sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
zshlyk has quit [Remote host closed the connection]
zshlyk has joined #bitcoin-wizards
bru7us has quit [Ping timeout: 272 seconds]
laurentmt has quit [Quit: laurentmt]
Chris_Stewart_5 has quit [Ping timeout: 240 seconds]
kenshi84 has joined #bitcoin-wizards
metamarc has quit [Read error: Connection reset by peer]
mlz is now known as molz
kenshi84 has quit [Ping timeout: 240 seconds]
srpx has joined #bitcoin-wizards
<srpx>
andytoshi: it takes caution to implement an adder that is sidechannel-free, though...
<srpx>
andytoshi: but lamport signatures are absolutely trivial to implement and understand why they obviously work; at least much more so than ECDSA, which has that somewhat heavy elliptic curves machinery, and depends on unproven conjectures
Murch has joined #bitcoin-wizards
<sipa>
srpx: lamport signatures are indeed very simple to implement and understanf
<sipa>
they however also rely on an unproven assumption (properties of the underlying hash functions)
<sipa>
and they're also enormous.
kenshi84 has joined #bitcoin-wizards
kenshi84 has quit [Read error: Connection reset by peer]
jb55 has joined #bitcoin-wizards
<andytoshi>
srpx: there was recently a stir in the news about a cryptocurrency project implementing lamport (well, winternitz) signatures without knowing what they were doing, using them in a context where it was literally impossible to enforce single-use keys, and producing a completely owned system
<andytoshi>
i would be thrilled if you had an example of idiot-proof crypto but unfortunately i really do think it's impossible. lamport signatures kinda "cheat" my intuitive reasons why this would be so, because they deliberately reveal large amounts of key material, turning a weakness into a strength. but then this makes them one-time signatures which is a weird type of cryptosystem that most people have
<andytoshi>
little intuition for
<eck>
ouch
d9b4bef9 has quit [Remote host closed the connection]
AaronvanW has quit [Ping timeout: 272 seconds]
<srpx>
andytoshi: there is a huge gap between "idiot-proof" and "yes you're a senior dev that's 2 decades on the industry but you still can't implement this, just blindly trust 'the experts', thanks"
<andytoshi>
srpx: nobody except you has talked about blindly trusting experts
<srpx>
it is the difference between: "don't trust us? ask the engineer on your company to audit the code himself" and "no just trust us, thanks"
<andytoshi>
please go review libsecp if you want to, the code is the first google hit for "libsecp256k1" and the second result for "secp256k1"
<srpx>
and one-time sigs work well for the purposes of crypto-currencies, so...
<andytoshi>
they absolutely don't
<srpx>
andytoshi: by the way, yes IOTA is poor in so many different levels that it their best accomplishment so far seems to be making a case against the things they decided to use
<andytoshi>
the key holder can't control how often their keys are used, they can't guarantee single signatures without being extremely careful about state, they may want/need to revise transactions even if the previous problems don't apply, and finally nothing is ever final in a cryptocurrency except probablistically
<srpx>
wait, why can't they guarantee single signatures? sign once, publish a transaction with the new key, wait enough confirms, done? am I missing something here?
<srpx>
are you arguing for the case when you need to replace a tx or something?
<andytoshi>
i listed four orthogonal reasons that re-signing may happen
zshlyk has quit [Remote host closed the connection]
zshlyk has joined #bitcoin-wizards
jb55 has quit [Ping timeout: 252 seconds]
<srpx>
okay
<srpx>
andytoshi: by the way, what makes one a crypto expert (your criteria)
belcher has quit [Quit: Leaving]
zshlyk has quit [Remote host closed the connection]
zshlyk has joined #bitcoin-wizards
Emcy has quit [Ping timeout: 240 seconds]
CheckDavid has quit [Quit: Connection closed for inactivity]
Belkaar has quit [Ping timeout: 252 seconds]
Belkaar has joined #bitcoin-wizards
Belkaar has quit [Changing host]
Belkaar has joined #bitcoin-wizards
Emcy has joined #bitcoin-wizards
kenshi84 has joined #bitcoin-wizards
zshlyk has quit [Remote host closed the connection]
zshlyk has joined #bitcoin-wizards
tiagotrs_ has joined #bitcoin-wizards
meshcollider has joined #bitcoin-wizards
tiagotrs has quit [Ping timeout: 248 seconds]
tiagotrs_ has quit [Quit: leaving]
zshlyk has quit [Remote host closed the connection]
zshlyk has joined #bitcoin-wizards
aguycalled has quit [Remote host closed the connection]
blyat_ has joined #bitcoin-wizards
bru7us has joined #bitcoin-wizards
blyat__ has quit [Ping timeout: 248 seconds]
Ylbam has quit [Quit: Connection closed for inactivity]
zshlyk has quit [Remote host closed the connection]
zshlyk has joined #bitcoin-wizards
zshlyk has quit [Remote host closed the connection]
harrymm has quit [Ping timeout: 260 seconds]
zshlyk has joined #bitcoin-wizards
abomb has quit [Quit: Leaving]
harrymm has joined #bitcoin-wizards
zshlyk has quit [Remote host closed the connection]
zshlyk has joined #bitcoin-wizards
blyat__ has joined #bitcoin-wizards
_rht has joined #bitcoin-wizards
blyat_ has quit [Ping timeout: 256 seconds]
legogris has quit [Remote host closed the connection]
legogris has joined #bitcoin-wizards
d9b4bef9 has joined #bitcoin-wizards
zshlyk has quit [Remote host closed the connection]
meshcoll- has joined #bitcoin-wizards
TheSeven has quit [Ping timeout: 265 seconds]
zshlyk has joined #bitcoin-wizards
Noldorin has quit [Ping timeout: 272 seconds]
zshlyk has quit [Remote host closed the connection]
zshlyk has joined #bitcoin-wizards
TheSeven has joined #bitcoin-wizards
TheSeven has quit [Ping timeout: 265 seconds]
_whitelogger has joined #bitcoin-wizards
TheSeven has joined #bitcoin-wizards
bru7us has joined #bitcoin-wizards
a87ry5 has quit [Read error: Connection reset by peer]
meshcollider has joined #bitcoin-wizards
zshlyk has quit [Remote host closed the connection]
zshlyk has joined #bitcoin-wizards
<maaku>
srpx: <maaku> someone should have pointed out that "have the code in the host language" is a dangerous requirement because very few toolchains can be trusted to actually generate side channel resistant code after optimization and compiler magic
<maaku>
this isn't about "you're not an expert!" or "never roll your own crypto" or any other rediculous reasoning. rather, writing secure crypto software is *hard*. you can't prove security. and most infrastructure out there is not compatible with making crypto libraries secure
zshlyk has quit [Remote host closed the connection]
zshlyk has joined #bitcoin-wizards
Murch has quit [Quit: Snoozing.]
zshlyk has quit [Remote host closed the connection]
abomb has joined #bitcoin-wizards
zshlyk has joined #bitcoin-wizards
<maaku>
well fwiw the fee revision can be fixed if the signature can commit to extra data, which would be next key to be used for bip-125 like safe replacement
<maaku>
that has a set of other tradeoffs and one-time signatures are bad or other reasons mentioned, but worth mentioning that
StopAndDecrypt_ has joined #bitcoin-wizards
StopAndDecrypt has quit [Ping timeout: 264 seconds]
<srpx>
maaku: yep I agree with that, one of the reasons I'd rather have simpler sig schemes, but I agree lamport have its issues
<maaku>
in general terms that is a reasonable argument to make. e.g. Schnorr variants is a better choice than ECDSA
<maaku>
but we shouldn't shy away from certain categories of crypto because they seem difficult
<maaku>
(also, I question that assumption. Lamport signatures only look easier than EC if you treat the hash function as a black box. SHA2 or SHA3 is waaay more complicated than scalar multiply + signature operations)
blyat_ has joined #bitcoin-wizards
blyat__ has quit [Ping timeout: 240 seconds]
CubicEarths has joined #bitcoin-wizards
Dizzle has joined #bitcoin-wizards
CubicEarths has quit [Remote host closed the connection]
zshlyk has quit [Remote host closed the connection]
adam27 has quit []
zshlyk has joined #bitcoin-wizards
zshlyk has quit [Remote host closed the connection]
zshlyk has joined #bitcoin-wizards
_rht has quit [Quit: Connection closed for inactivity]
<adlai>
andytoshi: please don't contribute to "abstinance-only linkography". if the man wants to hotwire his own ABS drivers, let him risk his own neck... at worst, ask him politely to warn passengers
superkuh has quit [Ping timeout: 264 seconds]
Ylbam has joined #bitcoin-wizards
Dizzle has quit [Quit: Leaving...]
zshlyk has quit [Remote host closed the connection]
zshlyk has joined #bitcoin-wizards
Guyver2 has joined #bitcoin-wizards
bru7us has quit [Ping timeout: 252 seconds]
blyat_ has quit [Ping timeout: 265 seconds]
superkuh has joined #bitcoin-wizards
superkuh has quit [Excess Flood]
superkuh has joined #bitcoin-wizards
Guyver2 has quit [Quit: Going offline, see ya! (www.adiirc.com)]
zshlyk has quit [Remote host closed the connection]
zshlyk has joined #bitcoin-wizards
aguycalled has joined #bitcoin-wizards
sn0w-day has quit [Ping timeout: 248 seconds]
sn0wmonster has joined #bitcoin-wizards
meshcollider has quit [Quit: Connection closed for inactivity]
zshlyk has quit [Remote host closed the connection]
zshlyk has joined #bitcoin-wizards
arubi has quit [Remote host closed the connection]
arubi has joined #bitcoin-wizards
bru7us has joined #bitcoin-wizards
bru7us has quit [Ping timeout: 265 seconds]
zshlyk has quit [Remote host closed the connection]
arubi has quit [Remote host closed the connection]
dnaleor has joined #bitcoin-wizards
zshlyk has joined #bitcoin-wizards
arubi has joined #bitcoin-wizards
arubi has quit [Remote host closed the connection]
arubi has joined #bitcoin-wizards
meshcollider has joined #bitcoin-wizards
meshcoll- is now known as mesh_
zshlyk has quit [Remote host closed the connection]
zshlyk has joined #bitcoin-wizards
bru7us has joined #bitcoin-wizards
AaronvanW has joined #bitcoin-wizards
dnaleor has quit [Quit: Leaving]
AaronvanW has quit [Remote host closed the connection]
AaronvanW has joined #bitcoin-wizards
aguycall_ has joined #bitcoin-wizards
d9b4bef9 has quit [Remote host closed the connection]
aguycalled has quit [Ping timeout: 268 seconds]
d9b4bef9 has joined #bitcoin-wizards
cyberhugger has joined #bitcoin-wizards
Sentineo has quit [Remote host closed the connection]
laurentmt has joined #bitcoin-wizards
ghost43 has quit [Ping timeout: 272 seconds]
laurentmt has quit [Quit: laurentmt]
zshlyk has quit [Remote host closed the connection]
zshlyk has joined #bitcoin-wizards
zshlyk has quit [Remote host closed the connection]
ghost43 has joined #bitcoin-wizards
zshlyk has joined #bitcoin-wizards
bru7us has quit [Ping timeout: 252 seconds]
zshlyk has quit [Remote host closed the connection]
zshlyk has joined #bitcoin-wizards
aguycalled has joined #bitcoin-wizards
dnaleor has joined #bitcoin-wizards
aguycall_ has quit [Ping timeout: 248 seconds]
instagibbs has quit [Ping timeout: 248 seconds]
instagibbs has joined #bitcoin-wizards
laurentmt has joined #bitcoin-wizards
laurentmt has quit [Client Quit]
zshlyk has quit [Remote host closed the connection]
srpx has quit [Ping timeout: 260 seconds]
zshlyk has joined #bitcoin-wizards
aguycalled has quit [Read error: Connection reset by peer]
aguycalled has joined #bitcoin-wizards
dnaleor has quit [Quit: Leaving]
laurentmt has joined #bitcoin-wizards
meshcollider has quit [Quit: Connection closed for inactivity]
zshlyk has quit [Remote host closed the connection]
zshlyk has joined #bitcoin-wizards
son0p has joined #bitcoin-wizards
CubicEarths has joined #bitcoin-wizards
AaronvanW has quit [Ping timeout: 248 seconds]
cyberhugger has quit [Quit: Connection closed for inactivity]
Murch has joined #bitcoin-wizards
AaronvanW has joined #bitcoin-wizards
itsme_ has joined #bitcoin-wizards
laurentmt has quit [Quit: laurentmt]
zshlyk has quit [Remote host closed the connection]