threema.ch Threema Multi-Device: An Architectural Overview
Threema Multi-Device: An Architectural Overview
Cryptography nerd
Fediverse accounts;
[email protected] (main)
[email protected]
[email protected]
Lemmy moderation account: @[email protected] - [email protected]
Bluesky: natanael.bsky.social
Posts
35
Comments
273
Joined
3 mo. ago
Don't get too pushy. You might get hemorrhoids
Weirder in that it gets better at "photorealism" (textures, etc) but subjects might be nonsensical. Only teaching it how to avoid automated detection will not teach it to understand what scenes mean.
Ok but they're pushing for more takedowns, not less (although there is a freedom of speech right, but it seems only the EU high court cares, not the commission)
Inclusive or
Which government can you trust to force people to not censor?
DOGE accounts keeps getting accessed from Russia, so...
Not necessarily, but errors would be less obvious or weirder since it would spend more time in training
Phrasing
He doesn't do a lot of gaming videos now, but it does seem so. He talked about Proton and running OBS, so for anything Linux compatible via Proton is likely that's what he's doing
Contrarians aren't driven by their ideology, their need to oppose something drives their ideology.
Doesn't help when you use a return postage slip. They have unique codes. Being "just annoying" is probably the safest bet.
We have "årsdag" in Swedish too, but it's a general term used for stuff other than birthdays ("födelsedag")
There's additional mirrors, but that's the big one
No, you can have selective limits, tied to how much risk the job imposes on the surroundings (like universal regulation on any job requiring being armed). Unions are supposed to be about worker power against the employer, not against society.
Also, foreign language propaganda from Republicans claiming democrats are socialists/communists (the kind that ruined Cuba, et Al), aimed at immigrants
It's technically right, but the problem is there's just one DNC and no other viable party. If you had dozens of viable parties like other western countries, then it would no longer matter that one of them has opaque nomination processes, because there would still be competition on political positions.
Recently mocked the tariffs
Even humans can absorb oxygen through the intestines
Only tastes ok
Threema has deployed a new multi-device protocol
From here;
https://chaos.social/@dbrgn/114386333844571387
[email protected] - Here are a few interesting details about the maximally privacy-friendly protocol design:
- Everything related to synchronization between devices is completely end-to-end encrypted
- Message recipients do not know from which device a message was sent
- The Mediator Server of a device group does not know the corresponding Threema ID
- The Chat Server only sees the IP address of the Mediator Server, but not the IP address of the end devices
Draft: Hybrid Post-Quantum Password Authenticated Key Exchange
datatracker.ietf.org Hybrid Post-Quantum Password Authenticated Key Exchange
This document describes the CPaceOQUAKE+ protocol, a hybrid asymmetric password-authenticated key exchange (aPAKE) that supports mutual authentication in a client-server setting secure against quantum-capable attackers. CPaceOQUAKE+ is the result of a KEM-based transformation from the hybrid symmetr...
Announcement from here;
https://mailarchive.ietf.org/arch/msg/cfrg/_HH9A70BwJ6vgEfT2iSTvCQFhZE/
Hi folks,
We recently published an initial specification for a hybrid, post-quantum, augmented PAKE protocol, called CPaceOQUAKE+, located here:
https://datatracker.ietf.org/doc/draft-vos-cfrg-pqpake/
The motivation for this protocol can be roughly summarized as follows:
- Post-quantum: None of the existing PAKE specifications are post-quantum. Rather than incrementally improve on PAKEs that are secure against standard adversaries, we felt it important to shift focus to post-quantum adversaries.
- Augmented: Many PAKE deployments use augmented PAKEs (SRP and SPAKE2+, for example). A drop-in replacement for these use cases was therefore important.
- Hybrid: CPaceOQUAKE+ is built on CPace and OQUAKE (which is specified in the document and based on the NoIC protocol in [1], and then composed with CPace using a variant of the combiner analyzed in [3]) as well as other
Apple can now legally talk about the UK backdoor demand
www.theverge.com Apple Inc. v the UK government.
Apple has won its first legal battle over the UK’s demand for a backdoor to encrypted data: the right to tell everyone it’s happening. The Investigatory Powers Tribunal has ruled on whether Apple’s claim should be kept secret on national security grounds, and Apple won. That doesn’t bring it any clo...
eprint.iacr.org Clubcards for the WebPKI: smaller certificate revocation tests in theory and practice
CRLite is a low-bandwidth, low-latency, privacy-preserving mechanism for distributing certificate revocation data. A CRLite aggregator periodically encodes revocation data into a compact static hash set, or membership test, which can can be downloaded by clients and queried privately. We present a n...
See also discussion here; https://reddit.com/comments/1jv572r
eprint.iacr.org Adaptively-Secure Big-Key Identity-Based Encryption
Key-exfiltration attacks on cryptographic keys are a significant threat to computer security. One proposed defense against such attacks is big-key cryptography which seeks to make cryptographic secrets so large that it is infeasible for an adversary to exfiltrate the key (without being detected). Ho...
Cryptology ePrint Archive
Paper 2025/585
Adaptively-Secure Big-Key Identity-Based Encryption
Jeffrey Champion, The University of Texas at Austin
Brent Waters, The University of Texas at Austin, NTT Research
David J. Wu, The University of Texas at Austin
Abstract
Key-exfiltration attacks on cryptographic keys are a significant threat to computer security. One proposed defense against such attacks is big-key cryptography which seeks to make cryptographic secrets so large that it is infeasible for an adversary to exfiltrate the key (without being detected). However, this also introduces an inconvenience to the user who must now store the large key on all of their different devices. The work of Döttling, Garg, Sekar and Wang (TCC 2022) introduces an elegant solution to this problem in the form of big-key identity-based encryption (IBE). Here, there is a large master secret key, but very short identity keys. The user can now store the large master secret key as her long-t
eprint.iacr.org PEGASIS: Practical Effective Class Group Action using 4-Dimensional Isogenies
In this paper, we present the first practical algorithm to compute an effective group action of the class group of any imaginary quadratic order $\mathcal{O}$ on a set of supersingular elliptic curves primitively oriented by $\mathcal{O}$. Effective means that we can act with any element of the clas...
Abstract;
In this paper, we present the first practical algorithm to compute an effective group action of the class group of any imaginary quadratic order
Oon a set of supersingular elliptic curves primitively oriented byO. Effective means that we can act with any element of the class group directly, and are not restricted to acting by products of ideals of small norm, as for instance in CSIDH. Such restricted effective group actions often hamper cryptographic constructions, e.g. in signature or MPC protocols.
Our algorithm is a refinement of the Clapoti approach by Page and Robert, and uses 4-dimensional isogenies. As such, it runs in polynomial time, does not require the computation of the structure of the class group, nor expensive lattice reductions, and our refinements allows it to be instantiated with the orientation given by the Frobenius endomorphism. This makes the algorithm practical even at security levels as high as CSIDH-4096. Our implementation in SageMath ta
arstechnica.com FBI raids home of prominent computer scientist who has gone incommunicado
Indiana University quietly removes profile of tenured professor and refuses to say why.
blog.ktruong.dev Breaking and Fixing Content-Defined Chunking
A collection of my (future) writings about cryptography, music and other random stuff.
Via; https://bsky.app/profile/nicksullivan.org/post/3ll7galasrc2z
CFRG process documentation has been updated.
Prepping for post-quantum: a beginner's guide to lattice cryptography
blog.cloudflare.com Prepping for post-quantum: a beginner’s guide to lattice cryptography
This post is a beginner's guide to lattices, the math at the heart of the transition to post-quantum (PQ) cryptography. It explains how to do lattice-based encryption and authentication from scratch.
durumcrustulum.com How to Hold KEMs
A living document on how to juggle these damned things. Updated March 19, 2025. What’s a KEM? A KEM is a Key Encapsulation Mechanism, a cryptographic...
Apple has revealed a Passwords app vulnerability that lasted for months - No HTTPS, enabling phishing on untrusted networks
www.theverge.com Apple has revealed a Passwords app vulnerability that lasted for months
The iOS Passwords app was a phishing attack vector.
ePrint: SNARKs for Stateful Computations on Authenticated Data
eprint.iacr.org SNARKs for Stateful Computations on Authenticated Data
We present a new generalization of (zk-)SNARKs specifically designed for the application domain of safety-critical control systems. These need to be protected against adversarial tampering as well as non-malicious but unintended system failures due to random faults in components. Our SNARKs combine ...
From: https://mastodon.social/@fj/114171907451597856
Interesting paper co-authored by Airbus cryptographer Erik-Oliver Blass on using zero-knowledge proofs in flight control systems.
Sensors would authenticate their measurements, the control unit provides in each iteration control outputs together with a proof of output correctness (reducing the need in some cases for redundant computations), and actuators verify that outputs have been correctly computed
www.theverge.com Apple will soon support encrypted RCS messaging with Android users
Building bridges without blue bubbles.
"The GSM Association announced that the latest RCS standard includes E2EE based on the Messaging Layer Security (MLS) protocol, enabling interoperable encryption between different platform providers for the first time"
IR 8545, Status Report on the Fourth Round of the NIST Post-Quantum Cryptography Standardization Process | CSRC - HQC gets standardized for post-quantum cryptography
csrc.nist.gov NIST Internal or Interagency Report (NISTIR) 8545, Status Report on the Fourth Round of the NIST Post-Quantum Cryptography Standardization Process
NIST is selecting public-key cryptographic algorithms through a public, competition-like process to specify additional digital signature, public-key encryption, and key-establishment algorithms to supplement FIPS 186-5, SP 800-56Ar3, and SP 800-56Br2. These algorithms are intended to protect sensiti...
HQC gets standardized, as an addition to ML-KEM (kyber). McEliece is out of the NIST process for two reasons, they consider it unlikely to be widely used, also ISO is considering standardizing it and they don't want to create an incompatible standard. If ISO does standardize it and it does see use, NIST is considering mirroring that standard (since lots of US agencies are bound to using NIST standards)
PDF: Constant-Time Code: The Pessimist Case
Zen and the Art of Microcode Hacking - Why to not use CMAC as a hash
bughunters.google.com Blog: Zen and the Art of Microcode Hacking
This blog post covers the full details of EntrySign, the AMD Zen microcode signature validation vulnerability recently discovered by the Google Security team.
www.wired.com AI Thinks It Cracked Kryptos. The Artist Behind It Says No Chance
Jim Sanborn’s inbox is flooded with amateur cryptographers who say they’ve cracked the code with chatbots like Grok 3.
www.ft.com Apple launches legal challenge to UK ‘back door’ order
iPhone maker files complaint to Investigatory Powers Tribunal over demand to access encrypted data
