@mischa sorry only see it now :)
The back and forth was about getting a replacement module, it being shipped to the wrong address, missing a memory module, summer holiday, etc. etc. Apart from the summer holidays they were quite responsive.
@mischa @js after a long back and forth with Protectli I don't have a successor yet. Good to know Mischa!
@damienmiller could you elaborate a bit on how manifest v3 can mitigate supply chain attacks? There's nothing that can stop a hijacked developer account pushing a new malicious update, is there?
As stated here: https://cybervillains.com/@djm/111255948769148166 in this (old) thread https://infosec.exchange/@lcamtuf/111253626757075766
snaps v1 is released! a backup program to backup untrusted hosts and protects for example against the rsync exploits from last year (https://phrack.org/issues/72/11_md#article)
After running the beta release since 2018 reliably, it is time to call it stable.
https://github.com/timkuijsten/snaps
#openbsd #backups
@mischa ♥ goeie timing ook :)
Pretty surprised to see that the armv6m optimized Ascon-Hash256 (winner of NISTs lightweight crypto competition) is 3x slower than the standard BLAKE2s reference implementation on a Cortex-M0+ 😲
#hashing #ascon
@kora right, makes sense.
blake3 came after one of the blake authors realizing there is "Too Much Crypto":
1. https://eprint.iacr.org/2019/1492.pdf
2. https://www.youtube.com/watch?v=u9wPIWZYxLw
3. https://toomuchcrypto.xyz/
@kora I see Noise stateful hash objects mentioned in the blake3 paper and because of past fame with blake2, especially w.r.t. the Noise framework.
Hi @kora, thanks for making rosenpass, it looks very well composed and engineered!
Question, has blake3 been considered for rosenpass and what were the reasons to settle on shake256 instead?
@filippo good point, tnx! :)
hi @filippo
The Go chachapoly source has a comment that states:
// Note that this is too short to be safely generated at random if the same
// key is reused more than 2³² times.
NonceSize = 12
https://cs.opensource.google/go/x/crypto/+/master:chacha20poly1305/chacha20poly1305.go;l=22-24`
According to the birthday paradox I would have expected a higher number of safe key re-use, at most 2^48 times for this 96 bit nonce. Do you know why 2^32 is stated?