Internet discussions about end-to-end encryption are plagued by misunderstandings, misinformation, and some people totally missing the point. Of course, people being wrong on the Internet isn’…| Dhole Moments
It’s been more than five years since The PGP Problem was published, and I still hear from people who believe that using PGP (whether GnuPG or another OpenPGP implementation) is a thing they s…| Dhole Moments
If you’re new to reading this blog, you might not already be aware of my efforts to develop end-to-end encryption for ActivityPub-based software. It’s worth being aware of before you co…| Dhole Moments
Ever since the Invisible Salamanders paper was published, there has been a quiet renaissance within my friends and colleagues in applied cryptography for studying systems that use Authenticated Enc…| Dhole Moments
I don’t consider myself exceptional in any regard, but I stumbled upon a few cryptography vulnerabilities in Matrix’s Olm library with so little effort that it was nearly accidental. It…| Dhole Moments
Update (2024-06-06): There is an update on this project. As Twitter’s new management continues to nosedive the platform directly into the ground, many people are migrating to what seem like d…| Dhole Moments
A lot of recent (and upcoming) blog posts I’ve written, and Fediverse discussions I’ve participated in, have been about the security of communication products. My criticism of these pro…| Dhole Moments
XMPP is a messaging protocol (among other things) that needs no introduction to any technical audience. Its various implementations have proliferated through technical communities for decades. Many…| Dhole Moments
Recently, it occurred to me that there wasn’t a good, focused resource that covers commitments in the context of asymmetric cryptography. I had covered confused deputy attacks in my very shor…| Dhole Moments
