Hello everyone, I'm the developer and cofounder of Satellite.
Many of the early dreamers who built the Internet back in the 90's thought it would bring peace and global unity. Unfortunately... as the Internet evolved it became dominated by large commercial platforms. Today it's obvious to everyone that "social media" (should be called *anti-social* media) has, for the most part, driven us apart and created more misunderstanding than ever. The fatal mistake was allowing cyberspace to become a giant hyper-targeted ads platform where everyone lives in their own media echo-chamber, and failing to account for how easy it would be to manipulate online discourse. We're seeing the consequences of that now.
Today it's becoming harder and harder for various ideological factions to reach consensus about anything due, in no small part, to how vulnerable the current social platforms are to being manipulated — not just "accidentally" by the blind economic forces of ad-optimization, but also intentionally by anyone who has an incentive to shut down debate and discussion in what's become, arguably, the de-facto public square. Satellite is an effort toward de-escalating this crisis of coherence. Specifically, we're trying trying to address the twin issues of online identity (does your virtual self need permission to exist?) and data ownership (who controls the value/reputation you accumulate around your ID?).
Thanks for reading this far. There'a a lot more to explain (particularly about how the entire community dataset is built to be "forkable" like open source software) and how the content-ranking algorithm works (in terms of identifying people who are good at unifying perspectives) and if you're curious I would invite you to read the "Welcome to Satellite" intro article that you'll find on the front page, which I suppose gives a pretty good overview of the whole thing.
We just launched beta about 3 weeks ago and the community is growing steadily. In these early days, I'm conscious of how the initial members will likely have a large effect on how the community evolves going forward. If you're interested in joining this little experiment (or even just crossposting some of the essays you post here) we'd love to have you.
I'm happy to answer any questions here or on Satellite.
I ask cuz if you had homomorphic crypto (which can do general computing while encrypted then decrypt only the output and people who dont trust eachother can verify that is the correct calculation without knowing the algorithm used to calculate it)... I ask cuz if you had homomorphic crypto then you could use almost any random algorithm as a digital signature algorithm since only you could generate any output that others could verify came from you.
The DSA algorithm uses a key pair consisting of a public key and a private key. The private key is used to generate a digital signature for a message, and such a signature can be verified by using the signer’s corresponding public key. The digital signature provides message authentication (the receiver can verify the origin of the message), integrity (the receiver can verify that the message has not been modified since it was signed) and non-repudiation (the sender cannot falsely claim that they have not signed the message).
This post is inspired by some of the ideas in this thread - https://www.reddit.com/r/Ardor/comments/7qane0/confusion_and_inconsistent_instructions_about/. Is there a way to improve the Addresses and Public Keys in Ardor? Yes, there are a few ways... but a really good option might be to smuggle in some extra features too. Like killing two birds with one stone.
Basically, since Bitcoin and NXT launched there has been a lot of very impressive work done on Digital Signatures Algorithms and specifically in relation to Elliptical Curves. A lot of this work has even been motivated by the cryptocurrency space. Ardor has an opportunity to benefit from some of this innovation by making some simple but clever modifications to it's code.
Different cryptocurrencies settled on competing standards for their Digital Signature Algorithms during the design phase. For example, Bitcoin uses an elliptical curve called Secp2561 with a Digital Signature Algorithm called ECDSA. Ardor uses an elliptical curve called Curve25519 with a Digital Signature Algorithm called EC-KCDSA. There are various reasons why these choices were selected. The history might be of interest to some of you, but I won't go into that now. The elliptic curves are constants so the progress over time is on the Digital Signature Algorithms. Curiously some of the most impressive progress has been made on a DSA that neither Bitcoin nor Ardor use, called ed25591. But at least ed25591 builds on the same curve that Ardor already uses - Curve25519.
So what is so great about ed25591? Well, it's new. You might say that's not necessarily a good thing. We want to see stability with a component like this. Well, it's seeing some rapid adoption because of it's awesome new features. See here for adoption insight - https://ianix.com/pub/ed25519-deployment.html. I.e. it's quickly becoming a standard. So with out further ado - what makes ed25591 really cool:
I want to get the actual algorithm (not the certificate's algorithm) that was used for signing an installer file. Using Microsoft's crypt API, I was able to get what I want ( at least I thought...)
CryptQueryObject(CERT_QUERY_OBJECT_FILE, szFileName.c_str(), CERT_QUERY_CONTENT_FLAG_ALL, CERT_QUERY_FORMAT_FLAG_ALL, 0, &dwEncoding, &dwContentType, &dwFormatType, &hStore, &hMsg, NULL);
This works just fine with exe's but for some reasons msi files do not work. The CryptQueryObject call fails with
CRYPT_E_NO_MATCH 0x80092009 Cannot find the requested object.
Of course I have verified the paths and all that but I feel the error might be misleading. I thought maybe you more experienced guys out there might help me "decode" the meaning of this error in this context...
Thanks in advance
All the digital signature algorithms like DSA, EcDSA and EdDSA 's output is a pair (r, s). Is the (r, s) pair the only signature form? If not, i'd like to figure out the mathematical consideration behind (r, s) pair.
I'm building an opensource p2p computer called xorlisp for massively multiplayer games and AI research, that needs to sign and verify hashcodes from multiple other users at each time cycle of 1/32 second. Only the newest of each blockchain head need be signed by each user each cycle, since the rest can be derived by hash of hash (merkle). So the parts needing signing and verifying are low bandwidth, but key size increases that. A SHA256 hash is 256 bits, but rsa4096 generates at least a 4096 bit signature.
I need it to be strong enough that the same key can be used for years.
I also need it to be fast enough that it doesnt lag the games or other things done in the global computer.
Using Java's BigInteger's modPow and related funcs on a 4x1.6ghz computer, rsa4096 takes 4 seconds one way and 1/100 second to reverse if using the public exponent 1+2^16. I'll use C++ if I must, or maybe allocating objects instead of doing modPow in an array is the bottleneck? I hope theres algorithms that dont depend on modPow.
What digital signature algorithm would be fast enough?
Should I use RSA and whatever hashing algorithm I like, or is there something better than RSA?
Also, variable key strength is necessary, as most keys aren't that important but one is very important.
I did find one RSA library, but it has 256-bit keys only; which is stronger than necessary for the weak keys but weaker than necessary for the strong key.
What I mean by this is a system in which it is possible to derive inferior private keys from a private key which can be used to sign a message with the properties that other parties can
Start with any bitstring, such as a sentence or number. Hash it. Then hash the hash. Keep feeding the output back to the input, until you've got a really long list of them. You broadcast the last, and thats your name in the network.
At each step, you give the previous hash in the list. You are the only one who can do this if SHA256 is impractical to compute in reverse. You know the reverse because you computed them earlier and broadcast them in the opposite order.
You create as many of these lists of hashes as you need.
In the simplest case, 3 lists called timeStep, ones, and zeros. You broadcast the next reverse-SHA256 from timeStep and from either of ones or zeros.
position(timeStep) = position(ones) + position(zeros), where position means the farthest reverse-SHA256 ever broadcast for that list.
Only broadcast a farther reverse-SHA256 when enough others have confirmed they received your 0 or 1 bit, such as by broadcasting data from theirs.
This can do more bits at once or small integers by skipping multiple reverse-SHA256 in the list and only broadcasting the one farthest back, which eventually leads to what was broadcast earlier.
--- end of algorithm. example use next ---
Integers, such as number of pixels mouse moved.
I'm planning to use this to digitally-sign mouse movements using a list for pixels moved left, a list for right, a list for up, and a list for down, and a list for sum of those, and a list for time step in game.
It will be similar to a session so players of the econball game can know which mouse movements came from the same player instead of them faking eachothers data to cheat. It will cost extra size of the data, but that game is simple enough its still practical.
To route these digitally signed mouse movements I'll use https://www.reddit.com/r/Rad_Decentralization/comments/4fkm97/can_p2p_dominate_network_routing_as_proofofwork/ and players will find eachother to choose to play a game together by connecting pairs of their mouse movements to any bitstring such as the name of a chatroom. They'll propose variations of the rules of the game such as the equations of how score and ball size changes or how collisions are handled, as an acyclic network of scalar ops that take 2 inputs and 1 output such as plus, multiply, half, timesTwo, exponent, and other safe math. So they could build new kinds of games as long as they're made of some way balls interact with eachother. They could define new patterns of changing the colors of the b... keep reading on reddit ➡
Start with any unitary (EDIT: bijective) function of n bits to n other bits. All crypto is bijective, which means it has the same number of possible inputs and possible outputs. Example: any sequence of arbitrary permutations and plusses (mod a power of 2), then the reverse.
All sequential logic, such as every digital circuit, can be made of nand gates that each hook to 2 earlier nand gates, observing those 2 bits, and generate a bit (NOT (AND of those 2)). https://en.wikipedia.org/wiki/NAND_gate Nor gates would also work.
Write x=decrypt(encrypt(x)) as a nand forest.
Example: 256 inputs and 256 outputs with nands between them. Useful with sha256 to digitally-sign the hash of the bigger data.
Take a cross-section of nandForest(x=decrypt(encrypt(x))).
Example: 700 nands may be somewhere in the middle, with the input and output entirely separated by those 700 bit vars. What happens on either side can only affect the other side through those 700 bits.
The nand forest from 256 inputs to 700 in the middle is the private-key. Sign any 256 bits to create a 700 bit signature.
The nand forest from those 700 in the middle to the 256 outputs is the public-key. Verify any 700 bits generate the original 256 that was signed.
Example: Given any such key pair, take the sha256 of (the utf8 bytes of) this sentence, generate 700 bits, then broadcast those, the sentence, and the public-key. Then do the same for another sentence. Whoever has the public-key and both of those sentences and 700 bits can verify they were signed by the same private-key.
Problem? How efficient are SAT-Solvers on such npcomplete problems like reverse-computing a nand-forest? Its an open research problem how securely such a cross-section of the nand forest can be chosen from all possible cross-sections.