I hereby claim:
- I am defuse on github.
- I am defuse (https://keybase.io/defuse) on keybase.
- I have a public key whose fingerprint is BFAE 45EB D356 1D91 E3E2 56C2 DFA8 209C E967 8D5D
To claim this, I am signing this object:
<?php | |
// THIS CODE IS EXPERIMENTAL. DO NOT USE IT. | |
// ALSO NOTE THERE IS NO ERROR CHECKING! | |
function side_channel_safe_encode($binary_string) | |
{ | |
// We only use 5 bits from every byte, so for 256 bits we need 52 bytes. | |
$random = mcrypt_create_iv(52, MCRYPT_DEV_URANDOM); | |
$printable_blind_key = ''; |
<?php | |
// WARNING: THIS IS EXPERIMENTAL CODE. DO NOT USE IT. | |
// --- binary to hex encoding --- | |
function sc_bin2hex($binary) | |
{ | |
$encoded = ''; | |
for ($i = 0; $i < strlen($binary); $i++) { |
Sketch of a security proof for BCRYPT(H(X)). This probably contains errors. | |
UPDATE: Only assume BCRYPT is collision resistant for X <= 72. | |
Define the BCRYPT-H(S, X) algorithm as follows: | |
UPDATE: Gah... the whole 'byte' thing isn't necessary at all. I originally | |
intended to pass *either* the actual X (with a zero byte prefix) or H(X) with | |
a 0x01 byte prefix, to bcrypt. I forgot to do that, and instead always passed | |
the hash with the byte prefix based on the length. The proof is still valid, |
I hereby claim:
To claim this, I am signing this object:
# This script answers the following question: | |
# Alice chooses N random numbers between 1 and K. | |
# Bob chooses G random numbers between 1 and K. | |
# What is the probability that at least one number is chosen by both of them? | |
# Computes (K-N choose G) / (K choose G) in O(N)-ish time. | |
k = 1_000_000_000 | |
n = 10_000 | |
g = 100_000 |
# WARNING! There is no warranty. This script might not work! | |
FILE = "Download.csv" | |
rows = [] | |
File.open( FILE ) do |f| | |
rows = f.readlines() | |
end | |
rows = rows[1..-1] |
Goal: | |
You're given a sequence of random alphanumeric characters (0-9a-zA-Z, 62 | |
possible characters), for example from a password generator. Convert it into | |
a sequence of random *bits*. | |
The output should have the property: | |
The alphanumeric character RNG can be distinguished from random if and | |
only if the alphanumeric character RNG, with the conversion algorithm | |
attached, can be distinguished from random. |
WARNING: This takes about 10-20 hours to run, depending on your system. | |
1%... | |
2%... | |
3%... | |
4%... | |
5%... | |
6%... | |
7%... | |
8%... | |
9%... |
# This is well-known behavior, it's just interesting. | |
$ mkdir a | |
$ echo "hello!" > a/file.txt | |
$ cat a/file.txt | |
hello! | |
$ chmod 000 a/file.txt | |
# Now I don't expect to be able to change a/file.txt... | |
$ echo "GOODBYE" > a/file.txt | |
bash: a/file.txt: Permission denied | |
# Okay, good, I can't modify the file directly. |
// WARNING! This code is untested and experimental. DO NOT USE IT. | |
// NOTE: If I knew of a way to do the "shift and OR" thing reliably with unsigned ints, the code could be simplified a lot. | |
// Will always be compiled with -std=c99 | |
// Returns UINT32_MAX if a == b, 0 otherwise. | |
uint32_t invariant_time_integer_compare(uint32_t a, uint32_t b) | |
{ | |
/* z will be zero if and only if a == b. */ |