This is the third and penultimate post in a series about theoretical weaknesses in Fiat-Shamir as applied to proof systems. The first post is here, the second post is here, and you should probably read them. Over the past two posts I’ve given a bit of background on four subjects: (1) interactive proof systems (for … Continue reading How to…
#fundamentals
12 posts
19 Feb 2025
4 Feb 2025
Trigger warning: incredibly wonky theoretical cryptography post (written by a non-theorist)! Also, this will be in two parts. I plan to be back with some more thoughts on practical stuff, like cloud backup, in the near future. If you’ve read my blog over the years, you should understand that I have basically two obsessions. One … Continue reading How to…
30 Nov 2023
This post continues a long, wonky discussion of Schnorr signature schemes and the Dilithium post-quantum signature. You may want to start with Part 1. In the previous post I discussed the intuition behind Schnorr signatures, beginning with a high-level design rationale and ending with a concrete instantiation. As a reminder: our discussion began with this … Continue reading To Schnorr…
6 Oct 2023
Warning: extremely wonky cryptography post. Also, possibly stupid and bound for nowhere. One of the hardest problems in applied cryptography (and perhaps all of computer science!) is explaining why our tools work the way they do. After all, we’ve been gifted an amazing basket of useful algorithms from those who came before us. Hence it’s … Continue reading To Schnorr…
11 May 2023
Back in March I was fortunate to spend several days visiting Brussels, where I had a chance to attend a panel on “chat control“: the new content scanning regime being considered by the EU Commission. Among various requirements, this proposed legislation would mandate that client-side scanning technology be incorporated into encrypted text messaging applications like … Continue reading On Ashton…
8 May 2023
A few weeks ago I ran into a conversation on Twitter about the weaknesses of applied cryptography textbooks, and how they tend to spend way too much time lecturing people about Feistel networks and the boring details of AES. Some of the folks in this conversation suggested that instead of these things, we should be … Continue reading PRFs, PRPs…
9 Jun 2022
Last week a group of technologists, including Bruce Schneier, sent a letter to Congress outlining their concerns around cryptocurrency and urging Congress to regulate the space. Now let me be the first to say that I broadly support this goal. I have no problem with the idea of legislators (intelligently) passing laws to regulate cryptocurrency. … Continue reading In defense…
5 Jan 2020
This is part five of a series on the Random Oracle Model. See here for the previous posts: Part 1: An introduction Part 2: The ROM formalized, a scheme and a proof sketch Part 3: How we abuse the ROM to make our security proofs work Part 4: Some more examples of where the ROM … Continue reading What is…
30 Jun 2016
Long time readers of this blog will know that when I’m not shilling for the Go language, my hobbies include electronics and retro computing. For me, projects like James Newman’s Megaprocessor, a computer built entirely from discrete components, is about as good as it gets. James has recently finished construction of the Megaprocessor and has started […]
27 Nov 2014
One of the best things about modern cryptography is the beautiful terminology. You could start any number of punk bands (or Tumblrs) named after cryptography terms like ‘hard-core predicate’, ‘trapdoor function’, ‘ or ‘impossible differential cryptanalysis’. And of course, I haven’t even mentioned the one term that surpasses all of these. That term is ‘zero knowledge‘. In … Continue reading…
21 Feb 2014
I have a thing for over-the-top cryptography headlines — mostly because I enjoy watching steam come out of researchers’ ears when their work gets totally misrepresented. And although I’ve seen quite a few good ones, last week WIRED managed a doozy. The headline in question, Cryptography Breakthrough Could Make Software Unhackable, managed to accomplish something that few … Continue reading…
19 Aug 2013
I’ve been traveling a bit over the past couple of weeks, so I haven’t had much of a chance to keep up on blogging. One consequence is that I completely missed my chance to say something about, well, anything that happened at BlackHat or Def Con. Which is too bad, since a surprising amount of … Continue reading Is the…