iykykTranscript: https://securitycryptographywhatever.com/2024/05/25/ekr/Links:- https://hovav.net/ucsd/dist/draft-shacham-tls-fasttrack-00.txt- https://crypto.stanford.edu/~dabo/pubs/papers/fasttrack.pdf- https://datatracker.ietf.org/doc/html/rfc8446- SoK: SCT Auditing in Certificate Transparency: https://arxiv.org/pdf/2203.01661- A hard look at Certificate Transparency, Part I: Transparency Systems: https://educatedguesswork.org/posts/transparency-part-1/- A hard look at Certificate Transparency: CT in Reality: https://educatedguesswork.org/posts/transparency-part-2/- E2EE on the web: is the web really that bad? https://emilymstark.com/2024/02/09/e2ee-on-the-web-is-the-web-really-that-bad.html- Launching Default End-to-End Encryption on Messenger: https://about.fb.com/news/2023/12/default-end-to-end-encryption-on-messenger/- ekr's newsletter: https://educatedguesswork.org- Over 25 years of ekr RFCs: https://www.rfc-editor.org/search/rfc_search_detail.php?sortkey=Date&sorting=DESC&page=All&author=rescorla&pubstatus[]=Any&pub_date_type=anySubscribe to his newsletter at https://educatedguesswork.org/"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)

Josh Brown and Paul Grubbs join us to describe how those damned spam calls work, and how STIR/SHAKEN is supposed to try to stop them, but have other privacy and security implications as well. Transcript: https://securitycryptographywhatever.com/2024/04/30/stir-shaken/Links: - https://iacr.org/submit/files/slides/2024/rwc/rwc2024/98/slides.pdf- https://www.youtube.com/watch?v=3trxXF0-fRU- Paul Grubbs: https://web.eecs.umich.edu/~paulgrub/"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)

(NSFW) Three AI-generated guests rank cryptography things into a tier list. Play along at home and make your own tier list: https://tiermaker.com/create/cryptography-15683166This episode is definitely not safe for work and definitely a parody. Do not base your decision in the 2024 election off of this podcast episode. No campaigns have endorsed this podcast."Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)

Apple iMessage is getting a big upgrade! Not only are they rolling out ratcheting, but they’re going post-quantum, AND they’re doing post-quantum ratcheting! Douglas Stebila joined us to talk about his security analysis of the new PQ3 protocol update and not indulge our wild Apple speculations:Transcript: https://securitycryptographywhatever.com/2024/03/03/post-quantum-imessage-with-douglas-stebila/Links:- https://security.apple.com/blog/imessage-pq3/- Security analysis of the iMessage PQ3 protocolhttps://security.apple.com/assets/files/A_Formal_Analysis_of_the_iMessage_PQ3_Messaging_Protocol_Basin_et_al.pdf- Ratcheting design: https://eprint.iacr.org/2024/220.pdf- When Messages are Keys: Is HMAC a dual-PRF?: https://eprint.iacr.org/2023/861.pdf- Real World Deniability in Messaging: https://eprint.iacr.org/2023/403.pdf- Padmé: https://www.petsymposium.org/2019/files/papers/issue4/popets-2019-0056.pdf- Max Headroom: https://www.youtube.com/watch?v=cYdpOjletnc- Extended Canetti-Krawczyk model: https://iacr.org/archive/eurocrypt2001/20450451.pdf- Douglas Stebila: https://www.douglas.stebila.ca/"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)

Franziskus Kiefer and Karthik Bhargavan discuss high-assurance implementation of ML-KEM, transitioning from Rust to C in cryptographic code development, optimizing performance and ensuring safety in cryptographic implementations, tools for formal analysis in cryptography, advancements in post-quantum crypto, and proving TLS security using cryptographic proofs in TLS 1.3 implementation.

Facebook Messenger has finally been end-to-end encrypted, a couple of years after Mark Zuckerberg announced it! Plus Instagram DMs are trialing ephemeral E2EE DMs too! We invited on Jon Millican and Timothy Buck from Meta to discuss this major cross-platform endeavor, and how David Bowie fits into their personal Labyrinth.Transcript: https://securitycryptographywhatever.com/2023/12/28/e2ee-fb-messenger/Links:- https://www.facebook.com/notes/2420600258234172- https://eprint.iacr.org/2022/1044.pdf- https://engineering.fb.com/2023/12/06/security/building-end-to-end-security-for-messenger/- https://www.theverge.com/2023/12/6/23991501/facebook-messenger-default-end-to-end-encryption-meta- https://www.threads.net/@jonmillican/post/C0kQPAyoFpr- https://engineering.fb.com/wp-content/uploads/2023/12/MessengerEnd-to-EndEncryptionOverview_12-6-2023.pdf- https://engineering.fb.com/wp-content/uploads/2023/12/TheLabyrinthEncryptedMessageStorageProtocol_12-6-2023.pdf- https://engineering.fb.com/2022/03/10/security/code-verify/- https://chrome.google.com/webstore/detail/code-verify/llohflklppcaghdpehpbklhlfebooeog"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)

Returning champion Martin Albrecht joins us to help explain how we measure the security of lattice-based cryptosystems like Kyber and Dilithium against attackers. QRAM, BKZ, LLL, oh my!Transcript: https://securitycryptographywhatever.com/2023/11/13/lattice-attacks/Links:- https://pq-crystals.org/kyber/index.shtml- https://pq-crystals.org/dilithium/index.shtml- https://eprint.iacr.org/2019/930.pdf- https://en.wikipedia.org/wiki/Short_integer_solution_problem- Frodo: https://eprint.iacr.org/2016/659- https://csrc.nist.gov/CSRC/media/Events/third-pqc-standardization-conference/documents/accepted-papers/ribeiro-saber-pq-key-pqc2021.pdf- https://en.wikipedia.org/wiki/Hermite_normal_form- https://en.wikipedia.org/wiki/Wagner%E2%80%93Fischer_algorithm- https://www.math.auckland.ac.nz/~sgal018/crypto-book/ch18.pdf- https://eprint.iacr.org/2019/1161- QRAM: https://arxiv.org/abs/2305.10310- https://en.wikipedia.org/wiki/Lenstra%E2%80%93Lenstra%E2%80%93Lov%C3%A1sz_lattice_basis_reduction_algorithm- MATZOV improved dual lattice attack: https://zenodo.org/records/6412487- https://eprint.iacr.org/2008/504.pdf- https://eprint.iacr.org/2023/302.pdf"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)

Signal rolled out post-quantum resilient protocol; Intercepting Jabber TLS; Same-origin policy debate; Secure message formats; E2EE challenges in browsers.

Returning champion Steve Weis discusses the origins of NIST curve parameter seeds, controversy surrounding NSA's curve selection, Jerry Solinas code, debate on using P-256 curve, mysterious story of missing seeds, NSA's backdooring of cryptography, speculation about OPM breach, and a funny story about encoded seeds.

The hosts discuss their summer vacation experiences and touch on topics like pixel attacks, 2G deprecation, and writing modem firmware. They explore vulnerabilities Zenbleed, Downfall, Spectre, and Meltdown, discussing technical details, risks, and potential exploitation. They also talk about software and firmware vulnerabilities, downgrade attacks, and crypto talks at conferences. The chapter covers lattice-based Kyber and dilithium schemes, the need to check old papers, and explore alternatives in cryptography. They discuss issues with authentic code, X-509, SSL slippery slope, and call for reviews.