Reminds me of people where I worked having vanity GPG key ids. I'm wondering how much CPU time and on what machines it took to find them.
rgovostes 26 days ago [-]
For vanity GPG keys, I came up with a neat trick where you could insert arbitrary ASCII art into your key. You construct your ASCII art using the Base64 character set. The decoded binary will be gibberish but you can place it in an inert Literal Data Packet that will be ignored by any conformant OpenPGP parser. It just takes a little finagling to align your data to a 3-byte boundary with appropriate line wrapping.
wiktor-k 26 days ago [-]
Key IDs are based on fingerprints and fingerprints are calculated by SHA-1 hashing the primary key's public key and the creation timestamp. A computationally easy way to influence the fingerprint is to tweak the creation timestamp which is a 32 bit Unix epoch value. Of course it needs to be in the past so the range is limited but it's faster to do it this way instead of recomputing the cryptographic key.
yjftsjthsd-h 26 days ago [-]
> the creation timestamp which is a 32 bit Unix epoch value.
GPG keys aren't 2038-safe?
dijit 26 days ago [-]
PGP is pretty old at this point, and kinda jank.
RFC 1991 only gives them 4 bytes (32bit); not sure if there have been any later additions to rectify this but I don’t think so since even the latest RFC (9580) has them listed as 4 bytes…
It's a 32-bit unsigned integer, so that should give us until Feb 2106.
> A time field is an unsigned 4-octet number containing the number of seconds elapsed since midnight, 1 January 1970 UTC.
sedatk 26 days ago [-]
I love that the app has ARM64 builds for Windows. I use a Windows ARM64 laptop daily, and every native ARM64 build I come across brings me joy.
Take note, Discord.
jimjambw 26 days ago [-]
It’s funny (and annoying) the disparity between Arm builds for macOS and Windows. I understand why it happens but even Microsoft has produced Arm native versions of apps for macOS before Windows.
moontear 26 days ago [-]
Discord? Why use the native app instead of just the browser version? Use e.g. Ferdium (https://ferdium.org/) to have all your messaging apps in one place.
that_lurker 26 days ago [-]
Because that way you have everything under one electron app that is maintained by one person.
sedatk 26 days ago [-]
How do you keep the browser version "in tray"?
mbs159 25 days ago [-]
> Take note, Discord.
I highly recommend Legcord[1] - it's a alternative, open-source client that has very good ARM builds
I’m using Legcord at the moment. I’d prefer to use the official client though.
hypercube33 26 days ago [-]
Discord is the worst app on Windows ARM64 right now. Even win32 games run better and faster it's crazy.
jethro_tell 26 days ago [-]
Given a situation in which you have a decent way to guess user names, such as ‘first-initial-lastname’ how much entropy does this take away?
It seems like I’ve seen several of these over the years when a patch to parse comments would probably be simpler and less of an anti-pattern. What am I missing here?
Edit: or a config dir that allows multiple key files.
bspammer 26 days ago [-]
I’m not a crypto expert at all, but surely it takes away no entropy because the fixed prefix is on the public key not the private key?
My reasoning is that the full public key could be seen as a 256 bit fixed prefix, but knowing the public key is meant to give no information about the private key by design.
colanderman 26 days ago [-]
That may be true, but I don't think that it is obviously so.
If it were, then public keys could be shorter by the same amount and still provide the same level of protection.
But by design they are not.
bspammer 25 days ago [-]
I still think my reasoning holds.
Let's say that I magically manage to find a private key whose public key has a chosen prefix that is the entire length of the key - i.e. the entire key is vanity. Something like myveryveryveryverylongvanitypublickey. Is that equivalent to a 0 length public key in terms of security? I'd say obviously not - there is still no way to get started when it comes to finding the private key.
colanderman 24 days ago [-]
If you've found the private key for myveryveryveryverylongvanitypublickey, then so can an adversary.
Perhaps they already have reversed it because they guessed it might be desirable. Or maybe it has numeric properties which make it specifically easy to reverse (perhaps why you were able to discover it yourself).
(Also note that selecting the entire key to be vanity doesn't reduce the entropy to 0, just to the entropy of the vanity phrase. So a full vanity key may be equivalent to something like a 32-bit random public key.)
WarOnPrivacy 26 days ago [-]
Setup my first WG server last month. WG key gen obligingly put an f-bomb by the front of the key. "You're welcome" I said. True story.
kuratkull 26 days ago [-]
I'd like to see mentions/confirmation that it has top-notch randomness so that nobody else can come up with the same keys.
turblety 26 days ago [-]
Would this run faster on a gpu?
nevi-me 26 days ago [-]
Yes, I've generated crypto wallet vanity keys on GPUs (OpenCL) and I'd say it's about 10-20x faster than a CPU depending on which kind of key and how the code's written.
ayastrebov3 26 days ago [-]
[dead]
faeeafeae 26 days ago [-]
[dead]
fdslkfsld 26 days ago [-]
[dead]
ayastrebov2 26 days ago [-]
[dead]
Calwestjobs 26 days ago [-]
[flagged]
theblazehen 26 days ago [-]
No you didn't
Calwestjobs 26 days ago [-]
Sure, he did.
Rendered at 08:14:17 GMT+0000 (UTC) with Wasmer Edge.
[0]: https://github.com/danielewood/vanityssh-go
GPG keys aren't 2038-safe?
RFC 1991 only gives them 4 bytes (32bit); not sure if there have been any later additions to rectify this but I don’t think so since even the latest RFC (9580) has them listed as 4 bytes…
https://datatracker.ietf.org/doc/html/rfc1991
https://www.rfc-editor.org/rfc/rfc9580#section-3.5
> A time field is an unsigned 4-octet number containing the number of seconds elapsed since midnight, 1 January 1970 UTC.
Take note, Discord.
I highly recommend Legcord[1] - it's a alternative, open-source client that has very good ARM builds
1. https://legcord.app/
It seems like I’ve seen several of these over the years when a patch to parse comments would probably be simpler and less of an anti-pattern. What am I missing here?
Edit: or a config dir that allows multiple key files.
My reasoning is that the full public key could be seen as a 256 bit fixed prefix, but knowing the public key is meant to give no information about the private key by design.
If it were, then public keys could be shorter by the same amount and still provide the same level of protection.
But by design they are not.
Let's say that I magically manage to find a private key whose public key has a chosen prefix that is the entire length of the key - i.e. the entire key is vanity. Something like myveryveryveryverylongvanitypublickey. Is that equivalent to a 0 length public key in terms of security? I'd say obviously not - there is still no way to get started when it comes to finding the private key.
Perhaps they already have reversed it because they guessed it might be desirable. Or maybe it has numeric properties which make it specifically easy to reverse (perhaps why you were able to discover it yourself).
(Also note that selecting the entire key to be vanity doesn't reduce the entropy to 0, just to the entropy of the vanity phrase. So a full vanity key may be equivalent to something like a 32-bit random public key.)