Skip to content

Instantly share code, notes, and snippets.

Avatar
:octocat:
_

Paul Miller paulmillr

:octocat:
_
View GitHub Profile
@paulmillr
paulmillr / ed25519-bug.js
Created May 30, 2020
Torsion safe representatives in ed25519
View ed25519-bug.js
const ed = require('noble-ed25519');
const D = ed.Point.fromHex(ed.utils.TORSION_SUBGROUP[3]) // 26e8958fc2b227b045c3f489f2ef98f0d5dfac05d3c63339b13802886d53fc05
// Point {
// x: 14399317868200118260347934320527232580618823971194345261214217575416788799818n,
// y: 2707385501144840649318225287225658788936804267575313519463743609750303402022n
//}
const privateKey = '01020304050607080910111213141516';
const P = ed.Point.BASE.multiply(BigInt('0x'+privateKey))
// Point {
// x: 759756512641423873946439870058443608688414856670287422413795292548523931103n,
@paulmillr
paulmillr / iptables-v4
Created May 30, 2020
Iptables for hetzner node
View iptables-v4
# Generated by iptables-save v1.8.4 on Sat May 30 03:09:50 2020
*filter
:INPUT ACCEPT [5482791635:734844839963]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [6170704752:839626854547]
-A OUTPUT -s 100.64.0.0/10 -j DROP
-A OUTPUT -s 192.168.0.0/16 -j DROP
-A OUTPUT -s 172.16.0.0/12 -j DROP
-A OUTPUT -s 10.0.0.0/8 -j DROP
-A OUTPUT -s 192.0.0.0/24 -j DROP
View bls12-jacobian.ts
export class JacobianPoint<T> {
constructor(
public x: Field<T>,
public y: Field<T>,
public z: Field<T>,
public C: Constructor<T>
) {}
getZero() {
return new ProjectivePoint(this.C.ZERO, this.C.ONE, this.C.ZERO, this.C);
View edwards.ts
// Default Point works in default aka affine coordinates: (x, y)
// Extended Point works in extended coordinates: (x, y, z, t) ∋ (x=x/z, y=y/z, t=xy)
// https://en.wikipedia.org/wiki/Twisted_Edwards_curve#Extended_coordinates
class BaseExtendedPoint {
constructor(public x: bigint, public y: bigint, public z: bigint, public t: bigint) {}
static BASE = new ExtendedPoint(CURVE.Gx, CURVE.Gy, 1n, mod(CURVE.Gx * CURVE.Gy));
static ZERO = new ExtendedPoint(0n, 1n, 1n, 0n);
static fromAffine(p: Point): ExtendedPoint {
@paulmillr
paulmillr / pgp_proof.txt
Last active Apr 15, 2020
PGP verification
View pgp_proof.txt
Proving ownership of
- paulmillr.com/pgp_proof.txt via paulmillr.com/pgp_proof.txt.asc
- twitter.com/paulmillr
- github.com/paulmillr via gist.github.com/paulmillr/cb3ad3b9cd4ac849eb1def3634f93421
Paul Miller (PGP 46BEEF337A641ABB) on 15 Apr 2020
Full pubkey:
-----BEGIN PGP PUBLIC KEY BLOCK-----
@paulmillr
paulmillr / expo.ts
Created Apr 9, 2020
Fast exponent 2_252_minus_3
View expo.ts
function pow_2_252_3_fast(t: bigint) {
const t0 = mod(t * t);
const t1 = mod(t0 ** 4n);
const t2 = mod(t * t1);
const t3 = mod(t0 * t2);
const t5 = mod(t2 * t3 * t3);
let t7 = t5;
for (let i = 0; i < 5; i++) {
t7 *= t7;
t7 %= P;
View secp256k1-endomorphism.md

Hal Finney's explanation of secp256k1 "efficiently computable endomorphism" parameters used secp256k1 libraries, archived from source.

The same optimization could be applied to any Koblitz curve (e.g. Short Weistrass curve with a=0).


I implemented an optimized ECDSA verify for the secp256k1 curve, based on pages 125-129 of the Guide to Elliptic Curve Cryptography, by Hankerson, Menezes and Vanstone. I own the book but I also found a PDF on a Russian site which is more convenient.

secp256k1 uses the following prime for its x and y coordinates:

@paulmillr
paulmillr / BLS_Signature.md
Created Mar 31, 2020 — forked from hermanjunge/BLS_Signature.md
BLS Signature for Busy People
View BLS_Signature.md

BLS Signature for Busy People

Summary

  • BLS stands for

    • Barreto-Lynn-Scott: BLS12, a Pairing Friendly Elliptic Curve.
    • Boneh-Lynn-Shacham: A Signature Scheme.
  • Signature Aggregation

    • It is possible to verify n aggregate signatures on the same message with just 2 pairings instead of n+1.
View parallel_grep.rs
use std::env::args;
use std::fs::File;
use std::io::{BufRead, BufReader};
use std::path::Path;
use std::thread;
// grep 6 times faster than unix `grep` CLI
fn read_print(filename: String, matcher: String) {
let path = Path::new(&filename);
View age-spec.md

A simple file encryption tool & format

Filippo Valsorda (@FiloSottile) — Ben Cartwright-Cox (@Benjojo12)

Designed at the Recurse Center during NGW 2019

This is a design for a simple file encryption CLI tool, Go library, and format. It’s meant to replace the use of gpg for encrypting files, backups, streams, etc. It’s called "age", which might be an acronym for Actually Good Encryption, and it’s pronounced like the Japanese 上げ (with a hard g).

You can’t perform that action at this time.