ECC Curves: secp256k1 versus secp521r1 -> BitMessage Secure Station

BM-2cWZW87PJN5VZjtJCpk3hXcYefhNCxdjU6
Jul 16 22:18

I agree. Super well written post. I'll add my two cents for the BitMessage Secure Station : And YES, he reminds us (or teaches us) that in cyber-security in general (Including crypto), what we call secure is always based on unproven initial assumptions. For those who read my post ( here: https://blogs.mediapart.fr/stman/blog/090717/torvpn-fingerprinting-family-anonymity-breach-fix-custom-fpga-based-ic ) about the "Tricks" I use to "neutralize" potential FPGA hardware backdoors in the BitMessage Secure Station, it is again made on initial assumptions. But they are never prooven in the way that these assumptions may be indeed partially false, or incomplete. So when we declare a problem solved, it's always in a very strict context. For folks interested in my work, my initial assumptions for my current solution is based on the following assumption in my post : "FPGA Hardware backdoor are a kind remotely controllable JTAG Circuitry through dedicated hidden/side channels, and those side/hidden channels are 'listening' for their data on all IOB's (Input/Output pins) of the FPGA" In order to reach better levels of security, one has to make assumptions more constraining, and check if the solution still work... In my case, it would correspond to adding to the initial assumptions : "... or on all inputs and outputs of all the CLB's (Configurable logic blocks) of the FPGA" Which I did and all my tricks still work, except one I have to rework, but it's done, I just need to correct the text in the post... I'll do it this week. If some reading these lines think it is necessary to add other something in the assumptions made in my work, please do ! Let me know ! It is fucking important.

[chan] bitmessage
BM-2cWy7cvHoq3f1rYMerRJp8PT653jjSuEdY

Subject Last Count
BitMessage crash Nov 18 14:28 2
Tor replacement Nov 18 13:10 4
Alternative Bitmessage port for official assignment with IANA? Nov 18 02:20 1
codewordtest2 Nov 17 21:52 1
bitmessage history Nov 15 08:43 28
stream and pool diagram Nov 12 12:05 21
( ͠° ͟ ʖ ͡°) Nov 10 09:51 2
I'm back. Nov 9 17:55 1
streams and pools Nov 7 01:37 1
How to examine bitmessage objects Nov 7 00:45 5
Tor curve vs bm curve Nov 7 00:45 4
keys.dat values Nov 6 23:16 2
Bitmessage history Nov 6 08:08 9
Pseudo-mailinglist vs chans? Nov 5 21:47 2
bitmessage node rating? Nov 5 21:32 2
can I connect to both onions and standard? Nov 5 19:33 11
Bitmessage won't exit cleanly Nov 4 18:06 2
keys.dat must be encrypted Nov 4 12:09 12
Question Nov 3 20:09 5
It's actually not that hard to de-anonymize someone on bitmessage. Nov 3 19:49 8
It's actually not that hard to de-anonymize someone on Nov 2 14:18 1
Bitmessage snapshots Nov 2 13:14 3
Why chan address? Nov 1 06:26 2
HASH Q Oct 31 21:16 1
bitpetite scam Oct 31 08:34 2
GitHub Supports Islamic Clitoris Removal Oct 31 01:02 14
What exactly is the address of [chan] general? Oct 30 05:29 7
MiNode addr bug Oct 27 11:53 1
Hi, users ! Oct 27 07:18 5
No incoming connections now Oct 26 09:40 33
RE: bitmessage implementation in any other programming language Oct 23 17:01 1
disabled address still working Oct 23 12:47 8
apinotifypath Oct 22 01:11 1
checkdeps.py error Oct 21 22:04 3