We are in the middle of the end game theory of society. #fridayThe13th
| Blog and stuff | https://tobtu.com |
| GitHub | https://github.com/Sc00bz |
Sc00bz
- 802 Followers
- 37 Following
- 269 Posts
Ramblings of a programmer and cryptography enthusiast. No AI slop (I have muscle memory for Alt+0133 "…" and Alt+0151 "—" and I hate LLMs more for that). I do stuff… sometimes. Also creating hsmVault.com… eventually.
I just learned that JS has the exponential operation **:
Math.pow(a, b) == a ** b
I remember when I was like fuck it "a ^ b" in Excel and was like wait that worked? This is that moment for me but for JS. I remember having Excel 97 and Excel XP (or 2003). I assume 97 didn't have ^ but XP (or 2003) did... I'm not old you're old.
I was looking at the RWC2026 talks and saw "XHMQV: Better Efficiency and Stronger Security for Signal's Initial Handshake based on HMQV". DuckDuckGo didn't find anything on XHMQV. So I tried Google. (edit: I mistyped XH*MQ*V as XH*QM*V)
Or just recreate these with better settings and have it take ~43 days on an RTX 4090. 96% success rate, 2 perfect tables, 942651571967 chains/table (before perfecting), chain length of 630000, <3 TB (RTI2), 6 steps. These are twice as fast to use too.
OK or ~100 days on an RTX 4090. 99.9% success rate, 4 perfect tables, 1265875614643 chains/table (before perfecting), chain length of 720000, 3.95 TB (DIRT) (or 5.56 TB (RTI2)), 10 steps. These take 1.443x longer to use but if you only use 2 tables it's 1.386x faster and higher success rate 96.84% (vs 94.75%).
Rainbow tables aren't that hard. Woof 94.75% success rate, 1 imperfect table, unsorted RT files, sequential start points, 549755568128 chains, chain length of 881689, 8 TiB. Effective rate is 89.77%.
You'll need to run rtsort on all the tables, then rtmerge, then rt2rti2 to make it 4 TiB instead of 8 TiB. If only they knew what they were doing.
https://cloud.google.com/blog/topics/threat-intelligence/net-ntlmv1-deprecation-rainbow-tables/
Bonus this is just so fucking stupid: "PROPOSED MITIGATION. The attack has limited impact, but it would be easy for 1Password to prevent it entirely: the secret key can be used (with proper key derivation) to authenticate the KDF parameters with a cryptographic MAC."... wait do they know about 1Password's "secret key" (previous names were "device key" and "account key"). OK if they do then not completely stupid, but still stupid because a stolen device now gives you offline vs online password guessing and removes the post compromised mitigations. Anyway others might look at that and go "let's to that" and they'll end up giving everyone a hash of your password to crack offline.
You may have seen this paper (https://eprint.iacr.org/2026/058.pdf), but it's not all doom and gloom the authors got a few things incorrect (2 out of 3 of the things I looked for). Like Bitwarden having a downgrade attack all the way down to 1 iteration of PBKDF2 but it's 5000. Also 1Password does not have a downgrade attack because they use a PAKE.
Just found this hilarious bookmark (given current events) to a dead website:
"Exploit Notepad++ upgrade using Evilgrade" October 15, 2014
https://web.archive.org/web/20161014043749/https://cyberinc.co.uk/exploit-notepad-upgrade-using-evilgrade/
"Exploit Notepad++ upgrade using Evilgrade" October 15, 2014
https://web.archive.org/web/20161014043749/https://cyberinc.co.uk/exploit-notepad-upgrade-using-evilgrade/
@standupmaths There's an error in your latest video https://youtu.be/TNWl-0rle4A. Graph A's 3 node joins with graph B's 2 and 6 nodes. You can change node 3's label to 5 then there are no joins between graph A and B. Then smallest valid n is 25.
