/dpt/ - Daily Programming Thread

What are you working on, Zig Forums? Don't be shy about asking for help or code review. Keep your posts on-topic, please.
Bash script to pick random number for challenges: echo $(((RANDOM*145>>15)+1))

Attached: programming challenges v4.0.png (3840x2160, 1.61M)

Other urls found in this thread:

pastebin.com/hJ8XhYQy
norvig.com/big.txt
crypto.stackexchange.com/questions/9694/technical-details-of-attack-on-android-bitcoin-usage-of-securerandom.
extremetech.com/computing/164134-how-bitcoin-thieves-used-an-android-flaw-to-steal-money-and-how-it-affects-everyone-else
en.wikipedia.org/wiki/Dual_EC_DRBG#Software_and_hardware_which_contained_the_possible_backdoor
mentalhealth.gov/get-help/immediate-help
fiddle.jshell.net/ydj0br3s/show/
github.com/yaspr/Encryption-Protocol-0
github.com/yaspr/lp0
pastebin.com/JEMvV0hW
github.com/IwoHerka/sexpr
github.com/IwoHerka/auk
gist.github.com/rust-play/9cdb515fdab05847e9fab38bfeecb3c2
twitter.com/NSFWRedditImage

I fugged up the script :DDDDDD echo $(((RANDOM*145>>15)+1))

Working on a website (and web template language) that uses classic CP437 and can into ANSI art.

Goal is to make a website and a BBS analogue from common source data.

Attached: ANSICONV.GIF (774x1457, 103.67K)

Nothing particular, I'm fucking around with a little project in C to summerize a few things of system programming I apprehended from a recently read manual.

Fixed the OP for ya.

>>>/reddit/

Well, the current TempleBot isn't mine... and I don't really see anything wrong with it.
It was written by a k00l k1d in Erlang, iirc. The commands !gw and !god work fine.

source code where?

Very slow implementation of an encryption algorithm I designed using key dependent operations and block sizes.
This is a PoC ...

pastebin.com/hJ8XhYQy

This doesn't look secure.

I encrypted norvig.com/big.txt with this and then compressed it with xz. The compression ratio is 2. This means the encrypted file isn't random.

Hahaha ... Look secure! How do you know? What's your benchmark?


You apparently have no notions of crypto if xz and compression ratio is the way to check XD
Enthropy is not a reliable metric for security of an algorithm, it's a scam check out the enthropy of broken algorithms. Having patterns doesn't mean they are exploitable. I agree thought, the output won't look random but that's the trick also.

Talk is cheap ... PoC or STFU! Proof of Concept or Shut the Fuck Up. None of you gave any serious cryptanalysis, just typical mumbo-jambo ...

Do you even know what's going on in the code?
Do you even understand the basic principle?

Let me remind you that it is a PoC, not the finished algorithm ... That, I'll keep for myself. Yet, if I provide an encrypted file. There's no way any of you can break it.

Let's be a bit methodical and avoid just talking unless you got viable demonstrations.

Calm down.
If an encryption algorithm isn't able to produce random looking output, it's broken.
Where is your security proof? Where is your design rationale?
Lol ok. You're either insane or trolling. Either way it's pretty funny.

Even AES can be broken if shitty PRNGs are used during the encryption phase, creating patterns that can be used to derive the secret from encrypted data. Some malware in the wild used to take advantage of predictable "random number generator" of Java and stole Bitcoins from Android devices before. It's nice and dandy to make your own crypto and all that but you will just make yourself look like a moron if you don't have any background knowledge of a topic you seem to spout nonsense about.

crypto.stackexchange.com/questions/9694/technical-details-of-attack-on-android-bitcoin-usage-of-securerandom.

It's not funny. So far, you seem to be stuck believing in mathematical principles which you cannot demonstrate.

I see no rationale here. Elaborate on that, am interested. What's randomness? What's entropy?

My security proof is my code and the basic principles behind it.

I'm neither insane, nor am I trolling. Maybe you are.

If predictable then it's not random. There's no such thing as randomness, the true key to security is expiration and update.

Dude, I'm not just a "random" dude that came in here to have fun. Look at the work, not the person. I know VERY WELL what I'm talking about.

I'm looking for really open minds, not people, talent that can see beyind what you've been sold.

Breath, reevaluate & let's talk low level then.
Otherwise, it's all pointless.

Another link if the first one wasn't satisfactory for you enough:
extremetech.com/computing/164134-how-bitcoin-thieves-used-an-android-flaw-to-steal-money-and-how-it-affects-everyone-else

top kek. keep it up

I wrote a superior encryption algorithm: use std::{ io::{BufRead, Write}};fn main() { let stdin = std::io::stdin(); let mut stdin = stdin.lock(); let stdout = std::io::stdout(); let mut stdout = stdout.lock(); // replace with secret key let mut key: u128 = 0xdeadbeef; loop { let len = { let buf = stdin.fill_buf().unwrap(); if buf.len() == 0 { break; } for b in buf { key = key.wrapping_mul(0x12e15e35b500f16e2e714eb2b37916a5); stdout.write_all(&[b ^ (key >> 120) as u8]).unwrap(); } buf.len() }; stdin.consume(len); } } Try to break it. Protip: you can't

I'm not ineterested in securing bitcoin transactions or any of the known BS in nature. That's just rubbish to me. The tech is CRAP, made for profit. Privacy and mindful evolution are my goals!!

Back in the days of the cold war, crypto was done in plain sight through news paper articles. No randomness, just key words from a meaninful set (the article) if arranged in sequence by a person with knowledge of the "key/sequence" communication is established.
That's elegant to my mind. And that's the spirit.

With regard to randomness, if you're weathered enough, you can hijack function calls to crypto primitives (i.e. ptrace & LD_PRELOAD). Another way, you can patch the binary of the crypto software and corrupt the output registers with values seemingly random but coming from a test pool you already know how to break (a bit like feeding a loopback feed to a monitor surveillance system).

I got some other techniques up my sleeve, maybe they'll come out in a discussion at some point.

First mistake: superior.

Do the work, and let the public decide. Don't jump to conclusions yet.

Oh shit. Are you the NSA?


Talk is cheap ... PoC or STFU! Proof of Concept or Shut the Fuck Up. None of you gave any serious cryptanalysis, just typical mumbo-jambo ...

Do you even know what's going on in the code?

Do you even understand the basic principle?

Let me remind you that it is a PoC, not the finished algorithm ... That, I'll keep for myself. Yet, if I provide an encrypted file. There's no way any of you can break it.

Let's be a bit methodical and avoid just talking unless you got viable demonstrations.

I've visualized your shitty "encryption" algorithm. Looks shit to me.

Attached: encrypted.png (2548x2548 9.82 MB, 2.76M)

XD ... You're so irritated and unwilling to go an extra mile and understand the code wanting to prove everybody wrong not even realizing how childish you sound. Your code is stupid. The key operations are known at any point in time: ^, >>. Look closely at my code, check the block size also.

In response to your response by my response: "never give a weapon to an irresponsible person".

Also, replying with a code doesn't validate any of your positions. It shows inexperience in dealing with lower than the surface subjects.

"Looks" isn't an argument. You have no idea of inner workings, you're just talking. What does the code do ... ?

Oh shit. The key operations for AES/ChaCha20/Keccak are also known at any point in time. All broken by some user. Impressive.

You can clearly see the bias in the encrypted output. Pic related is the output of my superior algorithm.

Attached: c.png (2548x2548, 9.82M)

Those algorithms are not part of this discussion. Their sources are obscure, you mentionned one previously.

You still haven't answered any of my valid questionWhat's randomness? What's entropy? What's my code doing?

Superior ... Let's get serious shall we? Enough BS, you're a sheep and you don't even know it.

FYI

en.wikipedia.org/wiki/Dual_EC_DRBG#Software_and_hardware_which_contained_the_possible_backdoor

You still haven't provided a security proof nor a design rationale.
Producing hot garbage by the looks of
you're insane and you don't even know it
great argument

As I stated before, "READ THE CODE" that's my rationale. I see no anwser from your side though.

"Looks like gabage" isn't an argument when talking about matters such as crypto. See this as an argumentation exercise, it'll sharpen your skills.

What's sanity, how did you learn to put words together to make meaning?

top kek. btw

Don't get lost in BS ... concentrate with me and let it resonate, follow the path otherwise you'll roam around like a gold fish ...

mentalhealth.gov/get-help/immediate-help

Fallacious !

Nothing else to add. Seems like madness is rule in here! :)

You still haven't broken my superior cipher:

Go to sleep ... You're tired.

I'm a NEET with a fucked up sleeping schedule. I'm constantly tired.

That explains why your neurons are incapable of going beyond a lazy Rust ego construct full of arrogance. Wrap your mind around that.

LMAO XDDDDDDDDD

Attached: 12bd56583f320fdb3c1e50ededc10cdda6db2cb50c6e127994707db05ca986b1.png (2548x2548, 9.82M)

Your eyes seem to be enough ... Dig a bit deeper than just looks. Not an argument, you're full of it. Uncapable of proving nothing. Stuck in your little self assertions ... Evolve mortal being, you're not great, greatness isn't for earthlings, you simply exist and you were told how.

If such a picture makes sense to you, it only reflects the state of your mind dear fellow. A random looking cypher which you'll never be able to solve, the riddle of life, the first thread!

LOOOOOOOOOOOOOOL

Attached: encrypted.png (634x566 316.61 KB, 48.94K)

Requesting source code for generating those PNG's, friend, for humanity's knowledge increase.


What algo is that?

see
He's probably just putting the raw image (as in rgb values) through it.
My guess is something that uses AES.

I converted the image to raw RGB using ImageMagick , "encrypted" it using this algorithm and then converted the "encrypted" RGB file back to a PNG. convert image.png image.rgbencrypt image.rgbconvert -size widthxheight -depth 8 image.rgb image.png >What algo is that?
This one . It's a Lehmer RNG. Obviously not cryptographically secure but still better than this dumpster fire

You have no idea what the code does and you have no arguments. Your skills are so below the belt, you compare Lehmer to something you know nothing about.

I mean, WOW!

Again, what's entropy? What's randomness? What's my algorithm doing?

You got two years to learn to talk and the rest of life to learn silence dear fellow.

Quit the BS and focus!

Your "encryption" algorithm fails at encrypting.
I'm mocking you. Seek help.
mentalhealth.gov/get-help/immediate-help

You're mocking yourself and behaving like an idiot.
Being mean and irrational for the sake of your ego.

This could've been a fruitful discussion, you turned it into a shit show. You're a circus "animal" ... You like entertainment and you're unable to go to the core of anything. Living on the surface unaware of the layers.

Just look at those images
The encrypted.png is "encrypted" using your program. Notice how you can discern the original image. Explain that.

An image is not an argument. How would you attack the algorithm, not the output data?
Yes there's a pattern, that doesn't say it's revelatory of anything that can help retrieve the key or the clear text. Random looking output is not a measure of security. Knowing how something looks doesn't tell you what it is in crypto.

fugg :DDDDDDDDDDD
I don't need to because it fails at encrypting. You can still see the nigger crying. You can still read the text.

Attached: not an argument.png (500x534, 404.87K)

You're repeating yourself, can't get beyond a fallacious argument and pictographic non-proofs.
Poor you ...

You see those dark bars on the top? It is a sign that the encryption is having weak states.

How do you define a weak state?

Do a real full analysis and quit goofing ... You're wasting valuable life time and breatable air.

Point at a weakness in the algorithm not just random abstract concepts you interpret from a picture.

I created a superior encryption tool. Here's a JS implementation:
fiddle.jshell.net/ydj0br3s/show/

Registered it with BIS & emailed a copy to NSA as required per US export laws.

COINTELPRO tried to ruin my life.
Study it if you want to improve your crypto capabilities. It's quantum computer proof.

Let's not get carried away with all that BS about quantum and mouse movement non sense.

Channel your energy to analyze what I did better rather than waste it on BS.

You have no knowledge of my crypto abilities nor are you aware of your own limitations.

Surely you jest. Randomness is the lack of predictable pattern. Entropy in information theory is the tendency for structure to break down over time, for patterns to degrade.
I haven't looked at it, but why don't you tell us what it's doing and why? Then perhaps we can suggest improvements to fix it?

I'm not seeking help nor a fix, rather collaboration on some basic principles exhibited in the code.

I will not explain for a simple reason: read, use the mind and let's be methodical. No hands holding, I am not seeking children !!!

Am seeking analytic minds to see beyond, understand by themselves and exchange lucidly with valuable insight free from the shackles of century old concepts.

Ok for randomness. Does randomness exist and how can you establish that?
Entopy is a metric not a tendency but you're close. Why does it matter for the security of an algorithm? Why are patterns so problematic?

I "encrypted" the video stream. Truly amazing. You have dethroned AES.

Attached: encrypted.mp4 (292x500, 11.98M)

My algorithm uses the property of unknown state, it throws away a large chunk of state and only uses a 1 way cipher to perform 2 way encryption via cyclic block chaining.

Also, each block of input data accumulates more entropy in the running state buffer thus optionally becoming "Authenticated Encryption" if a final null block is processed.

RSA and most other stream ciphers are theoretically reversible via quantum computer. Imagine a quantum computer whereby each input bit could be 1, 0, or a superposition of 1 and 0. The operations done on the bits create an entanglement.
If you feed in 1's and 0's to the algo implemented on such a quantum computer then you get 1's and 0's out.
If you feed in all superpositions for a block of a cipher algorithm, then you get qubits with complex entangled superpositions. Then you can take a known ciphered output and begin collapsing those output superpositions, this will cause a chain reaction and reveal what 1's and 0's were fed into most stream cipher algorithms, like RSA.

My algorithm deliberately generates a large block of intermediary state then throws much of that state away. The smaller block size of data that is combined with the plaintext depends on unknown values that have been thrown away. The next input plaintext block is 'hashed' with all prior plaintext blocks and the key which was stretched and obfuscated via hashed message authentication (HMAC), this output becomes the next block of cipher data. A simple substitution cipher is then applied to the output of the cipherblock in order to ensure chosen plaintext attacks are not possible without foreknowledge of the key. Even if you knew what the plaintext was at a given position you could not reverse the value of the cipherblock due to the substitution cipher. This ensures the following and prior blocks remain secure even if a portion of data at an offset is known.

Because much internal state is thrown away each block (and much is also kept), a quantum computer can not be used to reverse the cipher. Faced with a large batch of "unknown" state each round of the cipher to guess at, the quantum computer can not collapse the superposition structure of the qubits and thus can not be used to break this cipher.

It's quantum computer proof.

The moving of the mouse is just there because Javascript provides no good source of randomness with which to create strong initialization vectors. So, we rely on the user.


you're being an ass. You don't know what your code does, and can't explain why it is secure.

I'm not an ass!! You're too emotional.

My code has no value, what's beyond the code?
I never claimed it is secure I asked what's wrong technically and where?

Read the thread, nigger: >>944958 >>945225

Refresh ...


I made no claims.

Either ignorance, or you're a PSYOP to see how competent 8ch Zig Forums is at crypto.

Here is your init function:
void init(unsigned char *restrict key, unsigned keylen){ //Randomize with key for (unsigned i = 0; i < MAX_KEY_LEN; i++) { K[0][i] ^= key[i % keylen]; K[1][i] ^= key[i % keylen]; } //Flip key bits and rot - this is the new key for (unsigned i = 0; i < keylen; i++) key[i] = rotl(~key[i], K[key[i] % 2][i]);}
This mutates a key using two 128 byte (MAX_KEY_LEN) pre initalized buffers.

First, please explain why we should trust your chosen magic values for the contents of those K[1] and K[2] arrays. No one will use crypto that has such unexplained magic numbers on the off chance you've selected the init vars to create some form of backdoor.

Secondly, if you supply a small key, you get a small key back out. Instead you should employ key expansion to generate a larger standard key size from a small key. Additionally, you should perform many iterations of the key expansion (this is called key stretching) which when properly implemented greatly increases the difficulty to crack a key without significantly impacting stream cipher performance.

Finally, you have this little doosy in the code above:
key[i] = rotl(~key[i], K[key[i] % 2][i]);
A big no-no having that modulus 2 to switch banks of the 128 byte buffer. You've created a side-channel attack to leak the key depending on the key directly to access two MAX_KEY_LEN sized buffers.

That's just init()... The rest is equally trash, and isn't worth my time to tear down. It's clear you don't know jack about crypto. Best practices aren't just there because some fools are obsessed with "randomness" or "mathematics", we cryptographers are concerned about preventing known exploit vectors in our code.

Perhaps you should revise your stance on taking advice from children. I wrote better crypto than this when I was 12. Good luck.

Now you're talking sense. You're still twelve though, it's all personal for you.

It's not a stream cypher ... Look closely and avoid the emotional point of view. Remain methodical dear fellow. You're not wasting your time ...

Well, I agree on constants but I can assure you that's just for PoC reasons (similar to Blowfish's Pi or the ECC NSA BS).

Yes. Look closely. I think I can see a shirtless Alex Jones. But it is encrypted. How can I discern that???????
It is a mystery.

Attached: encrypted.png (850x567, 1.15M)

Simple initiation to "magic numbers": github.com/yaspr/Encryption-Protocol-0

Another one: github.com/yaspr/lp0

A sort of example of what's not to do and how to break it.

Try text, artifacts are not that easy to spot though. Images are a whole other dimension given that it is encoding a signal ... Plus, I never claimed it is as secure, more secure or even secure. I just posted a code.

Keep analyzing the mechanics and forget about what you already know. Just look, structure over details.

Amazing. I can barely read it. This is truly the peak of encryption. I hope the CIA niggers don't suicide you for creating this unbreakable encryption algorithm.

Attached: encrypted.png (601x569, 516.02K)

Unbreakable? Why are you trying to prove a pointless point. I said look beyond the 12 year old.

Kegel exercises are powerful for a healthy equipment.

LOOOOOOOOOOOOOOOOOOOL

Just recognize that your implementation is a failure. Learn from your mistakes implement a better algorithm. The one you have created is worthless, and serves no purpose.

You can't see further than your nose. I do not believe anything not am I claiming anything. I'm waiting for something you do not seem to understand given that your are stuck in old fashion paradigms.

Attached: encrypted.png (1920x1080, 5.73M)

You must feel smart with your newspeak. poor fellow. Nothing substancial as of yet. Stop wasting your energy on personal BS.

Attached: encrypted.png (600x439, 766.53K)

Childish as fuck XS

Attached: encrypted.png (1920x1080, 1.41M)

Nicely underlined, but it's the word before that is key in here: CYCLES :]

Not him, but can you explain what the problem is here? The pastebin was removed so I lost the context for it.

pastebin.com/JEMvV0hW

Let me know what you see, I'm interested.

What the fuck is going on here? Is this some advanced trolling or a genuine pajeet lolcow?

i congratulate you my friend,becasue you are
officialy toasting in epic bread.

Attached: 1526762143866.jpg (786x537, 40.97K)

rolling

tr 'a-zA-Z' 'n-za-mN-ZA-M
rolling

For once, a ray of truth. Wrong questions indeed.
The code is a PoC for an attack, the crypto algorithm isn't it, it's just a target : rdtsc & L3 cache.


No pajeet here ... Get out of that mindset and look deeper.

Attached: encrypted.png (449x401, 527.22K)

WTF is wrong with you? It's not the encryption that's at stake here, it's its operations. Trying to see if what I found stays even after changes.
You only look at the crypto, you're at the surface dear fellow.

I can't work out who is trolling who here

Attached: felix_thonk.png (327x300, 84.87K)

I'm not trolling

Attached: encrypted.png (327x300, 154.33K)

kkk roll

CIA roll

Did you even objdump the thing? I mean you're a circus entertainment ...

no u

Attached: encrypted.png (900x560, 1.03M)

My heart's with you dear fellow. I trully wish for you to wake up from your sleep and look. It's all up to you and your fallacious ego.

I'm working on a small s-expression toolkit for Python and micro-package for
compling s-expressions into Python functions.


Cool. If anyone wants to point our some code smells or suggest improvements, I would be obliged. Thanks.

>github.com/IwoHerka/sexpr - Toolkit
>github.com/IwoHerka/auk - Compiler

(I will be reposting this from time to time as traffic on 8ch is quite low)

Attached: lisp_theory_and_practice.jpg (864x1024, 184.57K)

Attached: n00bz.jpg (1261x1000, 324.22K)

kkk roll

Dude take a look at this:
gist.github.com/rust-play/9cdb515fdab05847e9fab38bfeecb3c2
256-bit quantum secure crypto. It can't get better than this. Prove me wrong.

Good for you dude. How is it relevant if it is executed on a shitty CPU ... You can write the best algorithm you want if the basic operations aren't secure at the hardware level, if there's any leakage, you're fucked!

Your algorithm is great, mine is shit but once implemented I can fuck over any of them given that hardware memory will leak ... the actual architectures are shit, and the actual state of physics which allows us to burn those architectures down on a wafer cannot prevent leakages (capacitors & refresh).

What to do about that?