Security Cryptography Whatever
About
Available on
Community
41 episodes
(NSFW) Three AI-generated guests rank cryptography things into a tier list. Play along at home and make your own tier list: https://tiermaker.com/create/cryptography-15683166 This episode is definitely not safe for work and definitely a parody. Do not base your decision in the 2024 election off of this podcast episode. No campaigns have endorsed this podcast. "Security Cryptography Whatever" is hosted by Deirdre Connolly https://twitter.com/durumcrustulum (@durumcrustulum), Thomas Ptacek https://twitter.com/tqbf (@tqbf), and David Adrian https://twitter.com/davidcadrian (@davidcadrian)
Apple iMessage is getting a big upgrade! Not only are they rolling out ratcheting, but they’re going post-quantum, AND they’re doing post-quantum ratcheting! Douglas Stebila joined us to talk about his security analysis of the new PQ3 protocol update and not indulge our wild Apple speculations: Transcript: https://securitycryptographywhatever.com/2024/03/03/post-quantum-imessage-with-douglas-stebila/ Links: - https://security.apple.com/blog/imessage-pq3/ - Security analysis of the iMessage PQ3 protocol https://security.apple.com/assets/files/A_Formal_Analysis_of_the_iMessage_PQ3_Messaging_Protocol_Basin_et_al.pdf - Ratcheting design: https://eprint.iacr.org/2024/220.pdf - When Messages are Keys: Is HMAC a dual-PRF?: https://eprint.iacr.org/2023/861.pdf - Real World Deniability in Messaging: https://eprint.iacr.org/2023/403.pdf - Padmé: https://www.petsymposium.org/2019/files/papers/issue4/popets-2019-0056.pdf - Max Headroom: https://www.youtube.com/watch?v=cYdpOjletnc - Extended Canetti-Krawczyk model: https://iacr.org/archive/eurocrypt2001/20450451.pdf - Douglas Stebila: https://www.douglas.stebila.ca/ "Security Cryptography Whatever" is hosted by Deirdre Connolly https://twitter.com/durumcrustulum (@durumcrustulum), Thomas Ptacek https://twitter.com/tqbf (@tqbf), and David Adrian https://twitter.com/davidcadrian (@davidcadrian)
We welcome Franziskus and Karthik from Cryspen to discuss their new high-assurance implementation of ML-KEM (the final form of Kyber), discussing how formal methods can both help provide correctness guarantees, security assurances, and performance wins for your crypto code! Transcript: https://securitycryptographywhatever.com/2024/01/29/high-assurance-kyber/ Links: - https://cryspen.com/post/ml-kem-implementation/ - https://github.com/cryspen/libcrux/ - https://github.com/formosa-crypto/libjade - https://cryspen.com/post/pqxdh/ - https://eprint.iacr.org/2023/1933.pdf - Franziskus Kiefer: https://franziskuskiefer.de/ - Karthik Bhargavan: https://bhargavan.info/ "Security Cryptography Whatever" is hosted by Deirdre Connolly https://twitter.com/durumcrustulum (@durumcrustulum), Thomas Ptacek https://twitter.com/tqbf (@tqbf), and David Adrian https://twitter.com/davidcadrian (@davidcadrian)
Facebook Messenger has finally been end-to-end encrypted, a couple of years after Mark Zuckerberg announced it! Plus Instagram DMs are trialing ephemeral E2EE DMs too! We invited on Jon Millican and Timothy Buck from Meta to discuss this major cross-platform endeavor, and how David Bowie fits into their personal Labyrinth. Transcript: https://securitycryptographywhatever.com/2023/12/28/e2ee-fb-messenger/ Links: - https://www.facebook.com/notes/2420600258234172 - https://eprint.iacr.org/2022/1044.pdf - https://engineering.fb.com/2023/12/06/security/building-end-to-end-security-for-messenger/ - https://www.theverge.com/2023/12/6/23991501/facebook-messenger-default-end-to-end-encryption-meta - https://www.threads.net/@jonmillican/post/C0kQPAyoFpr - https://engineering.fb.com/wp-content/uploads/2023/12/MessengerEnd-to-EndEncryptionOverview_12-6-2023.pdf - https://engineering.fb.com/wp-content/uploads/2023/12/TheLabyrinthEncryptedMessageStorageProtocol_12-6-2023.pdf - https://engineering.fb.com/2022/03/10/security/code-verify/ - https://chrome.google.com/webstore/detail/code-verify/llohflklppcaghdpehpbklhlfebooeog "Security Cryptography Whatever" is hosted by Deirdre Connolly https://twitter.com/durumcrustulum (@durumcrustulum), Thomas Ptacek https://twitter.com/tqbf (@tqbf), and David Adrian https://twitter.com/davidcadrian (@davidcadrian)
Returning champion Martin Albrecht joins us to help explain how we measure the security of lattice-based cryptosystems like Kyber and Dilithium against attackers. QRAM, BKZ, LLL, oh my! Transcript: https://securitycryptographywhatever.com/2023/11/13/lattice-attacks/ Links: - https://pq-crystals.org/kyber/index.shtml - https://pq-crystals.org/dilithium/index.shtml - https://eprint.iacr.org/2019/930.pdf - https://en.wikipedia.org/wiki/Short_integer_solution_problem - Frodo: https://eprint.iacr.org/2016/659 - https://csrc.nist.gov/CSRC/media/Events/third-pqc-standardization-conference/documents/accepted-papers/ribeiro-saber-pq-key-pqc2021.pdf - https://en.wikipedia.org/wiki/Hermite_normal_form - https://en.wikipedia.org/wiki/Wagner%E2%80%93Fischer_algorithm - https://www.math.auckland.ac.nz/~sgal018/crypto-book/ch18.pdf - https://eprint.iacr.org/2019/1161 - QRAM: https://arxiv.org/abs/2305.10310 - https://en.wikipedia.org/wiki/Lenstra%E2%80%93Lenstra%E2%80%93Lov%C3%A1sz_lattice_basis_reduction_algorithm - MATZOV improved dual lattice attack: https://zenodo.org/records/6412487 - https://eprint.iacr.org/2008/504.pdf - https://eprint.iacr.org/2023/302.pdf "Security Cryptography Whatever" is hosted by Deirdre Connolly https://twitter.com/durumcrustulum (@durumcrustulum), Thomas Ptacek https://twitter.com/tqbf (@tqbf), and David Adrian https://twitter.com/davidcadrian (@davidcadrian)
Were back! Signal rolled out a protocol change to be post-quantum resilient! Someone was caught intercepting Jabber TLS via certificate transparency! Was the same-origin policy in web browers just a dirty hack all along? Plus secure message format formalisms, and even more beating of the dead horse that is E2EE in the browser. Transcript: https://securitycryptographywhatever.com/2023/11/07/PQXDH-etc Links: - https://zfnd.org/so-you-want-to-build-an-end-to-end-encrypted-web-app/ - https://github.com/superfly/macaroon - https://cryspen.com/post/pqxdh/ - https://eprint.iacr.org/2023/1390.pdf "Security Cryptography Whatever" is hosted by Deirdre Connolly https://twitter.com/durumcrustulum (@durumcrustulum), Thomas Ptacek https://twitter.com/tqbf (@tqbf), and David Adrian https://twitter.com/davidcadrian (@davidcadrian)
We explore how the NIST curve parameter seeds were generated, as best we can, with returning champion Steve Weis! “At the point where we find an intelligible English string that generates the NIST P-curve seeds, nobody serious is going to take the seed provenance concerns seriously anymore.” Transcript: https://securitycryptographywhatever.com/2023/10/12/the-nist-curves Links: - Steve’s post: https://saweis.net/posts/nist-curve-seed-origins.html - ANSI X9.62 ECDSA: https://safecurves.cr.yp.to/grouper.ieee.org/groups/1363/private/x9-62-09-20-98.pdf / FIPS 186-2 https://csrc.nist.gov/files/pubs/fips/186-2/final/docs/fips186-2.pdf - “A RIDDLE WRAPPED IN AN ENIGMA”: https://eprint.iacr.org/2015/1018.pdf - https://arstechnica.com/information-technology/2015/01/nsa-official-support-of-backdoored-dual_ec_drbg-was-regrettable/ - https://www.muckrock.com/foi/united-states-of-america-10/origin-of-fips-186-4-elliptic-curves-over-prime-field-seed-parameters-national-institute-of-standards-and-technology-78756/ - https://www.muckrock.com/foi/united-states-of-america-10/origin-of-fips-186-4-elliptic-curves-over-prime-field-seed-parameters-national-security-agency-78755/ - Filippo’s bounty: https://words.filippo.io/dispatches/seeds-bounty/ - Recommendations for Discrete Logarithm-based Cryptography: Elliptic Curve Domain Parameters - NIST 800-186 with Curve25519 and friends - RFC 8422: Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) Versions 1.2 and Earlier - https://www.rfc-editor.org/rfc/rfc4492#section-6 - https://blog.cryptographyengineering.com/2017/12/19/the-strange-story-of-extended-random/ - https://en.wikipedia.org/wiki/Bullrun_(decryption_program) - https://en.wikipedia.org/wiki/BSAFE - https://sockpuppet.org/blog/2015/08/04/is-extended-random-malicious/ "Security Cryptography Whatever" is hosted by Deirdre Connolly https://twitter.com/durumcrustulum (@durumcrustulum), Thomas Ptacek https://twitter.com/tqbf (@tqbf), and David Adrian https://twitter.com/davidcadrian (@davidcadrian)
Were back from our summer vacation! Were covering a bunch of stuff we saw and did: Transcript: https://securitycryptographywhatever.com/2023/09/13/cruel-summer/ Links: - Zenbleed: https://lock.cmpxchg8b.com/zenbleed.html - Downfall: https://downfall.page - Post-quantum Yubikeys: https://security.googleblog.com/2023/08/toward-quantum-resilient-security-keys.html "Security Cryptography Whatever" is hosted by Deirdre Connolly https://twitter.com/durumcrustulum (@durumcrustulum), Thomas Ptacek https://twitter.com/tqbf (@tqbf), and David Adrian https://twitter.com/davidcadrian (@davidcadrian)
What does P vs NP have to do with cryptography? Why do people love and laugh about the random oracle model? Whats an oracle? What do you mean factoring and discrete log dont have proofs of hardness? How does any of this cryptography stuff work, anyway? We trapped Steve Weis into answering our many questions. Transcript: https://securitycryptographywhatever.com/2023/06/29/why-do-we-think-anything-is-secure-with-steve-weis/ Links: - The Random Oracle Methodology, Revisited: https://eprint.iacr.org/1998/011.pdf - Factoring integers with CADO-NFS: https://www.ens-lyon.fr/LIP/AriC/wp-content/uploads/2015/03/JDetrey-tutorial.pdf - On One-way Functions from NP-Complete Problems: https://eprint.iacr.org/2021/513.pdf - Seny Kamaras lecture notes on provable security: https://cs.brown.edu/~seny/2950-v/2-provablesecurity.pdf - How To Simulate It – A Tutorial on the Simulation Proof Technique: https://eprint.iacr.org/2016/046.pdf - A Survey of Leakage-Resilient Cryptography: https://eprint.iacr.org/2019/302 - A Decade of Lattice Cryptography: https://eprint.iacr.org/2015/939.pdf "Security Cryptography Whatever" is hosted by Deirdre Connolly https://twitter.com/durumcrustulum (@durumcrustulum), Thomas Ptacek https://twitter.com/tqbf (@tqbf), and David Adrian https://twitter.com/davidcadrian (@davidcadrian)
Are Twitter’s new encrypted DMs unreadable even if you put a gun to Elon’s head? We invited Matthew Garrett on to do a deep decompiled dive into what kind of cryptography actually shipped. Transcript: https://securitycryptographywhatever.com/2023/05/29/elons-encrypted-dms-with-matthew-garrett/ Links: https://mjg59.dreamwidth.org/66791.html https://help.twitter.com/en/using-twitter/encrypted-direct-messages https://www.techdirt.com/2023/05/11/twitter-launches-not-actually-encrypted-encrypted-dms/ BrokenKDF2BytesGenerator: https://github.com/bcgit/bc-java/blob/master/prov/src/main/java/org/bouncycastle/jce/provider/BrokenKDF2BytesGenerator.java#L70 Analysis from sweis: https://twitter.com/sweis/status/1657082478727933954?s=20 https://signal.org/docs/specifications/x3dh/ https://signal.org/docs/specifications/doubleratchet/ https://support.signal.org/hc/en-us/articles/360007059752-Backup-and-Restore-Messages Trail of Bits has not audited nor signed a contract yet, per Platformer: https://www.platformer.news/p/why-you-cant-trust-twitters-encrypted "Security Cryptography Whatever" is hosted by Deirdre Connolly https://twitter.com/durumcrustulum (@durumcrustulum), Thomas Ptacek https://twitter.com/tqbf (@tqbf), and David Adrian https://twitter.com/davidcadrian (@davidcadrian)
WhatsApp has announced they’re rolling out key transparency! Doing this at WhatsApp-scale (aka billions and biiillions of keys) is a significant task, so we talked to Jasleen Malvai and Kevin Lewi about how it works. Transcript: https://securitycryptographywhatever.com/2023/05/06/whatsapp-key-transparency Links: https://engineering.fb.com/2023/04/13/security/whatsapp-key-transparency/ https://github.com/facebook/akd Parkeet: https://eprint.iacr.org/2023/081.pdf CONIKS: https://eprint.iacr.org/2014/1004.pdf SEEMless: https://eprint.iacr.org/2018/607.pdf WhatsApp Security Whitepaper: https://www.whatsapp.com/security/WhatsApp-Security-Whitepaper.pdf Keybase key transparency: https://book.keybase.io/docs/server "Security Cryptography Whatever" is hosted by Deirdre Connolly https://twitter.com/durumcrustulum (@durumcrustulum), Thomas Ptacek https://twitter.com/tqbf (@tqbf), and David Adrian https://twitter.com/davidcadrian (@davidcadrian)
Messaging Layer Security (MLS) 1.0 is (basically) here! We invited Raphael Robert, coauthor of the MLS specification to explain it to us and answer our annoying questions (read: why does this exist?) Transcript: https://securitycryptographywhatever.com/2023/04/22/mls/ Links: - https://messaginglayersecurity.rocks/ - https://messaginglayersecurity.rocks/mls-protocol/draft-ietf-mls-protocol.html - https://messaginglayersecurity.rocks/mls-architecture/draft-ietf-mls-architecture.html - https://github.com/openmls/openmls - https://eprint.iacr.org/2022/1533.pdf - https://eprint.iacr.org/2020/1327.pdf - https://eprint.iacr.org/2022/559.pdf - https://signal.org/docs/ - https://en.wikipedia.org/wiki/Key_encapsulation_mechanism - https://twitter.com/beurdouche/status/1220617962182389760 - https://messaginglayersecurity.rocks/mls-protocol/draft-ietf-mls-protocol.html#mls-ciphersuites - https://www.ietf.org/archive/id/draft-ietf-mls-federation-02.html - https://datatracker.ietf.org/wg/mimi/documents/ - https://competition-policy.ec.europa.eu/dma/dma-workshops/interoperability-workshop_en - Yes in the protocol document this is 1.0: https://messaginglayersecurity.rocks/mls-protocol/draft-ietf-mls-protocol.html#section-6 "Security Cryptography Whatever" is hosted by Deirdre Connolly https://twitter.com/durumcrustulum (@durumcrustulum), Thomas Ptacek https://twitter.com/tqbf (@tqbf), and David Adrian https://twitter.com/davidcadrian (@davidcadrian)
Real World Cryptography 2023 is happening any moment now in Tokyo. Also, some phone basebands are broken. LINKS __ __ TRANSCRIPT: https://securitycryptographywhatever.com/2023/03/24/rwc-2023/ "Security Cryptography Whatever" is hosted by Deirdre Connolly https://twitter.com/durumcrustulum (@durumcrustulum), Thomas Ptacek https://twitter.com/tqbf (@tqbf), and David Adrian https://twitter.com/davidcadrian (@davidcadrian)
Another day, another ostensibly secure messenger that quails under the gaze of some intrepid cryptographers. This time, its Threema, and the gaze belongs to Kenny Patterson, Scarlata Matteo, and Kien Tuong Truong from ETH Zurich. Get ready for some stunt cryptography, like 2 Fast 2 Furious stunts. Transcript: https://share.descript.com/view/FrejxahpsGD Links: https://breakingthe3ma.app/ https://threema.ch/press-files/2_documentation/cryptography_whitepaper.pdf https://threema.ch/en/blog/posts/ibex "Security Cryptography Whatever" is hosted by Deirdre Connolly https://twitter.com/durumcrustulum (@durumcrustulum), Thomas Ptacek https://twitter.com/tqbf (@tqbf), and David Adrian https://twitter.com/davidcadrian (@davidcadrian)
Theres a paper that claims one can factor a RSA-2048 modulus with the help of a 372-qubit quantum computer. Are we all gonna die? Also some musings about Bruce Schneier. Transcript: https://beta-share.descript.com/view/JQL7kRwgfJa Links: https://arxiv.org/pdf/2212.12372.pdf https://eprint.iacr.org/2021/232.pdf https://github.com/lducas/SchnorrGate https://sweis.medium.com/did-schnorr-destroy-rsa-show-me-the-factors-dcb1bb980ab0 https://www.schneier.com/blog/archives/2023/01/breaking-rsa-with-a-quantum-computer.html https://scottaaronson.blog/?p=6957 "Security Cryptography Whatever" is hosted by Deirdre Connolly https://twitter.com/durumcrustulum (@durumcrustulum), Thomas Ptacek https://twitter.com/tqbf (@tqbf), and David Adrian https://twitter.com/davidcadrian (@davidcadrian)
David and Deirdre gab about some stuff we didnt get to or just recently happened, like Tailscales new Tailnet Lock, the Okta breach, what the fuck CISOs are for anyway, Rust in Android and Chrome, passkeys support, and of course, SBF. TRANSCRIPT: https://beta-share.descript.com/view/i75G8aN6BLi LINKS: https://tailscale.com/blog/tailnet-lock/ https://security.googleblog.com/2022/12/memory-safe-languages-in-android-13.html https://groups.google.com/a/chromium.org/g/chromium-dev/c/0z-6VJ9ZpVU "Security Cryptography Whatever" is hosted by Deirdre Connolly https://twitter.com/durumcrustulum (@durumcrustulum), Thomas Ptacek https://twitter.com/tqbf (@tqbf), and David Adrian https://twitter.com/davidcadrian (@davidcadrian)
We talk to Kevin Riggle (@kevinriggle https://twitter.com/kevinriggle) about complexity and safety. We also talk about the Twitter acquisition. While recording, we discovered a new failure mode where Kevin couldnt hear Thomas, but David and Deirdre could, so theres not much Thomas this episode. If you ever need to get Thomas to voluntarily stop talking, simply mute him to half the audience! https://twitter.com/kevinriggle TRANSCRIPT: https://beta-share.descript.com/view/WTrQGK4xEVj ERRATA __ __ LINKS __ __ "Security. Cryptography. Whatever." is hosted by Deirdre Connolly https://twitter.com/durumcrustulum (@durumcrustulum), Thomas Ptacek https://twitter.com/tqbf (@tqbf), and David Adrian https://twitter.com/davidcadrian (@davidcadrian).
No not the movie: the secure group messaging protocol! Or rather all the bugs and vulns that a team of researchers found when trying to formalize said protocol. Martin Albrecht and Dan Jones joined us to walk us through "Practically-exploitable Cryptographic Vulnerabilities in Matrix". LINKS: __ __ TRANSCRIPT: https://beta-share.descript.com/view/u3VFzjvqrql "Security. Cryptography. Whatever." is hosted by Deirdre Connolly https://twitter.com/durumcrustulum, Thomas Ptacek https://twitter.com/tqbf, and David Adrian https://twitter.com/davidcadrian.
We have Sarah Harvey (@worldwise001 https://twitter.com/worldwise001 on Twitter) to talk about SOC2, what it means, how to get it, and if its important or not. The discussion centers around two blog posts written by Thomas: __ __ LINKS: __ __ "Security. Cryptography. Whatever." is hosted by Deirdre Connolly https://twitter.com/durumcrustulum, Thomas Ptacek https://twitter.com/tqbf, and David Adrian https://twitter.com/davidcadrian. TRANSCRIPT: https://beta-share.descript.com/view/XF24jrLSOX9
This episode got delayed because David got COVID. Anyway, heres Nate Lawson: The Two Towers. __ __ "Security. Cryptography. Whatever." is hosted by Deirdre Connolly https://twitter.com/durumcrustulum, Thomas Ptacek https://twitter.com/tqbf, and David Adrian https://twitter.com/davidcadrian. TRANSCRIPT: https://share.descript.com/view/0KOcX9TR05p ERRATA: __ __
We bring on Nate Lawson of Root Labs to talk about a little bit of everything, starting with cryptography in the 1990s. REFERENCES __ __ ERRATA __ __ "Security. Cryptography. Whatever." is hosted by Deirdre Connolly https://twitter.com/durumcrustulum, Thomas Ptacek https://twitter.com/tqbf, and David Adrian https://twitter.com/davidcadrian. TRANSCRIPT: https://share.descript.com/view/lhzrbt6hDeL
Are the isogenies kaput?! Theres a new attack that breaks all the known parameter sets for SIDH/SIKE, so Steven Galbraith helps explain where the hell this came from, and where isogeny crypto goes from here. TRANSCRIPT: https://share.descript.com/view/Xiv307FvOPA MERCH: https://merch.scwpodcast.com https://merch.scwpodcast.com/ LINKS: __ __ "Security. Cryptography. Whatever." is hosted by Deirdre Connolly https://twitter.com/durumcrustulum, Thomas Ptacek https://twitter.com/tqbf, and David Adrian https://twitter.com/davidcadrian.
Adam Langley (Google) comes on the podcast to talk about the evolution of WebAuthN and Passkeys! Davids audio was a little finicky in this one. Believe us, it sounded worse before we edited it. Also, we occasionally accidentally refer to U2F as UTF. Thats because we just really love strings. TRANSCRIPT: https://share.descript.com/view/pBAXADn8gKW LINKS: __ __ DON'T FORGET ABOUT MERCH! https://merch.securitycryptographywhatever.com/ "Security. Cryptography. Whatever." is hosted by Deirdre Connolly https://twitter.com/durumcrustulum, Thomas Ptacek https://twitter.com/tqbf, and David Adrian https://twitter.com/davidcadrian.
Side channels! Frequency scaling! Key encapsulation, oh my! Were talking about the new Hertzbleed paper, but also cryptography conferences, passkeys, and end-to-end encrypting yer twitter.com DMs. TRANSCRIPT: https://share.descript.com/view/lPM4lsxha63 LINKS: __ __ MERCH: https://merch.scwpodcast.com https://merch.scwpodcast.com/ "Security. Cryptography. Whatever." is hosted by Deirdre Connolly https://twitter.com/durumcrustulum, Thomas Ptacek https://twitter.com/tqbf, and David Adrian https://twitter.com/davidcadrian.
The US government released a memo https://www.whitehouse.gov/wp-content/uploads/2022/01/M-22-09.pdf about moving to a zero-trust network architecture. What does this mean? We have one of the authors, Eric Mill https://konklone.com/, on to explain it to us. As always, your @SCWPod https://twitter.com/scwpod hosts are Deirdre Connolly (@durumcrustulum https://twitter.com/durumcrustulum), Thomas Ptacek (@tqbf https://twitter.com/tqbf), and David Adrian (@davidcadrian https://twitter.com/davidcadrian). Transcript: https://share.descript.com/view/UayEVA596OK Links: __ __ __ __
We talk about Tink with Sophie Schmieg, a cryptographer and algebraic geometer at Google. Transcript: https://beta-share.descript.com/view/v2Q5Ix8pvbD Links: __ __ "Security. Cryptography. Whatever." is hosted by Deirdre Connolly https://twitter.com/durumcrustulum, Thomas Ptacek https://twitter.com/tqbf, and David Adrian https://twitter.com/davidcadrian.
Live from Amsterdam, its cancellable crypto hot takes! A fun little meme, plus a preview of the Real World Crypto program! Transcript: https://share.descript.com/view/GiVlw4qKV2i Links: Tonys twete: https://twitter.com/bascule/status/1512539700220805124 Real World Crypto 2022: https://rwc.iacr.org/2022 Merch! https://merch.scwpodcast.com Find us at: https://twitter.com/scwpod https://twitter.com/durumcrustulum https://twitter.com/tqbf https://twitter.com/davidcadrian
Were back! With an episode on lattice-based cryptography, with Professor Chris Peikert of the University of Michigan, Davids alma mater. When we recorded this, Michigan football had just beaten Ohio for the first time in a bajillion years, so you get a nerdy coda on college football this time! Transcript: https://share.descript.com/view/El2a4Z7OLsd Links: He Gives C-Sieves on the CSIDH: https://eprint.iacr.org/2019/725 Lattice-based Cryptography: https://cims.nyu.edu/~regev/papers/pqc.pdf NIST PQC Competition: https://csrc.nist.gov/Projects/post-quantum-cryptography The 2nd Bar Ilan Winter School on Cryptography Lattice- Based Cryptography and Applications: https://www.youtube.com/playlist?list=PL8Vt-7cSFnw2OmpCmPLLwSx0-Yqb2ptqO A Decade of Lattice Cryptography: https://eprint.iacr.org/2015/939.pdf Find us at: https://twitter.com/scwpod https://twitter.com/durumcrustulum https://twitter.com/tqbf https://twitter.com/davidcadrian
Weve trashed JWTs, discussed PASETO, Macaroons, and now, Biscuits! Actually, multiple iterations of Biscuits! Pairings and gamma signatures and Datalog, oh my! 🍪 Transcript: https://beta-share.descript.com/view/jHZJPab0n4g Links: BISCUITS V2: HTTPS://WWW.BISCUITSEC.ORG https://www.biscuitsec.org/ EXPERIMENTS ITERATING ON BISCUITS: HTTPS://GITHUB.COM/BISCUIT-AUTH/BISCUIT/TREE/MASTER/EXPERIMENTATIONS https://github.com/biscuit-auth/biscuit/tree/master/experimentations Apache Pulsar: HTTPS://PULSAR.APACHE.ORG https://pulsar.apache.org/ Spec: HTTPS://GITHUB.COM/BISCUIT-AUTH/BISCUIT/BLOB/MASTER/SPECIFICATIONS.MD https://github.com/biscuit-auth/biscuit/blob/master/SPECIFICATIONS.md Find us at: https://twitter.com/scwpod https://twitter.com/durumcrustulum https://twitter.com/tqbf https://twitter.com/davidcadrian
“Can I Tailscale my Chromecast?” You love Tailscale, I love Tailscale, we loved talking to Avery Pennarun and Brad Fitzpatrick from Tailscale about, I dunno, Go generics. Oh, and TAILSCALE! And DNS. And WASM. People: __ __ Links: __ __ Transcript: https://share.descript.com/view/2NAe5jEcEqB
