Daniel J. Bernstein
@hashbreaker
Designing cryptography (deployed now: X25519, Ed25519, ChaCha20, sntrup, Classic McEliece) to proactively reduce risks. Coined phrase "post-quantum" in 2003.
ID:58326841
https://cr.yp.to/djb.html 19-07-2009 23:41:10
2,3K Tweets
22,4K Followers
23 Following
Ross Anderson Professor Ross Anderson, FRS, FREng Dear friend and treasured long term campaigner for privacy and security, Professor of Security Engineering at Cambridge University and Edinburgh University, Lovelace Medal winner, has died suddenly at home in Cambridge.
I clicked on 'Google's Threat model for Post-Quantum Cryptography'. 2MB page; below web average. I was hoping it would explain how Google sees Kyber-768 as such low risk as to not move up to Kyber-1024 (384 bytes larger key, 480 bytes larger ciphertext): bughunters.google.com/blog/510874798…
.Trail of Bits is making a big investment in post-quantum cryptography (PQC) this year. If that's something you're ready to work on, we're doing security reviews *and* custom engineering.
Math people: Here is a job opportunity with my new colleague Mireille Boutin at TU Eindhoven ; good conditions & exciting new group in the making:
Assistant Prof in Applied Algebra and Geometry in Eindhoven jobs.tue.nl/en/vacancy/ass…
No application deadline: first come first serve
2009: 'Not covered in this talk: other types of DoS attacks. e.g. DNSSEC advertising says zero server-CPU-time cost. How much server CPU time can we actually consume?' cr.yp.to/talks.html#200… Also posed the question in some later talks. Most recent answer: athene-center.de/fileadmin/cont…
Columbia Accident Investigation Board, final report, 2003, volume 1 (history2.nasa.gov/columbia/repor…), page 191: 'The Board views the endemic use of PowerPoint briefing slides instead of technical papers as an illustration of the problematic methods of technical communication at NASA.'
Recent claims of exponents for supposedly well-studied lattice attacks considering memory-access costs: 2023.11, web.archive.org/web/2023112521…: 0.396! Oops, wait, 0.349! 2023.12, web.archive.org/web/2023121920…: 0.349, or 0.329 in 3D! 2024.01, web.archive.org/web/2024011908…: 0.311, or 0.292 in 3D!
Updated sortbench (int32 arrays, AVX2) to add Intel's x86-simd-sort, add the 'fast-and-robust' library, upgrade to latest version of Google's vqsort, support current vxsort, and include baseline std::sort: sorting.cr.yp.to/comparison.html Let me know if I've missed a competitive library.
Happy to announce that ECC 2024, the 25th Workshop on Elliptic Curve Cryptography, will take place in Taipei, Taiwan Oct 30 - Nov 01, 2024. The workshop will be preceeded by an autumn school on isogenies. For more see troll.iis.sinica.edu.tw/ecc24/index.sh… You can sign up up for annoucements