This meme was created by my daughter Raelani, with the help of our cat, Albus. Assorted detritus were provided by my son Elliott (at least, I think that is his coat and shoes).

## Meme of the day by Raelani

2019/10/25## Home Economics Likebez

2019/09/16I will start with a quote from the #Trilema Log^{1}:

mircea_popescu:Let's do some practical home economics likbez:IF the problem is that the currency is shit (which is strictly what "rising rents" means: if rents are rising, THEREFORE the currency is shit. if urine is sweet, THEREFORE diabethes, no iffs or butts about it, these are NOT separable), then owning real estate is a very poor solution: real estate follows the currency secular trend if currency is strong and stays strong, real estate goes up in value, which is how owning land in republican Rome or expansive Venice paid out. If however the currency flags, real estate forthwith moves into emergency monetization role, meaning you want to short it as part of a triple currency play. (Which is why us banks LEND you houses: it's the other part of their international trade where they borrow hard currency.)

That was part 1, as to financials.

IF you are a young man, and are producing more than consuming (if not, please follow the recipe

^{2}for gender re-assignment, you don't belong here), you should save ~in capital goods~ specifically ~of your trade~. That's what you do with every dime you can save: you buy your own tools! to become journeyman! If you're making a living driving a car, you buy CARS. if you're making a living fixing cars, you buy forklifts and power tools. The only 20-something who can reasonably buy real estate is... a pimp. If you're not a fucking pimp, you don't buy real estate in your 20s. and if you are a pimp, you buy in fucking Baltimore, you buy in the blighted downtown of Detroit^{3}or Philly or whatever the shit. NOT crap in suburbia; and in any case you don't buy crap made ~for you~ by people who ~you do not know~. What the fuck, are you retarded ? if people who you don't know are making things for you, the name for the thing they're making is A TRAP. Either you buy made to order like my serb friends^{4}, or else you buy leftover brownstone nobody else wants, etcetera. what the fuck, this is novel to someone ?! Why, because "do we still have to" read 1700s state of the art textbooks on personal conduct ?That was part 2, as to journeyman economic conduct.

If you're a young man, YOU DO NOT BUY ILLIQUID, NON-NEGOTIABLE ANYTHING!!!! I don't mean, with money. I mean with anything. You have enough sense to keep your sexual relationships at will rather than get fucking married, fine, but the same applies throughout. Buying "a house" from "the bank" is THE EXACT EQUIVALENT of giving your savings to your dad "to hold on to them for you". what the fuck, are you twelve? Things flow the other way, your aging dad gives you the duchy of Cornwall for you to hold on to for him, what the fuck is this ? and if dad ~dun have~ a duchy of Cornwall large enough to keep you occupied, ~you leave~. and you spit on his head, too, because HE FAILED in life. Because this was his fucking job: by the time the sons he made were old enough to do something useful with his time, he was supposed to have so much fucking land and chattels as to be desperate for loyal hands, and more than happy to "go, take x, hang yourself with it, holy hell finally!" as a young orphan with potential, you keep to negotiable instruments. that's why the young men of Florence who did get to be old men and successful enough as to buy up all the young cunts for gold to all the failures' despair went into trade rather than bureaucracy! NEGOTIABLE. If whatever the fuck it is "you have" can't be ~sold~, on the ~open market~, YOU ARE NOT INTERESTED IN IT. You will be interested, of course, BUT FIVE DECADES HENCE. When you're old. Then the sort of non-negotiable commitment makes sense. Not in your fucking 20s, so spare me with all the "jobs" you can not sell (yes, this is what "working remote" IS, SELLING IT!!!), all the "college degrees" worth 0 on auction, and all the etcetera.

This was part 3, as to commercial aptitude.

There's more, and besideswhich a lot more to all of these foregoing parts, but holy hell... seriously, nobody ever thinks of things or what is the problem here !?

Back in 2005 when I was young and stupid, my wife and I were told that our apartment rent would be going up (I don't remember exactly, but it was somewhere in the 10-15% range). So we decided that we should buy a house, avoiding rising rents was one of the reasons. Another reason being that we would save up some money as equity; the price of houses in the Lansing area had been consistently rising for 20 years, and we wanted to tap in on that wave. We were college students with part-time jobs, but we didn't have any negatives on our credit report, so we somehow qualified for a mortgage. This was a 0% down mortgage, what they do is artificially inflate the price of the house and roll things like closing costs into the amount you are borrowing from the bank. Turns out we bought right at the top of the housing bubble, and five years later when we wanted to move the house was only worth a quarter of what we paid for it. At that point, we would have been much better off if we had just kept renting.

Having had our credit trashed by the housing fiasco, we rented for a while when we moved to Midland. When we bought a house again, we approached it very differently. Instead of looking at it as an investment, we tried to find the best way to maximize our return on our expense. We found a house that we will be comfortable in at least until we retire. We could have gotten a bigger house in a nicer neighborhood according to the "budget" that the real estate agent so helpfully suggested to us, but instead we chose one that fit into our own budget. And now we pay the same amount monthly for our mortgage that we did for our rental, but the house is twice as big^{5}. My point is, in some situations it makes sense to buy a house, but not in every situation.

We also purchased some commercial real estate for my wife's business^{6}. This would go along with Mircea's part two above. Her business involves teaching music lessons, so we have invested in the building and the instruments to make that possible. As they say, you can't get rich making money for somebody else.

- I have made some minor edits to change it from IRC format to paragraph format. [↩]
- snsabot: Logged on 2018-01-08 12_21_33 btcvixen: Yes it does, as my government id says _Sex_ F_ [↩]
- About 2011 I was looking into the real estate market in Detroit, since at that point I was working in the Detroit Suburbs and that would have been a short commute. My impression was that although the house prices were low the taxes are really high, so you don't actually end up saving money in the long run. There is also the matter of schools, Detroit schools are absolutely worthless. But then I got a job in Midland, so I never really finished that line of research. [↩]
- snsabot: Logged on 2018-11-25 13:50:17 a111: Logged on 2014-09-10 15:02 mircea_popescu: well yeah. was a bunch o people, they got building permit and proceeded to built like at home. concrete pillars, brick walls etc. [↩]
- We had a fourth child since moving to Midland, and now we have teen-agers, so having more space is a good thing. [↩]
- Really, it is
*our*business since we are co-owners, but I think of it as her business because she is the one doing most of the work. I give general advice on big decisions, and any light handiwork gets dumped on me, but mostly it is her thing. [↩]

## Definition: Man-Bun

2019/09/15Today my son and I were eating lunch, and we decided that we needed to appropriate and redefine the term "man-bun". So from this point forward, a man-bun is not some sort of fru-fru fluff ball bunched on the back of a guy's head. A man bun is a piece of bread with a pile of meat, cheese, and bacon inside.

Elliott had a **man-bun** for lunch today.

## Signatures for FFA

2019/09/12I have been reading and signing the FFA series by asciilifeform. I have read the whole series as they have been published, and I have been signing them as I feel like I understand what is happening in each patch. I intended to get through the whole series before publishing this blog post, but as I have gone some time without adding any signatures I figured I should go ahead an make this post with the signatures that I already have.

These are signatures of the keccak versions of the vpatches. The patches can conveniently be viewed using the btcbase.org patch viewer.

- ffa_ch1_genesis.kv.vpatch.peterl.sig (text version)
- ffa_ch2_logicals.kv.vpatch.peterl.sig (text version)
- ffa_ch3_shifts.kv.vpatch.peterl.sig (text version)
- ffa_ch4_ffacalc.kv.vpatch.peterl.sig (text version)
- ffa_ch5_egypt.kv.vpatch.peterl.sig (text version)
- ffa_ch6_simplest_rsa.kv.vpatch.peterl.sig (text version)
- ffa_ch7_turbo_egyptians.kv.vpatch.peterl.sig (text version)
- ffa_ch8_randomism.kv.vpatch.peterl.sig (text version)
- ffa_ch9_exodus.kv.vpatch.peterl.sig (text version)
- ffa_ch10_karatsuba.kv.vpatch.peterl.sig (text version)
- ffa_ch11_tuning_and_api.kv.vpatch.peterl.sig (text version)
- ffa_ch12_karatsuba_redux.kv.vpatch.peterl.sig (text version)
- ffa_w_borrow_expr.kv.vpatch.peterl.sig (text version)
- ffa_ch13_measure_and_qshifts.kv.vpatch.peterl.sig (text version)

## Constructing Digital Signatures from One Way Function

2019/08/19Op. 52

Constructing Digital Signatures from One Way Function

Leslie Lamport

Computer Science Laboratory

SRI International

18 October 1979

CSL 98

333 Ravenswood Ave. Menlo Park, California 94025

(415) 326-6200 Cable: SRI INTL MPK TWX: 910-373-1246

### 1. Introduction

A digital signature created by sender P for a document m is data item o_{p}(m) having the property that upon receiving m and o_{p}(m) one can determine (and if necessary prove in court of law) that P generated the document m .

A one way function is function that is easy to compute, but whose inverse is difficult to compute^{1}. More precisely one way function T is a function from set of data objects to a set of values having the following two properties:

- Given any value v , it is computationally infeasible to find a data object d such that T(d) = v .
- Given any data object d , it is computationally infeasible to find a different data object d' such that T(d') = T(d) .

If the set of data objects is larger than the set of values, then such a function is sometimes called one way hashing function.

We will describe a method for constructing digital signatures from such a one way function T . Our method is an improvement of a method devised by Rabin^{2}. Like Rabin's, it requires the sender P to deposit a piece of data o in some trusted public repository for each document he wishes to sign. This repository must have the following properties:

- o can be read by anyone who wants to verify P's signature.
- It can be proven in court of law that P was the creator of o .

Once o has been placed in the repository, P can use it to generate a signature for any single document he wishes to send.

Rabin's method has the following drawbacks not present in ours.

- The document must be sent to single recipient Q , who then requests additional information from P to validate the signature. P cannot divulge any additional validating information without compromising information that must remain private to prevent someone else from generating new document m' with valid signature o
_{p}(m'). - For a court of law to determine if the signature is valid, it is necessary for P to give the court additional private information.

This has the following implications.

- P -- or a trusted representative of P must be available to the court.
- P must maintain private information whose accidental disclosure would enable someone else to forge his signature on a document.

With our method, P generates a signature that is verifiable by anyone, with no further action on P's part. After generating the signature, P can destroy the private information that would enable someone else to forge his signature. The advantages of our method over Rabin's are illustrated by the following considerations when the signed document m is a check from P payable to Q .

- It is easy for Q to endorse the check payable to third party R by sending him the signed message "make m payable to R ". However, with Rabin's scheme, R cannot determine if the check m was really signed by P , so he must worry about forgery by Q as well as whether or not P can cover the check. With our method, there is no way for Q to forge the check, so the endorsed check is as good as check payable directly to R signed by P . (However, some additional mechanism must be introduced to prevent Q from cashing the original check after he has signed it over to R .)
- If P dies without leaving the executors of his estate the information he used to generate his signatures, then Rabin's method cannot prevent Q from undetectably altering the check m -- for example, by changing the amount of money payable. Such posthumous forgery is impossible with our method.
- With Rabin's method, to be able to successfully challenge any attempt by Q to modify the check before cashing it, P must maintain the private information he used to generate his signature. If anyone (not just Q ) stole that information, that person could forge a check from P payable to him. Our method allows P to destroy this private information after signing the check.

### 2. The Algorithm

We assume a set M of possible documents, set K of possible keys^{3}, and set V of possible values. Let S denote the set of all subsets of {1, ... , 40} containing exactly 20 elements. (The numbers 40 and 20 are arbitrary, and could be replaced by 2n and n. We are using these numbers because they were used by Rabin, and we wish to make it easy for the reader to compare our method with his.)

We assume the following two functions.

- A function F : K → V with the following two properties:
- Given any value v in V , it is computationally infeasible to find a key k in K such that F(k) = v .
- For any small set of values v
_{1}, ... , v_{m}, it is easy to find a key such that F(k) is not equal to any of the v_{i}.

- A function G : M → S with the property that given any document m in M , it is computationally infeasible to find document m' ≠ m such that G(m') = G(m)

For the function F , we can use any one way function T whose domain is the set of keys. The second property of F follows easily from the second property of the one way function T . We will discuss later how the function G can be constructed from an ordinary one way function.

For convenience, we assume that P wants to generate only a single signed document. Later, we indicate how he can sign many different documents. The sender P first chooses 40 keys k_{i} such that all the values F(k_{i}) are distinct. (Our second assumption about F makes this easy to do.) He puts in public repository the data item o = (F(k_{1}), ... , F(k_{40})) . Note that P does not divulge the keys k_{i} , which by our first assumption about F cannot be computed from o .

To generate a signature for a document m , P first computes G(m) to obtain a set [i_{1}, ... , i_{20}] of integers. The signature consists of the 20 keys k_{i1}, ... , k_{i20} . More precisely, we have o_{p}(m) = (k_{i1}, ... , k_{i20}) , where the i_{j} are defined by the following two requirements:

- G(m) = {i
_{1}, ... , i_{20}} - i
_{1}< ... < i_{20}

After generating the signature, P can destroy all record of the 20 keys k_{s} with s not in G(m) .

To verify that 20-tuple (h_{1}, ... , h_{20}) is valid signature o_{p}(m) for the document m, one first computes G(m) to find the i_{j} and then uses o to check that for all j , h_{j} is the i_{j}^{th} key. More precisely, the signature is valid if and only if for each j with 1 ≤ j ≤ 20 : F(h_{j}) → o_{ij} , where o_{i} denotes the i^{th} component of o , and the i_{j} are defined by the above two requirements.

To demonstrate that this method correctly implements digital signatures, we prove that it has the following properties.

- If P does not reveal any of the keys k
_{i}, then no-one else can generate valid signature o_{p}(m) for any document m . - If P does not reveal any of the keys k
_{j}except the ones that are contained in the signature o_{p}(m) , then no-one else can generate valid signature o_{p}(m') for any document m' ≠ m .

The first property is obvious, since the signature o_{p}(m) must contain 20 keys k_{i} such that F(k_{i}) = o_{i} , and our first assumption about F states that it is computationally infeasible to find the keys k_{i} just knowing the values F(k_{i}) .

To prove the second property, note that since no-one else can obtain any of the keys k_{i} , we must have o_{p}(m') = o_{p}(m) . Moreover, since the o_{i} are all distinct, for the validation test to be passed by o_{p}(m') we must also have G(m') = G(m) . However, our assumption about G states that it is computationally infeasible to find such document m' . This proves the correctness of our method.

For P to send many different documents, he must use a different o for each one. This means that there must be sequence of 40-tuples o_{1}, o_{2}, ... and the document must indicate which o_{i} is used to generate that document's signature. The details are simple, and will be omitted.

### 3. Constructing the Function G

One way functions have been proposed whose domain is the set of documents and whose range is a set of integers of the form {0, ... , 2^{n} - 1} for any reasonably large value of n . (It is necessary for n to be large enough to make exhaustive searching over the range of T computationally infeasible.) Such functions are described in [1] and [2]. The obvious way to construct the required function G is to let T be such a one way function, and define G(m) to equal R(T(m)) , where R : {0, ... , 2^{n} - 1} → S .

It is easy to construct function R having the required range and domain. For example, one can compute R(s) inductively as follows:

- Divide s by 40 to obtain quotient q and a remainder r
- Use r to choose an element x from {1, ... , 40} (This is easy to do, since 0 ≤ r ≤ 40.)
- Use q to choose 19 elements from the set {1, ... , 40} - {x} as follows:
- Divide q by 39 to obtain quotient ...

It requires careful analysis of the properties of the one way function T to be sure that the resulting function G has the required property. We suspect that for most one way functions T , this method would work. However, we cannot prove this.

The reason constructing G in this manner might not work is that the function R from {0, ... , 2^{n}} into S is a many to one mapping, and the resulting "collapsing" of the domain might defeat the one way nature of T . However, it is easy to show that if the function R is one to one, then property (ii) of T implies that G has the required property. To construct G we need only find an easily computable one to one function R from {0, ... , 2^{n} - 1} into S , for a reasonably large value of n .

We can simplify our task by observing that the function G need not be defined on the entire set of documents. It suffices that for any document m , it is easy to modify m in a harmless way to get new document that is in the domain of G. For example, one might include a meaningless number as part of the document, and choose different values of that number until he obtains a document that is in the domain of G . This is an acceptable procedure if (i) it is easy to determine whether a document is in the domain, and (ii) the expected number of choices one must make before finding a document in the domain is small.

With this in mind, we let n = 40 and define R(s) as follows: if the binary representation of s contains exactly 20 ones, then R(s) = {i : the i^{th} bit of s equals one} , otherwise R(s) is undefined. Approximately 13% of all 40 bit numbers contain exactly 20 ones. Hence, if the one way function T is sufficiently randomizing, there is a 0.13 probability that any given document will be in the domain of G . This means that randomly choosing documents (or modifications to a document), the expected number of choices before finding one in the domain of G is approximately 8. Moreover, after 17p choices, the probability of not having found document in the domain of G is about 1/10^{p}. (If we use 60 keys instead of 40, the expected number of choices to find document in the domain becomes about 10, and 22p choices are needed to reduce the probability of not finding one to 1/10^{p}.)

If the one way function T is easy to compute, then these numbers indicate that the expected amount of effort to compute G is reasonable. However, it does seem undesirable to have to try so many documents before finding one in the domain of G . We hope that someone can find more elegant method for constructing the function G , perhaps by finding a one to one function R which is defined on a larger subset of {0, ... , 2^{n}} .

Note; We have thus far insisted that G(m) be a subset of {1, ... , 40} consisting of exactly 20 elements. It is clear that the generation and verification procedure can be applied if G(m) is any proper subset. An examination of our correctness proof shows that if we allow G(m) to have any number of elements less than 40, then our method would still have the same correctness properties if G satisfies the following property:

- For any document m , it is computationally infeasible to find a different document m' such that G(m') is a subset of G(m) .

By taking the range of G to be the collection of 20 element subsets, we insure that G(m') cannot be proper subset of G(m) . However, it may be possible to construct a function G satisfying this requirement without constraining the range of G in this way.

-------

Editors note: Some characters in the original paper were changed to members of the Roman alphabet.

- Diffie, W. and Hellman, M. "New Directions in Cryptography".
*IEEE Trans. on Information Theory IT-22*(November 1976), 644-654. [↩] - Rabin, M. "Digitalized Signatures", in
*Foundations of Secure Computing*, Academic Press (1978), 155-168. [↩] - The elements of K are not keys in the usual cryptographic sense, but are arbitrary data items. We call them keys because they play the same role as the keys in Rabin's algorithm. [↩]

## 2020 Presidential Candidates

2019/08/05The United States will have its 4-year presidential election next year. Here are my thoughts on the candidates running for the position.

On the Republican side, there is Donald Trump. I do not see any way that anybody else gets the nomination. Unseating a sitting president is unheard of^{1}, and the republican base seems fairly happy with Trump's performance, so we can assume that Trump will get the nomination. There are some aspects of Trump's administration that I like (like the nomination of Gorsuch to the supreme court), and he has not done as many bad things as his opponents claimed he would do when he was elected, so although he has a way of making every subject a source of drama I would not be horribly disappointed to see him win another four year term.

The Democrats seem to be using the strategy of throwing everything they can at the electorate and seeing if anything sticks. There is Obama's VP Joe Biden for the people who pine for the good old days days of the Obama administration before the racists took over our country. There are Senators Elizabeth Warren and ~~Kirsten Gillibrand~~^{2} for people who really liked Hillary Clinton and like to point out by how much she won the popular vote. There are old candidates (Gravel is 89, apparently still alive ~~and sort of running~~^{3} ) and young candidates (Gabbard is only 38). There are good looking candidates (Tulsi Gabbard might be the first presidential candidate anyone would want to see in a bikini) and ugly candidates (ahem, most of them, but I'm thinking of Kamala Harris here). And there are candidates from a variety of races (White, Hispanic, Black, Asian, Samoan, Indian, etc). There is even a mix of people with lots of political experience, like Bernie Sanders who has been in the Senate longer than I have been alive, down to people like Yang who have never been elected to a political office before. And the candidates are proposing free stuff in just as much diversity: free college, free healthcare, free $1000 per month to everybody, free housing, and probably more that I have forgotten.

The big problem is that the field is just too big. Democrats are struggling to get behind a candidate because there are too many of them running. And that problem is exacerbated by the media who seem to think each of these people have a chance at winning the nomination. While I like a couple proposals (which I will go into below) from some of these dark horses, at some point you just have to be honest and only list the people who have a serious chance. Looking back on recent history (post WWII), people who get elected president, or even nominated, have been one of four things: vice president from a previous administration^{4}, governor of a state^{5}, US senator^{6}, or already have nation-wide name recognition^{7}. Even using these criteria, there are still Biden (VP), ~~Bullock~~^{8}, ~~Inslee~~^{9}, ~~Hickenlooper~~^{10}, Patrick^{11} (governors), and Bennet, ~~Booker~~^{12}, ~~Gillibrand,~~ ~~Gravel,~~ ~~Harris,~~^{13} Klobuchar, Sanders, Warren (senators), that's still ~~twelve~~ ~~eleven~~ ~~nine~~ ~~eight~~ ~~nine~~ ~~seven~~ **six** people, which should be plenty to pick between.

Speaking of a couple of the long-shot candidates, I like Gabbard's stance on reigning in the US military and cutting back on military spending. And I like Castro's stance on loosening immigration laws. I see immigration as a good thing. While both of these are only polling in the low single digits, they would make good vice-presidential candidates to offset an older presidential candidate.

- The last time a sitting president was not re-nominated by their party was Grover Cleveland in 1896 [↩]
**Update 2019-08-29:**Gillibrand just dropped out. [↩]**Update:**Looks like Gravel just dropped out. [↩]- VP's: Truman, Johnson, Nixon, Humphery, Ford, Mondale, Bush I [↩]
- Governors: Dewey, Stevenson, Carter, Reagan, Dukakis, B Clinton, Bush II, Romney [↩]
- Senators: Kennedy, Goldwater, Dole, Kerry, McCain, Obama, H Clinton [↩]
- Had name recognition: Eisenhower - General in WWII and helped start NATO, Perot - billionaire oil tycoon, Trump - millionaire and TV personality [↩]
**Update:**Bullock dropped out. [↩]**Update:**Inslee dropped out. [↩]**Update:**Hickenlooper dropped out. [↩]**Update:**Deval Patrick joined the race. [↩]**Update 2020-01-13:**Booker Dropped out [↩]**Update:**Harris drops out. [↩]

## Korihor

The teachings of Korihor^{1}:

O ye that are bound down under a foolish and a vain hope, why do ye yoke yourselves with such foolish things? Why do ye look for a Christ? No man can know of anything which is to come.

Behold, these things which ye call prophecies, which ye say are handed down by holy prophets, behold, they are foolish traditions of your fathers.

How do ye know of their surety? Behold, ye cannot know of things which ye do not see; therefore ye cannot know that there shall be a Christ.

Ye look forward and say that ye see a remission of your sins. But behold, it is the effect of a frenzied mind; and this derangement of your minds comes because of the traditions of your fathers, which lead you away into a belief of things which are not so.

There can be no atonement made for the sins of men, but every man fares in this life according to the management of the creature; therefore every man prospers according to his genius, and every man conquers according to his strength; and whatsoever a man does is no crime.

When a man is dead, that is the end thereof.

Why do I go about perverting the ways of the Lord? Why do I teach this people that there shall be no Christ, to interrupt their rejoicings? Why do I speak against all the prophecies of the holy prophets? Because I do not teach the foolish traditions of your fathers, and because I do not teach this people to bind themselves down under the foolish ordinances and performances which are laid down by ancient priests, to usurp power and authority over them, to keep them in ignorance, that they may not lift up their heads, but be brought down according to thy words.

Ye say that this people is a free people. Behold, I say they are in bondage. Ye say that those ancient prophecies are true. Behold, I say that ye do not know that they are true.

Ye say that this people is a guilty and a fallen people, because of the transgression of a parent. Behold, I say that a child is not guilty because of its parents.

And ye also say that Christ shall come. But behold, I say that ye do not know that there shall be a Christ.

And ye say also that he shall be slain for the sins of the world — And thus ye lead away this people after the foolish traditions of your fathers, and according to your own desires; and ye keep them down, even as it were in bondage, that ye may glut yourselves with the labors of their hands, that they durst not look up with boldness, and that they durst not enjoy their rights and privileges.

Yea, they durst not make use of that which is their own lest they should offend their priests, who do yoke them according to their desires, and have brought them to believe, by their traditions and their dreams and their whims and their visions and their pretended mysteries, that they should, if they did not do according to their words, offend some unknown being, who they say is God — a being who never has been seen or known, who never was nor ever will be.

- The Book of Mormon, Alma, Chapter 30. [↩]