#Tag · bonfire.cafe

Charlie Stross and 1 other boosted

Floris Bruynooghe

From somewhere at #39c3

#quantum #cryptography #security

A hand holding a palm-sized pamphlet under pink-ish lighting:

STOP DOING QUANTUM CRYPTOANALYSIS
- DECADES of research and billions in funding, yet the largest number a ~~quantum computer~~ quantum physics experiment has ever factorized remains a terrifying 21
- The keep calling it a 'processor,' but it's actually a refrigerated probability sculpture they beg to act like it is a NAND gate for just half a microsecond -- fever dreams of the QUANTUM CULT
- The only countdown ticking towards Y2Q is researches counting the years of funding they can squeeze out of it
- Harvest now, decrypt later: because someday quantum computers will unlock the secret... that all the encrypted traffic was just web scrapers feeding AI model training
- Want to hack a database? No need to way for some Quantum Crypocalypse, just ask it politely with 'OR 1 = 1'

<weird diagram> ????

"Hello, I would like <weird formulas> to distil <weird formulas> please!"

They have played us for absolute fools — A hand holding a palm-sized pamphlet under pink-ish lighting: STOP DOING QUANTUM CRYPTOANALYSIS - DECADES of research and billions in funding, yet the largest number a ~~quantum computer~~ quantum physics experiment has ever factorized remains a terrifying 21 - The keep calling it a 'processor,' but it's actually a refrigerated probability sculpture they beg to act like it is a NAND gate for just half a microsecond -- fever dreams of the QUANTUM CULT - The only countdown ticking towards Y2Q is researches counting the years of funding they can squeeze out of it - Harvest now, decrypt later: because someday quantum computers will unlock the secret... that all the encrypted traffic was just web scrapers feeding AI model training - Want to hack a database? No need to way for some Quantum Crypocalypse, just ask it politely with 'OR 1 = 1' <weird diagram> ???? "Hello, I would like <weird formulas> to distil <weird formulas> please!" They have played us for absolute fools

Floris Bruynooghe

@flub@mastodon.social · 21 hours ago

From somewhere at #39c3

#quantum #cryptography #security

Andrew Nesbitt boosted

yossarian (1.3.6.1.4.1.55738)

@yossarian@infosec.exchange · 3 days ago

Some flexibility with Go’s sumdb

https://blog.yossarian.net/2025/12/29/Some-flexibility-with-Go-s-sumdb

#security #go #cryptography

Some flexibility with Go's sumdb

⁂

More from

yossarian (1.3.6.1.4.1.55738)

alcinnz and 1 other boosted

Risotto Bias

@risottobias@toot.risottobias.org · 3 days ago

what are some of your favorite whitepapers & security models?

e.g., signal:

https://positive-intentions.com/docs/research/signal-protocol-security-audit/threat-model/
https://signal.org/docs/specifications/mlkembraid/

#cybersecurity #p2p #cryptography

Signal Messenger

Signal Messenger: Speak Freely

Say "hello" to a different messaging experience. An unexpected focus on privacy, combined with all of the features you expect.

positive-intentions

Threat Model - Signal Protocol Implementation | positive-intentions

Overview

Risotto Bias

@risottobias@toot.risottobias.org · 3 days ago

what are some of your favorite whitepapers & security models?

e.g., signal:

https://positive-intentions.com/docs/research/signal-protocol-security-audit/threat-model/
https://signal.org/docs/specifications/mlkembraid/

#cybersecurity #p2p #cryptography

Signal Messenger

Signal Messenger: Speak Freely

Say "hello" to a different messaging experience. An unexpected focus on privacy, combined with all of the features you expect.

positive-intentions

Threat Model - Signal Protocol Implementation | positive-intentions

Overview

Hacker News

@h4ckernews@mastodon.social · 5 days ago

Faster Practical Modular Inversion

https://purplesyringa.moe/blog/faster-practical-modular-inversion/

#HackerNews #Faster #Modular #Inversion #Practical #Algorithms #Cryptography #Tech #News

purplesyringa's blog

Faster practical modular inversion

Last year, Lemire wrote about an optimized variation of the Euclidean algorithm for computing the greatest common divisor of two numbers, called binary Euclidean algorithm or Stein’s algorithm. It’s a best-of-class implementation, though it’s currently only used by libc++. The post also briefly mentions the extended Euclidean algorithm, a related algorithm most often used to compute the modular multiplicative inverse (given a remainder a and a modulus m , find x such that a ⋅ x mod m = 1 ): There is also a binary version of the extended Euclidean algorithm[,] although it is quite a bit more involved and it is not clear that it […] can be implemented at high speed, leveraging fast instructions, when working on integers that fit in general-purpose registers. […] My implementation of the binary extended Euclidean algorithm is quite a bit slower and not recommended. I expect that it should be possible to optimize it further. That’s a big shame, because the extended Euclidean algorithm can be optimized in a very similar manner, and the underlying ideas were described in a 2020 paper. It’s probably not well-known because the paper focuses on constant-time evaluation and long arithmetic, so people might have assumed it’s irrelevant. I’m hoping to bring justice to the extended Stein’s algorithm with this post. I’ll cover how the algorithm works, its limitations, some optimizations compared to Pornin’s paper, and potential further improvements. My implementation is available on GitHub as part of a Rust modular arithmetic library.

🫧 socialcoding.. boosted

Neiman

@neiman@social.hastily.cc · last week

Who's coming to #39C3?

I'm up for meeting up for a chat and talk about literally anything #cryptography #decentralization or #p2p related.

Neiman

@neiman@social.hastily.cc · last week

Who's coming to #39C3?

I'm up for meeting up for a chat and talk about literally anything #cryptography #decentralization or #p2p related.

Kunal Mehta boosted

Clemens

@neverpanic@chaos.social · 2 weeks ago

#RedHat just shipped its first RPM signed with #PostQuantum #Cryptography, completing a major push across multiple teams to make this happen.

`ipmitool-1.8.19-10.el10_1` from https://access.redhat.com/errata/RHBA-2025:23156:

```
[root@rhel-10-1 ~]# rpmkeys -Kv ipmitool-1.8.19-10.el10_1.aarch64.rpm |& head -3
ipmitool-1.8.19-10.el10_1.aarch64.rpm:
Header V6 ML-DSA-87+Ed448/SHA512 Signature, key ID 05707a62: OK
Header V4 RSA/SHA256 Signature, key ID fd431d51: OK
```

Clemens

@neverpanic@chaos.social · 2 weeks ago

#RedHat just shipped its first RPM signed with #PostQuantum #Cryptography, completing a major push across multiple teams to make this happen.

`ipmitool-1.8.19-10.el10_1` from https://access.redhat.com/errata/RHBA-2025:23156:

Tommaso Gagliardoni

@tomgag@infosec.exchange · 2 weeks ago

I just found this cool video explaining the Diffie-Hellman cryptographic key exchange with the analogy of mixing colors! I was not aware of this neat explanation! Cute!

https://youtu.be/YEBfamv-_do?t=160

#crypto #cryptography #security #privacy #education #video

David Chisnall (*Now with 50% more sarcasm!*) boosted

Lobsters

@lobsters@mastodon.social · 3 weeks ago

Post-Quantum Cryptography on CHERIoT via @fanf https://lobste.rs/s/azgmvv #cryptography
https://cheriot.org/pqc/2025/12/12/pqc-on-cheriot.html

Lobsters

@lobsters@mastodon.social · 3 weeks ago

Post-Quantum Cryptography on CHERIoT via @fanf https://lobste.rs/s/azgmvv #cryptography
https://cheriot.org/pqc/2025/12/12/pqc-on-cheriot.html

d@nny disc@ mc² boosted

PGPkeys EU

@pgpkeys@infosec.exchange · 3 weeks ago

New Blog: #Keyserver Updates and Roadmap, December 2025

...

About half of the public #Hockeypuck keyservers have been upgraded to the 2.3 branch (as of 2025-12-08), including the pgpkeys.eu servers. A small number remain on 2.1 for compatibility reasons, but the remaining issues preventing upgrade of these 2.1 servers will be addressed in an upcoming 2.3.x release.

...

While HKPv2 and RFC9580 support are the current priorities, further improvements are planned for delivery in 2026 and 2027. These include:

* Allowing #OpenPGP key owners to explicitly restrict the distribution of third-party signatures over their User IDs, to prevent signature flooding.
* Out of band email proofs of User ID validity, to mitigate spam and impersonation.
* A fully-featured management API to better handle deletion and blocklisting of incorrect or spammy keys.
* Native rate limiting and tor exit node abuse detection.
* Detection (and potential removal) of keys with known vulnerabilities or weaknesses.
* Improvements to the dump and restore process to allow a running server to be backed up without a restart.

https://blog.pgpkeys.eu/keyserver-roadmap-2025-12.html

#infosec #cryptography #pgp

PGPkeys EU

@pgpkeys@infosec.exchange · 3 weeks ago

New Blog: #Keyserver Updates and Roadmap, December 2025

...

While HKPv2 and RFC9580 support are the current priorities, further improvements are planned for delivery in 2026 and 2027. These include:

https://blog.pgpkeys.eu/keyserver-roadmap-2025-12.html

#infosec #cryptography #pgp

Hacker News

@h4ckernews@mastodon.social · 4 weeks ago

Understanding ECDSA

https://avidthinker.github.io/2025/11/28/understanding-ecdsa/

#HackerNews #UnderstandingECDSA #Cryptography #DigitalSignatures #Blockchain #Security

Dan Goodin boosted

Clemens

@neverpanic@chaos.social · last month

In October, I gave a talk about post-quantum #cryptography at the #OpenSSL Conference in Prague. Yesterday, the video dropped. If you're interested, head to https://www.youtube.com/watch?v=sXHEweoTj60!