You might be hearing a lot about post-quantum (PQ) cryptography lately, and it’s easy to wonder why it’s such a big deal when nobody has actually seen a quantum computer. But even if a quantum computer is never built, new PQ standards are safer, more resilient, and more flexible than their classical […]| The Trail of Bits Blog
A key-encapsulation mechanism (KEM) is a set of algorithms that, under certain conditions, can be used by two parties to establish a shared secret key over a public channel. A shared secret key that is securely established using a KEM can then be used with symmetric-key cryptographic algorithms to perform basic tasks in secure communications, such as encryption and authentication. This standard specifies a key-encapsulation mechanism called ML-KEM. The security of ML-KEM is related to the com...| csrc.nist.gov
Ever since the Invisible Salamanders paper was published, there has been a quiet renaissance within my friends and colleagues in applied cryptography for studying systems that use Authenticated Enc…| Dhole Moments
There are two mental models for designing a cryptosystem that offers end-to-end encryption to all of its users. The first is the Signal model. Predicated on Moxie’s notion that the ecosystem …| Dhole Moments
You go to war with the algorithms you have, not the ones you wish you had| educatedguesswork.org
Earlier this year, I wrote about planned effort to design a federated Key Transparency proposal. The end goal for this work was constrained to building end-to-end encryption into a new type of Dire…| Dhole Moments
Update (2024-06-06): There is an update on this project. As Twitter’s new management continues to nosedive the platform directly into the ground, many people are migrating to what seem like d…| Dhole Moments
luvluvzpurple nonbinary asexualfurries luvluvzpurple. bubble8bitpix no_rp smokefreefurs drugfreefurs SFWart bubble8bitpix. 8bitstarsp1c ...| sfw.furaffinity.net
A lot of recent (and upcoming) blog posts I’ve written, and Fediverse discussions I’ve participated in, have been about the security of communication products. My criticism of these pro…| Dhole Moments
In late 2022, I blogged about the work needed to develop a specification for end-to-end encryption for the fediverse. I sketched out some of the key management components on GitHub, and then the pu…| Dhole Moments
HTTPS adoption in 2024 is around 95-98%, as measured by page loads in Chrome (it would be better if it was 100%!). These days, a plaintext HTTP site is a rarity, enough that many users of Chrome’s “Always Use Secure Connections” mode, which presents a full-page interstitial warning the user before accessing an HTTP page, see an average of zero warnings per week. But it didn’t always used to be this way!| dadrian.io
Back to activism.net/cypherpunk/| www.activism.net
This document describes a scheme for hybrid public key encryption (HPKE). This scheme provides a variant of public key encryption of arbitrary-sized plaintexts for a recipient public key. It also includes three authenticated variants, including one that authenticates possession of a pre-shared key and two optional ones that authenticate possession of a key encapsulation mechanism (KEM) private key. HPKE works for any combination of an asymmetric KEM, key derivation function (KDF), and authent...| IETF Datatracker
47 U.S.C. § 230 The Internet allows people everywhere to connect, share ideas, and advocate for change without needing immense resources or technical expertise. Our unprecedented ability to communicate online—on blogs, social media platforms, and educational and cultural platforms like Wikipedia and the Internet Archive—is not an accident. Congress recognized that for user speech to thrive on the Internet, it had to protect the services that power users’ speech. That’s why the U.S....| Electronic Frontier Foundation
