Security Cryptography Whatever
Technology Podcasts
Some cryptography & security people talk about security, cryptography, and whatever else is happening.
Location:
United States
Genres:
Technology Podcasts
Description:
Some cryptography & security people talk about security, cryptography, and whatever else is happening.
Language:
English
Episodes
STIR/SHAKEN with Paul Grubbs and Josh Brown
4/30/2024
Josh Brown and Paul Grubbs join us to describe how those damned spam calls work, and how STIR/SHAKEN is supposed to try to stop them, but have other privacy and security implications as well.
Transcript: https://securitycryptographywhatever.com/2024/04/30/stir-shaken/
Links:
- https://iacr.org/submit/files/slides/2024/rwc/rwc2024/98/slides.pdf
- https://www.youtube.com/watch?v=3trxXF0-fRU
- Paul Grubbs: https://web.eecs.umich.edu/~paulgrub/
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Duration:01:01:47
Cryptography Tier List
3/23/2024
(NSFW) Three AI-generated guests rank cryptography things into a tier list. Play along at home and make your own tier list: https://tiermaker.com/create/cryptography-15683166
This episode is definitely not safe for work and definitely a parody. Do not base your decision in the 2024 election off of this podcast episode. No campaigns have endorsed this podcast.
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Duration:00:19:28
Post-Quantum iMessage with Douglas Stebila
3/3/2024
Apple iMessage is getting a big upgrade! Not only are they rolling out ratcheting, but they’re going post-quantum, AND they’re doing post-quantum ratcheting! Douglas Stebila joined us to talk about his security analysis of the new PQ3 protocol update and not indulge our wild Apple speculations:
Transcript: https://securitycryptographywhatever.com/2024/03/03/post-quantum-imessage-with-douglas-stebila/
Links:
- https://security.apple.com/blog/imessage-pq3/
- Security analysis of the iMessage PQ3 protocol
https://security.apple.com/assets/files/A_Formal_Analysis_of_the_iMessage_PQ3_Messaging_Protocol_Basin_et_al.pdf
- Ratcheting design: https://eprint.iacr.org/2024/220.pdf
- When Messages are Keys: Is HMAC a dual-PRF?: https://eprint.iacr.org/2023/861.pdf
- Real World Deniability in Messaging: https://eprint.iacr.org/2023/403.pdf
- Padmé: https://www.petsymposium.org/2019/files/papers/issue4/popets-2019-0056.pdf
- Max Headroom: https://www.youtube.com/watch?v=cYdpOjletnc
- Extended Canetti-Krawczyk model: https://iacr.org/archive/eurocrypt2001/20450451.pdf
- Douglas Stebila: https://www.douglas.stebila.ca/
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Duration:00:55:34
High-assurance Post-Quantum Crypto with Franziskus Kiefer and Karthik Bhargavan
1/29/2024
We welcome Franziskus and Karthik from Cryspen to discuss their new high-assurance implementation of ML-KEM (the final form of Kyber), discussing how formal methods can both help provide correctness guarantees, security assurances, and performance wins for your crypto code!
Transcript: https://securitycryptographywhatever.com/2024/01/29/high-assurance-kyber/
Links:
- https://cryspen.com/post/ml-kem-implementation/
- https://github.com/cryspen/libcrux/
- https://github.com/formosa-crypto/libjade
- https://cryspen.com/post/pqxdh/
- https://eprint.iacr.org/2023/1933.pdf
- Franziskus Kiefer: https://franziskuskiefer.de/
- Karthik Bhargavan: https://bhargavan.info/
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Duration:00:56:13
Encrypting Facebook Messenger with Jon Millican and Timothy Buck
12/23/2023
Facebook Messenger has finally been end-to-end encrypted, a couple of years after Mark Zuckerberg announced it! Plus Instagram DMs are trialing ephemeral E2EE DMs too! We invited on Jon Millican and Timothy Buck from Meta to discuss this major cross-platform endeavor, and how David Bowie fits into their personal Labyrinth.
Transcript: https://securitycryptographywhatever.com/2023/12/28/e2ee-fb-messenger/
Links:
- https://www.facebook.com/notes/2420600258234172
- https://eprint.iacr.org/2022/1044.pdf
- https://engineering.fb.com/2023/12/06/security/building-end-to-end-security-for-messenger/
- https://www.theverge.com/2023/12/6/23991501/facebook-messenger-default-end-to-end-encryption-meta
- https://www.threads.net/@jonmillican/post/C0kQPAyoFpr
- https://engineering.fb.com/wp-content/uploads/2023/12/MessengerEnd-to-EndEncryptionOverview_12-6-2023.pdf
- https://engineering.fb.com/wp-content/uploads/2023/12/TheLabyrinthEncryptedMessageStorageProtocol_12-6-2023.pdf
- https://engineering.fb.com/2022/03/10/security/code-verify/
- https://chrome.google.com/webstore/detail/code-verify/llohflklppcaghdpehpbklhlfebooeog
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Duration:00:59:35
Attacking Lattice-based Cryptography with Martin Albrecht
11/13/2023
Returning champion Martin Albrecht joins us to help explain how we measure the security of lattice-based cryptosystems like Kyber and Dilithium against attackers. QRAM, BKZ, LLL, oh my!
Transcript: https://securitycryptographywhatever.com/2023/11/13/lattice-attacks/
Links:
- https://pq-crystals.org/kyber/index.shtml
- https://pq-crystals.org/dilithium/index.shtml
- https://eprint.iacr.org/2019/930.pdf
- https://en.wikipedia.org/wiki/Short_integer_solution_problem
- Frodo: https://eprint.iacr.org/2016/659
- https://csrc.nist.gov/CSRC/media/Events/third-pqc-standardization-conference/documents/accepted-papers/ribeiro-saber-pq-key-pqc2021.pdf
- https://en.wikipedia.org/wiki/Hermite_normal_form
- https://en.wikipedia.org/wiki/Wagner%E2%80%93Fischer_algorithm
- https://www.math.auckland.ac.nz/~sgal018/crypto-book/ch18.pdf
- https://eprint.iacr.org/2019/1161
- QRAM: https://arxiv.org/abs/2305.10310
- https://en.wikipedia.org/wiki/Lenstra%E2%80%93Lenstra%E2%80%93Lov%C3%A1sz_lattice_basis_reduction_algorithm
- MATZOV improved dual lattice attack: https://zenodo.org/records/6412487
- https://eprint.iacr.org/2008/504.pdf
- https://eprint.iacr.org/2023/302.pdf
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Duration:00:57:20
Signal's Post-Quantum PQXDH, Same-Origin Policy, E2EE in the Browser Revisted
11/7/2023
We're back! Signal rolled out a protocol change to be post-quantum resilient! Someone was caught intercepting Jabber TLS via certificate transparency! Was the same-origin policy in web browers just a dirty hack all along? Plus secure message format formalisms, and even more beating of the dead horse that is E2EE in the browser.
Transcript: https://securitycryptographywhatever.com/2023/11/07/PQXDH-etc
Links:
- https://zfnd.org/so-you-want-to-build-an-end-to-end-encrypted-web-app/
- https://github.com/superfly/macaroon
- https://cryspen.com/post/pqxdh/
- https://eprint.iacr.org/2023/1390.pdf
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Duration:01:19:05
'Jerry Solinas deserves a raise' with Steve Weis
10/11/2023
We explore how the NIST curve parameter seeds were generated, as best we can, with returning champion Steve Weis!
“At the point where we find an intelligible English string that generates the
NIST P-curve seeds, nobody serious is going to take the seed provenance concerns seriously anymore.”
Transcript: https://securitycryptographywhatever.com/2023/10/12/the-nist-curves
Links:
- Steve’s post: https://saweis.net/posts/nist-curve-seed-origins.html
- ANSI X9.62 ECDSA: https://safecurves.cr.yp.to/grouper.ieee.org/groups/1363/private/x9-62-09-20-98.pdf / FIPS 186-2 https://csrc.nist.gov/files/pubs/fips/186-2/final/docs/fips186-2.pdf
- “A RIDDLE WRAPPED IN AN ENIGMA”: https://eprint.iacr.org/2015/1018.pdf
- https://arstechnica.com/information-technology/2015/01/nsa-official-support-of-backdoored-dual_ec_drbg-was-regrettable/
- https://www.muckrock.com/foi/united-states-of-america-10/origin-of-fips-186-4-elliptic-curves-over-prime-field-seed-parameters-national-institute-of-standards-and-technology-78756/
- https://www.muckrock.com/foi/united-states-of-america-10/origin-of-fips-186-4-elliptic-curves-over-prime-field-seed-parameters-national-security-agency-78755/
- Filippo’s bounty: https://words.filippo.io/dispatches/seeds-bounty/
- Recommendations for Discrete Logarithm-based Cryptography: Elliptic Curve Domain Parameters - NIST 800-186 with Curve25519 and friends
- RFC 8422: Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) Versions 1.2 and Earlier
- https://www.rfc-editor.org/rfc/rfc4492#section-6
- https://blog.cryptographyengineering.com/2017/12/19/the-strange-story-of-extended-random/
- https://en.wikipedia.org/wiki/Bullrun_(decryption_program)
- https://en.wikipedia.org/wiki/BSAFE
- https://sockpuppet.org/blog/2015/08/04/is-extended-random-malicious/
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Duration:00:57:31
Cruel Summer: hybrid signatures, Downfall, Zenbleed, 2G downgrades
9/13/2023
We're back from our summer vacation! We're covering a bunch of stuff we saw and did:
Transcript:
https://securitycryptographywhatever.com/2023/09/13/cruel-summer/
Links:
- Zenbleed: https://lock.cmpxchg8b.com/zenbleed.html
- Downfall: https://downfall.page
- Post-quantum Yubikeys: https://security.googleblog.com/2023/08/toward-quantum-resilient-security-keys.html
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Duration:00:58:35
Why do we think anything is secure, with Steve Weis
6/29/2023
What does P vs NP have to do with cryptography? Why do people love and laugh about the random oracle model? What's an oracle? What do you mean factoring and discrete log don't have proofs of hardness? How does any of this cryptography stuff work, anyway? We trapped Steve Weis into answering our many questions.
Transcript:
https://securitycryptographywhatever.com/2023/06/29/why-do-we-think-anything-is-secure-with-steve-weis/
Links:
- The Random Oracle Methodology, Revisited: https://eprint.iacr.org/1998/011.pdf
- Factoring integers with CADO-NFS: https://www.ens-lyon.fr/LIP/AriC/wp-content/uploads/2015/03/JDetrey-tutorial.pdf
- On One-way Functions from NP-Complete Problems: https://eprint.iacr.org/2021/513.pdf
- Seny Kamara's lecture notes on provable security: https://cs.brown.edu/~seny/2950-v/2-provablesecurity.pdf
- How To Simulate It – A Tutorial on the Simulation Proof Technique: https://eprint.iacr.org/2016/046.pdf
- A Survey of Leakage-Resilient Cryptography: https://eprint.iacr.org/2019/302
- A Decade of Lattice Cryptography: https://eprint.iacr.org/2015/939.pdf
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Duration:00:46:17
Elon's Encrypted DMs with Matthew Garrett
5/29/2023
Are Twitter’s new encrypted DMs unreadable even if you put a gun to Elon’s head? We invited Matthew Garrett on to do a deep decompiled dive into what kind of cryptography actually shipped.
Transcript:
https://securitycryptographywhatever.com/2023/05/29/elons-encrypted-dms-with-matthew-garrett/
Links:
https://mjg59.dreamwidth.org/66791.html
https://help.twitter.com/en/using-twitter/encrypted-direct-messages
https://www.techdirt.com/2023/05/11/twitter-launches-not-actually-encrypted-encrypted-dms/
BrokenKDF2BytesGenerator: https://github.com/bcgit/bc-java/blob/master/prov/src/main/java/org/bouncycastle/jce/provider/BrokenKDF2BytesGenerator.java#L70
Analysis from sweis: https://twitter.com/sweis/status/1657082478727933954?s=20
https://signal.org/docs/specifications/x3dh/
https://signal.org/docs/specifications/doubleratchet/
https://support.signal.org/hc/en-us/articles/360007059752-Backup-and-Restore-Messages
Trail of Bits has not audited nor signed a contract yet, per Platformer: https://www.platformer.news/p/why-you-cant-trust-twitters-encrypted
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Duration:00:52:28
WhatsApp Key Transparency with Jasleen Malvai and Kevin Lewi
5/6/2023
WhatsApp has announced they’re rolling out key transparency! Doing this at WhatsApp-scale (aka billions and biiillions of keys) is a significant task, so we talked to Jasleen Malvai and Kevin Lewi about how it works.
Transcript:
https://securitycryptographywhatever.com/2023/05/06/whatsapp-key-transparency
Links:
https://engineering.fb.com/2023/04/13/security/whatsapp-key-transparency/
https://github.com/facebook/akd
Parkeet: https://eprint.iacr.org/2023/081.pdf
CONIKS: https://eprint.iacr.org/2014/1004.pdf
SEEMless: https://eprint.iacr.org/2018/607.pdf
WhatsApp Security Whitepaper: https://www.whatsapp.com/security/WhatsApp-Security-Whitepaper.pdf
Keybase key transparency: https://book.keybase.io/docs/server
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Duration:00:55:43
Messaging Layer Security (MLS) with Raphael Robert
4/22/2023
Messaging Layer Security (MLS) 1.0 is (basically) here! We invited Raphael
Robert, coauthor of the MLS specification to explain it to us and answer our annoying questions (read: why does this exist?)
Transcript:
https://securitycryptographywhatever.com/2023/04/22/mls/
Links:
- https://messaginglayersecurity.rocks/
- https://messaginglayersecurity.rocks/mls-protocol/draft-ietf-mls-protocol.html
- https://messaginglayersecurity.rocks/mls-architecture/draft-ietf-mls-architecture.html
- https://github.com/openmls/openmls
- https://eprint.iacr.org/2022/1533.pdf
- https://eprint.iacr.org/2020/1327.pdf
- https://eprint.iacr.org/2022/559.pdf
- https://signal.org/docs/
- https://en.wikipedia.org/wiki/Key_encapsulation_mechanism
- https://twitter.com/beurdouche/status/1220617962182389760
- https://messaginglayersecurity.rocks/mls-protocol/draft-ietf-mls-protocol.html#mls-ciphersuites
- https://www.ietf.org/archive/id/draft-ietf-mls-federation-02.html
- https://datatracker.ietf.org/wg/mimi/documents/
- https://competition-policy.ec.europa.eu/dma/dma-workshops/interoperability-workshop_en
- Yes in the protocol document this is 1.0: https://messaginglayersecurity.rocks/mls-protocol/draft-ietf-mls-protocol.html#section-6
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Duration:00:55:02
Real World: Crypto (2023)
3/24/2023
Real World Cryptography 2023 is happening any moment now in Tokyo. Also, some phone basebands are broken.
Links
Transcript: https://securitycryptographywhatever.com/2023/03/24/rwc-2023/
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Duration:00:54:51
Threema with Kenny Paterson, Matteo Scarlata and Kien Tuong Truong
1/27/2023
Another day, another ostensibly secure messenger that quails under the gaze of some intrepid cryptographers. This time, it's Threema, and the gaze belongs to Kenny Paterson, Matteo Scarlata, and Kien Tuong Truong from ETH Zurich. Get ready for some stunt cryptography, like 2 Fast 2 Furious stunts.
Transcript:
https://securitycryptographywhatever.com/2023/01/27/threema/
Links:
https://breakingthe3ma.app/
https://threema.ch/press-files/2_documentation/cryptography_whitepaper.pdf
https://threema.ch/en/blog/posts/ibex
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Duration:01:03:55
Has RSA been destroyed by a quantum computer???
1/6/2023
There's a paper that claims one can factor a RSA-2048 modulus with the help of a 372-qubit quantum computer. Are we all gonna die?
Also some musings about Bruce Schneier.
Errata:
Schneier's honorary PhD is from the University of Westminster, not UW.
Transcript:
https://securitycryptographywhatever.com/2023/01/06/has-rsa-been-destroyed-by-a-quantum-computer/
Links:
https://arxiv.org/pdf/2212.12372.pdf
https://eprint.iacr.org/2021/232.pdf
https://github.com/lducas/SchnorrGate
https://sweis.medium.com/did-schnorr-destroy-rsa-show-me-the-factors-dcb1bb980ab0
https://www.schneier.com/blog/archives/2023/01/breaking-rsa-with-a-quantum-computer.html
https://scottaaronson.blog/?p=6957
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Duration:00:41:12
End of Year Wrap Up
1/4/2023
David and Deirdre gab about some stuff we didn't get to or just recently happened, like Tailscale's new Tailnet Lock, the Okta breach, what the fuck CISOs are for anyway, Rust in Android and Chrome, passkeys support, and of course, SBF.
Transcript:
https://securitycryptographywhatever.com/2023/01/04/end-of-year-wrap-up/
Links:
https://tailscale.com/blog/tailnet-lock/
https://security.googleblog.com/2022/12/memory-safe-languages-in-android-13.html
https://groups.google.com/a/chromium.org/g/chromium-dev/c/0z-6VJ9ZpVU
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Duration:00:59:27
Software Safety and Twitter with Kevin Riggle
11/24/2022
We talk to Kevin Riggle (@kevinriggle) about complexity and safety. We also talk about the Twitter acquisition. While recording, we discovered a new failure mode where Kevin couldn't hear Thomas, but David and Deirdre could, so there's not much Thomas this episode. If you ever need to get Thomas to voluntarily stop talking, simply mute him to half the audience!
https://twitter.com/kevinriggle
Transcript:
https://securitycryptographywhatever.com/2022/11/24/software-safety-and-twitter-with-kevin-riggle/
Errata
Links
https://free-dissociation.com/blog/posts/2018/08/why-is-it-so-hard-to-build-safe-software/https://complexsystems.group/https://how.complexsystems.fail/https://noncombatant.org/2016/06/20/get-into-security-engineering/https://blog.nelhage.com/2010/03/security-doesnt-respect-abstraction/http://sunnyday.mit.edu/safer-world.pdfhttps://www.adaptivecapacitylabs.com/john-allspaw/https://www.etsy.com/codeascraft/blameless-postmortemshttps://increment.com/security/approachable-threat-modeling/https://www.nytimes.com/2022/11/17/arts/music/taylor-swift-tickets-ticketmaster.htmlhttps://www.hillelwayne.com/post/are-we-really-engineers/https://www.hillelwayne.com/post/we-are-not-special/https://www.hillelwayne.com/post/what-we-can-learn/https://lotr.fandom.com/wiki/Denethor_IIhttps://twitter.com/sarahjeong/status/1587597972136546304
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Duration:00:58:36
Matrix with Martin Albrecht and Dan Jones
11/2/2022
No not the movie: the secure group messaging protocol! Or rather all the bugs and vulns that a team of researchers found when trying to formalize said protocol. Martin Albrecht and Dan Jones joined us to walk us through "Practically-exploitable Cryptographic
Vulnerabilities in Matrix".
Transcript:
https://securitycryptographywhatever.com/2022/11/02/Matrix-with-Martin-Albrecht-Dan-Jones/
Links:
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Duration:01:06:24
SOC2 with Sarah Harvey
10/16/2022
We have Sarah Harvey (@worldwise001 on Twitter) to talk about SOC2, what it means, how to get it, and if it's important or not. The discussion centers around two blog posts written by Thomas:
Transcript:
https://securitycryptographywhatever.com/2022/10/16/SOC2-with-Sarah-Harvey/
Links:
https://tailscale.com/blog/soc2-type2/https://sso.taxhttps://getnametag.comhttps://censys.iohttps://fly.io
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Duration:01:01:37