LightNews LightNews
zooko2.bsky.social
@zooko2.bsky.social
220 followers 230 following 700 posts
Posts Media Videos Starter Packs
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 13h
omg this is so great! Thank you, Apple! Now can I can work on my laptop in the car without getting nauseated.
1
Reposted
norvid-studies.bsky.social
norvid_studies @norvid-studies.bsky.social · 14h
1 1 6
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 15h
And x.com/jedisct1/sta...
Frank ⚡ on X: "A benchmark of high-performance ciphers for ARM and Intel CPUs: https://t.co/ceASfFcB8e - Data points would be useful, so feel free to run it on your machine (CC=clang make benchmark - please use clang or zig cc) and send the results as a PR." / X
A benchmark of high-performance ciphers for ARM and Intel CPUs: https://t.co/ceASfFcB8e - Data points would be useful, so feel free to run it on your machine (CC=clang make benchmark - please use clang or zig cc) and send the results as a PR.
x.com
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 16h
And you might be interested in this discussion that inspired BESSIE: github.com/BLAKE3-team/...
BLAKE3 should have a committing deterministic authenticated cipher · Issue #138 · BLAKE3-team/BLAKE3
The popular authenticated ciphers AES-GCM and ChaCha/Poly1305 are fast and work well in TLS, but they've seen a variety of issues in incautiously designed systems: forgery by nonce-disrespecting ad...
github.com
1
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 16h
You might also be interested in BESSIE: github.com/oconnor663/b...
GitHub - oconnor663/bessie: an authenticated, chunked cipher based on BLAKE3
an authenticated, chunked cipher based on BLAKE3. Contribute to oconnor663/bessie development by creating an account on GitHub.
github.com
1
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 16h
I was going to skip reposting this because I thought it was mean, then I saw that you were the poster.
1
Reposted
skye.vg
skyevg @skye.vg · 1d
if you for some reason think this is useful:
1) why. why would you use this and not something like ChaCha20Poly1305.
2) this is an exceedingly bad toy impl written by someone with no cryptography training. there seems to be better constructions of BLAKE3 AEADs than.... this bullshit
1 1 1
Reposted
skye.vg
skyevg @skye.vg · 1d
keyed blake3 XOF is basically a stream cipher, keyed blake3 is literally a MAC, I can make an AEAD out of this, so I did just that gist.github.com/vgskye/6253a...
b3b3.rs
GitHub Gist: instantly share code, notes, and snippets.
gist.github.com
1 1 3
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 1d
Um…or maybe a better way to think: your little black book that you keep in your purse and write notes about people you meet… now that we have networks and computers that thing can talk to the little black books of your friends and turn into a better, more usable replacement for the giant phone book.
1 2
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 1d
More pessimistically--and following "Soulbinding Like a State"'s cue--another reason that we have tried global namespaces over and over again for the last 50 years is that businesspeople and policymakers can smell money and power in the global namespace.
1
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 1d
Just rethink everything with the starting point that now that we have networks and computers, the phonebook sitting on the kitchen counter in every home could be a *specific* phonebook created and managed just for the good of this one family.
1
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 1d
I wonder if a lot of our confusion and struggles over this for the last 50 years is due to Rivest, Shamir, and Adleman mentioning in the RSA paper that it needs a "phonebook", and due to the historical fact that those giant paper phonebooks we had when I was a kid were global namespaces.
1
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 1d
Yes.
1 1
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 1d
I would call them "first class" in the sense that they should be central to the UX design, which should be central to the protocol/cryptography/API design. But, I agree that they should be strictly local -- never global.
1
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 2d
Yes, I agree with you and your ex that UX is king. My hypothesis is that local namespaces can produce better UX in addition to their other benefits.
2 2
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 2d
I like this essay. Global namespaces are attractive to software engineers and businesspeople, but not because they are good for users. We need instead to work for the opposite goal: to increase the user’s illegibility.

newsletter.squishy.computer/p/soulbindin...
Soulbinding Like a State
Is acceptably non-dystopian digital identity even possible?
newsletter.squishy.computer
3 3 26
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 2d
One reason I think this is that ripatel_fd went all the way optimizing both SHA256 and BLAKE3 for this usage pattern on x86-64+AVX512 for Solana Firedancer, and the result was that BLAKE3 was much faster: github.com/firedancer-i...
New BLAKE3 implementation by ripatel-fd · Pull Request #6079 · firedancer-io/firedancer
BLAKE3 implementation BLAKE3 LtHash batch parallel BLAKE3 LtHash burst Full rewrite of BLAKE3. Adds an AVX512 batch API that improves LtHash set update throughput from ~1 million per second to ~...
github.com
2
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 2d
Despite this, I think my thread above is still basically correct. Apple Silicon doesn't come with the latest ARM64 vector instructions (SVE/SVE2), but on x86-64 with AVX512 or on ARM64 chips with SVE/SVE2, I think BLAKE3 will beat hardware-accelerated SHA256 in this usage.
1
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 2d
Important correction: Rüdiger put some more software engineering into the SHA256 side of his experiment, and now hardware-accelerated SHA256 *does* beat BLAKE3 in that experiment: x.com/klaehnr/stat... . I think we need to put some more software engineering into the BLAKE3 side on ARM64...
Rüdiger Klaehn on X: "@zooko It's not quite as good. This is comparing with sha2 using default options. If you use the asm feature and run with compile flags to enable SHA2 intrinsics, SHA2 wins again. But still quite impressive I would say. Fast enough that it is very unlikely to be the bottleneck. https://t.co/9e1Z5t2HJX" / X
@zooko It's not quite as good. This is comparing with sha2 using default options. If you use the asm feature and run with compile flags to enable SHA2 intrinsics, SHA2 wins again. But still quite impressive I would say. Fast enough that it is very unlikely to be the bottleneck. https://t.co/9e1Z5t2HJX
x.com
1
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 2d
P.S. I linked to @rklaehn.bsky.social's twitter post above, but here's his bsky post: bsky.app/profile/rkla...
rklaehn.bsky.social rklaehn.bsky.social @rklaehn.bsky.social · 2d
I recently got nerdsniped by @zooko2.bsky.social
into implementing fast BLAKE3 hashing of multiple small blobs.

I wrote a blog post about my experiment.

iroh.computer/blog/hashing...

It would be cool to polish this a bit and turn it into a public API.
Hashing multiple blobs with BLAKE3
How to quickly hash multiple small blobs with BLAKE3
iroh.computer
1 1 1
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 2d
So if you need a secure hash function and you’re concerned about performance, think which pattern your usage fits into and benchmark your specific usage pattern yourself. The argument that SHA256 is faster because of hardware acceleration is mostly incorrect. 👍 🔚
1
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 2d
And again, if CPU makers add hardware acceleration for BLAKE3, this will accelerate it many times over in all three of these patterns of usage. …
1
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 2d
The exact performance depends on a lot of details of hardware design, usage pattern, and software engineering, but I think BLAKE3 will almost always be substantially faster than SHA256 for this use case, even when SHA256 has hardware acceleration and BLAKE3 doesn’t. …
1
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 2d
C. You need to hash a large number of small chunks. This turns out to be a common use case. This is the case where Rüdiger Klaehn’s experiment above shows software BLAKE3 beating hardware-accelerated SHA256 by 5X. …
1
zooko2.bsky.social
zooko2.bsky.social @zooko2.bsky.social · 2d
B. You need to hash a large chunk of data. BLAKE3 always far outstrips SHA256 for this use, and the bigger the data and the more cores you have, the faster BLAKE3 goes. There’s no contest. …
1