paulmillr

BLS Signature for Busy People

Summary

• BLS stands for

  • Barreto-Lynn-Scott: BLS12, a Pairing Friendly Elliptic Curve.
  • Boneh-Lynn-Shacham: A Signature Scheme.

• Signature Aggregation

  • It is possible to verify n aggregate signatures on the same message with just 2 pairings instead of n+1.

paulmillr

/* Elliptic curve: Batch add points. MIT License (c) */
function batchInverse(elms: bigint[], n: bigint) {
  let scratch = Array(elms.length);
  let acc = 1n;
  for (let i = 0; i < elms.length; i++) {
    if (!elms[i]) continue;
    scratch[i] = acc;
    acc = mod(acc * elms[i], n);
  }
  acc = modInverse(acc, n);

paulmillr

use std::env::args;
use std::fs::File;
use std::io::{BufRead, BufReader};
use std::path::Path;
use std::thread;

// grep 6 times faster than unix `grep` CLI

fn read_print(filename: String, matcher: String) {
  let path = Path::new(&filename);

paulmillr

### noble-secp256k1.py - MIT License (c) Paul Miller (paulmillr.com) ###

# initial:  0.177 / 36ms
# jacobian: 0.111 / 3.7ms
# + constant-time: 4ms
# + constant-time + precomputes: 2.6ms

class Curve:
    # Params: a, b
    a = 0

paulmillr

A simple file encryption tool & format

Filippo Valsorda (@FiloSottile) — Ben Cartwright-Cox (@Benjojo12)

Designed at the Recurse Center during NGW 2019

This is a design for a simple file encryption CLI tool, Go library, and format. It’s meant to replace the use of gpg for encrypting files, backups, streams, etc. It’s called "age", which might be an acronym for Actually Good Encryption, and it’s pronounced like the Japanese 上げ (with a hard g).

paulmillr

Keybase proof

I hereby claim:

• I am paulmillr on github.
• I am paulmillr (https://keybase.io/paulmillr) on keybase.
• I have a public key whose fingerprint is E0B4 E9E1 A4B9 C96F 889E 6C6F 6128 0CD9 A383 C2E5

To claim this, I am signing this object:

paulmillr

iOS, The Future Of macOS, Freedom, Security And Privacy In An Increasingly Hostile Global Environment

This post by a security researcher who prefers to remain anonymous will elucidate concerns about certain problematic decisions Apple has made and caution about future decisions made in the name of “security” while potentially hiding questionable motives. The content of this article represents only the opinion of the researcher. The researcher apologises if any content is seen to be inaccurate, and is open to comments or questions through PGP-encrypted mail.

TL;DR

paulmillr

#!/bin/bash
#
# DROPKICK.SH 
#
# Detect and Disconnect the DropCam and Withings devices some people are using to
# spy on guests in their home, especially in AirBnB rentals. Based on Glasshole.sh:
#
#   http://julianoliver.com/output/log_2014-05-30_20-52 
#
# This script was named by Adam Harvey (http://ahprojects.com), who also

paulmillr

require 'aws-sdk'
require 'aws-sdk-resources'

config = {region: 'us-west-1', bucket: 'test', key: 'key', secret: 'secret'}
Aws.config.update({region: config[:region], credentials: Aws::Credentials.new(config[:key], config[:secret])})
bucket = Aws::S3::Resource.new.bucket(bucket: config[:bucket])

# ============
# Create file.
obj = bucket.object(path)

paulmillr

import reclaimer
import uploader
# Example app code is mp7sh5jd6