Jan. 8th, 2008

interstice: (Default)
I saw this on slashdot today: shimmer. It was exciting; I'd thought of a similar idea in undergrad when I heard about "port knocking" while reading Goldreich's first book: http://books.google.com/books?id=uyhDTk-2arMC&dq=oded+goldreich+foundations+cryptography

I think that the time dependence is a big problem - if the client and server clocks are more than two minutes out of sync, no authentication is possible. Any protocol depending on a global oracle for synchronization should be easy to DoS. Anyway, I know that I've had more time drift than that, many times; even not counting daylight savings time(s), leap seconds &c.

When I had this similar idea, it was as an application of a property of pseudo random number generators (PRNGs, pron. "p-rings"), roughly that you can reseed a PRNG with the least significant bits of previous output, without compromising cryptographic strength (i.e. this procedure is proven to not make things any worse). Then, the two parties can track and perpetuate their state forever, by extending each other's sync-strings under cryptographic cover of the previous state exchanges... i.e., replace global time, with a local time defined by where along the sync-string each client is. The problem is linear growth in memory/storage use on the server side to keep track of "where" the client is. The potential solution is then to transfer to the client, the burden of maintaining state. I don't intuitively see why it can't be done the way ssh does it, but it's been a long time since I've thought about it. Maybe I'm missing something extremely fundamental & serious.

Also, why does the new Opera suck? It crashes every few minutes to halfhour under both winXP and linux. The flashplugin usually (but not always) crashes it; however, don't worry - you don't need it, sometimes it crashes automatically.
interstice: (Default)
I wound up with some red tea (rooibos) with vanilla the other day. I've been enjoying it in the mornings with Knob Creek in the evenings, when I got an idea. It worked well:

1. Brew a small to medium mug of rooibos. Consider adding a drop of vanilla extract unless it is preflavored.
2. Add at most one teaspoon or so of dark brown sugar. I think a tablespoon is far too much. Bourbon is actually quite sweet and will do the trick almost on its own. However, the optimal amount of sugar is probably inversely proportional to the quality of the bourbon.
3. Add a shot of decent bourbon.
4. Enjoy while very hot (optionally make a toddy by adding a pat of (unsalted) butter - I haven't done this.).

I'm sure there are many variants of this. It also deserves a good name.

Profile

interstice: (Default)
interstice

May 2011

S M T W T F S
1234567
891011121314
15161718192021
222324252627 28
293031    

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Aug. 18th, 2025 02:48 pm
Powered by Dreamwidth Studios