February 2013 – A Few Thoughts on Cryptographic Engineering
3 posts published by Matthew Green during February 2013| A Few Thoughts on Cryptographic Engineering
3 posts published by Matthew Green during February 2013| A Few Thoughts on Cryptographic Engineering
This is the story of how a handful of cryptographers ‘hacked’ the NSA. It’s also a story of encryption backdoors, and why they never quite work out the way you want them to. But I…| A Few Thoughts on Cryptographic Engineering
1 post published by Matthew Green during June 2025| A Few Thoughts on Cryptographic Engineering
Matthew Garrett has a nice post about Twitter (uh, X)’s new end-to-end encryption messaging protocol, which is now called XChat. The TL;DR of Matthew’s post is that from a cryptographic…| A Few Thoughts on Cryptographic Engineering
This is a cryptography blog and I always feel the need to apologize for any post that isn’t “straight cryptography.” I’m actually getting a little tired of apologizing for i…| A Few Thoughts on Cryptographic Engineering
Two weeks ago, the Washington Post reported that the U.K. government had issued a secret order to Apple demanding that the company include a “backdoor” into the company’s end-to-e…| A Few Thoughts on Cryptographic Engineering
This is the third and penultimate post in a series about theoretical weaknesses in Fiat-Shamir as applied to proof systems. The first post is here, the second post is here, and you should probably …| A Few Thoughts on Cryptographic Engineering
This is the second part of a two three-part series, which covers some recent results on “verifiable computation” and possible pitfalls that could occur there. This post won’t make…| A Few Thoughts on Cryptographic Engineering
I’m supposed to be finishing a wonky series on proof systems (here and here) and I promise I will do that this week. In the midst of this I’ve been a bit distracted by world events. Las…| A Few Thoughts on Cryptographic Engineering
Trigger warning: incredibly wonky theoretical cryptography post (written by a non-theorist)! Also, this will be in two parts. I plan to be back with some more thoughts on practical stuff, like clou…| A Few Thoughts on Cryptographic Engineering
Recently I came across a fantastic new paper by a group of NYU and Cornell researchers entitled “How to think about end-to-end encryption and AI.” I’m extremely grateful to see th…| A Few Thoughts on Cryptographic Engineering
The Internet is a dangerous place in the best of times. Sometimes Internet engineers find ways to mitigate the worst of these threats, and sometimes they fail. Every now and then, however, a major …| A Few Thoughts on Cryptographic Engineering
This blog is reserved for more serious things, and ordinarily I wouldn’t spend time on questions like the above. But much as I’d like to spend my time writing about exciting topics, som…| A Few Thoughts on Cryptographic Engineering
If you’re like most people, you don’t have a strong opinion about CBC-MAC. In fact, if you’re like most people, you don’t have a strong opinion about any crypto primitive. T…| A Few Thoughts on Cryptographic Engineering
Update (April 19): Yilei Chen announced the discovery of a bug in the algorithm, which he does not know how to fix. This was independently discovered by Hongxun Wu and Thomas Vidick. At present, th…| A Few Thoughts on Cryptographic Engineering
Last Thursday, Yahoo announced their plans to support end-to-end encryption using a fork of Google’s end-to-end email extension. This is a Big Deal. With providers like Google and Yahoo onboa…| A Few Thoughts on Cryptographic Engineering
It’s been a while since I wrote an “attack of the week” post, and the fault for this is entirely mine. I’ve been much too busy writing boring posts about Schnorr signatures!…| A Few Thoughts on Cryptographic Engineering
This post continues a long, wonky discussion of Schnorr signature schemes and the Dilithium post-quantum signature. You may want to start with Part 1. In the previous post I discussed the intuition…| A Few Thoughts on Cryptographic Engineering
Warning: extremely wonky cryptography post. Also, possibly stupid and bound for nowhere. One of the hardest problems in applied cryptography (and perhaps all of computer science!) is explaining why…| A Few Thoughts on Cryptographic Engineering
On March 23 I was invited to participate in a panel discussion at the European Internet Services Providers Association (EuroISPA). The focus of this discussion was on recent legislative proposals, …| A Few Thoughts on Cryptographic Engineering
A few weeks ago I ran into a conversation on Twitter about the weaknesses of applied cryptography textbooks, and how they tend to spend way too much time lecturing people about Feistel networks and…| A Few Thoughts on Cryptographic Engineering
