect!
15:35	watchglass	185.163.46.29:8333 : Could not connect!
15:35	watchglass	71.191.220.241:8333 : (pool-71-191-220-241.washdc.fios.verizon.net) Alive: (0.035s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=700531 (Operator: asciilifeform)
15:35	watchglass	205.134.172.4:8333 : (172-4.core.ai.net) Alive: (0.082s) V=70001 (/therealbitcoin.org:0.7.0.1/) Jumpers=0x1 (TRB-Compat.) Blocks=700531
15:35	watchglass	54.39.156.171:8333 : (ns562940.ip-54-39-156.net) Alive: (0.111s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=700531
15:35	watchglass	205.134.172.26:8333 : Alive: (0.146s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Return Addr=0.0.0.0:8333 Blocks=700531
15:35	watchglass	208.94.240.42:8333 : Alive: (0.159s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=700531
15:35	watchglass	205.134.172.28:8333 : Alive: (0.144s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Return Addr=0.0.0.0:8333 Blocks=700531 (Operator: whaack)
15:35	watchglass	205.134.172.27:8333 : Alive: (0.293s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=700419 (Operator: asciilifeform)
15:35	watchglass	143.202.160.10:8333 : Alive: (0.294s) V=70001 (/therealbitcoin.org:0.7.0.1/) Jumpers=0x1 (TRB-Compat.) Blocks=700531
15:35	watchglass	54.38.94.63:8333 : (ns3140226.ip-54-38-94.eu) Alive: (0.262s) V=88888 (/therealbitcoin.org:0.8.88.88/) Jumpers=0x1 (TRB-Compat.) Blocks=700402
15:35	watchglass	213.109.238.156:8333 : Alive: (0.416s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=700531
15:35	watchglass	103.36.92.112:8333 : (terebe.ns01.net) Alive: (0.643s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=700419
15:36	watchglass	176.9.59.199:8333 : Violated BTC Protocol: Bad header length! (Operator: jurov)
15:36	watchglass	192.151.158.26:8333 : Busy? (No answer in 100 sec.)
15:36	watchglass	205.134.172.6:8333 : Busy? (No answer in 100 sec.)
		~ 1 hours 8 minutes ~
16:45	PeterL	Does pest need 64 bytes for the signature? Could a smaller signature be used, and allow a correspondingly larger message size?
16:49	asciilifeform	PeterL: how much of a diff would 32 extra byte of text payload make ? you still need 2 to cover a max len irc msg
16:50	b	hi asciilifeform. what is the reserved field in pest packets for?
16:50	asciilifeform	hi b. ( who might you be ? ) -- answered in earlier thrd.
16:50	dulapbot	Logged on 2021-09-10 16:30:04 asciilifeform: PeterL: so that all other fields 32bit-word-align.
16:51	bomolochus	ah, only grepped spec.
16:51	asciilifeform	b: do we know one another ? how didja come across dulapnet ?
16:51	asciilifeform	err, bomolochus ^
16:51	bomolochus	historically ben_vulpes
		↖
16:52	asciilifeform	a.
16:52	asciilifeform	bomolochus: i.e. he introduced you? or yer ben under new nick
16:52	asciilifeform	( if the latter, plox to ping signpost (aka trinque) to update yer deedbot reg )
16:53	bomolochus	fancy, glad to see the continuity
16:53	bomolochus	will do
16:54	asciilifeform	bomolochus: wb! then
16:54	asciilifeform	errything's continuous, http://logs.nosuchlabs.com/log/ goes back to 'dawn of time', searchable/linkable
16:55	*	bomolochus blows dust off finger-macros
16:55	asciilifeform	quite a few of the old playing characters are here
		~ 1 hours 12 minutes ~
18:07	asciilifeform	bomolochus: don't hesitate to ask about the pest spec (didja get a chance to read whole thing? and threads?) -- or anyffin else
		~ 1 hours 10 minutes ~
19:17	bomolochus	i've read the spec, but it deserves a second pass. haven't read all of the logs threads yet, but some.
19:24	asciilifeform	bomolochus: very much a work in progress; rekey section not written yet; the hearsay mechanism from yest. -- ditto

← 2021-09-13 | 2021-09-15 → ↑