Dhole Moments, Soa Talks, and Other Bad Puns…
Something to Always Keep in Mind
Regular readers of Dhole Moments should always keep this in mind:
Asymmetric Cryptographic Commitments
Recently, it occurred to me that there wasn’t a good, focused resource that covers commitments in the context of asymmetric cryptography. I had covered confused deputy attacks in my very short (don’t look at the scroll bar) blog post on database cryptography., and that’s definitely relevant. I had also touched on the subject of commitment…
Database Cryptography Fur the Rest of Us
An introduction to database cryptography.
Dogwhistles and Other Falsehoods Uttered About Furries
A quick reference to anti-furry dog-whistles for busy journalists and investigative reporters.
How You Respond to Security Researchers Says Everything About You
Tails from the Cryptographic Side of Security Research
Hindsight is 2022
A recap of this blog and its author in 2022
What We Do in the /etc/shadow – Cryptography with Passwords
Ever since the famous “Open Sesame” line from One Thousand and One Nights, humanity was doomed to suffer from the scourge of passwords. Even in a world where we use hardware tokens with asymmetric cryptography to obviate the need for passwords in modern authentication protocols, we’ll still need to include “something you know” for legal…
Extending the AES-GCM Nonce Without Nightmare Fuel
When it comes to AES-GCM, I am not a fan. Most of my gripes fall into one of two categories: However, one of my gripes technically belongs in both categories: The small nonce size, which is caused by AES’s block size, limits the amount of data you can safely encrypt with a single symmetric key.…
Security Research on Twitter: Before and After Musk’s Takeover
I got banned for criticizing Twitter’s security, as I’ve done often in the past without repercussion.
Towards End-to-End Encryption for Direct Messages in the Fediverse
As Twitter’s new management continues to nosedive the platform directly into the ground, many people are migrating to what seem like drop-in alternatives; i.e. Cohost and Mastodon. Some are even considering new platforms that none of us have heard of before (one is called “Hive”). Needless to say, these are somewhat chaotic times. One topic…
Loading…
Something went wrong. Please refresh the page and/or try again.
Follow My Blog
Get new content delivered directly to your inbox.