Lazy way to cause SHA-256 collisions for lazy evaluators


A padlock engraved into a circuit board.

Humans are lazy. That's why we have computers; to do the boring work for us. I recently downloaded a file. The website said the file should have a SHA-256 hash of: ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb So I ran sha256 filename on my machine. And then lazily compared the hashes. By which I mean "Yeah the first few characters match, as do the last few. It's probably fine." Stupid lazy humans. It's pretty easy to demonstrate that you can take a string, generate a…

Continue reading →

A simple(ish) guide to verifying HTTP Message Signatures in PHP


Screenshot of JSON. As described in text.

Mastodon makes heavy use of HTTP Message Signatures. They're a newish almost-standard which allows a server to verify that a request made to it came from the person who sent it. This is a quick example to show how to verify these signatures using PHP. I don't claim that it covers every use-case, and it is no-doubt missing some weird edge cases. But it successfully verifies messages sent by multiple Fediverse servers. Let's step through it with an example of a message sent from Mastodon to my…

Continue reading →

Offline Digital Currency Transactions


A tiny lego Storm Trooper eats a chocolate coin.

Wouldn't it be good if digital currencies worked offline? I'm going to talk through a proposed user experience, and then discuss how it would work in practice. Let us imagine a future digital currency ₢. It might be fiat, it might be crypto, doesn't really matter. Alice loads up a smartcard with ₢100 and locks it. Alice gives Bob the smartcard. Bob uses offline verification to see that the smartcard contains ₢100 of unspent currency. Bob unlocks the smartcard and transfers the ₢100 to his ow…

Continue reading →

Illegal Hashes


A padlock engraved into a circuit board.

To understand this blog post, you need to know two things. There exists a class of numbers which are illegal in some jurisdictions. For example, a number may be copyrighted content, a decryption key, or other text considered illegal. There exists a class of algorithms which will take any arbitrary data and produce a fixed length text from it. This process is known as "hashing". These algorithms are deterministic - that is, entering the same data will always produce the same hash. Let's take …

Continue reading →

How does Shamir's Secret Sharing deal with the Murder on the Orient Express Problem?


A padlock engraved into a circuit board.

Shamir's Secret Sharing (henceforth "SSS") is clever. Far too clever for most people to understand - but let's give it a go. Suppose you have a super-secure password for a Really Important Thing. Th15IsMyP4s5w0rd!123 You can remember this - because you're awesome. But it might be a good idea to share the password with someone else, just in case. Of course, if you share it with one person, they'll be able to use it. No good! So you split the password into several overlapping pieces and give…

Continue reading →

Staking Claims with Scheduled Tweets


The Twitter logo.

Twitter has a nifty new feature which allows you to schedule the publication of a Tweet. But, crucially, it doesn't let the reader know when the message was originally written. How can you, as a publisher, prove that you wrote a scheduled Tweet at a specific time? Here's one method. Write a Tweet which contains a timestamp - "This is my message 2020-08-17" Generate a hash of the message - SHA256: BAE149775399E3AEBC9DEF9D4D4468C9217593B58B76655F479C9CEE4FF73CBA Post the hash to Twitter.…

Continue reading →

Why API responses should be signed


Doctor Who holding a glowing key

I'm going to start this discussion with the why and then move on to the how. Let's begin with a couple of user stories. As the recipient of some data, I want to verify that it hasn't been tampered with. and As the recipient of some data, I want to verify who originally published it. Here's why I think this is important. We are in an era of fake news. A screenshot can be easily altered. A webpage is trivial to edit. But data should be provably true. Recently, a prominent person's…

Continue reading →

Things For Which Cryptographic Signing Would Be Useful


Every time someone mentions BlockChain, I have to down my drink. Those are the rules. You see, most uses of Distributed Ledger are really just a way to get people interested in cryptographic signing. There's lots of money and attention flowing to projects which have no need to publish to an energy-inefficient global database. They would be better suited to public-key cryptography. Let me give you an example, then we'll dive in to some details. Recently, I needed to prove that I went to…

Continue reading →