plus/minus epsilon
Page 4Blog Re-Introduction
9 Oct 2019I've decided to start writing a regular series of short blog posts about crypto. The focus will be more on the social and problem-solving aspects of crypto rather than the math.
Notes on the BN256 Pairing
17 Mar 2018I've realized that some design choices in my bn256 implementation don't seem well-motivated to everybody... including myself. So I'd like to document here all of the tricks I find myself forgetting.
Why is pure-Go crypto so slow?
17 Nov 2016In short:
- Because small functions have their runtime dominated by function-call overhead.
- Because data is stored on the heap unnecessarily.
- Because you can't take advantage of the featurefulness of assembly.
White-Box Cryptography: Introduction
1 Feb 2016White-Box Cryptography is the study of securing symmetric encryption algorithms in the white-box attack context (WBAC), where an adversary obtains an implementation of the algorithm and is allowed to observe/alter every step of its execution (with instantiated cryptographic keys).
Cryptographic Data Structures
8 Apr 2015We know that a data structure is a particular way of organizing data so that we can efficiently solve a problem with it. Perhaps a cryptographic data structure would just be the same thing, but with a notion of security determined by an adversary's ability to win a certain game.
In a sense, they're minimal cryptosystems that can be glued together into more complex cryptosystems similar to the way that fundamental data structures can be glued together to give solutions to increasingly complicated problems.
Google's Macaroons in Five Minutes or Less
5 Dec 2014Macaroons are a proposed method of distributed (NOT decentralized)
authorization. Their main distinction from a bearer token is that, if I'm given
a Macaroon that authorizes me to perform some action(s) under certain
restrictions, I can non-interactively build a second Macaroon with stricter
restrictions that I can then give to you. For example, if I have a Macaroon
that allows me to view and delete an image on Imgur, I
can construct a second Macaroon that only allows the holder to view the image
as long as time ≤ "5/1/13, 1am GMT" and give that to all of my friends.
A Small SRP Protocol for Web Applications
30 Nov 2014- Purpose: To present a more efficient authentication scheme, geared towards web applications served over TLS or another secure channel.
- Audience: Web application designers interested in security.
- Implementation: Bren2010/sjcl-ssrp
A Criticism of JavaScript Cryptography
17 Jun 2014To be pedantic, perhaps a better name for this post would be "A Criticism of In-Browser Cryptography," because it's really the "In-Browser" part that gets people--JavaScript is just another programming language.
One-Time Attribute-Based Signatures
30 May 2014A One-Time Attribute-Based Signature scheme allows a signer, who posses a set of attributes verified by an authority, to sign a message with a predicate that is satisfied by his attributes. The signature can reveal no more about the signer than the predicate requires, and it should be infeasible to link multiple signatures to the same signer (signatures should be anonymous). Multiple users, each with only a strict subset of the required attributes to satisfy a predicate, should not be able to collude and forge a signature that does satisfy the predicate (the scheme should be collusion-resistant).
Optimizing SEAD for Secure Distributed Hash Tables
16 Apr 2014SEAD, the Secure Efficient Ad hoc Distance vector routing protocol, is a recent secure ad-hoc routing protocol designed to use symmetric cryptographic primitives almost exclusively. Relying on symmetric cryptography, rather than asymmetric often requires 3 to 4 orders of magnitude less computation with a negligible increase in storage or network overhead.