There already exist cross-compilers (e.g. http://sun.hasenbraten.de/vbcc/ and various amiga-gcc versions). vAmos is more for the case where you want to use an Amiga-native compiler (say SAS/C…
Amiga Forever is a distribution of software (Amiga ROMs and OS disks) and a full system emulator: CPU, custom chips (graphics/sound/..) etc. It allows you to emulate various Amiga systems completely. vAmos is just CPU…
Size optimizing assembly code finds use in a variety of places. Demoscene for size constrained things is one of them, but also "hacking"/exploits and of course "whitehat" stuff (patches / compiler optimization etc).
I understand what you're getting at, but in this case even I (who know what most things on that page means) struggle to understand why it was submitted. Are we looking for the 0E opcode? New optimization opportunities?…
The link is to an opcode map with strange abbreviations with no apparent explanation. Asking "What am I looking at?" without doing any research (with a LLM or otherwise) is entirely reasonable.
Not sure why you're being downvoted. You need a to know quite a bit of esoteric knowledge to parse this beyond knowing x86 opcodes (even x86 assembly). It's more or less the same information you get from the intel…
No, it's due to the construction of bcrypt - it ends up using the password more or less directly as the key for blowfish (the underlying cipher) which is why the limit is there. Check wikipedia for details.
bcrypt is based on the blowfish cipher which "only" support keys up to 576 bits (72 bytes) in length (actually only 448 bits as spec'ed). Wikipedia has all the details.
> moduli generated by OpenSSL will always have the high bit set Correct for 1024, but... openssl genrsa 1023 | openssl rsa -text -noout :) Also just noticed that openssl rsa actually has a -modulus switch so you can…
The standard format for RSA private keys is ASN.1 (https://www.rfc-editor.org/rfc/rfc8017#appendix-C) with the components encoded as INTEGERs. An INTEGER is always signed in ASN.1, so you need the leading 0 byte if the…
Not really the ethos of C(++), though of course this particular bug would be easily caught by running a debug build (even 20 years ago). However, this being a game "true" debug builds were probably too slow to be…
Good luck! As the sibling comment mentions, Asm-Pro is IMO a good choice these though it requires KSv2+ (so you can't use it on an stock A500). I mostly use vasm for "larger" stuff though…
Update: a1=-1 is a bad choice of test value (0 is much better), as it won't show the issue if present! However, it doesn't change the outcome of the test on 060, but I would have noticed that 020 is affected as well (as…
Rev5 "full" 060 (not EC/LC). Quick capture of crappy methodology: https://imgur.com/a/XwQ1Tnp (PCR with revision number is in d0)
Have an Amiga w/ 060, and that instruction doesn't seem to modify any A registers. (Only did a very quick test of those exact instruction words)
Thanks, understand what you mean. I probably botched the 1/4 probability thing, was thinking 4^-60 gives 2^-120 bit assurance (roughly, security margin in my mind), and an extra round would quadruple it, but doesn't…
Thanks for the reply (and it definitely answers my original question). For both short-lived keys, and where production time matters it makes perfect sense. I was mostly thinking about the scenario where you're…
I don't pretend to understand all the involved math, but what I'm trying to say is that as far as I understand T rounds gives 4^-T probability that we've chosen a "bad" prime (really composite) per normal Miller-Rabin…
The BSI recommendation I linked says 60 times here (considering the worst case and the security level they're targeting). Just wondering why we'd want to do less for a (presumably rare) one-time operation.
I happened to look at this recently, and while I understand the argument (but not the math) of having to do fewer Miller-Rabain rounds, why would you do so in PRACTICAL settings? Unlike ECC you're likely only generating…
Great article and analysis as always, thanks! Somewhat crazy to remember that a (as you argue) minor CPU erretum made world wide headlines. So many worse ones out there (like you mention from Intel) but others as well,…
Thing is that isn't a single unified Amiga community with a clear goal. Roughly speaking you have people who (like this project) want to keep the "OS/UI experience" and move that forward to newer architectures and build…
Simplified: Traditional SIM card is "smart" card with a chip (exactly like modern credit cards) from your network operator that gives access to mobile network(s). The chip has software + data that allows this. eSIM:…
Once the drive is spinning that doesn't matter though. Floppies are slow by modern standards mostly because you only get a new (decoded) bit around every 2nd (or for DD drives 4th) microsecond, and the drive takes some…
The addressing modes do exist on 68020+ (https://www.nxp.com/files-static/archives/doc/ref_manual/M68... section 2.2), but I don't think any compiler will generate them (even with -mcpu=68020) as I think they're not…
There already exist cross-compilers (e.g. http://sun.hasenbraten.de/vbcc/ and various amiga-gcc versions). vAmos is more for the case where you want to use an Amiga-native compiler (say SAS/C…
Amiga Forever is a distribution of software (Amiga ROMs and OS disks) and a full system emulator: CPU, custom chips (graphics/sound/..) etc. It allows you to emulate various Amiga systems completely. vAmos is just CPU…
Size optimizing assembly code finds use in a variety of places. Demoscene for size constrained things is one of them, but also "hacking"/exploits and of course "whitehat" stuff (patches / compiler optimization etc).
I understand what you're getting at, but in this case even I (who know what most things on that page means) struggle to understand why it was submitted. Are we looking for the 0E opcode? New optimization opportunities?…
The link is to an opcode map with strange abbreviations with no apparent explanation. Asking "What am I looking at?" without doing any research (with a LLM or otherwise) is entirely reasonable.
Not sure why you're being downvoted. You need a to know quite a bit of esoteric knowledge to parse this beyond knowing x86 opcodes (even x86 assembly). It's more or less the same information you get from the intel…
No, it's due to the construction of bcrypt - it ends up using the password more or less directly as the key for blowfish (the underlying cipher) which is why the limit is there. Check wikipedia for details.
bcrypt is based on the blowfish cipher which "only" support keys up to 576 bits (72 bytes) in length (actually only 448 bits as spec'ed). Wikipedia has all the details.
> moduli generated by OpenSSL will always have the high bit set Correct for 1024, but... openssl genrsa 1023 | openssl rsa -text -noout :) Also just noticed that openssl rsa actually has a -modulus switch so you can…
The standard format for RSA private keys is ASN.1 (https://www.rfc-editor.org/rfc/rfc8017#appendix-C) with the components encoded as INTEGERs. An INTEGER is always signed in ASN.1, so you need the leading 0 byte if the…
Not really the ethos of C(++), though of course this particular bug would be easily caught by running a debug build (even 20 years ago). However, this being a game "true" debug builds were probably too slow to be…
Good luck! As the sibling comment mentions, Asm-Pro is IMO a good choice these though it requires KSv2+ (so you can't use it on an stock A500). I mostly use vasm for "larger" stuff though…
Update: a1=-1 is a bad choice of test value (0 is much better), as it won't show the issue if present! However, it doesn't change the outcome of the test on 060, but I would have noticed that 020 is affected as well (as…
Rev5 "full" 060 (not EC/LC). Quick capture of crappy methodology: https://imgur.com/a/XwQ1Tnp (PCR with revision number is in d0)
Have an Amiga w/ 060, and that instruction doesn't seem to modify any A registers. (Only did a very quick test of those exact instruction words)
Thanks, understand what you mean. I probably botched the 1/4 probability thing, was thinking 4^-60 gives 2^-120 bit assurance (roughly, security margin in my mind), and an extra round would quadruple it, but doesn't…
Thanks for the reply (and it definitely answers my original question). For both short-lived keys, and where production time matters it makes perfect sense. I was mostly thinking about the scenario where you're…
I don't pretend to understand all the involved math, but what I'm trying to say is that as far as I understand T rounds gives 4^-T probability that we've chosen a "bad" prime (really composite) per normal Miller-Rabin…
The BSI recommendation I linked says 60 times here (considering the worst case and the security level they're targeting). Just wondering why we'd want to do less for a (presumably rare) one-time operation.
I happened to look at this recently, and while I understand the argument (but not the math) of having to do fewer Miller-Rabain rounds, why would you do so in PRACTICAL settings? Unlike ECC you're likely only generating…
Great article and analysis as always, thanks! Somewhat crazy to remember that a (as you argue) minor CPU erretum made world wide headlines. So many worse ones out there (like you mention from Intel) but others as well,…
Thing is that isn't a single unified Amiga community with a clear goal. Roughly speaking you have people who (like this project) want to keep the "OS/UI experience" and move that forward to newer architectures and build…
Simplified: Traditional SIM card is "smart" card with a chip (exactly like modern credit cards) from your network operator that gives access to mobile network(s). The chip has software + data that allows this. eSIM:…
Once the drive is spinning that doesn't matter though. Floppies are slow by modern standards mostly because you only get a new (decoded) bit around every 2nd (or for DD drives 4th) microsecond, and the drive takes some…
The addressing modes do exist on 68020+ (https://www.nxp.com/files-static/archives/doc/ref_manual/M68... section 2.2), but I don't think any compiler will generate them (even with -mcpu=68020) as I think they're not…