What is the cool crypto attack research right now? I’m a piker and I feel like I’ve got a handle on elaborate (DSA, GCM) nonce-reuse, most of what blows up in RSA, weak subgroups. We’re gradually standardizing on a very boring subset of crypto. That’s good. What’s next?
-
Show this thread
-
Is it protocol vulnerabilities in the formal methods era? Are serious attacks going to increasingly look like distributed systems problems? Are we just waiting for people to write proofs for everything?
1 reply 2 retweets 5 likesShow this thread -
I thought maybe it might be stuff like misuse exploits for more exotic/better designed AEADs, like OCB nonce reuse. But meh? In the wide-nonce or SIV era?
2 replies 0 retweets 1 likeShow this thread -
Is there something cooler than invalid curves in curve-land, now that we’re all using either C25519 or things designed after C25519 that capture everything good about C25519?
1 reply 0 retweets 1 likeShow this thread -
I’m sure there’s a ton of interesting stuff in SIDH and RLWE and NTRU, but none of those will be used outside of cascades that will include post-C25519 curves so, as a pentester, who cares?
2 replies 0 retweets 1 likeShow this thread -
I am writing this out of ignorance, seriously asking. Where should I be spending my time now? It’s been a year of just math for me, not crypto, just math. For crypto, I’ve been implementing old block cipher cryptanalysis. What’s new, though?
6 replies 0 retweets 7 likesShow this thread
Fix postgres' crypto interfaces. Not at all a self interested suggestion. I'm sure you'd learn, uh, something.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.