Ian Miers presenting the (ambitious) goals they tackled with their zk-creds systems 🤯 #realworldcrypto This is great for moving us closer to a SSI world where you provided anonymous proofs rather than your ID docs

Great talk by citizen lab's Bill Marczak on mercenary spyware circumventing encrypted chat. Stark contrast between Apple's much hyped security against hypothetical quantum computers, and real iMessage exploits that pretend to be a fax machine message. #realworldcrypto

The UMD security group is hiring a postdoc. Want to work in applied cryptography and zk proofs with me or Gabe Kaptchuk? Or usable security, ai security, network security, pq crypto, or programing languages + security. Come to UMD and live in Washington, DC. obj.umiacs.umd.edu/cybersecurity/…

Should you submit your paper to the Privacy Enhancing Technology Symposium, an XKCD style flowchart:

'Somebody should make a crypto Ashley Madison just called Zero Knowledge.
Zero Knowledge but Failed Commitment' -- John P Dickerson

Anyone implemented CQ / have performance numbers? Ariel Gabizon eprint.iacr.org/2022/1763.pdf

Remember, your regulatory panel on cryptocurrency might be under Chatham house rules, but your transactions on a blockchain aren't.

Has anyone built a circuit to verify SnarkPack or some other IPP aggregate proof?

To whoever is writing a Usenix Security paper attacking the IACR's voting scheme, good luck with your submission in 58 hours.
Also, stop spamming me.

Yesterday: I feel like a real scientist, I get to play with a 3 petaflop cluster.
Today: fuck, I'm a real scientist , my experiments are slow, the file system is thrashed, and I don't know why.

PSA in Johannesburg.

Apparently I listed my bio on an infosec slack as
' prof@ UMD. I do crypto for messaging and zksnarks for blockchains and blockchain accessories'

I just found out: slack lets you set a 90 day retention policy on free tiers now. After 90 days, you don't have access to the messages anyway (unless you pay slack), but slack keeps them. Which is a major security liability if slack is hacked. 90 day retention avoids this.

congratulations, your infrastructure that produces non-repudiable attestations as a side effect just found new product-market fit :)

twitter.com/gakonst/status…

Byzantine inputs strike again. Ordinarily you'd expect using GPS to correct inertial navigation system drift would give better results. But if the GPS is deliberately bad, not so much.

Updating. FHE is MPC with 9,000% of the compute on an untrusted server and less bandwidth. But the interesting application are the same, as are the trust requirements.