Cryptography Software Security

Soatok’s Guide to Side-Channel Attacks

If you’re ever tasked with implementing a cryptography feature–whether a high-level protocol or a low-level primitive–you will have to take special care to ensure you’re not leaking secret information through side-channels. The descriptions of algorithms you learn in a classroom or textbook are not sufficient for real-world use. (Yes, that means your toy RSA implementation […]


A Brief Opinionated Overview of NIST’s Post-Quantum Cryptography Round 3 Candidates

Earlier this week, NIST announced Round 3 of the Post-Quantum Cryptography project and published their rationale for selecting from the Round 2 candidates. NIST did something clever this time, and Round 3 was separated into two groups: Finalists and Alternative Candidates. Finalists are algorithms that NIST (and the majority of the cryptographers involved in NIST’s […]