Aug. 30th, 2025 11:38 pm

Today's Adventures

ysabetwordsmith: Cartoon of me in Wordsmith persona (Default)
[personal profile] ysabetwordsmith posting in [community profile] flaneurs
Today we went to the Tuscola Family Fun Day and the Arthur Amish Country Cheese Festival.

Amusingly, I'm wearing a goldenrod-yellow T-shirt with a corncob and the caption "This is my crop top." (It's full length.) I got at least half a dozen compliments on it. :D I bought it earlier this year at another event, definitely a good choice for fall festivals.

Read more... )
Aug. 29th, 2025 12:02 pm

snuffle / salsa / chacha

graydon2: (Default)
[personal profile] graydon2
This is a small note about a delightful function. Not cryptography advice or serious commentary. Just amusement.

A couple years back I had occasion to read in slightly more detail than I had before about the state of the art in cryptographically secure PRNGs (CSPRNGs). These are PRNGs we trust to have additional properties beyond the speed and randomness requirements of normal ones -- inability for an attacker to reveal internal state, mainly, so you can use them to generate secrets.

If you look, you'll find a lot of people recommending something based on one of Dan Bernstein's algorithms: Salsa20 or ChaCha (or even more obscurely "Snuffle"). All the algorithms we're discussing here are very similar in design, and vary only in minor details of interest only to cryptographers.

If you follow that link though, you'll notice it's a description of a (symmetric) stream cipher. Not a CSPRNG at all!

But that's ok! Because it turns out that people have long known an interesting trick -- actually more of a construction device? -- which is that a CSPRNG "is" a stream cipher. Or rather, if you hold it the other way, you might even say a stream cipher "is" just a CSPRNG. Many stream ciphers are built by deriving an unpredictable "key stream" off the key material and then just XOR'ing it with the plaintext. So long as the "key stream" is unpredictable / has unrecoverable state, this is sufficient; but it's the same condition we want out of the stream of numbers coming out of a CSPRNG, just with "seed" standing in for "key". They're fundamentally the same object.

I knew all this before, so people naming a CSPRNG and a stream cipher the same did not come as any surprise to me. But I went and looked a little further into ChaCha in particular (and its ancestor Salsa and, earlier still, Snuffle) because they have one additional cool and weird property.

They are seekable.

This means that you can, with O(1) effort, "reposition" the Snuffle/Salsa/ChaCha "key stream" / CSPRNG number stream to anywhere in its future. You want the pseudorandom bytes for block 20,000,000? No problem, just "set the position" to 20,000,000 and it will output those bytes. This is not how all CSPRNGs or stream ciphers work. But some do. ChaCha does! Which is very nice. It makes it useful for all sorts of stuff, especially things like partially decrypting randomly-read single blocks in the middle of large files.

I got to wondering about this, so I went back and read through design docs on it, and I discovered something surprising (to me): it's not just a floor wax and dessert topping CSPRNG and stream cipher. ChaCha is also a cryptographic hash function (CHF)! Because a CHF is also something you can build a CSPRNG out of, and therefore also build a stream cipher out of. They're all the same object.

How does the construction work? Embarassingly easily. You put the key material and a counter (and enough fixed nonzero bits to make the CHF happy) in an array and hash it. That's it. The hash output is your block of data. For the next block, you increment the counter and hash again. Want block 20,000,000? Set the counter to 20,000,000. The CHF's one-way-function-ness implies the non-recoverability of the key material and its mixing properties ensure that bumping the counter is enough to flip lots of bits. The end.

Amazing!

But then I got curious and dug a bit into the origins of ChaCha and .. stumbled on something hilarious. In the earliest design doc I could find (Salsa20 Design which still refers to it as "Snuffle 2005") the introduction starts with this:

Fifteen years ago, the United States government was trying to stop publication
of new cryptographic ideas—but it had made an exception for cryptographic
hash functions, such as Ralph Merkle’s new Snefru.

This struck me as silly. I introduced Snuffle to point out that one can easily
use a strong cryptographic hash function to efficiently encrypt data.
Snuffle 2005, formally designated the “Salsa20 encryption function,” is the
latest expression of my thoughts along these lines. It uses a strong cryptographic
hash function, namely the “Salsa20 hash function,” to efficiently encrypt data.

This approach raises two obvious questions. First, why did I choose this
particular hash function? Second, now that the United States government seems
to have abandoned its asinine policies, why am I continuing to use a hash function
to encrypt data?


In other words: the cool seekability wasn't a design goal. Shuffle/Salsa/ChaCha was intended as a tangible demonstration of a political argument that it's stupid to regulate one of the 3 objects (CHF, CSPRNG and stream cipher) since you can build them all out of the CHF. (And, I guess, "obviously you should be allowed to export CHFs" though I wouldn't bet on anything being obvious to the people who make such decisions).

And then I googled more and realized that when I was a teenager I had completely missed all the drama / failed to connect the dots. Snuffle was the subject of Bernstein v. United States, the case that overturned US export restrictions on cryptography altogether! And as this page points out "the subject of the case, Snuffle, was itself an attempt to bypass the regulations".

Anyway, I thought this was both wonderful and funny: both the CHF-to-CSPRNG construction (which I'd never understood/seen before), but also the fact that Snuffle/Salsa/ChaCha is like the ultimate case of winning big in cryptography. Not only does ChaCha now transport like 99%[EDIT "double-digit percentages"] of the world's internet traffic (it's become the standard we all use because it's fast and secure) but that it was pivotal in the evolution of the legal landscape and all arises from a sort of neener-neener assessment that the law at the time was internally inconsistent / contained a loophole for CHFs that made the whole thing "asinine".
Tags:
Aug. 28th, 2025 02:39 am

strongly typed?

fanf: (Default)
[personal profile] fanf

https://dotat.at/@/2025-08-28-strongly-typed.html

What does it mean when someone writes that a programming language is "strongly typed"?

I've known for many years that "strongly typed" is a poorly-defined term. Recently I was prompted on Lobsters to explain why it's hard to understand what someone means when they use the phrase.

I came up with more than five meanings!

Read more... )

Aug. 23rd, 2025 08:52 am

Biarritz

rmc28: Rachel in hockey gear on the frozen fen at Upware, near Cambridge (Default)
[personal profile] rmc28

Last night I successfully got the jersey I wanted for my team, and many of the people I wanted to draft to my team, and here we are:

Team Lanzarote, just after being drafted

(except one guy who'd wandered off, I'll try to get another group photo with him in at some point, but that one is beautiful; look at those gorgeous jerseys and that sunset sky)

I am so happy with this team. I put in some time and effort to read through the draft grid and make my first-and-second choice selections, and I switched things up as I spoke to people before and during the draft, and in response to how our draft order went on each round. I know I have a bunch of good people, both on and off the ice. In particular I got my captain from last year Sean, who is also the only person here this year who has been on my team in both the previous years. I instantly made him my A, and he's been a delight in the role already.

Three (short) games today and three tomorrow, to see whether I'm as good at picking and running a team as I think I am ...

Tags:
Aug. 22nd, 2025 04:38 pm

Playlist

rmc28: Rachel in hockey gear on the frozen fen at Upware, near Cambridge (Default)
[personal profile] rmc28

A few months ago I heard a love song and thought "this captures how I feel about ice hockey" and thus was a playlist born:

three-plus years in love (with hockey)

Additional suggestions always welcome :-)

full list, with exemplar lyrics )

(previous playlists, titles hopefully self-explanatory:

first game feels
second season:stepping up

I have completely normal feelings about this sport.)

Aug. 20th, 2025 07:43 pm

Wednesday reading

rmc28: (reading)
[personal profile] rmc28

The Adventure of the Demonic Ox (Penric & Desdemona) by Lois McMaster Bujold
This is something like 14th in the ongoing Penric+Desdemona books. You don't want to start here, it's a satisfying enough instalment in the series if you are already invested in the characters and the family. If I have a criticism I think that like the last two books I found the progress of the book a bit predictable and not very surprising. But I still read it in two solid bites (only separated by the tedious matter of needing to sleep).

The Arctic Curry Club by Dani Redd
This was on the "free paperbacks" shelf at Cambridge North and I picked it up on a whim, and used some of my free time to give it a try. A bit like the previous book, I didn't find it especially surprising but I did find it very engaging, and some very mouthwatering descriptions of food. Our protagonist Maya moves to Svalbard with her partner, who is taking up a research post there, and who turns out to not actually be as supportive and perfect in the arctic night as he seemed in London. When Maya makes a flying trip to Bangalore for her father's remarriage, she reconnects with a childhood friend and starts to dig up old family history. On her return to Svalbard she makes new friends and new culinary adventures.

The Unexpected Inheritance of Inspector Chopra by Vaseem Khan
A retiring police inspector in Mumbai inherits a baby elephant on his last day in the job, and finds himself investigating one last murder case in his retirement, with occasional assistance from the elephant Ganesha. This was both charming and surprising and I enjoyed it very much.

Aug. 20th, 2025 07:09 pm

A snippet from today

rmc28: Rachel in a white dress and a red neckscarf for the Fête de Bayonne (bayonne)
[personal profile] rmc28

At the airport security check, putting my hand luggage in the trays for xray. The guy staffing the preparation area tells me if I have any electronics in my bag, I need to pull them out. I pull out my laptop and kindle. He asks me if I have anything else, such as a hairdryer.

My tournament buddy Lisa is in fits of giggles. Of all people, do I look like I need a hairdryer?

Aug. 20th, 2025 09:16 am

Two goals!

rmc28: Rachel in hockey gear on the frozen fen at Upware, near Cambridge (Default)
[personal profile] rmc28

I joined the university open practice last night, after encouragement from my friend who is actually part of CUIHC (I was in the club, I dropped out two years ago, I plan to rejoin again this October but right now I'm in a weird limbo - eligible to play, lots of friends among the players, but not on any of the membership mailing lists or groupchats). 15 minutes or so warmup and then a scrimmage, with a spanking pace set by the Men's Blues players. It was enormous fun and a reminder of why I do these mad late nights etc. And I got a goal! Put myself by the back door and picked up a rebound, absolutely textbook stuff, very happy with it.

So my count is now:

  • 2 goals in scrimmage
  • 1 goal (actually an own goal by the opposition) and 3 assists in formal games

I'd love to reach the point where a goal in scrimmage is just another Tuesday, but maybe it's time to start a spreadsheet while I still remember each one individually.

(Other good things that happened yesterday: a coffee with [personal profile] lnr, lunch at the Dishoom Permit Room with Mick and Joye, book shopping with Charles, having the time to just sit and read a couple of books, skating lesson and seeing my friend E briefly afterward. Basically, it was a really lovely day of leave.)

Page generated Sep. 1st, 2025 08:58 pm
Powered by Dreamwidth Studios