Hi, my name is Brendan and I'm a software engineer. Most of my experience is in cryptography but I'm trying to branch out. This is my blog where I write about stuff related to that. I'm also on GitHub, Twitter, and have an email.
Some of my projects include...
- UtahFS - (Go) an encrypted storage system that provides a user-friendly FUSE drive backed by cloud storage.
- Messaging Layer Security - (spec) a protocol based on tree structures that enable asynchronous group keying with forward secrecy and post-compromise security.
- Cheap Transparency Log - (Go) a CT log implementation designed to use very cheap cloud infrastructure.
- IPFS Gateway Validator - (JS) A browser extension that validates resources served from an IPFS gateway.
- bn256 - (Go) an implementation of cryptographic pairings and GLV (lattice) reduction. 10-20x faster than the next-best implementation in the same language.
- FourQ - (Go) a fast elliptic curve. Arithmetic is done on a quadratic extension of the integers modulo the Mersenne prime 2127-1.
- OpenWhiteBox - (Go) implementations of several interesting mathematical primitives and prior work in white-box cryptography. Original constructions and cryptanalyses. [ Paper ]
- caesar - (Coffee) implementations of a few unusual cryptographic primitives.
Some fun things I built are...
Twitter's @bluesky Project1 Feb 2021
More than a year ago, Jack Dorsey that he would be funding a project called @bluesky, which would work with the crypto community to create a decentralized standard for social media. He gives a lot of motivation for the project, particularly focusing on the lack of consumer choice in content moderation and amplification. Fundamentally, the core insight of the project is that social media companies are currently a vertical integration of two different services:
Architecture of TPB and WikiLeaks19 Jan 2021
For obvious reasons, I recently got interested in how to build websites that are widely accessible but also resistant to censorship. Naturally, my first instinct was to run off and come up with my own blue-sky designs of the most resilient, censorship-resistant website in the world. But censorship is not new and I realized it would be smart to learn from the past: in particular, The Pirate Bay and WikiLeaks, which both continue to operate even under immense pressure to shutdown.
ISAs vs Income-Based Repayments10 Jan 2021
In my last post, I discussed Income Share Agreements (ISAs), including their many downsides and how they’re prone to being more expensive than traditional loans. In this post, I wanted to discuss something that I think is a much safer solution to the same problem: Income-Based Repayments (IBR) for a loan.
Income Share Agreements10 Jan 2021
Income Share Agreements, or ISAs, are contracts where a borrower receives something of value, and in exchange they give the lender a percentage of their income every year for a fixed number of years. A lot of people have been proposing them as an alternative to traditional student loans.
MLS with Hidden Members17 Dec 2020
Recently I was asked about the possibility of using MLS in groups with “hidden members”. That is, groups where the creator is known to all participants but the participants don’t know each other. This is the use-case of broadcast TV, private Twitter accounts, Instagram stories. The answer is no, MLS doesn’t work here.
The main issue is that MLS isn’t secure against malicious insiders, and therefore isn't suitable for most broadcast use-cases. A lesser issue is that MLS is designed for homogeneous groups, and would be wasteful to use in a scenario where one member has special authority.
Financial Independence Psychology13 Dec 2020
The conclusion of my previous post was that whether to rent or buy in my area likely comes down more to individual factors rather than financial ones. But what was interesting to me while doing that analysis, is that I realized I honestly had no interest in buying a condo that’s roughly equivalent to my current apartment.
Financial Independence Strategies13 Dec 2020
A while ago, I tweeted that “it’s essentially always cheaper to rent in urban areas than it is to buy property.” I believe this is conventional wisdom called the Rule of 16, where you divide the price of a house by the yearly rent of a similar apartment. If the ratio is over 16, it’s “better” to rent in that area than it is to buy and vice versa. I’m not sure where that rule came from and I’ll try to derive it later, but I decided to check this assumption by modeling it.
DuPont Analysis on CDNs8 Nov 2020
The only financial skill I have that I haven’t seen other people do better than me is DuPont analysis. DuPont analysis tries to find the drivers of a company’s Return on Equity by factoring it into three parts:
- Profitability as measured by Net Profit Margin, or how much profit a company is able to keep from its revenue.
- Efficiency as measured by Asset Turnover, or how much revenue a company is able to produce from its assets.
- Financial Leverage which is how much the company relies on debt as a funding source.
Stifling Innovation24 Oct 2020
The natural question that comes up when thinking about disruptive innovation is: How can incumbent companies successfully navigate the transition to a disruptive technology?
The answer I’m familiar with is basically that managers invest in the new technology, and let the old and new compete. This acknowledges the risk that the new technology might fail, and also captures the upside if it succeeds. As the previous company/department begins to decline, the other starts growing just as quickly and you already have an ownership stake in it.
Serverless3 Oct 2020
Serverless is powerful because:
It’s often cheaper than running the same application on a VPS. Right now, this may be mostly because it’s under-priced. But it does actually require fewer physical resources, since applications scale on-demand and many applications can share the same physical host more efficiently.
Possibly also falling under “cheaper,” it has a lower operational burden. Developers simply upload their code and the cloud provider handles process management and scaling.
Applications that run on serverless platforms are faster because they’re always hosted near the end-user.