Podcast Cryptography terbaik (2023)

S

Security Cryptography Whatever

1
Threema with Kenny Paterson, Matteo Scarlata, & Kien Tuong Truong 1:03:55

4d ago1:03:55

1:03:55

Another day, another ostensibly secure messenger that quails under the gaze of some intrepid cryptographers. This time, it's Threema, and the gaze belongs to Kenny Paterson, Scarlata Matteo, and Kien Tuong Truong from ETH Zurich. Get ready for some stunt cryptography, like 2 Fast 2 Furious stunts. Transcript: https://share.descript.com/view/Frejxah…

C

Cryptography FM

1
Episode 23: Psychic Signatures in Java! 53:20

5d ago53:20

53:20

On April 19th 2022, Neil Madden disclosed a vulnerability in many popular Java runtimes and development kits. The vulnerability, dubbed "Psychic Signatures", lies in the cryptography for ECDSA signatures and allows an attacker to bypass signature checks entirely for these signatures. How are popular cryptographic protocol implementations in Java af…

C

Cryptography FM

1
Episode 22: Three Lessons from Threema: Breaking a Secure Messenger! 52:12

14d ago52:12

52:12

Threema is a Swiss encrypted messaging application. It has more than 10 million users and more than 7000 on-premise customers. Prominent users of Threema include the Swiss Government and the Swiss Army, as well as the current Chancellor of Germany, Olaf Scholz. Threema has been widely advertised as a secure alternative to other messengers. Kenny, K…

S

Security Cryptography Whatever

1
Has RSA been destroyed by a quantum computer??? 41:16

24d ago41:16

41:16

There's a paper that claims one can factor a RSA-2048 modulus with the help of a 372-qubit quantum computer. Are we all gonna die? Also some musings about Bruce Schneier. Errata: Schneier's honorary PhD is from the University of Westminster, not UW. Transcript: https://beta-share.descript.com/view/JQL7kRwgfJa Links: https://arxiv.org/pdf/2212.12372…

S

Security Cryptography Whatever

1
End of Year Wrap Up 59:27

26d ago59:27

59:27

David and Deirdre gab about some stuff we didn't get to or just recently happened, like Tailscale's new Tailnet Lock, the Okta breach, what the fuck CISOs are for anyway, Rust in Android and Chrome, passkeys support, and of course, SBF. Transcript: https://beta-share.descript.com/view/i75G8aN6BLi Links: https://tailscale.com/blog/tailnet-lock/ http…

S

Security Cryptography Whatever

1
Software Safety and Twitter with Kevin Riggle 58:36

2M ago58:36

58:36

We talk to Kevin Riggle (@kevinriggle) about complexity and safety. We also talk about the Twitter acquisition. While recording, we discovered a new failure mode where Kevin couldn't hear Thomas, but David and Deirdre could, so there's not much Thomas this episode. If you ever need to get Thomas to voluntarily stop talking, simply mute him to half …

S

Security Cryptography Whatever

1
Matrix with Martin Albrecht & Dan Jones 1:06:24

3M ago1:06:24

1:06:24

No not the movie: the secure group messaging protocol! Or rather all the bugs and vulns that a team of researchers found when trying to formalize said protocol. Martin Albrecht and Dan Jones joined us to walk us through "Practically-exploitable Cryptographic Vulnerabilities in Matrix". Links: https://nebuchadnezzar-megolm.github.io/static/paper.pdf…

S

Security Cryptography Whatever

1
SOC2 with Sarah Harvey 1:01:37

4M ago1:01:37

1:01:37

We have Sarah Harvey (@worldwise001 on Twitter) to talk about SOC2, what it means, how to get it, and if it's important or not. The discussion centers around two blog posts written by Thomas: SOC2 Starting Seven: https://latacora.micro.blog/2020/03/12/the-soc-starting.html SOC2 at Fly: https://fly.io/blog/soc2-the-screenshots-will-continue-until-se…

S

Security Cryptography Whatever

1
Nate Lawson II 1:23:19

4M ago1:23:19

1:23:19

This episode got delayed because David got COVID. Anyway, here's Nate Lawson: The Two Towers. Steven Chu: https://en.wikipedia.org/wiki/Steven_Chu CFB: https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Cipher_feedback_(CFB) CCFB: https://link.springer.com/chapter/10.1007/11502760_19 XXTEA: https://en.wikipedia.org/wiki/XXTEA CHERI: https…

S

Security Cryptography Whatever

1
Nate Lawson: Part 1 1:20:11

5M ago1:20:11

1:20:11

We bring on Nate Lawson of Root Labs to talk about a little bit of everything, starting with cryptography in the 1990s. References IBM S/390: https://ieeexplore.ieee.org/document/5389176 SSLv2 Spec: https://www-archive.mozilla.org/projects/security/pki/nss/ssl/draft02.html Xbox 360 HMAC: https://beta.ivc.no/wiki/index.php/Xbox_360_Timing_Attack Goo…

S

Security Cryptography Whatever

1
Hot Cryptanalytic Summer with Steven Galbraith 52:35

6M ago52:35

52:35

Are the isogenies kaput?! There's a new attack that breaks all the known parameter sets for SIDH/SIKE, so Steven Galbraith helps explain where the hell this came from, and where isogeny crypto goes from here. Transcript: https://share.descript.com/view/Xiv307FvOPA Merch: https://merch.scwpodcast.com Links: https://eprint.iacr.org/2022/975.pdf https…

S

Security Cryptography Whatever

1
Passkeys with Adam Langley 1:03:01

6M ago1:03:01

1:03:01

Adam Langley (Google) comes on the podcast to talk about the evolution of WebAuthN and Passkeys! David's audio was a little finicky in this one. Believe us, it sounded worse before we edited it. Also, we occasionally accidentally refer to U2F as UTF. That's because we just really love strings. Transcript: https://share.descript.com/view/pBAXADn8gKW…

S

Security Cryptography Whatever

1
Hertzbleed 58:39

8M ago58:39

58:39

Side channels! Frequency scaling! Key encapsulation, oh my! We're talking about the new Hertzbleed paper, but also cryptography conferences, 'passkeys', and end-to-end encrypting yer twitter.com DMs. Transcript: https://share.descript.com/view/lPM4lsxha63 Links: Hertzbleed Attack | ellipticnews (wordpress.com) https://www.hertzbleed.com/hertzbleed.…

S

Security Cryptography Whatever

1
OMB Zero Trust Memo with Eric Mill 1:00:33

8M ago1:00:33

1:00:33

The US government released a memo about moving to a zero-trust network architecture. What does this mean? We have one of the authors, Eric Mill, on to explain it to us. As always, your @SCWPod hosts are Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian). Transcript: https://share.descript.com/view/UayEVA596O…

S

Security Cryptography Whatever

1
Tink with Sophie Schmieg 1:07:02

8M ago1:07:02

1:07:02

We talk about Tink with Sophie Schmieg, cryptographer and algebraic geometer at Google. Transcript: https://beta-share.descript.com/view/v2Q5Ix8pvbD Links: Sophie: https://twitter.com/SchmiegSophie Tink: https://github.com/google/tink RWC talk: https://youtube.com/watch?t=1028&v=CiH6iqjWpt8 Where to store keys: https://twitter.com/SchmiegSophie/sta…

S

Security Cryptography Whatever

1
Cancellable Crypto Takes, and Real World Crypto 1:11:04

10M ago1:11:04

1:11:04

Live from Amsterdam, it's cancellable crypto hot takes! A fun little meme, plus a preview of the Real World Crypto program! Transcript: https://share.descript.com/view/GiVlw4qKV2i Links: Tony's twete: https://twitter.com/bascule/status/1512539700220805124 Real World Crypto 2022: https://rwc.iacr.org/2022 Merch! https://merch.scwpodcast.com Find us …

S

Security Cryptography Whatever

1
Lattices and Michigan Football with Chris Peikert 1:10:01

11M ago1:10:01

1:10:01

We're back! With an episode on lattice-based cryptography, with Professor Chris Peikert of the University of Michigan, David's alma mater. When we recorded this, Michigan football had just beaten Ohio for the first time in a bajillion years, so you get a nerdy coda on college football this time! Transcript: https://share.descript.com/view/El2a4Z7OL…

S

Security Cryptography Whatever

1
Biscuits with Geoffroy Couprie 58:55

1y ago58:55

58:55

We've trashed JWTs, discussed PASETO, Macaroons, and now, Biscuits! Actually, multiple iterations of Biscuits! Pairings and gamma signatures and Datalog, oh my! 🍪 Transcript: https://beta-share.descript.com/view/jHZJPab0n4g Links: Biscuits V2: https://www.biscuitsec.org Experiments iterating on Biscuits: https://github.com/biscuit-auth/biscuit/tree…

S

Security Cryptography Whatever

1
Tailscale with Avery Pennarun & Brad Fitzpatrick 1:18:22

1y ago1:18:22

1:18:22

“Can I Tailscale my Chromecast?” You love Tailscale, I love Tailscale, we loved talking to Avery Pennarun and Brad Fitzpatrick from Tailscale about, I dunno, Go generics. Oh, and TAILSCALE! And DNS. And WASM. People: Avery Pennarun (@apenwarr) Brad Fitzpatrick (@bradfitz) Deirdre Connolly (@durumcrustulum) Thomas Ptacek (@tqbf) David Adrian (@david…

S

Security Cryptography Whatever

1
The feeling's mutual: mTLS with Colm MacCárthaigh 1:10:31

1y ago1:10:31

1:10:31

We recorded this months ago, and now it's finally up! Colm MacCárthaigh joined us to chat about all things TLS, S2N, MTLS, SSH, fuzzing, formal verification, implementing state machines, and of course, DNSSEC. Transcript: https://share.descript.com/view/tjrQu8wZKT0 Find us at: https://twitter.com/scwpod https://twitter.com/durumcrustulum https://tw…

S

Security Cryptography Whatever

1
Holiday Call-in Spectacular! 1:22:09

1y ago1:22:09

1:22:09

Happy New Year! Feliz Navidad! Merry Yule! Happy Hannukah! Pour one out for the log4j incident responders! We did a call-in episode on Twitter Spaces and recorded it, so that's why the audio sounds different. We talked about BLOCKCHAIN/Web3 (blech), testing, post-quantum crypto, client certificates, ssh client certificates, threshold cryptography, …

S

Security Cryptography Whatever

1
WireGuard with Jason Donenfeld 1:21:06

1y ago1:21:06

1:21:06

Hey, a new episode! We had a fantastic conversation with Jason Donenfeld, creator of our favorite modern VPN protocol: WireGuard! We touched on kernel hacking, formal verification, post-quantum cryptography, developing with disassemblers, and more! Transcript: https://share.descript.com/view/olVgXGtRpsY Links: WireGuard: https://www.wireguard.com T…

S

Security Cryptography Whatever

1
PAKEs, oPRFs, algebra with George Tankersley 1:15:09

1+ y ago1:15:09

1:15:09

A conversation that started with PAKEs (password-authenticated key exchanges) and touched on some cool math things: PRFs, finite fields, elliptic curve groups, anonymity protocols, hashing to curve groups, prime order groups, and more. With special guest, George Tankersley! Transcript: https://share.descript.com/view/X8x8oO2Q8Tw Links: SRP deprecat…

S

Security Cryptography Whatever

1
"Patch, Damnit!" 1:14:56

1+ y ago1:14:56

1:14:56

A lot of fixes got pushed in the past week! Please apply your updates! Apple, Chrome, Matrix, Azure, and more nonsense. Find us at: https://twitter.com/scwpod https://twitter.com/durumcrustulum https://twitter.com/tqbf https://twitter.com/davidcadrian Links! The accuvant story in MIT Technology Review All the Apple platforms patched FORCEDENTRY no-…

S

Security Cryptography Whatever

1
How to be a Certificate Authority with Ryan Sleevi 1:34:11

1+ y ago1:34:11

1:34:11

Not the hero the internet deserves, but the one we need: it's Ryan Sleevi! We get into the weeds on becoming a certificate authority, auditing said authorities, DNSSEC, DANE, taking over country code top level domains, Luxembourg, X.509, ASN.1, CBOR, more JSON (!), ACME, Let's Encrypt, and more, on this extra lorge episode with the web PKI's Batman…

S

Security Cryptography Whatever

1
Apple's CSAM Detection with Matthew Green 52:57

1+ y ago52:57

52:57

We're talking about Apple's new proposed client-side CSAM detection system. We weren't sure if we were going to cover this, and then we realized that not all of us have been paying super close attention to what the hell this thing is, and have a lot of questions about it. So we're talking about it, with our special guest Professor Matthew Green. We…

C

Cryptography FM

1
Episode 21: Proving Fundamental Equivalencies in Isogeny Mathematics! 46:52

1+ y ago46:52

46:52

Benjamin Wesolowski talks about his latest paper in which he mathematically proved that the two fundamental problems underlying isogeny-based cryptography are equivalent. Links and papers discussed in the show: The supersingular isogeny path and endomorphism ring problems are equivalent Episode 5: Isogeny-based Cryptography for Dummies! Music compo…

S

Security Cryptography Whatever

1
Platform Security Part Deux with Justin Schuh 1:20:02

1+ y ago1:20:02

1:20:02

We did not run out of things to talk about: Chrome vs. Safari vs. Firefox. Rust vs. C++. Bug bounties vs. exploit development. The Peace Corps vs. The Marine Corps. Transcript: https://share.descript.com/view/DpeqIOCREyZ Find us at: https://twitter.com/scwpod https://twitter.com/durumcrustulum https://twitter.com/tqbf https://twitter.com/davidcadri…

S

Security Cryptography Whatever

1
What do we do about JWT? with Jonathan Rudenberg 1:14:56

1+ y ago1:14:56

1:14:56

🔥JWT🔥 We talk about all sorts of tokens: JWT, PASETO, Protobuf Tokens, Macaroons, and Biscuits. With the great Jonathan Rudenberg! After we recorded this, Thomas went deep on tokens even beyond what we talked about here: https://fly.io/blog/api-tokens-a-tedious-survey/ Transcript: https://share.descript.com/view/pb428e60pPo Find us at: https://twit…

S

Security Cryptography Whatever

1
The Great "Roll Your Own Crypto" Debate with Filippo Valsorda 1:00:48

1+ y ago1:00:48

1:00:48

Special guest Filippo Valsorda joins us to debate with Thomas on whether one should or should not "roll your own crypto", and how to produce better cryptography in general. After we recorded this, David went even deeper on 'rolling your own crypto' in a blog post here: https://dadrian.io/blog/posts/roll-your-own-crypto/ Transcript: https://share.de…

S

Security Cryptography Whatever

1
NSO group, Pegasus, Zero-Days, i(OS|Message) security 59:35

1+ y ago59:35

59:35

Deirdre, Thomas and David talk about NSO group, Pegasus, whether iOS a burning trash fire, the zero-day market, and whether rewriting all of iOS in Swift is a viable strategy for reducing all these vulns. Transcript: https://share.descript.com/view/PQRb3nsY7N4 Find us at: https://twitter.com/durumcrustulum https://twitter.com/tqbf https://twitter.c…

C

Cryptography FM

1
Episode 20: Cryptanalysis of GPRS: GEA-1 and GEA-2! 42:56

1+ y ago42:56

42:56

A team of cryptanalysits presents the first publicly available cryptanalytic attacks on the GEA-1 and GEA-2 algorithms. Instead of providing full 64-bit security, they show that the initial state of GEA-1 can be recovered from as little as 65 bits of known keystream (with at least 24 bits coming from one frame) in time 240 GEA-1 evaluations and usi…

C

Cryptography FM

1
Episode 19: Cross-Protocol Attacks on TLS with ALPACA! 41:44

1+ y ago41:44

41:44

TLS is an internet standard to secure the communication between servers and clients on the internet, for example that of web servers, FTP servers, and Email servers. This is possible because TLS was designed to be application layer independent, which allows its use in many diverse communication protocols. ALPACA is an application layer protocol con…

C

Cryptography FM

1
Episode 18: Optimizing Cryptography for Microcontrollers! 36:56

1+ y ago36:56

36:56

Nadim talks with Peter Schwabe and Matthias Kannwischer about the considerations — both in terms of security and performance — when implementing cryptographic primitives for low-level and embedded platforms. Links and papers discussed in the show: Optimizing crypto on embedded microcontrollers Implementing post-quantum cryptography on embedded micr…

C

Cryptography FM

1
Episode 17: Breaking Wi-Fi With Frame Attacks! 35:58

1+ y ago35:58

35:58

Wi-Fi is a pretty central technology to our daily lives, whether at home or at the office. Given that so much sensitive data is regularly exchanged between Wi-Fi devices, a number of standards have been developed to ensure the privacy and authentication of Wi-Fi communications. However, a recent paper shows that every single Wi-Fi network protectio…

C

Cryptography FM

1
Episode 16: Contact Discovery in Mobile Messengers! 46:44

1+ y ago46:44

46:44

Contact discovery is a core feature in popular mobile messaging apps such as WhatsApp, Signal and Telegram that lets users grant access to their address book in order to discover which of their contacts are on that messaging service. While contact discovery is critical for WhatsApp, Signal and Telegram to function properly, privacy concerns arise w…

C

Cryptography FM

1
Episode 15: Bringing Secure Multiparty Computation to the Real World! 46:50

2y ago46:50

46:50

Secure multi-party computation is a fascinating field in cryptography, researching how to allow multiple parties to compute secure operations over inputs while keeping those inputs private. This makes multi-party computation a super relevant technology in areas such as code signing, hospital records and more. But what does it take to bring secure m…

C

Cryptography FM

1
Episode 14: Schnorr, Factoring and Lattices! 46:30

2y ago46:30

46:30

On March 1st, 2021, a curious paper appeared on the Cryptology ePrint Archive: senior cryptographer Claus Peter Schnorr submitted research that claims to use lattice mathematics to improve the fast factoring of integers so much that he was able to completely “destroy the RSA cryptosystem” -- certainly a serious claim. Strangely, while the paper’s e…

C

Cryptography FM

1
Episode 13: Zero-Knowledge STARKs in the Real World! 47:00

2y ago47:00

47:00

Zero-Knowledge proofs have broadened the realm of use cases for applied cryptography over the past decade, from privacy-enhanced cryptocurrencies to applications in voting, finance, protecting medical data and more. In 2018, Dr. Eli Ben-Sasson and his team introduced ZK-STARKs, a new zero-knowledge construction that functions without trusted setup,…

Podcast Layak Disimak

DISPONSORI

Cryptography Podcast

Unduh Aplikasinya!

Podcast Layak Disimak

DISPONSORI

Panduan Referensi Cepat