## share something10

share the coolest thing that you've learned recently

json web tokens can be used to exchange a payload (data) between a client and a server. its paired with a signature to make it resistant to tampering (which means if the payload is modified, then you would be able to tell by verifying it with the signature)

it can be used as a stateless authentication / authorization mechanism. a server can store a user's roles and permissions inside the token (and optionally encrypt the token) so that roles and permissions live within the token and not in a user's session (which can save ram in your cloud server)

it can be used as a stateless authentication / authorization mechanism. a server can store a user's roles and permissions inside the token (and optionally encrypt the token) so that roles and permissions live within the token and not in a user's session (which can save ram in your cloud server)

deletedMay 4, 2020

Here's a little puzzle based on something I read about tonight on an orange website:

There are two town and one mafia sitting together at a table with leak-less whispers on. Gunsmith died last night and may or may not have gunned one of them. The town doesn't like being in a state of uncertainty, and wants to know if there's a gun in play or not before they start scum-hunting, but if there is a gun, they don't want to out who has it to any of the unclear players.

Is there a way the town can do this without a calculator? Without even needing a pen and paper?

There are two town and one mafia sitting together at a table with leak-less whispers on. Gunsmith died last night and may or may not have gunned one of them. The town doesn't like being in a state of uncertainty, and wants to know if there's a gun in play or not before they start scum-hunting, but if there is a gun, they don't want to out who has it to any of the unclear players.

Is there a way the town can do this without a calculator? Without even needing a pen and paper?

deletedMay 4, 2020!

Hint: I got this from the dining cryptographers problem.

Solution: Each pair of two players will use whispers to decide on a random bit (1 or 0) in secret. One way to do this is for both players to to flip a coin (heads being 1 and tails being 0), and share the result with the other in the pair, then xor the bits together (xor is 0 if both bits are the same, or 1 if they're different).

Next, each player will xor the secret bits they share with each partner together, and announce the result if they have no gun, or announce the opposite if they have a gun. So for example if player A agreed on 1 with player B, and 0 with player C, then player A would announce 1 (since xor of 1 and 0 is 1) if they have no gun, and 0 if they have a gun.

Finally, each player xors all three announcements together (1 xor 1 xor 0 = 0 xor 0 = 0 for example). If this result is 0, it means no one got a gun. If it's 1, someone is gunned.

To see how this works, notice that either each of the three pairs got the same shared bit (111 or 000, so they all call out 0) or two are the same and one is different (110 or 001, one player calls out 0 and two players call out 1). In both of these scenarios (000, 011) we have 0 as the final result. However, if someone was gunned, one of those bits is flipped (so 001 or 010), in which case the result is 1. None of the three players can tell who is gunned though because they cannot see the random bit generated by the pair that doesn't include them, they can only see the bits they helped generate.

For anyone who's gotten this far I'll leave it to you to explain why the mafia has no way of thwarting this process without clearing at least one of the town :)

Solution: Each pair of two players will use whispers to decide on a random bit (1 or 0) in secret. One way to do this is for both players to to flip a coin (heads being 1 and tails being 0), and share the result with the other in the pair, then xor the bits together (xor is 0 if both bits are the same, or 1 if they're different).

Next, each player will xor the secret bits they share with each partner together, and announce the result if they have no gun, or announce the opposite if they have a gun. So for example if player A agreed on 1 with player B, and 0 with player C, then player A would announce 1 (since xor of 1 and 0 is 1) if they have no gun, and 0 if they have a gun.

Finally, each player xors all three announcements together (1 xor 1 xor 0 = 0 xor 0 = 0 for example). If this result is 0, it means no one got a gun. If it's 1, someone is gunned.

To see how this works, notice that either each of the three pairs got the same shared bit (111 or 000, so they all call out 0) or two are the same and one is different (110 or 001, one player calls out 0 and two players call out 1). In both of these scenarios (000, 011) we have 0 as the final result. However, if someone was gunned, one of those bits is flipped (so 001 or 010), in which case the result is 1. None of the three players can tell who is gunned though because they cannot see the random bit generated by the pair that doesn't include them, they can only see the bits they helped generate.

For anyone who's gotten this far I'll leave it to you to explain why the mafia has no way of thwarting this process without clearing at least one of the town :)