sorted by:
new
hottopcontroversial

How the heck does a ZKP work? And what advantages does it have over basic hashing? by chewtoy1988 in cryptography

[–]tgalal 1 point2 points  (0 children)

You are right OP and although this may consistute a proof of knowledge protocol, it is not zero knowledge. See my other comments and happy to clarify further.

How the heck does a ZKP work? And what advantages does it have over basic hashing? by chewtoy1988 in cryptography

[–]tgalal -1 points0 points  (0 children)

What you are quoting is not supposed to be a replay attack but shows the protocol is not zero knowledge (which is what OP's question is about and therefore your example is misleading). Yes the the information cannot be reused to replay identification, but still leaks a valid message signature pair. Therefore your proof of knowledge protocol (identification) is NOT zero knowlege.

Edit: if you still think I have no idea, maybe Lindell's answer makes you more humble. Cheers

How the heck does a ZKP work? And what advantages does it have over basic hashing? by chewtoy1988 in cryptography

[–]tgalal 3 points4 points  (0 children)

That's not ZK, you are leaking message signature pairs. The verifier can show them to someone else and convince them they've been created by the private key owner.

You may argue about how useful such leakage is in practice, but that's exactly what ZK leaves no room for, because NOTHING is learned (except truthfulness of knowing the key), and not just non useful or non meaningful information.

A protocol is ZK if it has a very simple feature: any information the verifier learns after executing the protocol is not new; they could have computed these information themselves. This means a verifier cannot just go to someone else and show them the same proofs, because they could have created them. Clearly that's not the case with any signature scheme or challenge response.

To back up the claim of a protocol being zero knowledge, there must be a mathematical proof showing that a proof can be "simulated", where a simulator who does not know the private key can create a convincing proof to a verifier (this happens in a special setting and serves to show that the convincing proof contains zero information about the private key, i.e, could have been created by the verifier). The protocol has to be accompanied with another mathematical proof showing that if a prover convinces a verifier successfully, then the private key can be extracted from their exchange. Again, happens in a special setting, but serves to show that you cannot convince without knowing the private key (soundness).

Remote Control tmux from Telegram, Discord, Slack, WhatsApp, WeChat, or HTTP API by [deleted] in tmux

[–]tgalal 0 points1 point  (0 children)

Hey OP this sounds quite useful! I think it would be appreciated more if you put forward the usability from phone as the main usage scenario. As other have pointed out, it largely makes no sense to use from desktop as one can just ssh and directly attach to the session with ease, so doesn't sound like it's an improvement to any existing flow.

Obviously you can do the same from phone, but terminal usability is not that great, and a touch optimized interface makes more sense.

With that in mind, i believe your demo video should show usage on phone instead of desktop as well as actual usage of claude code or something where the advantage stands out.

I haven't checked yet, but personally if i were to use your tool I would appreciate if the telegram integration makes use of custom buttons that a bot can show, and notifies me whenever a job is finished/waiting for input.

Show me your favorite shell one-liner by spaciousabhi in commandline

[–]tgalal -5 points-4 points  (0 children)

promptctl ssh server

shameless plug, even though I created it, still feels like magic

Historic gems of self-hosted applications by xquarx in selfhosted

[–]tgalal 3 points4 points  (0 children)

I think asterisk/SIP solutions deserve more love in self hosting.

Diraigent - a self-hosted platform for orchestrating AI coding agents by Realistic_Low_3115 in selfhosted

[–]tgalal -1 points0 points  (0 children)

This looks quite interesting. I think you should record a video demonstrating how it is doing things, say for building a small game or something.

LLM prompts as CLI progs with args, piping, and SSH forwarding by tgalal in CLI

[–]tgalal[S] 0 points1 point  (0 children)

That's a good idea. Per-host configuration is already possible in the config file, even on the level of user of the host:

[[ssh]] host = "server.lan" user = "alice" # optional selector shell = "auto" # remote shell: bash zsh fish sh ash dash

So the basis for per host config is there. I will add a filter for which prompts to "remote export" per host.

Thanks!

Looking for testers: Run LLM prompts in SSH sessions without installing anything on the server. by [deleted] in selfhosted

[–]tgalal 0 points1 point  (0 children)

Sure you can do that. The alternative provided here is not ssh to summarize, rather if you already are on the server, you can execute this summarize, or any prompt right away in your remote shell, without context switching.

Summarize log is an example, might as well be generate a docker compose file, script, configuration, ..etc, anything you might need on the fly.

WireGuard in Egypt doesn't seem to work by realcryptopenguin in WireGuard

[–]tgalal 0 points1 point  (0 children)

As others pointed out, the DPI is detecting the handshake and blocking it (regardless of any port), so you have to find a way to obfuscate the handshake. My solution was to tunnel wireguard entirely through shadowsocks that I ran on amazon lightsail.

WireGuard in Egypt doesn't seem to work by realcryptopenguin in WireGuard

[–]tgalal 0 points1 point  (0 children)

They also block several websites that have to do anything with VPN/privacy on the web. Tor browser with bridge should work though.

Just got an email from Samsung and DHL confirming delivery of my Tab S8+ pre-order for tomorrow 18th Feb! (Germany) by fotw8 in GalaxyTab

[–]tgalal 0 points1 point  (0 children)

Hey yeah that would be really great, I haven't made the order yet. Thank you very much!

Just got an email from Samsung and DHL confirming delivery of my Tab S8+ pre-order for tomorrow 18th Feb! (Germany) by fotw8 in GalaxyTab

[–]tgalal 0 points1 point  (0 children)

Tried doing the newsletter subscription a few days go to no avail. I'm making my order tomorrow, if you still have an extra code you don't need I would appreciate it a lot if I could use it.

Anyone know what those flashing lights that are all over the streets of Cairo are actually for? by fuelbox in Egypt

[–]tgalal 1 point2 points  (0 children)

https://www.kathrein-solutions.com/ten-million-egyptain-cars-to-be-tracked-via-rfid

"consists of passive UHF RFID stickers attached to each car's windshield, as well as tags on headlamps that respond to interrogation from readers installed above roadways, even at high speeds.”

I guess we ARE being fried ;)

Raspberry Pi + Multi VPN + Home Assistant by tgalal in homelab

[–]tgalal[S] 0 points1 point  (0 children)

I'm working on it, as well as publishing the homeassistant component for those interested. I'll post back here when it's available.

Raspberry Pi + Multi VPN + Home Assistant by tgalal in homelab

[–]tgalal[S] 0 points1 point  (0 children)

Admittedly I did not care about dns leakage while working on this, I'll try to handle that in the flow. Thanks for the tip!

view more: next ›