minisketch VS simplex-chat

Anyone interested in IBLT with low failure probablity should also be aware of pinsketch and, particularly, our implementation of it: minisketch ( https://github.com/sipa/minisketch/ ).

Our implementation communicates a difference of N b-bit entries with exactly N*b bits with 100% success. The cost for this communications efficiency and reliability is that the decoder takes CPU time quadratic in N, instead of IBLT's linear decoder. However, when N is usually small, if the implementation is fast this can be fine -- especially since you wouldn't normally want to use set recon unless you were communications limited.

Pinsketches and iblt can also be combined-- one can use pinsketches as the cells of an iblt and one can also use a small pinsketch to improve the failure rate of an iblt (since when a correctly sized IBLT fails, it's usually just due to a single undecodable cycle).

Since the protocol appears to use adhoc synchronization, the authors might be interested in https://github.com/sipa/minisketch/ which is a library that implements a data structure (pinsketch) that allows two parties to synchronize their sets of m b-bit elements which differ by c entries using only b*c bits. A naive protocol would use m*b bits instead, which is potentially much larger.

I'd guess that under normal usage the message densities probably don't justify such efficient means-- we developed this library for use in bitcoin targeting rates on the order of a dozen new messages per second and where every participant has many peers with potentially differing sets--, but it's still probably worth being aware of. The pinsketch is always equal or more efficient than a naive approach, but may not be worth the complexity.

The somewhat better known IBLT data structure has constant overheads that make it less efficient than even naive synchronization until the set differences are fairly large (particular when the element hashes are small); so some applications that evaluated and eschewed IBLT might find pinsketch applicable.

I love the set reconciliation structures like the IBLT (Iterative Bloom Lookup Table) and BCH set digests like minisketch.

https://github.com/sipa/minisketch

Lets say you have a set of a billion items. Someone else has mostly the same set but they differ by 10 items. These let you exchange messages that would fit in one UDP packet to reconcile the sets.

Sipa is working on a better version of that for a while. The technical term is a "set reconciliation protocol", but Bitcoin Core been doing a more basic version of this for a while. Note that the "BCH" there isn't the same as Bcash

I'd also have to say that Zig is a pretty neat library for this. In order to implement PBS I needed the MiniSketch-library (written in C/C++) and I'll have to say that integrating with it has been a breeze. Some fiddling in build.zig so that I can avoid Makefile, and after that everything has worked amazingly.

Networks that need to constrain themselves to limited typologies to avoid traffic magnification do so at the expense of robustness, especially against active attackers that grind their identifiers to gain privileged positions.

Maybe this is a space where efficient reconciliation ( https://github.com/sipa/minisketch/ ) could help-- certainly if the goal were to flood messages to participants reconciliation can give almost optimal communication without compromising robustness.

For messaging I'm currently on Olvid (E2E with physical key exchange) but since it still use their servers, I'm currently testing SimpleX where I can host my own servers.

Notice how SimpleX (https://simplex.chat/) has no push notifications by default because of this issue.

I've been using SimpleX [0] with a couple of friends recently. It appears to work as advertised.

[0] https://simplex.chat

If you have a mobile phone number, the domestic intelligence agency knows exactly where you are at all times and any LEO (without a warrant) can also find you. In addition, there have been numerous CCC presentations showing how insecure the global (excluding US) and (separately) US carriers are guilty of promiscuous metadata trafficking ($$) and insecure SS7 setups. As a consequence, for low $, you can go to any one of several shady websites and find the last location of almost any phone number (person unique ID) globally. There are additional varying exploitable vulnerabilities depending on the exact combination of {handset x carrier x country} to impersonate them, tap their line, reveal their exact location, and redirect their phone number through a third-party handset or even a PBX. These are more expensive and some capabilities are forbidden for all but a few selective intelligence uses.

Session (Signal fork) doesn't use phone numbers. It's pretty well-designed overall and uses an onion routing approach. It's already a superset of Signal except it doesn't use phone numbers. https://getsession.org

Also look interesting:

* (unproven) https://www.olvid.io/technology

* (unproven) https://simplex.chat

PS: Using regular TOR on home broadband or cloud servers is relatively risky and inefficient. Sybil attacks on it are common. And to network operators and security agencies it gives an easy "flow tag" of your uplink and exit node data traffic as automatically suspicious.

Why not open up a Feature request on https://github.com/simplex-chat/simplex-chat/issues