Entropy Attacks!
The conventional wisdom says that hash outputs can't be controlled; the conventional wisdom is simply wrong.
View ArticleA subfield-logarithm attack against ideal lattices
Computational algebraic number theory tackles lattice-based cryptography.
View ArticleHow to design an elliptic-curve signature system
There are many choices of elliptic-curve signature systems. The standard choice, ECDSA, is reasonable if you don't care about simplicity, speed, and security. #signatures #ecc #elgamal #schnorr #ecdsa...
View ArticleNIST's cryptographic standardization process
The first step towards improvement is to admit previous failures. #standardization #nist #des #dsa #dualec #nsa
View ArticleSome small suggestions for the Intel instruction set
Low-cost changes to CPU architecture would make cryptography much safer and much faster. #constanttimecommitment #vmul53 #vcarry #pipelinedocumentation
View ArticleThe Saber cluster
How we built a cluster capable of computing 3000000000000000000000 multiplications per year for just 50000 EUR. #nvidia #linux #howto
View ArticleFollow-You Printing
How Equitrac's marketing department misrepresents and interferes with your work. #equitrac #followyouprinting #dilbert #officespaceprinter
View ArticleThe death of optimizing compilers
Abstract of my tutorial at ETAPS 2015. #etaps #compilers #cpuevolution #hotspots #optimization #domainspecific #returnofthejedi
View ArticleBreak a dozen secret keys, get a million more for free
Batch attacks are often much more cost-effective than single-target attacks. #batching #economics #keysizes #aes #ecc #rsa #dh #logjam
View ArticleThomas Jefferson and Apple versus the FBI
Can the government censor how-to books? What if some of the readers are criminals? What if the books can be understood by a computer? An introduction to freedom of speech for software publishers....
View ArticleSecurity fraud in Europe's "Quantum Manifesto"
How quantum cryptographers are stealing a quarter of a billion Euros from the European Commission. #qkd #quantumcrypto #quantummanifesto
View ArticleThe death of due process
A few notes on technology-fueled normalization of lynch mobs targeting both the accuser and the accused. #ethics #crime #punishment
View ArticleSome challenges in post-quantum standardization
My comments to NIST on the first draft of their call for submissions. #standardization #nist #pqcrypto
View ArticleBenchmarking post-quantum cryptography
News regarding the SUPERCOP benchmarking system, and more recommendations to NIST. #benchmarking #supercop #nist #pqcrypto
View ArticleFast-key-erasure random-number generators
An effort to clean up several messes simultaneously. #rng #forwardsecrecy #urandom #cascade #hmac #rekeying #proofs
View ArticleQuantum algorithms to find collisions
Analysis of several algorithms for the collision problem, and for the related multi-target preimage problem. #collision #preimage #pqcrypto
View ArticleReconstructing ROCA
A case study of how quickly an attack can be developed from a limited disclosure. #infineon #roca #rsa
View ArticleAn introduction to vectorization
Understanding one of the most important changes in the high-speed-software ecosystem. #vectorization #sse #avx #avx512 #antivectors
View ArticleWhy EdDSA held up better than ECDSA against Minerva
Cryptosystem designers successfully predicting, and protecting against, implementation failures. #ecdsa #eddsa #hnp #lwe #bleichenbacher #bkw
View Article
