If you really must support RSA in 2022, here’s some things to keep in mind. | Continue reading
HKDF has poorly-understood subtleties. Let’s explore them in detail. | Continue reading
Threema boldly claims to be more secure than Signal. Does this hold up to scrutiny? | Continue reading
Just to assuage any panic, let me state this up front. If you’re reading this blog post wondering if your Lobste.rs account is at risk, good news: I didn’t publish it until after the vu… | Continue reading
Last week, Floridians were startled by an emergency alert sent to all of our cell phones. Typically when this sort of alert happens, it’s an Amber Alert, which means a child was abducted. In … | Continue reading
Programmers don’t understand hash functions, and I can demonstrate this to most of the people that will read this with a single observation: When you saw the words “hash function”… | Continue reading
Wherein some furry casually saves a University tens of thousands of dollars on a NIST SP 800-171 audit they were doomed to fail anyway. | Continue reading
Canonicalization Attacks occur when a protocol that feeds data into a hash function used in a MAC or Digital Signature calculation fails to ensure some property that’s expected of the overall… | Continue reading
A trivial proof for the Collatz conjecture that doesn’t fuss around with cycles. | Continue reading
Briefly explaining the Infursec prevalence within InfoSec | Continue reading
An Internet Marketer Offered Me $100 to Betray Myself and My Community | Continue reading
#WhyIGotVaxxed | Continue reading
Normally when you see an article that talks about cryptocurrency come across your timeline, you can safely sort it squarely into two camps: For and Against. If you’re like me, you might even … | Continue reading
Boycott Zed Shaw’s writing. (With bonus zero-days in his work.) | Continue reading
Tales from the Crypt[ography]. | Continue reading
RSA is for encrypting symmetric keys, not entire messages. Pass it on. | Continue reading
Imagine you’re a software developer, and you need to authenticate users based on a username and password. If you’re well-read on the industry standard best practices, you’ll proba… | Continue reading
Governments are back on their anti-encryption bullshit again. Between the U.S. Senate’s “EARN IT” Act, the E.U.’s slew of anti-encryption proposals, and Australia’s ne… | Continue reading
Earlier this week, security researcher Ryan Castellucci published a blog post with a somewhat provocative title: DKIM: Show Your Privates. After reading the ensuing discussions on Hacker News and R… | Continue reading
Zoom recently announced that they were going to make end-to-end encryption available to all of their users–not just customers. This is a good move, especially for people living in countries w… | Continue reading
Zoom recently announced that they were going to make end-to-end encryption available to all of their users–not just customers. This is a good move, especially for people living in countries w… | Continue reading
This is the first entry in a (potentially infinite) series of dead end roads in the field of cryptanalysis. Cryptography engineering is one of many specialties within the wider field of security en… | Continue reading
Tonight on InfoSec Twitter, this gem was making the rounds: Hello cybersecurity and election security people,I sometimes embed your tweets in the Cybersecurity 202 newsletter. Some of you have a ha… | Continue reading
This is the first entry in a (potentially infinite) series of dead end roads in the field of cryptanalysis. Cryptography engineering is one of many specialties within the wider field of security en… | Continue reading
Spyware written for educational institutions to flex their muscles of control over students and their families when learning from their home computer is still, categorically, spyware. Depending on … | Continue reading
Since the IETF’s CFRG decided to recommend OPAQUE as a next-generation Password Authenticated Key Exchange, there has been a lot of buzz in the cryptography community about committing authent… | Continue reading
If you’re ever tasked with implementing a cryptography feature–whether a high-level protocol or a low-level primitive–you will have to take special care to ensure you’re not… | Continue reading
If you’re ever tasked with implementing a cryptography feature–whether a high-level protocol or a low-level primitive–you will have to take special care to ensure you’re not… | Continue reading
I recently needed to find an image that I didn’t have saved on my computer in order to share with a group chat. For laughs. Naturally, I did the first thing most of us do when that happens: I… | Continue reading
If you see the letters GNU in a systems design, and that system intersects with cryptography, I can almost guarantee that it will be badly designed to an alarming degree. This is as true of GnuPG (… | Continue reading
Historical Context of Iota’s Hash Functions Once upon a time, researchers discovered that the hash function used within the Iota cryptocurrency (Curl-P), was vulnerable to practical collision… | Continue reading
If you see the letters GNU in a systems design, and that system intersects with cryptography, I can almost guarantee that it will be badly designed to an alarming degree. This is as | Continue reading
I probably don’t need to remind anyone reading this while it’s fresh about the current state of affairs in the world, but for the future readers looking back on this time, let me set th… | Continue reading
A question I get asked frequently is, “How did you learn cryptography?” I could certainly tell everyone my history as a self-taught programmer who discovered cryptography when, after my… | Continue reading
The Pop iconoclast obsessively documented his life, but he also lied constantly, almost recreationally. | Continue reading
A paper was published on the IACR’s ePrint archive yesterday, titled LadderLeak: Breaking ECDSA With Less Than One Bit of Nonce Leakage. The ensuing discussion on /r/crypto led to several int… | Continue reading
If you’re reading this wondering if you should stop using AES-GCM in some standard protocol (TLS 1.3), the short answer is “No, you’re fine”. I specialize in secure implemen… | Continue reading
Furry Twitter is currently abuzz about a new site selling knock-off fursuits and illegally using photos from the owners of the actual fursuits without permission. The website in question. Understan… | Continue reading
Furry Twitter is currently abuzz about a new site selling knock-off fursuits and illegally using photos from the owners of the actual fursuits without permission. The website in question. Understan… | Continue reading
Authenticated Key Exchanges are an interesting and important building block in any protocol that aims to allow people to communicate privately over an untrusted medium (i.e. the Internet). WhatR… | Continue reading
Cryptographers around the world are still designing privacy-preserving contact tracing systems for combating the spread of COVID-19. Even though some papers have been published (one using zero-know… | Continue reading
There are several different methods for securely hashing a password server-side for storage and future authentication. The most common one (a.k.a. the one that FIPS allows you to use, if compliance… | Continue reading
There are several different methods for securely hashing a password server-side for storage and future authentication. The most common one (a.k.a. the one that FIPS allows you to use, if compliance… | Continue reading
In 2017, cryptography researchers from Kudelski Security demonstrated practical fault attacks against EdDSA (specifically Ed25519; RFC 8032). Their techniques are also applicable to Deterministic E… | Continue reading
In 2017, cryptography researchers from Kudelski Security demonstrated practical fault attacks against EdDSA (specifically Ed25519; RFC 8032). Their techniques are also applicable to Deterministic E… | Continue reading
Suppose you need to encrypt data between two peer-to-peer devices over an untrusted medium (i.e. the Internet), and you have an authenticated low-bandwidth channel that can be used to send and auth… | Continue reading
Authenticated Key Exchanges are an interesting and important building block in any protocol that aims to allow people to communicate privately over an untrusted medium (i.e. the Internet). WhatR… | Continue reading
I was recently made aware of a change to Twitter, which exposes a new Gender field. If you’ve never specified your gender before, they guessed what it was (which is a really shitty thing to d… | Continue reading