20200528, 03:30  #23 
"Mihai Preda"
Apr 2015
2105_{8} Posts 
Proof and Primenet
The goal of using the PRPproof with primenet is to eliminate the doublechecks. (I estimate right now 10%20% of the PRP/LL computing power is used for DCs)
The main problem is the size of the proof (e.g. 120MB for a 100M exponent) which makes the internet transfer significant. A secondary question is who contributes the computepower for proof verification. I'll try to enumerate some possibilities. Setup: User X gets assigned a PRP task. Using software A, he starts the PRP test with proof generation, indicating the desired proof power. The PRP test proceeds and saves a large number of residues (needed for proof generation) as it goes along. Afther the PRP test finishes, the proof is generated (by program A) using this PRP data. After the proof is generated, it is verified by A (to make sure that the generation went without issues), after which all the temporary residues that were needed for proof generation are deleted. At this point X has:  the usual oneline JSON result of the PRP test, indicating (among others): composite/probableprime and the res64  the proof, a 120MB file. 1. Local proof verification User X can now do proof verification. For this he uses software B and C, that independently read the proof file and validate it. After validation, B and C sign their results and send them to primenet. (the results being again small JSON files) 2. Primenetcentered verification User X uploads the proof (120MB) to primenet. Primenet queues the proof file for verification. A new task type exists, "proof verification". User Y is assigned the "proof verification" task, he downloads the proof (120MB), verifies it and uploads the result to primenet. At this point primenet has both the initial result from X, and the independent verification from Y. Optionally, primenet can even tripleverify (by user Z) the proof, after which the proof file is deleted from the server to save space or archived. 3. Verifiernode verification User X uploads the proof to a special Verifier server. (the Verifier may run in AWS, and thus have free inbound bandwidth). The Verifier server verifies the proof, twice, using two independent methods. The Verifier signs the results, publishes them to primenet, and removes or archives the proof file. Advantages/disadvantages of these variants to be discussed next. 
20200528, 04:07  #24 
Undefined
"The unspeakable one"
Jun 2006
My evil lair
5,521 Posts 
I would be more comfortable with a more commonly used hash. Like SHA3. That would make it more accessible. All hashes are fast anyway so saying that blake2 is fast isn't really an advantage IMO.
Also, what happens if/when AWS decides to change the policies about inbound vs outbound traffic? I actually think that a 120MB file is a significant hurdle. And the intermediate local storage of 6GB isn't something to be taken lightly either. 
20200528, 06:07  #25  
"Mihai Preda"
Apr 2015
1,093 Posts 
Quote:
Blake2 has an advantage over SHA3 in my eyes: it's already implemented in gpuowl. The implementation was easy. It's smaller that SHA3. I'm open to switching the hash, but I'd need a stronger argement for that. Just to restate, Blake2 is not a niche hash, it's one of the major mainstream crypto hashes. (it may even be more used in products than SHA3) Last fiddled with by preda on 20200528 at 06:21 Reason: fix statement about Blak2 in NIST 

20200528, 06:13  #26 
"Mihai Preda"
Apr 2015
1,093 Posts 
I agree about the size of the proof, and the size of the temporary disk space  they are both [much] larger than I would have liked. A proof does bring major advantages though, so it's a cost we may be willing to pay (or not). That's why I put up for discussion how to integrate it with primenet. My personal favorite would be the "local verification" which bypasses the upload/download issue, but not without tradeoffs.
Last fiddled with by preda on 20200528 at 06:14 
20200528, 06:59  #27  
"Mihai Preda"
Apr 2015
1093_{10} Posts 
Quote:
BTW, reading a bit more, the comparison Blake2 vs. SHA3 looks roughly like this: both are of the same strength, and Blake2b is 3 times as fast as the fastest SHA3 in software. Last fiddled with by preda on 20200528 at 07:01 

20200528, 07:22  #28  
Undefined
"The unspeakable one"
Jun 2006
My evil lair
5,521 Posts 
Quote:
How much reliance upon speed is required of the hash? I would hope that even at 3X speed it would still be only a minor blip in the overall timing. Last fiddled with by retina on 20200528 at 07:23 

20200528, 07:41  #29 
"Mihai Preda"
Apr 2015
1,093 Posts 
For one proof (either construction or verification), the amount of data hashed is about the same as the size of the proof (what is hashed is the residues B and all the middles). So let's say 120MB. Even a slow hash would not be a problem, agreed.

20200528, 08:22  #30 
"Mihai Preda"
Apr 2015
1,093 Posts 
SHA3 vs. Blake2 hash preference
Anybody else has a preference about the hash function to use?
Blake2 is already implemented in gpuowl For SHA3 I found source code that I could incorporate here: https://www.fossilscm.org/home/file.../sha3.c&ci=tip 
20200528, 09:56  #31 
"Composite as Heck"
Oct 2017
11×53 Posts 
OpenSSL is my goto library for crypto and it has SHA3, for future reference mbedtls is a nice library of selfcontained crypto implementations but it doesn't appear to have SHA3. If speed is a primary concern SHA256 is hardware accelerated on modern x86 and lets be honest SHA256 isn't going to be broken in a meaningful way anytime soon. All three suggestions would do the job fine so IMO stick with what you know.

20200528, 15:47  #32  
Sep 2009
2·7·131 Posts 
Quote:
Chris 

20200528, 19:27  #33 
"TF79LL86GIMPS96gpu17"
Mar 2017
US midwest
7711_{8} Posts 

Thread Tools  
Similar Threads  
Thread  Thread Starter  Forum  Replies  Last Post 
phi function  rula  Homework Help  3  20170118 01:41 
delay in crediting?  ixfd64  PrimeNet  7  20081020 20:45 
Why delay between posts?  JHagerson  Forum Feedback  1  20060513 21:30 
Minimum delay between server connections  vaughan  ElevenSmooth  5  20050908 17:17 
Stats delay  ltd  Prime Sierpinski Project  10  20050808 13:38 