I hereby claim:
- I am defuse on github.
- I am defuse (https://keybase.io/defuse) on keybase.
- I have a public key whose fingerprint is BFAE 45EB D356 1D91 E3E2 56C2 DFA8 209C E967 8D5D
To claim this, I am signing this object:
<?php | |
// THIS CODE IS EXPERIMENTAL. DO NOT USE IT. | |
// ALSO NOTE THERE IS NO ERROR CHECKING! | |
function side_channel_safe_encode($binary_string) | |
{ | |
// We only use 5 bits from every byte, so for 256 bits we need 52 bytes. | |
$random = mcrypt_create_iv(52, MCRYPT_DEV_URANDOM); | |
$printable_blind_key = ''; |
<?php | |
// WARNING: THIS IS EXPERIMENTAL CODE. DO NOT USE IT. | |
// --- binary to hex encoding --- | |
function sc_bin2hex($binary) | |
{ | |
$encoded = ''; | |
for ($i = 0; $i < strlen($binary); $i++) { |
I hereby claim:
To claim this, I am signing this object:
# This script answers the following question: | |
# Alice chooses N random numbers between 1 and K. | |
# Bob chooses G random numbers between 1 and K. | |
# What is the probability that at least one number is chosen by both of them? | |
# Computes (K-N choose G) / (K choose G) in O(N)-ish time. | |
k = 1_000_000_000 | |
n = 10_000 | |
g = 100_000 |
# WARNING! There is no warranty. This script might not work! | |
FILE = "Download.csv" | |
rows = [] | |
File.open( FILE ) do |f| | |
rows = f.readlines() | |
end | |
rows = rows[1..-1] |
Goal: | |
You're given a sequence of random alphanumeric characters (0-9a-zA-Z, 62 | |
possible characters), for example from a password generator. Convert it into | |
a sequence of random *bits*. | |
The output should have the property: | |
The alphanumeric character RNG can be distinguished from random if and | |
only if the alphanumeric character RNG, with the conversion algorithm | |
attached, can be distinguished from random. |
WARNING: This takes about 10-20 hours to run, depending on your system. | |
1%... | |
2%... | |
3%... | |
4%... | |
5%... | |
6%... | |
7%... | |
8%... | |
9%... |
// WARNING! This code is untested and experimental. DO NOT USE IT. | |
// NOTE: If I knew of a way to do the "shift and OR" thing reliably with unsigned ints, the code could be simplified a lot. | |
// Will always be compiled with -std=c99 | |
// Returns UINT32_MAX if a == b, 0 otherwise. | |
uint32_t invariant_time_integer_compare(uint32_t a, uint32_t b) | |
{ | |
/* z will be zero if and only if a == b. */ |
<?php | |
// Broken crypto code from https://github.com/slimphp/Slim/blob/develop/Slim/Crypt.php | |
function validateKeyLength($key, $module) | |
{ | |
$keySize = strlen($key); | |
$keySizeMin = 1; | |
$keySizeMax = mcrypt_enc_get_key_size($module); | |
$validKeySizes = mcrypt_enc_get_supported_key_sizes($module); | |
if ($validKeySizes) { | |
if (!in_array($keySize, $validKeySizes)) { |
<?php | |
/* | |
* Padding oracle attack against https://github.com/keboola/php-encryption | |
* By: Taylor Hornby. | |
* Date: March 14, 2014. | |
*/ | |
/* Download the two files and place in the same folder. */ | |
require_once('EncryptorInterface.php'); |