Predicting and controlling correlations in differentials of addition mod 2^{n}

Paul Crowley wrote “This is a paper I wrote in collaboration with Scott Fluhrer in 2005. It was not accepted for FSE 2006; it would have been better if I hadn’t waited until 2014 to make it public, but better late than never. It arose from a discovery I made when developing attacks on Salsa20 for “Truncated differential…”

Why I support the US Government making a cryptography standard weaker

Paul Crowley wrote “Documents leaked by Edward Snowden last month reveal a $250M program by the NSA known as Operation BULLRUN, to insert vulnerabilities into encryption systems and weaken cryptography standards. It now seems nearly certain that the NIST-certified random number generator Dual_EC_DRBG, adopted as the default in RSA Security's BSAFE toolkit, contains a back door usable only by the NSA which allows them to predict the entire future output of the generator given only 32 bytes. So it's not the easiest time for NIST to suggest they should make a cryptography standard weaker than it was originally proposed. Nevertheless, I support them in this and I hope they go ahead with it.”

Settling in for election night

Paul Crowley wrote “I had hoped Nate Silver was going to announce explicitly that this was his final pre-election prediction, but less than three and a half hours to go before the first polls close, I think there’s not much time to make another one. I’ve updated the battleground chart with his predictions, and I’ll update it as…”

2012 Obama v Romney election battleground

Paul Crowley wrote “It’s that time again! Here’s a new version, updated for 2012 of my battleground election graphics. Projections are taken, of course, from Nate Silver’s Five Thirty Eight blog at the New York times. I’ve fixed it to handle the fact that states are simply “called” on election night, with no estimate of the margin of…”

Double word squares

Paul Crowley wrote “You start off meaning to contribute a tiny tweak and then forget about it, and you end up spending hours writing reams of multithreaded C code. A friend posted to Twitter asking for help optimizing his code to find double word squares. I spotted a small optimization: instead of copying his working state for his…”

mercurial-server needs a long-term Debian sponsor

Paul Crowley wrote “Thanks to the patient work of Jakub Wilk, mercurial-server 1.2-1 has hit the Debian “unstable” repository, where all being well it should make its way into testing, stable, Ubuntu and so forth. Jakub stepped in at the last minute when I discovered that the project’s previous sponsor, Steve Kemp, had resigned as a Debian developer…”

mercurial-server 1.2 released

Paul Crowley wrote “Version 1.2 of mercurial-server is now available. This fixes a security problem, adds compatibility with Mercurial 1.9 and fixes incompatibilities with older versions of Python, adds MQ compatibility, and some other minor things. Unfortunately it may not immediately enter Debian, because my former sponsor is no longer a Debian developer. If you’re an official Debian…”

A standard log file format?

Paul Crowley wrote “mercurial-server logs every push and pull to the repository. These logs are not just informative, but part of the security it offers; a mercurial revision can trivially be attributed to any user, so if malicious code is added to a repository only the mercurial-server logs carry trustworthy information about the source. It’s therefore especially important…”

mercurial-server version 1.1 released

Paul Crowley wrote “Version 1.1 of mercurial-server is now available. This permits one repository to be in a subdirectory of another, which makes subrepositories more convenient, as well as improvements to logging and documentation. I’ve also included the collection of scripts I use for testing under the “dev” subdirectory in the main repository, though I’d want to clean…”

A two-dimensional swingometer

Paul Crowley wrote “In addition to our swing visualizer in Java, we now have something closer to a two-dimensional swingometer in JavaScript. Not quite as polished as I’d hoped this late, but still useful in an unpredictable election. I hope to be updating both on election night. Suggestions welcome!”